Google Hacking

  • inurl:index.of.password
    Directory listing contains password file(s)?
    
    intitle:"Index of" service.pwd
    Directory listing contains service.pwd file(s)
    
    intitle:"Index of" view-source
    Directory listing contains view-source file(s)
    
    intitle:"Index of" admin
    Direcory listing contains administrative files or directories
    
    intitle:"Index of" .htpasswd
    Directory listing contains .htpasswd file!
    
    intitle:"Index of" log.txt
    Directory listing contians log text files
    
    intitle:"Index of" stats.html
    Directory listing contains stats.html which may contain useful web server statistics
    
    "access denied for user" "using password"
    Web page contains error message which might provide useful application information
    
    "A syntax error has occurred" filetype:ihtml
    Web page contains error message which might provide useful application information
    
    "ORA-00921: unexpected end of SQL command"
    Web page contains error message which might provide useful application information
    
    inurl:passlist.txt
    The passlist.txt file may contain user passwords
    
    "Index of /backup"
    Directory may contain sensitive backup files
    
    intitle:"Index of" .bash_history
    Directory listing contains bash history information
    
    intitle:"Index of" index.html.bak
    Directory listing contains backup index file (index.html.bak)
    
    intitle:"Index of" index.php.bak
    Directory listing contains backup index file (index.html.bak)
    
    intitle:"Index of" guestbook.cgi
    Directory listing contains backup index file (index.html.bak)
    
    intitle"Test Page for Apache"
    Default test page for Apache
    
    intitle:index.of.etc
    Directory listing of /etc ?
    
    filetype:xls username password
    XLS spreadseet containing usernames and passwords?
    
    "This file was generated by Nessus"
    Nessus report!
    
    intitle:"Index of" secring.bak
    Secret key file
    
    intitle:"Terminal Services Web Connection"
    Access terminal services!
    
    intitle:"Remote Desktop Web Connection"
    Access Remote Desktop!
    
    intitle:"Index of" access_log
    Directory listing contains access_log file which may store sensitive information
    
    intitle:"Index of" finance.xls
    Directory listing contains finance.xls which may contain sensitive information
    
    intitle:"Usage Statistics for"
    Statistical information may contain sensitive data
    
    intitle:"Index of" WSFTP.LOG
    WSFTP.LOG file contains information about FTP transactions
    
    intitle:"Index of" ws_ftp.ini
    The ws_ftp.ini file may contain usernames and passwords of FTP users
    
    "not for distribution" confidential
    URL may contain confidential or sensitive information
    
    "phpMyAdmin" "running on" inurl:"main.php"
    phpMyAdmin allows remote mysql database administration
    
    "#mysql dump" filetype:sql
    mysql database dumps
    
    "This summary was generated by wwwstat"
    Database statistics
    
    "Host Vulnerability Summary Report"
    Vulnerability report!
    
    "Network Vulnerability Assessment Report"
    Vulnerability report!
    
    inurl:php.ini filetype:ini
    The php.ini file may contain sensitive PHP environment details.
    
    BEGIN (CERTIFICATE|DSA|RSA) filetype:key
    Private key(s)!
    
    BEGIN (CERTIFICATE|DSA|RSA) filetype:csr
    Private key(s)!
    
    BEGIN (CERTIFICATE|DSA|RSA) filetype:crt
    Private key(s)!
    
    intitle:"Index of" passwd passwd.bak
    passwd file!
    
    intitle:"Index of" master.passwd
    master.passwd file!
    
    intitle:"Index of" pwd.db
    pwd.db file may contain password information
    
    intitle:"Index of..etc" passwd
    passwd file!
    
    filetype:cfg ks intext:rootpw -sample -test -howto
    This file may contain the root password (encrypted)
    
    intitle:"index.of.personal"
    Directory may contain sensitive information
    
    intitle:"Index of" login.jsp
    The login.jsp file may contain database username or password information
    
    intitle:"Index of" logfile
    Directory may contain sensitive log files
    
    filetype:php inurl:"viewfile" -"index.php" -"idfil
    File may contain PHP source code
    
    allinurl:intranet admin
    Page may contain sensitive information
    
    "supplied argument is not a valid MySQL result resource"
    mysql error message may reveal sensitive information
    
    "Error Diagnostic Information" intitle:"Error Occurred While" 
    Error message may reveal sensitive information
    
    HTTP_USER_AGENT=Googlebot
    Page may contain sensitive environment details