站內(nèi)搜索地址為：
httpwww.google.comcustomdomains=（這里寫我們要搜索的站點(diǎn)，比如feelids.com）
進(jìn)去可以選擇www和feelids.com， 當(dāng)然再選我們要的站內(nèi)搜索哦！
黑客專用信息和資料搜索地址為：
httpwww.google.comcustomhl=xx-hacker
這里是google關(guān)鍵字的用法，要設(shè)置它為中文，則是
httpwww.google.comcustomhl=zh-CN
英文則是httpwww.google.comcustomhl=en 常用的google關(guān)鍵字：
foo1 foo2 (也就是關(guān)聯(lián)，比如搜索xx公司 xx美女)
operatorfoo
filetype123 類型
sitefoo.com 相對(duì)直接看網(wǎng)站更有意思，可以得到許多意外的信息
intextfoo
intitle fooltitle 標(biāo)題哦
allinurlfoo 搜索xx網(wǎng)站的所有相關(guān)連接。（踩點(diǎn)必備）
linksfoo 不要說就知道是它的相關(guān)鏈接
allintiltefoo.com 我們可以輔助- 來調(diào)整搜索的精確程度 直接搜索密碼：(引號(hào)表示為精確搜索)
當(dāng)然我們可以再延伸到上面的結(jié)果里進(jìn)行二次搜索
index of htpasswd passwd
filetypexls username password email
ws_ftp.log
config.php
allinurladmin mdb
service filetypepwd ....或者某個(gè)比如pcanywhere的密碼后綴cif等 越來越有意思了，再來點(diǎn)更敏感信息
robots.txt Disallow filetypetxt
inurl_vti_cnf (FrontPage的關(guān)鍵索引啦，掃描器的CGI庫一般都有地)
allinurl msadcSamplesselectorshowcode.asp
......passwd
examplesjspsnpsnoop.jsp
phpsysinfo
intitleindex of admin
intitledocumetation
inurl 5800(vnc的端口)或者desktop port等多個(gè)關(guān)鍵字檢索
webmin port 10000
inurladminlogin.asp
intextPowered by GBook365
intitlephp shell Enable stderr filetypephp 直接搜索到phpwebshell foo.org filetypeinc ipsec filetypeconf
intilteerror occurred ODBC request Where (selectinsert) 說白了就是說，可以直接試著查查數(shù)據(jù)庫檢索，針對(duì)目前流行的sql注射，會(huì)發(fā)達(dá)哦
intitlephp shell Enable stderr filetypephp
Dumping data for table username password
intitleError using Hypernews
Server Software
intitleHTTP_USER_AGENT=Googlebot
HTTP_USER_ANGET=Googlebot THS ADMIN
filetype.doc site.mil classified 直接搜索軍方相關(guān)word 檢查多個(gè)關(guān)鍵字：
intitleconfig confixx login password mydomain.com nessus report
report generated by
ipconfig
winipconfig google緩存利用（hoho，最有影響力的東西）推薦大家搜索時(shí)候多選搜索所有網(wǎng)站
特別推薦：administrator users 等相關(guān)的東西，比如名字，生日等……最慘也可以拿來做字典嘛
cachefoo.com 可以查閱類似結(jié)果 先找找網(wǎng)站的管理后臺(tái)地址：
sitexxxx.com intext管理
sitexxxx.com inurllogin
sitexxxx.com intitle管理
sitea2.xxxx.com inurlfile
sitea3.xxxx.com inurlload
sitea2.xxxx.com intextftp
sitea2.xxxx.com filetypeasp
sitexxxx.com 得到N個(gè)二級(jí)域名
sitexxxx.com intext@xxxx.com 得到N個(gè)郵件地址，還有郵箱的主人的名字什么的
sitexxxx.com intext電話 N個(gè)電話
intitleindex of etc
intitleIndex of .sh_history
intitleIndex of .bash_history
intitleindex of passwd
intitleindex of people.lst
intitleindex of pwd.db
intitleindex of etcshadow
intitleindex of spwd
intitleindex of master.passwd
intitleindex of htpasswd
# -FrontPage- inurlservice.pwd allinurlbbs data
filetypemdb inurldatabase
filetypeinc conn
inurldata filetypemdb
intitleindex of data
3) http@www domainname 找一些ISP站點(diǎn)，可以查對(duì)方ip的虛擬主機(jī) 4) auth_user_file.txt 不實(shí)用了，太老了 5) The Master List 尋找郵件列表的 6) intitlewelcome.to.squeezebox 一種特殊的管理系統(tǒng)，默認(rèn)開放端口90 7) passlist.txt (a better way) 字典 8) A syntax error has occurred filetypeihtml 9) extphp program_listing intitleMythWeb.Program.Listing 10) intitleindex.of abyss.conf 11)extnbe nbe 12)intitleSWW link Please wait..... 14) intitleFreifunk.Net - Status -sitecommando.de 15) intitleWorldClient intext (20032004) Alt-N Technologies. 17) intitleopen-xchange inurllogin.pl 20) intitlesite administration please log in site designed by emarketsouth 21) orA-00921 unexpected end of SQL command 22)intitleYALA Yet Another LDAP Administrator 23)welcome.to phpqladmin Please login -cvsweb 24)intitleSWW link Please wait..... 25)inurlport_255 -htm 27)intitleWorldClient intext (20032004) Alt-N Technologies. 這些是新的一些漏洞技巧，在0days公告公布 extphp program_listing intitleMythWeb.Program.Listing inurlpreferences.ini [emule] intitleIndex of CFIDE administrator access denied for user using password extphp intextPowered by phpNewMan Version 可以看到：pathtonewsbrowse.phpclang=............fileiwant inurlbecommunitycommunityindex.phppageurl= intitleASP FileMan Resend -siteiisworks.com Enter ip inurlphp-ping.php extconf inurlrsyncd.conf -cvs -man intitle private, protected, secret, secure, winnt intitleDocuShare inurldocusharedsweb -faq -gov -edu
#mysql dump filetypesql allow_call_time_pass_reference PATH_INFO Certificate Practice Statement inurl(PDF DOC) LeapFTP intitleindex.of. sites.ini modified
master.passwd mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd etc (reliable)
people.lst
psyBNC config files
pwd.db
signin filetypeurl
spwd.db passwd
trillian.ini
wwwboard WebAdmin inurlpasswd.txt wwwboardwebadmin # -FrontPage- extpwd inurl(service authors administrators users) # -FrontPage- inurlservice.pwd
AutoCreate=TRUE password=
http@www domainname
index of ws_ftp.ini parent directory
liveice configuration file extcfg -sitesourceforge.net
powered by ducalendar -siteduware.com
Powered by Duclassified -siteduware.com
Powered by Duclassified -siteduware.com DUware All Rights reserved
powered by duclassmate -siteduware.com
Powered by Dudirectory -siteduware.com
powered by dudownload -siteduware.com
Powered By Elite Forum Version .
Powered by Link Department
sets mode k
Powered by DUpaypal -siteduware.com
allinurl admin mdb
auth_user_file.txt
config.php
eggdrop filetypeuser user
etc (index.of)
extini eudora.ini
extini Version=... password
exttxt inurlunattend.txt filetypebak inurlhtaccesspasswdshadowhtusers filetypecfg mrtg target -sample -cvs -example filetypecfm cfapplication name password filetypeconf oekakibbs
filetypeconf sc_serv.conf filetypeconf slapd.conf filetypeconfig config intextappSettings User ID filetypedat password.dat filetypedat wand.dat filetypeinc dbconn filetypeinc intextmysql_connect
filetypeinc mysql_connect or mysql_pconnect filetypeinf sysprep filetypeini inurlserv-u.ini
filetypeini inurlflashFXP.ini
filetypeini ServUDaemon
filetypeini wcx_ftp
filetypeini ws_ftp pwd filetypeldb admin filetypelog See `ipsec copyright filetypelog inurlpassword.log filetypemdb inurlusers.mdb filetypemdb wwforum filetypenetrc password filetypepass pass intextuserid filetypepem intextprivate filetypeproperties inurldb intextpassword filetypepwd service
filetypepwl pwl filetypereg reg intextdefaultusername intextdefaultpassword
filetypereg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetypesql (values MD values password values encrypt)
filetypesql (passwd values password values pass values )
filetypesql IDENTIFIED BY -cvs
filetypesql password filetypeurl inurlftp inurl;@ filetypexls username password email htpasswd
htpasswd htgroup
htpasswd htpasswd.bak intextenable secret $
intextpowered by Web Wiz Journal intitleindex of intextconnect.inc
intitleindex of intextglobals.inc
intitleIndex of passwords modified intitledupics inurl(add.asp default.asp view.asp voting.asp) -siteduware.com intitleindex.of intextsecring.skrsecring.pgpsecring.bak inurlGRC.DAT intextpassword inurlslapd.conf intextcredentials -manpage -Manual Page -man -sample inurlslapd.conf intextrootpw -manpage -Manual Page -man -sample inurlwvdial.conf intextpassword inurldbmain.mdb inurlchap-secrets -cvs inurlconfig.php dbuname dbpass
inurlfilezilla.xml -cvs inurllilo.conf filetypeconf password -tatercounter -bootpwd -man inurlnuke filetypesql inurlospfd.conf intextpassword -sample -test -tutorial -download 路由配置
inurlpap-secrets -cvs inurlperform filetypeini
inurlsecring extskr extpgp extbak inurlvtund.conf intextpass -cvs inurlzebra.conf intextpassword -sample -test -tutorial -download Generated by phpSystem
generated by wwwstat Host Vulnerability Summary Report ] HTTP_FROM=googlebot googlebot.com Server_Software= Index of chatlogs 聊天室
Installed Objects Scanner inurldefault.asp Mecury Version Infastructure Group
Microsoft (R) Windows (TM) Version DrWtsn Copyright (C) extlog Most Submitted Forms and Scripts this section Network Vulnerability Assessment Report not for distribution confidential
phone address e-mail intitlecurriculum vitae phpMyAdmin running on inurlmain.php produced by getstats
Request Details Control Tree Server Variables
robots.txt Disallow filetypetxt Running in Child mode sets mode p
sets mode s
Thank you for your order receipt
This is a Shareaza Node
This report was generated by WebLog
( filetypemail filetypeeml filetypembox filetypembx ) intextpasswordsubject (inurlrobot.txt inurlrobots.txt ) intextdisallow filetypetxt -sitephp.net -The PHP Group inurlsource inurlurl extpHp FBR ADOBE PHOTOSHOP
AIM buddy lists
allinurlexamplesjspsnpsnoop.jsp
allinurlservletSnoopServlet
cgiirc.conf data filetypemdb -sitegov -sitemil exported email addresses extasp inurlpathto.asp extcgi inurleditcgi.cgi inurlfile= extconf inurlrsyncd.conf -cvs -man
extconf NoCatAuth -cvs extdat bpk.dat
extgho gho extini intextenv.ini
extldif ldif extlog Software Microsoft Internet Information Services .
--------------------------
extmdb inurl.mdb inurlfpdb shop.mdb filetypebkf bkf
filetypeblt buddylist
filetypeblt blt intextscreenname filetypecfg auto_inst.cfg filetypeconf inurlfirewall -intitlecvs
filetypeconfig web.config -CVS filetypectt ctt messenger filetypefp fp
filetypefp fp -sitegov -sitemil -cvs log filetypeinf inurlcapolicy.inf
filetypelic lic intextkey filetypemyd myd -CVS
filetypens ns
filetypeora ora
filetypeora tnsnames
filetypepdb pdb backup (Pilot Pluckerdb) filetypepot inurljohn.pot
----------------------------------------
filetypepst inurloutlook.pst
filetypepst pst -from -to -date
filetypeqbb qbb
filetyperdp rdp filetypereg Terminal Server Client
filetypevcs vcs
filetypewab wab filetypexls -sitegov inurlcontact
filetypexls inurlemail.xls
Financial spreadsheets finance.xls
Financial spreadsheets finances.xls Ganglia Cluster Reports haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please... iletypelog cron.log
intextSession Start filetypelog
intextTobias Oetiker traffic analysis intext(password passcode) intext(username userid user) filetypecsv
intextgmail invite intexthttpgmail.google.comgmaila intextSQLiteManager inurlmain.php intitleApacheStatus (inurlserver-status inurlstatus.html inurlapache.html) intitleAppServ Open Project -sitewww.appservnetwork.com
intitleASP Stats Generator . ASP Stats Generator - weppos intitleFTP root at
intitleindex of myd size intitleIndex Of -inurlmaillog maillog size intitleIndex Of cookies.txt size intitleindex of mysql.conf or mysql_config
intitleIndex of upload size parent directory intitleindex.of .diz .nfo last modified
intitleMultimon UPS status page
intitlePHP Advanced Transfer (inurlindex.php inurlshowrecent.php )
intitlePhpMyExplorer inurlindex.php -cvs
---------------------------------------------------------------------
intitlestatistics of advanced web statistics
intitleSystem Statistics System and Network Information Center
intitleUsage Statistics for Generated by Webalizer
intitlewbem compaq login Compaq Information Technologies Group intitleWeb Server Statistics for
intitleweb server status SSH Telnet
intitlewelcome.to.squeezebox intitleadmin intitlelogin
intitleindex.of Apache server at
intitleindex.of cleanup.log
intitleindex.of dead.letter
intitleindex.of inbox
intitleindex.of inbox dbx intitleintranet inurlintranet intextphone
inurlaxsax-admin.pl -script
inurlcricketgrapher.cgi
inurlbookmark.htm inurlcacti inurlgraph_view.php Settings Tree View -cvs -RPM
inurlnewsletteradmin
inurlnewsletteradmin intitlenewsletter admin
inurlputty.reg
inurlsmb.conf intextworkgroup filetypeconf conf
---------------------------------------------------------------------------------------------------------- Welcome to ntop! adding new user inurladdnewuser -there are no domains
(inurlcgi-bin.cobalt) (intextWelcome to the Cobalt RaQ) filetypephp HAXPLORER Server Files Browser
intitleWeb Data Administrator - Login inurlConnectComputerprecheck.htm inurlRemotelogon.aspx
PHP Shell (unprotected)
PHPKonsole PHPShell filetypephp -echo
Public PHP FileManagers index of picasa.ini
index of inurlrecycler
Index of rar r nfo Modified
intitleIndex.Of stats merchant cgi- etc
Powered by Invision Power File Manager (inurllogin.php) (intitleBrowsing directory )
Web File Browser Use regular expression filetypeini Desktop.ini intextmydocs.dll intextd.aspxid inurld.aspxid
intextPowered By TotalIndex intitleTotalIndex
intitlealbum permissions Users who can modify photos EVERYBODY
intitleDirectory Listing For intextTomcat -intitleTomcat
intitleHFS HttpFileServer
intitleIndex of inurlmy shared folder size modified
------------------------------------------------------------------------------------------------------------------- File Upload Manager v. rename to extasp powered by DUForum inurl(messagesdetailslogindefaultregister) -siteduware.com
extasp inurlDUgallery intitle. -sitedugallery.com -siteduware.com
extcgi inurlubb_test ezBOO Administrator Panel -cvs filetypecgi inurlcachemgr.cgi
filetypecnf my.cnf -cvs -example
filetypeinc inc intextsetcookie filetypephp inurlviewfile -index.php -idfil
filetypewsdl wsdl intitleASP FileMan Resend -siteiisworks.com intitleIndex of modified php.exe intitlephpremoteview filetypephp Name, Size, Type, Modify inurl WWWADMIN.PL intitlewwwadmin
inurlnph-proxy.cgi Start browsing through this CGI-based proxy
inurlplogregister.php
inurlcgi.asxStoreID inurlrobpoll.cgi filetypecgi The Master List More Info about MetaCart Free

最新評(píng)論