"access denied for user" "using password"
"Chatologica MetaSearch" "stack tracking:"
"Index of /backup"
"ORA-00921: unexpected end of SQL command"
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
?intitle:index.of? mp3 name
allintitle:"Network Camera NetworkCamera"
allinurl: admin mdb
allinurl:auth_user_file.txt
intitle:"live view" intitle:axis
intitle:axis intitle:"video server"
intitle:liveapplet
inurl:"ViewerFrame?Mode="
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:passlist.txt
inurl:view/index.shtml
inurl:view/indexFrame.shtml
inurl:view/view.shtml
inurl:ViewerFrame?Mode=Refresh
liveapplet
!Host=*.* intext:enc_UserPassword=* ext:pcf
" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
"A syntax error has occurred" filetype:ihtml
"About Mac OS Personal Web Sharing"
"access denied for user" "using password"
"allow_call_time_pass_reference" "PATH_INFO"
"An illegal character has been found in the statement" -"previous message"
"ASP.NET_SessionId" "data source="
"AutoCreate=TRUE password=*"
"Can't connect to local" intitle:warning
"Certificate Practice Statement" inurl:(PDF | DOC)
"Chatologica MetaSearch" "stack tracking"
"Copyright (c) Tektronix, Inc." "printer status"
"detected an internal error [IBM][CLI Driver][DB2/6000]"
"Dumping data for table"
"Error Diagnostic Information" intitle:"Error Occurred While"
"error found handling the request" cocoon filetype:xml
"Fatal error: Call to undefined function" -reply -the -next
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"IMail Server Web Messaging" intitle:login
"Incorrect syntax near"
"Index of /" +.htaccess
"Index of /" +passwd
"Index of /" +password.txt
"Index of /admin"
"Index of /mail"
"Index Of /network" "last modified"
"Index of /password"
"index of /private" site:mil
"index of /private" -site:net -site:com -site:org
"Index of" / "chat/logs"
"index of/" "ws_ftp.ini" "parent directory"
"Installed Objects Scanner" inurl:default.asp
"Internal Server Error" "server at"
"liveice configuration file" ext:cfg
"Login - Sun Cobalt RaQ"
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log
"More Info about MetaCart Free"
"Most Submitted Forms and Scripts" "this section"
"mysql dump" filetype:sql
"mySQL error with query"
"Network Vulnerability Assessment Report" ???? pc007.com
"not for distribution" confidential
"ORA-00921: unexpected end of SQL command"
"ORA-00933: SQL command not properly ended"
"ORA-00936: missing expression"
"pcANYWHERE EXPRESS Java Client"
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the"
"phpMyAdmin MySQL-Dump" filetype:txt
"phpMyAdmin" "running on" inurl:"main.php"
"PostgreSQL query failed: ERROR: parser: parse error"
"Powered by mnoGoSearch - free web search engine software"
"powered by openbsd" +"powered by apache"
"Powered by UebiMiau" -site:sourceforge.net
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +k"
"sets mode: +p"
"sets mode: +s"
"Supplied argument is not a valid MySQL result resource"
"Supplied argument is not a valid PostgreSQL result"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
"This summary was generated by wwwstat"
"VNC Desktop" inurl:5800
"Warning: Cannot modify header information - headers already sent"
"Web File Browser" "Use regular expression"
"xampp/phpinfo
"You have an error in your SQL syntax near"
"Your password is * Remember this for later use"
aboutprinter.shtml
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
allintitle: sensitive filetype:doc
allintitle:\"Test page for Apache Installation\"
allintitle:admin.php
allinurl:"/*/_vti_pvt/" | allinurl:"/*/_vti_cnf/"
allinurl:admin mdb
allinurl:auth_user_file.txt
allinurl:servlet/SnoopServlet
An unexpected token "END-OF-STATEMENT" was found
camera linksys inurl:main.cgi
Canon Webview netcams
Comersus.mdb database
confidential site:mil
ConnectionTest.java filetype:html
data filetype:mdb -site:gov -site:mil
eggdrop filetype:user user
ext:conf NoCatAuth -cvs
ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"
ext:txt inurl:unattend.txt
filetype:ASP ASP
filetype:ASPX ASPX
filetype:BML BML
filetype:cfg ks intext:rootpw -sample -test -howto
filetype:cfm "cfapplication name" password
filetype:CFM CFM
filetype:CGI CGI
filetype:conf inurl:psybnc.conf "USER.PASS="
filetype:dat "password.dat
filetype:DIFF DIFF
filetype:DLL DLL
filetype:DOC DOC
filetype:FCGI FCGI
filetype:HTM HTM
filetype:HTML HTML
filetype:inf sysprep
filetype:JHTML JHTML
filetype:JSP JSP
filetype:log inurl:password.log
filetype:MV MV
filetype:pdf "Assessment Report" nessus
filetype:PDF PDF
filetype:PHP PHP
filetype:PHP3 PHP3
filetype:PHP4 PHP4
filetype:PHTML PHTML
filetype:PL PL
filetype:PPT PPT
filetype:PS PS
filetype:SHTML SHTML
filetype:STM STM
filetype:SWF SWF
filetype:TXT TXT
filetype:XLS XLS
htpasswd / htpasswd.bak
Index of phpMyAdmin
index of: intext:Gallery in Configuration mode
index.of passlist
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"d.aspx?id" || inurl:"d.aspx?id"
intext:"enable secret 5 $"
intext:"powered by Web Wiz Journal"
intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"
intitle:"--- VIDEO WEB SERVER ---" intext:"Video Web Server" "Any time & Any where" username password
intitle:"500 Internal Server Error" "server at"
intitle:"actiontec" main setup status "Copyright 2001 Actiontec Electronics Inc"
intitle:"Browser Launch Page"
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
intitle:"EverFocus.EDSR.app<-b>let"
intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c
intitle:"Index of" .bash_history
intitle:"Index of" .mysql_history
intitle:"Index of" .mysql_history
intitle:"Index of" .sh_history
intitle:"Index of" cfide
intitle:"index of" etc/shadow
intitle:"index of" htpasswd
intitle:"index of" intext:globals.inc
intitle:"index of" master.passwd 007????
intitle:"index of" members OR accounts
intitle:"index of" passwd
intitle:"Index of" passwords modified
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"Index of" pwd.db
intitle:"index of" spwd
intitle:"Index of" spwd.db passwd -pam.conf
intitle:"index of" user_carts OR user_cart
intitle:"Index of..etc" passwd
intitle:"iVISTA.Main.Page"
intitle:"network administration" inurl:"nic"
intitle:"OfficeConnect Cable/DSL Gateway" intext:"Checking your browser"
intitle:"remote assessment" OpenAanval Console
intitle:"Remote Desktop Web Connection" inurl:tsweb
intitle:"switch login" "IBM Fast Ethernet Desktop"
intitle:"SWW link" "Please wait....."
intitle:"teamspeak server-administration
intitle:"TUTOS Login"
intitle:"VMware Management Interface:" inurl:"vmware/en/"
intitle:"Welcome to the Advanced Extranet Server, ADVX!"
intitle:"Welcome to Windows 2000 Internet Services"
intitle:"Connection Status" intext:"Current login"
intitle:"inc. vpn 3000 concentrator" intitle:asterisk.management.portal web-access
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:index.of cgiirc.config
intitle:Index.of etc shadow site:passwd
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
intitle:index.of master.passwd
intitle:index.of passwd passwd.bak
intitle:index.of people.lst
intitle:index.of trillian.ini
intitle:Novell intitle:WebAccess "Copyright &# Novell, Inc"
intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
intitle:open-xchange inurl:login.pl
inurl:":10000" intext:webmin
inurl:"8003/Display?what="
inurl:"auth_user_file.txt"
inurl:"GRC.DAT" intext:"password"
inurl:"printer/main.html" intext:"settings"
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"ViewerFrame?Mode="
inurl:"wvdial.conf" intext:"password" ????007????
inurl:"wwwroot/
inurl:/Citrix/Nfuse17/
inurl:/db/main.mdb
inurl:/wwwboard
inurl:access
inurl:admin filetype:db
inurl:asp
inurl:buy
inurl:ccbill filetype:log
inurl:cgi
inurl:cgiirc.config
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:data
inurl:default.asp intitle:"WebCommander"
inurl:download
inurl:file
inurl:filezilla.xml -cvs
inurl:forum
inurl:home
inurl:hp/device/this.LCDispatcher
inurl:html
inurl:iisadmin
inurl:inc
inurl:info
inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
inurl:list
inurl:login filetype:swf swf
inurl:mail
inurl:midicart.mdb
inurl:names.nsf?opendatabase
inurl:new
inurl:nuke filetype:sql
inurl:order
inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pages
inurl:pap-secrets -cvs
inurl:passlist.txt
inurl:passwd filetype:txt
inurl:Proxy.txt
inurl:public
inurl:search
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:shop
inurl:shopdbtest.asp
inurl:software
inurl:support
inurl:user
inurl:vtund.conf intext:pass -cvs s
inurl:web
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:"index.of./" sites.ini modified
POWERED BY HIT JAMMER 1.0!
signin filetype:url
site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"
top secret site:mil
Ultima Online loginservers
VP-ASP Shop Administrators only
XAMPP "inurl:xampp/index
allinurl: "proxylist.txt"
allinurl: "proxy.txt"
"index of/root"
"auth_user_file.txt"
"index of/root"
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype oc
allintitle: restricted filetype :mail
allintitle: restricted filetype oc site:gov
for IIS server exlpoit
allinurl: winnt/system32/
and u’ll get many IIS server exploitsъ
intitle:r57shell
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
inurl:/adpassword.txt
inurl:admin.dat
and even for shop sites:
inurl:/shop/db/
intitle:"index of/ shop" +db
intitle:"index of/" +shopping_cart
Цитата:
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."
top secret site:mil
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
Многие админы оставляют открытыми такие директории:
Цитата:
/orders
/Order
/Orders
/order
/config
/Admin_files
/mall_log_files
/PDG_Cart
PDG_Cart/order.log
PDG_Cart/shopper.conf
/pw
/store/customers
/store/temp_customers
/WebShop
/webshop
/WebShop/templates
/WebShop/logs
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt
в
этих директориях мы за частую можем найти такие файлы как
Цитата:
orders.txt
order.txt
import.txt
checks.txt
order_log
order.log
orders.log
orders_log
log_order
log_orders
temp_order
temp_orders
order_temp
robots.txt
admin.mdb
user_file.txt