E aew galerinha blz? hoje venho trazendo algumas Dork's
.... Abaixo estarei colocando o link para a minha primeira postagem com Dorks Variadas [SQL / XSS / LFI / RFI / CGI / Web-Dav / Card CC / Shell Upadas / Area de Upload]
Se gostou clicke em obrigado e Boa Sorte
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
Cameras Online
File Manager
Local File Disclosure (LFD)
Avisos e vulnerabilidades
Arquivos contendo Senhas
Arquivos contendo Usuarios
Servers Vulneraveis
Area de Uploda com Painel de Adm
SQL
.... Abaixo estarei colocando o link para a minha primeira postagem com Dorks Variadas [SQL / XSS / LFI / RFI / CGI / Web-Dav / Card CC / Shell Upadas / Area de Upload]
Se gostou clicke em obrigado e Boa Sorte
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
Cameras Online
Código:
inurl:"view/indexFrame.shtml" inurl:"view/index.shtml" intitle:"Live View / - AXIS" intitle:axis camera intitle:"axis #Kameramodell#" inurl:sample/LvAppl/ intitle:"V.Networks [Motion Picture(Java)" intitle:"EvoCam" inurl:"webcam.html" intitle:"my webcamXP server!" inurl:/control/userimage.html inurl:/ViewerFrame?Mode=Motion inurl:toolam.html inurl:viewash.html intitle:"TOSHIBA Network Camera - User Login" inurl:/home/homeJ.html inurl:/view.shtml intitle:”Live View / - AXIS” | inurl:view/view.shtml^ inurl:ViewerFrame?Mode= inurl:ViewerFrame?Mode=Refresh inurl:axis-cgi/jpg inurl:axis-cgi/mjpg (motion-JPEG) inurl:view/indexFrame.shtml inurl:view/index.shtml inurl:view/view.shtml liveapplet intitle:”live view” intitle:axis intitle:liveapplet allintitle:”Network Camera NetworkCamera” intitle:axis intitle:”video server” intitle:liveapplet inurl:LvAppl intitle:”EvoCam” inurl:”webcam.html” intitle:”Live NetSnap Cam-Server feed” intitle:”Live View / - AXIS” intitle:”Live View / - AXIS 206M” intitle:”Live View / - AXIS 206W” intitle:”Toshiba Network Camera” user login intitle:”netcam live image” intitle:”i-Catcher Console - Web Monitor” intitle:start inurl:cgistart intitle:”WJ-NT104 Main Page” intext:”MOBOTIX M1? intext:”Open Menu” intext:”MOBOTIX M10? intext:”Open Menu” intext:”MOBOTIX D10? intext:”Open Menu” intitle:snc-z20 inurl:home/ intitle:snc-cs3 inurl:home/ intitle:snc-rz30 inurl:home/ intitle:”sony network camera snc-p1? intitle:”sony network camera snc-m1? site:.viewnetcam.com -www.viewnetcam.com
Código:
inurl:/plugins/ajaxfilemanager/ inurl:"wp-file-uploader.php"
Código:
inurl:"download?path=" inurl:"download?filepath=" inurl:"download?fpath=" inurl:"download.php?filepath=" inurl:"download.php?fpath=" inurl:"download.php?download=" inurl:"download?download=" inurl:"download.php?dl=" inurl:"download.php?get=" inurl:"download.php?dwl=" inurl:"download?dl=" inurl:"download?dwl=" inurl:"download?get=" inurl:"download?filename=" inurl:"download?file=" inurl:"download?*&file=" inurl:"download.php?path=" inurl:"download.php?filename=" inurl:"download.php?file=" inurl:"download.php?*&file=" inurl:"download.php?include=" inurl:"download.php?inc=" inurl:"download?file=" & filetype:pdf (Most of them will be configured through .htaccess) inurl:"download?file=" & filetype:html (Most of them will be configured through .htaccess) inurl:"download?file=" & filetype:doc (Most of them will be configured through .htaccess) inurl:"dl?download=" inurl:"dl?path=" inurl:"dl?filename=" inurl:"dl?file=" inurl:"dl?*&file=" inurl:"dl.php?download=" inurl:"dl.php?path=" inurl:"dl.php?filename=" inurl:"dl.php?file=" inurl:"dl.php?*&file=" inurl:"dl.php?include=" inurl:"dl.php?inc=" inurl:dl.php?id=*.pdf inurl:"dwl.php?get=" inurl:"dwl.php?download=" inurl:"dwl.php?file=" inurl:"dwl.php?filename=" inurl:"dwl.php?path=" inurl:"get.php?filename=" inurl:"get.php?path=" inurl:"get.php?download="
Código:
"1999-2004 FuseTalk Inc" -site:fusetalk.com "2003 DUware All Rights Reserved" "2004-2005 ReloadCMS Team." "2005 SugarCRM Inc. All Rights Reserved" "Powered By SugarCRM" "Active Webcam Page" inurl:8080 "Based on DoceboLMS 2.0" "BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen" "BosDates Calendar System " "powered by BosDates v3.2 by BosDev" "Calendar programming by AppIdeas.com" filetype:php "Copyright 2000 - 2005 Miro International Pty Ltd. All rights reserved" "Mambo is Free Software released"
Código:
"admin account info" filetype:log !Host=*.* intext:enc_UserPassword=* ext:pcf "# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd "AutoCreate=TRUE password=*" "http://*:*@www" domainname "index of/" "ws_ftp.ini" "parent directory" "liveice configuration file" ext:cfg -site:sourceforge.net "parent directory" +proftpdpasswd "powered by ducalendar" -site:duware.com "Powered by Duclassified" -site:duware.com "Powered by Duclassified" -site:duware.com "DUware All Rights reserved" "powered by duclassmate" -site:duware.com "Powered by Dudirectory" -site:duware.com "powered by dudownload" -site:duware.com "Powered By Elite Forum Version *.*" "Powered by Link Department" "sets mode: +k" "your password is" filetype:log "Powered by DUpaypal" -site:duware.com allinurl: admin mdb auth_user_file.txt config.php eggdrop filetype:user user enable password | secret "current configuration" -intext:the etc (index.of) ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn ext:inc "pwd=" "UID=" ext:ini eudora.ini ext:ini Version=4.0.0.4 password ext:passwd -intext:the -sample -example ext:txt inurl:unattend.txt ext:yml database inurl:config filetype:bak createobject sa filetype:bak inurl:"htaccess|passwd|shadow|htusers" filetype:cfg mrtg "target[*]" -sample -cvs -example filetype:cfm "cfapplication name" password filetype:conf oekakibbs filetype:conf slapd.conf filetype:config config intext:appSettings "User ID" filetype:dat "password.dat" filetype:dat inurl:Sites.dat filetype:dat wand.dat filetype:inc dbconn filetype:inc intext:mysql_connect filetype:inc mysql_connect OR mysql_pconnect filetype:inf sysprep filetype:ini inurl:"serv-u.ini" filetype:ini inurl:flashFXP.ini filetype:ini ServUDaemon filetype:ini wcx_ftp filetype:ini ws_ftp pwd filetype:ldb admin filetype:log "See `ipsec --copyright" filetype:log inurl:"password.log" filetype:mdb inurl:users.mdb filetype:mdb wwforum filetype:netrc password filetype:pass pass intext:userid filetype:pem intext:private filetype:properties inurl:db intext:password filetype:pwd service filetype:pwl pwl filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword" filetype:reg reg +intext:”WINVNC3” filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS filetype:sql "insert into" (pass|passwd|password) filetype:sql ("values * MD5" | "values * password" | "values * encrypt") filetype:sql ("passwd values" | "password values" | "pass values" ) filetype:sql +"IDENTIFIED BY" -cvs filetype:sql password filetype:url +inurl:"ftp://" +inurl:";@" filetype:xls username password email htpasswd htpasswd / htgroup htpasswd / htpasswd.bak intext:"enable password 7" intext:"enable secret 5 $" intext:"powered by EZGuestbook" intext:"powered by Web Wiz Journal" intitle:"index of" intext:connect.inc intitle:"index of" intext:globals.inc intitle:"Index of" passwords modified intitle:"Index of" sc_serv.conf sc_serv content intitle:"phpinfo()" +"mysql.default_password" +"Zend Scripting Language Engine" intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com intitle:index.of administrators.pwd intitle:Index.of etc shadow intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak" intitle:rapidshare intext:login inurl:"calendarscript/users.txt" inurl:"editor/list.asp" | inurl:"database_editor.asp" | inurl:"login.asa" "are set" inurl:"GRC.DAT" intext:"password" inurl:"Sites.dat"+"PASS=" inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample inurl:"wvdial.conf" intext:"password" inurl:/db/main.mdb inurl:/wwwboard inurl:/yabb/Members/Admin.dat inurl:ccbill filetype:log inurl:cgi-bin inurl:calendar.cfg inurl:chap-secrets -cvs inurl:config.php dbuname dbpass inurl:filezilla.xml -cvs inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man inurl:nuke filetype:sql inurl:ospfd.conf intext:password -sample -test -tutorial -download inurl:pap-secrets -cvs inurl:pass.dat inurl:perform filetype:ini inurl:perform.ini filetype:ini inurl:secring ext:skr | ext:pgp | ext:bak inurl:server.cfg rcon password inurl:ventrilo_srv.ini adminpassword inurl:vtund.conf intext:pass -cvs inurl:zebra.conf intext:password -sample -test -tutorial -download LeapFTP intitle:"index.of./" sites.ini modified master.passwd mysql history files NickServ registration passwords passlist passlist.txt (a better way) passwd passwd / etc (reliable) people.lst psyBNC config files pwd.db server-dbs "intitle:index of" signin filetype:url spwd.db / passwd trillian.ini wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
Código:
"index of" / lck +intext:"webalizer" +intext:"Total Usernames" +intext:"Usage Statistics for" bash_history files filetype:conf inurl:proftpd.conf -sample filetype:log username putty filetype:reg reg +intext:"internet account manager" filetype:reg reg HKEY_CURRENT_USER username index.of perform.ini intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user" inurl:admin filetype:asp inurl:userlist inurl:admin inurl:userlist inurl:php inurl:hlstats intext:"Server Username" OWA Public folders & Address book sh_history files
Código:
"ftp://" "www.eastgame.net" "html allowed" guestbook "Powered by: vBulletin Version 1.1.5" "Select a database to view" intitle:"filemaker pro" "set up the administrator user" inurl:pivot "There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row "Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin "Welcome to Intranet" "Welcome to PHP-Nuke" congratulations "Welcome to the Prestige Web-Based Configurator" "YaBB SE Dev Team" "you can now password" | "this is a special page only seen by you. your profile visitors" inurl:imchaos ("Indexed.By"|"Monitored.By") hAcxFtpScan (inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=) allinurl:"index.php" "site=sglinks" allinurl:install/install.php allinurl:intranet admin filetype:cgi inurl:"fileman.cgi" filetype:cgi inurl:"Web_Store.cgi" filetype:php inurl:vAuthenticate filetype:pl intitle:"Ultraboard Setup" Gallery in configuration mode Hassan Consulting's Shopping Cart Version 1.18 intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -Forums intitle:"Gateway Configuration Menu" intitle:"Horde :: My Portal" -"[Tickets" intitle:"Mail Server CMailServer Webmail" "5.2" intitle:"MvBlog powered" intitle:"Remote Desktop Web Connection" intitle:"Samba Web Administration Tool" intext:"Help Workgroup" intitle:"Terminal Services Web Connection" intitle:"Uploader - Uploader v6" -pixloads.com intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*" intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*" inurl:"/NSearch/AdminServlet" inurl:"index.php? module=ew_filemanager" inurl:aol*/_do/rss_popup?blogID= inurl:footer.inc.php inurl:info.inc.php inurl:ManyServers.htm inurl:newsdesk.cgi? inurl:"t=" inurl:pls/admin_/gateway.htm inurl:rpSys.html inurl:search.php vbulletin inurl:servlet/webacc natterchat inurl:home.asp -site:natterchat.co.uk XOOPS Custom Installation
Código:
"inurl:admin/addproduct.asp" "inurl:admin/user.asp" "inurl:admin/addpage.php" "inurl:admin/gallery.asp" "inurl:admin/image.asp" "inurl:admin/adminuser.asp" "inurl:admin/productadd.asp" "inurl:admin/addadmin.asp" "inurl:admin/add_admin.asp" "inurl:admin/add_admin.php" "inurl:admin/addnews.asp" "inurl:admin/addpost" inurl"inurl:admin/addforum.???" "inurl:admin/addgame.???" "inurl:admin/addblog.????" "inurl:admin/admin_detail.php" "inurl:admin/admin_area.php" "inurl:admin/product_add.php" "inurl:admin/additem.php" "inurl:admin/addstore.php" "inurl:admin/add_Products.???" "inurl:admin/showbook.???" "inurl:admin/selectitem.???" "allinurl:admin/addfile.???" "inurl:admin/addarticle.asp" "inurl:admin/addfile.asp" "inurl:admin/upload.php" "inurl:admin/upload.asp" "inurl:admin/addstory.php" "inurl:admin/addshow.php" "inurl:admin/addmember.asp" "inurl:admin/addinfo.asp" "inurl:admin/addcat.asp" "inurl:admin/cp.asp" "inurl:admin/productshow.asp" "inurl:admin/addjob.asp" "inurl:admin/addjob.???" "inurl:admin/addpic.???" "inurl:admin/viewproduct.???" "inurl:admin/addaccount.php" "inurl:admin/manage.php" "inurl:admin/addcontact.???" "inurl:admin/viewmanager.???" "inurl:admin/addschool.???" "inurl:admin/addproject.???" "inurl:admin/addsale.???" "inurl:admin/addcompany.???" "inurl:admin/payment.???" "inurl:user/emp.???" "inurl:admin/addmovie.???" "inurl:admin/addpassword.???" "inurl:admin/addemployee.???" "inurl:admin/addcat.???" "inurl:admin/admin.???" "inurl:admin/admincp.???" "inurl:admin/settings.???" "inurl:admin/addstate.???" "inurl:admin/addcountry.???" "inurl:admin/addmedia.???" "inurl:admin/addcode.???" "inurl:admin/addlinks.???" "inurl:admin/addcity.???"
Código:
"you have an error in your sql syntax" inurl:/details.php?id= "you have an error in your sql syntax" inurl:/events.php?id= "you have an error in your sql syntax" inurl:/articles.php?id= "you have an error in your sql syntax" inurl:/artist.php?id= "you have an error in your sql syntax" inurl:/viewarticle.php?id= "you have an error in your sql syntax" inurl:/products.php?id= "you have an error in your sql syntax" inurl:/price.php?id= "you have an error in your sql syntax" inurl:/buy.php?id= "you have an error in your sql syntax" inurl:/cart.php?id= "you have an error in your sql syntax" inurl:/member.php?id= "you have an error in your sql syntax" inurl:/comments.php?id=
Comment