1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[GET] Footprints to find Premium Stuff for free

Discussion in 'White Hat SEO' started by gullsinn, Sep 24, 2013.

  1. gullsinn

    gullsinn Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 24, 2009
    Messages:
    2,429
    Likes Received:
    2,210
    Gender:
    Male
    Occupation:
    Jobless :D
    Location:
    Graveyard
    Home Page:
    I hope these will help you for sure.


    Code:
    [COLOR=#ffffff]1.) ws_ftp.ini configuration file search:[/COLOR]
    [COLOR=#ffffff]intitle:index.of ws_ftp.ini[/COLOR]
    [COLOR=#ffffff]2.) ws_ftp.ini configuration file with ?Parent Directory? search:[/COLOR]
    [COLOR=#ffffff]filetype:ini ws_ftp pwd[/COLOR]
    [COLOR=#ffffff]3.) Variation:[/COLOR]
    [COLOR=#ffffff]?index of/? ?ws_ftp.ini? ?parent directory?[/COLOR]
    [COLOR=#ffffff]4.) Variation:[/COLOR]
    [COLOR=#ffffff]+htpasswd +WS_FTP.LOG filetype:log[/COLOR]
    [COLOR=#ffffff]5.) Variation:[/COLOR]
    [COLOR=#ffffff](Substitute vulnerablesite.com with your site you want to search)[/COLOR]
    [COLOR=#ffffff]?allinurl: ?Vulnerablesite.com? WS_FTP.LOG filetype:log?[/COLOR]
    [COLOR=#ffffff]B.) XSS GOOGLE DORKS[/COLOR]
    [COLOR=#ffffff]1.) cart32 executable file.[/COLOR]
    [COLOR=#ffffff]allinurl:/scripts/cart32.exe[/COLOR]
    [COLOR=#ffffff]2.) Cute news php file.[/COLOR]
    [COLOR=#ffffff]allinurl:/CuteNews/show_archives.php[/COLOR]
    [COLOR=#ffffff]3.) phpinfo.php file.[/COLOR]
    [COLOR=#ffffff]allinurl:/phpinfo.php[/COLOR]
    [COLOR=#ffffff]C.) PHP GOOGLE DORKS[/COLOR]
    [COLOR=#ffffff]1.) config.php file search:[/COLOR]
    [COLOR=#ffffff]intitle:index.of config.php[/COLOR]
    [COLOR=#ffffff]2.) PHP file contents search:[/COLOR]
    [COLOR=#ffffff]intitle:?Index of? phpinfo.php[/COLOR]
    [COLOR=#ffffff]3.) download.php directory transversal vulneralbilities:[/COLOR]
    [COLOR=#ffffff]inurl:download.php?=filename[/COLOR]
    [COLOR=#ffffff]4.) upload.php search:[/COLOR]
    [COLOR=#ffffff]intitle:index.of upload.php[/COLOR]
    [COLOR=#ffffff]inurl:upload.php[/COLOR]
    [COLOR=#ffffff]D.) SQL PASSWORD DUMP DORKS[/COLOR]
    [COLOR=#ffffff]1.) SQL *marked as SPAM* saved to database search. (Some of the more common passwords for you):[/COLOR]
    [COLOR=#ffffff]a.) ?123456″ = hashed password[/COLOR]
    [COLOR=#ffffff]ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e[/COLOR]
    [COLOR=#ffffff]b.) ?654321″ = hashed password[/COLOR]
    [COLOR=#ffffff]ext:sql intext:@gmail.com intext:c33367701511b4f6020ec61ded352059[/COLOR]
    [COLOR=#ffffff]c.) ?password? = hashed password[/COLOR]
    [COLOR=#ffffff]ext:sql intext:@gmail.com intext:5f4dcc3b5aa765d61d8327deb882cf99[/COLOR]
    [COLOR=#ffffff]d.) ?12345678″ = hashed password[/COLOR]
    [COLOR=#ffffff]ext:sql intext:@gmail.com intext:25d55ad283aa400af464c76d713c07ad[/COLOR]
    [COLOR=#ffffff]e.) ?iloveyou? = hashed password[/COLOR]
    [COLOR=#ffffff]ext:sql intext:@gmail.com intext:f25a2fc72690b780b2a14e140ef6a9e0[/COLOR]
    [COLOR=#ffffff]2.) Variation of above search:[/COLOR]
    [COLOR=#ffffff]a.) ext:sql intext:?INSERT INTO? intext:@gmail.com intext:password[/COLOR]
    [COLOR=#ffffff]b.) ext:sql intext:?INSERT INTO? intext:@yahoo.com intext:password[/COLOR]
    [COLOR=#ffffff]c.) ext:sql intext:?INSERT INTO? intext:@hotmail.com intext:password[/COLOR]
    [COLOR=#ffffff]d.) ext:sql intext:?INSERT INTO? intext:@att.net intext:password[/COLOR]
    [COLOR=#ffffff]e.) ext:sql intext:?INSERT INTO? intext:@comcast.net intext:password[/COLOR]
    [COLOR=#ffffff]f.) ext:sql intext:?INSERT INTO? intext:@verizon.net intext:password[/COLOR]
    [COLOR=#ffffff]3.) SQLi[/COLOR]
    [COLOR=#ffffff]allinurl:/privmsg.php[/COLOR]
    [COLOR=#ffffff]E.) WORDPRESS GOOGLE DORKS[/COLOR]
    [COLOR=#ffffff]1.) Asset Manager Plugin Exploit ? Unprotected Remote File Upload Vuleralbility.[/COLOR]
    [COLOR=#ffffff]inurl:Editor/assetmanager/assetmanager.asp[/COLOR]
    [COLOR=#ffffff]2.) Timthumb Plugin Exploit ? Attacker can attach a shell to a image file and upload the shell. (It has been patched, but there are still a lot of webmasters who have NOT updated!)[/COLOR]
    [COLOR=#ffffff]inurl:index.of thumb.php[/COLOR]
    [COLOR=#ffffff]inurl:thumb.php[/COLOR]
    [COLOR=#ffffff]3.) Search for plugins directory:[/COLOR]
    [COLOR=#ffffff]inurl:wp-content/plugins/[/COLOR]
    [COLOR=#ffffff]4.) Search for themes directory:[/COLOR]
    [COLOR=#ffffff]inurl:wp-content/themes/[/COLOR]
    [COLOR=#ffffff]F.) PASSWORD FILE GOOGLE DORKS[/COLOR]
    [COLOR=#ffffff]1.) Search for Microsoft Excel data file:[/COLOR]
    [COLOR=#ffffff]?Login: *? ?password =*? filetype: xls[/COLOR]
    [COLOR=#ffffff]2.) Search for auth_user_file:[/COLOR]
    [COLOR=#ffffff]allinurl: auth_user_file.txt[/COLOR]
    [COLOR=#ffffff]3.) Search for username/password saved in Microsoft Excel files:[/COLOR]
    [COLOR=#ffffff]filetype: xls inurl: ?password.xls?[/COLOR]
    [COLOR=#ffffff]4.) Search for login pages:[/COLOR]
    [COLOR=#ffffff]intitle: login password[/COLOR]
    [COLOR=#ffffff]5.) Search for ?master password? page:[/COLOR]
    [COLOR=#ffffff]intitle: ?Index of? master.passwd[/COLOR]
    [COLOR=#ffffff]6.) Search for backup directory:[/COLOR]
    [COLOR=#ffffff]index of /backup[/COLOR]
    [COLOR=#ffffff]7.) Search for password backup file index:[/COLOR]
    [COLOR=#ffffff]intitle:index.of passwd.bak[/COLOR]
    [COLOR=#ffffff]8.) Search for password databases:[/COLOR]
    [COLOR=#ffffff]intitle:index.of pwd.db[/COLOR]
    [COLOR=#ffffff]intitle:?index of? pwd.db[/COLOR]
    [COLOR=#ffffff]9.) Search for /etc/passwd/ index:[/COLOR]
    [COLOR=#ffffff]intitle:?index of .. etc? passwd[/COLOR]
    [COLOR=#ffffff]10.) Search for plaintext password file:[/COLOR]
    [COLOR=#ffffff]index.of passlist.txt[/COLOR]
    [COLOR=#ffffff]inurl:passlist.txt[/COLOR]
    [COLOR=#ffffff]11.) Search for hidden documents/password files:[/COLOR]
    [COLOR=#ffffff]index.of.secret[/COLOR]
    [COLOR=#ffffff]index.of.private[/COLOR]
    [COLOR=#ffffff]12.) Search for PhpMyAdmin files:[/COLOR]
    [COLOR=#ffffff]?# PhpMyAdmin MySQL-Dump? filetype: txt[/COLOR]
    [COLOR=#ffffff]13.) Hidden Superuser (root) data files:[/COLOR]
    [COLOR=#ffffff]inurl:ipsec.secrets-history-bugs[/COLOR]
    [COLOR=#ffffff]inurl:ipsec.secrets ?holds shared secrets?[/COLOR]
    [COLOR=#ffffff]14.) Find the information files:[/COLOR]
    [COLOR=#ffffff]inurl:ipsec.conf-intitle:manpage[/COLOR]
    [COLOR=#ffffff]15.) Search for a stored password in a database:[/COLOR]
    [COLOR=#ffffff]filetype:ldb admin[/COLOR]
    [COLOR=#ffffff]16.) Search for admin.php file:[/COLOR]
    [COLOR=#ffffff]inurl:search/admin.php[/COLOR]
    [COLOR=#ffffff]17.) Search for password log files:[/COLOR]
    [COLOR=#ffffff]inurl:password.log filetype:log[/COLOR]
    [COLOR=#ffffff]18.) Search for Hkey_Current_User in registry files:[/COLOR]
    [COLOR=#ffffff]filetype: reg HKEY_CURRENT_USER username[/COLOR]
    [COLOR=#ffffff]19.) Search for username/password file backups:[/COLOR]
    [COLOR=#ffffff]?[URL="http://username/"]Http://username:[/URL] password @ www ?? filetype: bak inurl: ?htaccess | passwd | shadow | ht users?[/COLOR]
    [COLOR=#ffffff]20.) Search for username/password files:[/COLOR]
    [COLOR=#ffffff]filetype:mdb inurl:?account|users|admin|administrators|passwd|password? mdb files[/COLOR]
    [COLOR=#ffffff]21.) Search for Microsoft Frontpage passwords:[/COLOR]
    [COLOR=#ffffff]ext:pwd inurl:(service|authors|administrators|users) ?# -FrontPage-?[/COLOR]
    [COLOR=#ffffff]22.) Search for SQL database Code and passwords:[/COLOR]
    [COLOR=#ffffff]filetype: sql ( ?passwd values ****? |? password values ****? | ?pass values ****?)[/COLOR]
    [COLOR=#ffffff]23.) Search for e-mail account files:[/COLOR]
    [COLOR=#ffffff]intitle: ?Index Of?-inurl: maillog[/COLOR]
    [COLOR=#ffffff]G.) MISC. DORKS[/COLOR]
    [COLOR=#ffffff]1.) WebWiz Rich Text Editor (RTE) ? Remote file upload vulneralbility:[/COLOR]
    [COLOR=#ffffff]inurl:rte/my_documents/my_files[/COLOR]
    [COLOR=#ffffff]2.) EZFilemanager ? Remote file upload vulneralbility:[/COLOR]
    [COLOR=#ffffff]inurl:ezfilemanager/ezfilemanager.php[/COLOR]
    [COLOR=#ffffff]3.) robots.txt ? See directories hidden from crawlers. Also sometimes you can pull off a directory transversal with this:[/COLOR]
    [COLOR=#ffffff]inurl:robots.txt[/COLOR]
    [COLOR=#ffffff]4.) Serial Numbers ? Look for software serial numbers[/COLOR]
    [COLOR=#ffffff]?software name? 94FBR[/COLOR]
    [COLOR=#ffffff]H.) FIND FREE SWAG[/COLOR]
    [COLOR=#ffffff]1.) site:*.com intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]2.) site:*.net intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]3.) site:*.co intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]4.) site:*.org intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]5.) site:*.biz intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]6.) site:*.tv intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]7.) site:*.co.uk intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]8.) site:*.org.uk intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]9.) site:*.eu intitle:?Thank You For Your Order? intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]10.) intitle:Thank you for your purchase! intext:PLR OR MRR OR Package OR Bonus[/COLOR]
    [COLOR=#ffffff]11.) intitle:Thank you for your order! intext:PLR OR MRR OR Package OR Bonus[/COLOR]
    [COLOR=#ffffff]12.) intitle:Thank you for your order! intext:PLR OR MRR[/COLOR]
    [COLOR=#ffffff]13.) intitle:Thank you for your Purchase! intext:PLR OR MRR[/COLOR]
    [COLOR=#ffffff]14.) inurl:/thankyou*.html intitle:Thank you for your order![/COLOR]
    [COLOR=#ffffff]15.) intext:Click Here To Download[/COLOR]
    [COLOR=#ffffff]16.) inurl:thanks intext:?Thank You For Your Order!? ?Click Here? filetype:html[/COLOR]
    [COLOR=#ffffff]17.) intitle:Thank You For Your Order! intext:Private Label[/COLOR]
    [COLOR=#ffffff]18.) intitle:Thank You For Your Purchased! intext:Private Label[/COLOR]
    [COLOR=#ffffff]19.) intext:?Thank You For Your Order? intext:PLR[/COLOR]
    [COLOR=#ffffff]20.) intitle:?Thank You For Your Order!? intext:download[/COLOR]
    [COLOR=#ffffff]21.) intitle:?Thank You For Your Order? intext:Click Here To Download Now[/COLOR]
    [COLOR=#ffffff]22.) intitle:Thank you for your purchase! intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]23.) * thank you for your order download[/COLOR]
    [COLOR=#ffffff]24.) * intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonus[/COLOR]
    [COLOR=#ffffff]25.) * intitle:Thank you for your order! intext:PLR OR MRR[/COLOR]
    [COLOR=#ffffff]26.) * intitle:Thank You For Your Purchase! intext:Click Here to Download[/COLOR]
    [COLOR=#ffffff]27.) * intitle:Thank You For Your Order! intext:download[/COLOR]
    [COLOR=#ffffff]28.) inurl:index.of .mp3[/COLOR]
    [COLOR=#ffffff]29.) inurl:index.of .mov[/COLOR]
    [COLOR=#ffffff]30.) inurl:index.of .iso[/COLOR]
    [COLOR=#ffffff]31.) ?intitle:index.of? mp3[/COLOR]
    [COLOR=#ffffff]32.) ?intitle:index.of? mov[/COLOR]
    [COLOR=#ffffff]33.) ?intitle:index.of? iso[/COLOR]
    [COLOR=#ffffff]34.) inurl:?insert filetype?:iso+OR+exe+OR+zip+OR+rar+OR+gzip+OR+tar[/COLOR]
    [COLOR=#ffffff]35.) intext:?parent directory? intext:?[EXE]?[/COLOR]
    [COLOR=#ffffff]36.) intext:?parent directory? index of:?[EXE]?[/COLOR]
    [COLOR=#ffffff]37.) intext:?parent directory? index of:?[RAR]?[/COLOR]
    [COLOR=#ffffff]38.) intext:?parent directory? intext:?[VID]?[/COLOR]
    [COLOR=#ffffff]39.) intext:?parent directory? index of:?[VID]?[/COLOR]
    [COLOR=#ffffff]40.) intext:?parent directory? intext:?[MP3]?[/COLOR]
    [COLOR=#ffffff]41.) intext:?parent directory? index of:?[MP3]?[/COLOR]
    [COLOR=#ffffff]42.) intext:?parent directory? index of:?[Gamez]?[/COLOR]
    [COLOR=#ffffff]I.) WEBCAM GOOGLE DORKS[/COLOR]
    [COLOR=#ffffff]1.) inurl:/view.index.shtml[/COLOR]
    [COLOR=#ffffff]2.) inurl:/view.shtml[/COLOR]
    [COLOR=#ffffff]3.) intitle:?Live View / ? AXIS? | inurl:view/view.shtml^[/COLOR]
    [COLOR=#ffffff]4.) inurl:ViewerFrame?Mode=[/COLOR]
    [COLOR=#ffffff]5.) inurl:ViewerFrame?Mode=Refresh[/COLOR][COLOR=#ffffff]
    [/COLOR]
     
    • Thanks Thanks x 5
  2. roach

    roach BANNED BANNED

    Joined:
    Sep 8, 2009
    Messages:
    740
    Likes Received:
    395
    Thanks! I'll add these to my current list. I appreciate you sharing. :)
     
  3. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,112
    Likes Received:
    28,524
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:

    Haha, yeah added to my collection too.


    Cheers gullsinn