关闭

访问网站目录 小知识

1587人阅读 评论(0) 收藏 举报
分类:

使用google  搜索 intext :"to parent directory  " 可以访问 网站目录。

 

 

常用的google关键字: ,abercrombie fitch Mens
foo1 foo2 (也就是关联,比如搜索xx公司 xx美女) 
operator:foo 
filetype:123 类型 
site:foo.com 相对直接看网站更有意思,可以得到许多意外的信息 
intext:foo 
intitle: fooltitle 标题哦 
allinurl:foo 搜索xx网站的所有相关连接。(踩点必备) 
links:foo 不要说就知道是它的相关链接 
allintilte:foo.com 

我们可以辅助"-" "+"来调整搜索的精确程度 

直接搜索密码:(引号表示为精确搜索) 
当然我们可以再延伸到上面的结果里进行二次搜索 
"index of" htpasswd / passwd 
filetype:xls username password email 
"ws_ftp.log" 
"config.php" 
allinurl:admin mdb 
service filetype:pwd ....或者某个比如pcanywhere的密码后缀cif等 

越来越有意思了,再来点更敏感信息 
"robots.txt" "Disallow:" filetype:txt 
inurl:_vti_cnf (FrontPage的关键索引啦,扫描器的CGI库一般都有地) 
allinurl: /msadc/Samples/selector/showcode.asp 
/../../../passwd 
/examples/jsp/snp/snoop.jsp 
phpsysinfo 
intitle:index of /admin 
intitle:"documetation" 
inurl: 5800(vnc的端口)或者desktop port等多个关键字检索 
webmin port 10000 
inurl:/admin/login.asp 
intext:Powered by GBook365 
intitle:"php shell*" "Enable stderr" filetype:php 直接搜索到phpwebshell 

foo.org filetype:inc 

ipsec filetype:conf 
intilte:"error occurred" ODBC request WHERE (select|insert) 说白了就是说,可以直接试着查查数据库检索,针对目前流行的sql注射,会发达哦 
intitle:"php shell*" "Enable stderr" filetype:php 
"Dumping data for table" username password 
intitle:"Error using Hypernews" 
"Server Software" 
intitle:"HTTP_USER_AGENT=Googlebot" 
"HTTP_USER_ANGET=Googlebot" THS ADMIN 
filetype:.doc site:.mil classified 直接搜索军方相关word 

检查多个关键字: 
intitle:config confixx login password 

"mydomain.com" nessus report 
"report generated by" 
"ipconfig" 
"winipconfig" 

google缓存利用(hoho,最有影响力的东西)推荐大家搜索时候多"选搜索所有网站" 
特别推荐:administrator users 等相关的东西,比如名字,north face On Sale,生日等……最惨也可以拿来做字典嘛 
cache:foo.com 

可以查阅类似结果 

先找找网站的管理后台地址: 
site:xxxx.com intext:管理 
site:xxxx.com inurl:login 
site:xxxx.com intitle:管理 
site:a2.xxxx.com inurl:file 
site:a3.xxxx.com inurl:load 
site:a2.xxxx.com intext:ftp://*:* 
site:a2.xxxx.com filetype:asp 
site:xxxx.com //得到N个二级域名 
site:xxxx.com intext:*@xxxx.com //得到N个邮件地址,north face Store,还有邮箱的主人的名字什么的 
site:xxxx.com intext:电话 //N个电话 
intitle:"index of" etc 
intitle:"Index of" .sh_history 
intitle:"Index of" .bash_history 
intitle:"index of" passwd 
intitle:"index of" people.lst 
intitle:"index of" pwd.db 
intitle:"index of" etc/shadow 
intitle:"index of" spwd 
intitle:"index of" master.passwd 
intitle:"index of" htpasswd 
"# -FrontPage-" inurl:service.pwd 

allinurl:bbs data 
filetype:mdb inurl:database 
filetype:inc conn 
inurl:data filetype:mdb 
intitle:"index of" data 
…… 

一些技巧集合: 

3) "http://*:*@www" domainname 找一些ISP站点,可以查对方ip的虚拟主机 
3 
4) auth_user_file.txt 不实用了,太老了 

5) The Master List 寻找邮件列表的 

6) intitle:"welcome.to.squeezebox" 一种特殊的管理系统,moncler Outlet,默认开放端口90 
7) passlist.txt (a better way) 字典 

8) "A syntax error has occurred" filetype:ihtml 

9) ext:php program_listing intitle:MythWeb.Program.Listing 
10) intitle:index.of abyss.conf 
11)ext:nbe nbe 

12)intitle:"SWW link" "Please wait....." 
13) 

14) intitle:"Freifunk.Net - Status" -site:commando.de 

15) intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies." 

17) intitle:open-xchange inurl:login.pl 

20) intitle:"site administration: please log in" "site designed by emarketsouth" 
21) ORA-00921: unexpected end of SQL command 

22)intitle:"YALA: Yet Another LDAP Administrator" 
23)welcome.to phpqladmin "Please login" -cvsweb 
24)intitle:"SWW link" "Please wait....." 
25)inurl:"port_255" -htm 

27)intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies." 

这些是新的一些漏洞技巧,在0days公告公布 

ext:php program_listing intitle:MythWeb.Program.Listing 

inurl:preferences.ini "[emule]" 

intitle:"Index of /CFIDE/" administrator 

"access denied for user" "using password" 

ext:php intext:"Powered by phpNewMan Version" 可以看到:path/to/news/browse.php?clang=../../../../../../file/i/want 

inurl:"/becommunity/community/index.php?pageurl=" 

intitle:"ASP FileMan" Resend -site:iisworks.com 

"Enter ip" inurl:"php-ping.php" 

ext:conf inurl:rsyncd.conf -cvs -man 

intitle: private, protected, secret, secure, winnt 

intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu 
"#mysql dump" filetype:sql 

"allow_call_time_pass_reference" "PATH_INFO" 

"Certificate Practice Statement" inurl:(PDF | DOC) 

LeapFTP intitle:"index.of./" sites.ini modified 
master.passwd 

mysql history files 
NickServ registration passwords 
passlist 
passlist.txt (a better way) 
passwd 
passwd / etc (reliable) 
people.lst 
psyBNC config files 
pwd.db 
signin filetype:url 
spwd.db / passwd 
trillian.ini 
wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin 

"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" 

inurl:service.pwd 
"AutoCreate=TRUE password=*" 
"http://*:*@www" domainname 
"index of/" "ws_ftp.ini" "parent directory" 
"liveice configuration file" ext:cfg -site:sourceforge.net 
"powered by ducalendar" -site:duware.com 
"Powered by Duclassified" -site:duware.com 
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved" 
"powered by duclassmate" -site:duware.com 
"Powered by Dudirectory" -site:duware.com 
"powered by dudownload" -site:duware.com 
"Powered By Elite Forum Version *.*" 
"Powered by Link Department" 
"sets mode: +k" 
"Powered by DUpaypal" -site:duware.com 
allinurl: admin mdb 
auth_user_file.txt 
config.php 
eggdrop filetype:user user 
etc (index.of) 
ext:ini eudora.ini 
ext:ini Version=... password 
ext:txt inurl:unattend.txt 

filetype:bak inurl:"htaccess|passwd|shadow|htusers" 

filetype:cfg mrtg "target" -sample -cvs -example 

filetype:cfm "cfapplication name" password 

filetype:conf oekakibbs 
filetype:conf sc_serv.conf 

filetype:conf slapd.conf 

filetype:config config intext:appSettings "User ID" 

filetype:dat "password.dat" 

filetype:dat wand.dat 

filetype:inc dbconn 

filetype:inc intext:mysql_connect 
filetype:inc mysql_connect OR mysql_pconnect 

filetype:inf sysprep 

filetype:ini inurl:"serv-u.ini" 
filetype:ini inurl:flashFXP.ini 
filetype:ini ServUDaemon 
filetype:ini wcx_ftp 
filetype:ini ws_ftp pwd 

filetype:ldb admin 

filetype:log "See `ipsec copyright" 

filetype:log inurl:"password.log" 

filetype:mdb inurl:users.mdb 

filetype:mdb wwforum 

filetype:netrc password 

filetype:pass pass intext:userid 

filetype:pem intext:private 

filetype:properties inurl:db intext:password 

filetype:pwd service 
filetype:pwl pwl 

filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword" 
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS 
filetype:sql ("values * MD" | "values * password" | "values * encrypt") 
filetype:sql ("passwd values" | "password values" | "pass values" ) 
filetype:sql +"IDENTIFIED BY" -cvs 
filetype:sql password 



Topics related articles: 
Women moncler -爆香后放入肉片一变色就倒入酱油翻炒 
abercrombie fitch Outlet - 
spyder Mens -于是

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:234497次
    • 积分:6724
    • 等级:
    • 排名:第3631名
    • 原创:436篇
    • 转载:153篇
    • 译文:0篇
    • 评论:40条
    最新评论