Hackers For Charity
BSides San Antonio
GHDB
GHDB
|
Google Search: intitle:index.of config.php
Admin rates this entry 8 out of 10. Submitted: 2003-06-24 14:26:36 Added by: Admin Hits: 39926 Score: 8 This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. Way to go, googleDorks!! Comments: 2004-06-01 23:11:29 (neofreko): still wondering how can we view config.php, since we only have browser, and the webserver would likely parse that .php stuff. :( 2004-08-03 22:28:26 (NeonWizard): It looks like juicy info there, many results, but can anyone tell us how do you view the PHP files? I tried many, and the browser doesn’t display anything. 2004-08-16 09:18:27 (OgreSamanosuke): There in lies the catch. Browsers are made to process the commands of PHP before display, so if no commands, nothing to show. You can’t use that persay to get into the config file, but it would show potential threats if someone got into server anyway. (If that happens you’re basically boned anyway, not much around that.) 2004-10-11 07:20:46 (tinh_xa_nguoi_xa): intitle:”Index of” phpinfo.php 2004-12-05 16:53:43 (factor): some forums have vulnerabilities that would allow an attacker to read config.php. For instance, phpbb 2.0.10 and a few versions below have a vulnerability that allow an attacker to run linux commands on the server hosting the web site. Using cat config.php displays the contents of the file. Some forums that manage downloads can be exploited in a way that would allow an attacker to force the download script on the server to zip and send config.php as a download. Attackers usually search google for ‘exploits’ or ‘vulnerabilities’ and then read up on the techniques involved. Afterwards, they search google again for words like ‘powered by phpbb 2.0.10′ and then work the exploit. 2004-12-16 11:28:04 (Nitron): intitle:”Index of” install.php 2005-01-19 21:38:10 (Aspin): You usually need to know the MYSQL username and password to install something. Good thinking though :) 2005-02-01 23:44:13 (smackdye): is there a way to make this Dork website spacfic? Smack 2005-04-27 03:18:08 (royjones): instead of config.php try config.inc 2005-05-21 21:40:43 (psychomerlin): Use notepad to open file config.php file… like point file location to…, lets say : http://mirror.optusnet.com.au/sourceforge/i/in/indom/config.php the file contents are : begin file: /******************************************************************** * config.php * ————– * Changed : Thursday Dec 4 2003 * Copyright : (C) 2003 Lauri Itkonen * Email : indom@mbnet.fi * *********************************************************************/ /******************************************************************** * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. ********************************************************************/ $dbhost = ‘localhost’; // database server $dbuser = ‘*****’; // db username $dbpass = ‘*******’; // db password $dbname = ‘datenator’; // db name $tablepre = ‘dat’; // Prefix which will be added to tablenames. Dont change this after installation. $includepath = ‘includes/’; // Path to includes (mysql.php etc) $template = ‘default’; // Template filename (without .php) $version = ‘Datenator v0.2′; // Datenator version ?> : end of file 2005-06-21 00:44:06 (Rozegiver): I cant seem to open it in notepad anyhelp? 2005-07-18 16:07:48 (Anonymous): wget http://blahblah/config.php then read the sucker 2006-04-29 15:54:06 (Anonymous): How did you just open that in notepad? You said point to file location, but how? Thanks 2006-10-19 03:59:59 (psychomerlin): Hi all, Sorry it been so long, but you honestly can open in notepad. Step 1.) Open notepad Step 2.) Click on File->Open and the open file dialog box should appear!. Step 3.) Copy location of phpfile or whatever into the filename combobox (drop-down list menu) Step 4.) Open document!. (you may need to configure your firewall) Example : I clicked on the google search link above (intitle:”Index of” config.php) and got a heap of search results… i choose one in this case it was “http://altiplano.emich.edu/” and i opened it in a new tab (mozilla), i was presented with a directory listing (a list of php files etc…), then i choose a file, which was “wp-config.php”, right-clicked on it a selected properties, this gives me the file location, without opening the file yet!, i copied said file location and pasted it into the notepad, filename combobox and hit open…. this is what i was presented with…. /** WordPress’s config file **/ /** http://wordpress.org/ **/ // ** MySQL settings ** // define(‘DB_NAME’, ‘*****’); // The name of the database define(‘DB_USER’, ‘****’); // Your MySQL username define(‘DB_PASSWORD’, ‘********’); // …and password define(‘DB_HOST’, ‘*********’); // 99% chance you won’t need to change this value // Change the prefix if you want to have multiple blogs in a single database. $table_prefix = ‘qd_’; // example: ‘wp_’ or ‘b2′ or ‘mylogin_’ // Change this to localize WordPress. A corresponding MO file for the // chosen language must be installed to wp-includes/languages. // For example, install de.mo to wp-includes/languages and set WPLANG to ‘de’ // to enable German language support. define (‘WPLANG’, ”); /* Stop editing */ $server = DB_HOST; $loginsql = DB_USER; $passsql = DB_PASSWORD; $base = DB_NAME; define(‘ABSPATH’, dirname(__FILE__).’/'); // Get everything else require_once(ABSPATH.’wp-settings.php’); ?> But i guess it maynot work for everyone, but you can get some!. |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?