• 收集的一些google最好的技巧


     
    我收集的一些google最好的技巧
    站内搜索地址为:
    http://www.google.com/custom?domains=(这里写我们要搜索的站点,比如feelids.com)
    进去可以选择www和feelids.com, 当然再选我们要的站内搜索哦!
    黑客专用信息和资料搜索地址为:
    http://www.google.com/custom?hl=xx-hacker
    这里是google关键字的用法,要设置它为中文,则是
    http://www.google.com/custom?hl=zh-CN
    英文则是http://www.google.com/custom?hl=en

    intitle:"index of" pwd.db                       直接搜索其对方的ftp或者root的密码
    "# -FrontPage-" inurl:service.pwd               FrontPage的密码,不过需要L0pht或者john配合破解密码
    intitle:"index of" htpasswd                      一些/下的密码相关的 文件
    "access denied for user" "using password"    配合sql注射可以暴对方路径。
    intitle:"index of" inurl:ftp (pub | incoming) 配合pub公布的内容,可以查看其系统版本和网段
    Error 404    asp?= 1   / 0                搜索sql注射的,找韩国kr和瑞典se的肉鸡,多是sa权限注射
    intilte:"error occurred" ODBC request Where (select|insert)    找sql注射的,和肉鸡的------------推荐
    "ORA-00921: unexpected end of SQL command"
    "A syntax error has occurred" filetype:ihtml
    "You have an error in your SQL syntax near"
    ext:asp   inurlmessages|details|login|default|register|admin)    -site:xxxxxxxxxxx.com   查找登陆入口
    site:.com    filetype:asp     intitle:"tank" -inurl:product 找目标

    ---------------------------------------------------------------------------------------
    site:.mil   filetype:doc classified           可以加日期的,比如:filetypeDF site:mil 2005-2006
           com             mdb   可以为灵活运用,比如坦克的单词,飞机的单词
           gov             pdf        敏感域名isr.hqda.pentagon.mil
           org             ppt
    ----------------------------------------------------------------------------------------  

    intitle:upload inurl:upload intext:upload -forum -shop -support -wc
    intitle: private, protected, secret, secure, winnt      
    intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu  
    "Certificate Practice Statement" inurlPDF | DOC) mil
    filetype:mdb inurl:.mdb     mil
    filetype:log inurl:"password.log"
    filetype:bak inurl:"htaccess|passwd|shadow|htusers"
    filetype:ini inurl:"serv-u.ini"
    filetype:ini inurl:flashFXP.ini
    filetype:ini ServUDaemon
    filetype:ini wcx_ftp
    filetype:ini ws_ftp pwd
    filetype:pem intext:private   搜索加密密匙
    filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"    找肉鸡,看admin密码
    filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS     
    filetype:url +inurl:"ftp://" +inurl:";@"       此技巧最好分开使用
    intitle:"index of" intext:connect.inc
    intitle:"index of" intext:globals.inc
    intitle:"Index of" passwords modified     推荐  
    intitle:"index of" intext:welcome       如有pub和etc一般都有welcome
    intitle:Index.of etc shadow
    site:.gov filetype:sql
    "HTTP_FROM=googlebot" googlebot.com "Server_Software="      好的很啊
    ( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject     site:edu 2005
    filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
    inurl:forward filetype:forward -cvs    找密码和ftp最好的技巧
    top secret site:mil
    confidential site:mil

    inurl:
    private
    protected
    secret
    secure
    --------------------------------------------------------------------

    filetype:xls username password email
    "config.php"
    service filetype:pwd (frontpage)
    inurl:_vti_cnf (frontpage files)
    allinurl:/msadc/samples/selector/showcode.asp
    allinurl:/examples/jsp/snp/snoop.jsp
    ipsec filetype:conf
    "mydomain.com" nessus report
    "report generated by"
    "ws_ftp.log"
    inurl:server-info "Apache Server Information"
    inurl:ssl.conf filetype:conf
    ipsec.conf
    Lotus Domino address books             用户数据库,重要
    robots.txt        看目录



    filetype:url +inurl:"ftp://"   +inurl:"@"
              
    filetype:cnf inurl:_vti_pvt access.cnf


    allinurl:"_vti_cnf/"    推荐
    "access denied for user" "using password"       mysql暴错,暴出路径
    intitleogin intext:"RT is ? Copyright"       找登陆页子
    intitle:index.of WEB-INF              目录
    intitle:"Index of" config.php
    "Index of /admin" + passwd
    inurl:passwd.txt wwwboard|webadmin
    master.passwd
    filetype:cfg mrtg "target
    " -sample -cvs -example    看MRTG的配置的
    ext:ini Version=... password
    filetype:cfm "cfapplication name" password
    filetype:config config intext:appSettings "User ID"
    filetype:dat "password.dat"
    filetype:inc dbconn    推荐
    "#mysql dump" filetype:sql
    "allow_call_time_pass_reference" "ATH_INFO"
    filetype:inc intext:mysql_connect
    filetype:inc mysql_connect or mysql_pconnect
    filetype:mdb inurl:users.mdb

    filetype:pass pass intext:userid
    filetype:properties inurl:db intext:password ]

    filetype:sql ("values * MD" | "values * password" | "values * encrypt")
    filetype:sql ("passwd values" | "password values" | "pass values" )
    filetype:sql +"IDENTIFIED BY" -cvs
    filetype:sql password
    filetype:xls username password email    mil

    htpasswd
    htpasswd / htgroup
    htpasswd / htpasswd.bak

    inurljspdemos private protected secret secure

    intitle:dupics inurladd.asp | default.asp | view.asp | voting.asp) -site:duware.com
    inurl:config.php dbuname dbpass     phpnuke的漏洞
    "Welcome to phpMyAdmin" " Create new database"
    "phone * * *" "address *" "e-mail" intitle:"curriculum vitae"     跟踪
    "phpMyAdmin" "running on" inurl:"main.php"  
    "robots.txt" "Disallow:" filetype:txt     可以查看漏洞
    ext:reg "username=*" putty
    -site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
    ext:log "Software: Microsoft Internet Information Services *.*"
    filetype:asp DBQ=" * Server.MapPath("*.mdb")
    filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net    泄露源代码
    haccess.ctl (one way)
    haccess.ctl (VERY reliable)
    intext:gmail invite intext:http://gmail.google.com/gmail/a
    -------------------------------------------------------------------------------------
    intitle:"Index of" upload size parent directory
    intitle:"System Statistics" +"System and Network Information Center"
    intitle:"wbem" compaq login "Compaq Information Technologies Group"
    intitle:index.of "Apache" "server at"
    intitle:index.of cleanup.log
    intitle:index.of dead.letter
    intitle:index.of inbox
    intitle:index.of inbox dbx
    "intitle:Index.Of /" stats   cgi-* etc
    intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat       mil
    intitle:"Index of *" inurl:"my shared folder" size modified  
    intitle:"index of" "parent directory" "desktop.ini" site:gov      NASA
    "Index of /backup"
    intitle:"Index of /" modified php.exe

    intitle:"index of" -inurl:htm -inurl:html mp
    intitle:"Index of" cfide
    intitle:"index of" intext:"content.ie"
    intitle:"index.of.personal"
    intitle:"webadmin - /*" filetype:php directory filename permission
    intitle:index.of (inurl:fileadmin | intitle:fileadmin)
    intitle:index.of /AlbumArt_
    intitle:index.of /maildir/new/
    intitle:index.of abyss.conf
    intitle:intranet inurl:intranet +intext:"human resources"
    inurl:/tmp

    filetype:pl -intext:"/usr/bin/perl" inurl:webcal (inurl:webcal | inurl:add | inurl:delete | inurl:config)    

    inurl:explorer.cfm inurl:(dirpath|This_Directory)



    "parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

    "AutoCreate=TRUE password=*"

    "index of cgi-bin"
    +htpasswd +WS_FTP.LOG filetype:log
    filetype:cfg ks intext:rootpw -sample -test -howto    gov
    config.inc.php                          偶自己发现地
    site:mil admin grades
    inurl:backup filetype:mdb
    inurl:perl/printenv
    inurldbc.ini ext:ini -cvs
    "Index Of /network" "last modified"
    filetype:mbx mbx intext:Subject      查看 新闻组

    inurl:forward filetype:forward -cvs    找linux向导

    inurl:php.ini filetype:ini
    filetype:inc inc intext:setcookie

    inurl:"CgiStart?page="
    "Enter ip" inurl:"php-ping.php"
    mail filetype:csv -site:gov intext:name
    MySQL tabledata dumps
    OWA Public Folders (direct view)
    phpinfo()
    private key files (.csr)
    private key files (.key)

    "Windows XP Professional" 94FBR  
    site:edu admin grades
    site:mil admin grades
    SQL data dumps
    Squid cache server reports
    inurl:ConnectComputer/precheck.htm | inurl:Remote/logon.aspx         Windows2003登陆

    "Index of" rar r nfo Modified
    filetype:ini Desktop.ini intext:mydocs.dll

    filetype:php inurl:"viewfile" -"index.php" -"idfil

    filetype:wsdl wsdl     关于xml的聚合
    intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"   edu

    inurl:" WWWADMIN.PL" intitle:"wwwadmin"
    inurl:robpoll.cgi filetype:cgi
  • 相关阅读:
    第一篇正式文章 随便聊聊吧
    CSS 28 块之间的空格
    CSS 27 贴在下方
    CSS 26 左右固定
    CSS 25 垂直居中
    CSS 24 左侧固定
    CSS 23 水平居中
    CSS 22 显示方式
    CSS 21 浮动
    CSS 20 相对定位
  • 原文地址:https://www.cnblogs.com/yeye518/p/2231763.html
Copyright © 2020-2023  润新知