GHDB « Hackers For Charity

GHDB

GHDB :: sensitive Directories

Date Title Summary  
2003-06-24 Look in my backup directories! Please? Backup directories are often very interesting places to explore. More than one server has been compromised by a hacker's discovery of sensitive i ...
2003-06-27 secret What kinds of goodies lurk in directories marked as "secret?" Find out... ...
2003-06-27 private What kinds of things might you find in directories marked "private?" let's find out.... ...
2003-06-27 winnt The \WINNT directory is the directory that Windows NT is installed into by default. Now just because google can find them, this doesn't necessari ...
2003-06-27 secure What could be hiding in directories marked as "secure?" let's find out... ...
2003-06-27 protected What could be in a directory marked as "protected?" Let's find out... ...
2003-06-27 index.of.password These directories are named "password." I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with ...
2004-03-16 inurl:backup intitle:index.of inurl:admin This query reveals backup directories. These directories can contain various information ranging from source code, sql tables, userlists, and even pas ...
2003-08-12 "Welcome to phpMyAdmin" " Create ne... phpMyAdmin is a widly spread webfrontend used to mantain sql databases. The default security mechanism is to leave it up to the admin of the website t ...
2004-02-10 intitle:"Index of c:\Windows" These pages indicate that they are sharing the C:\WINDOWS directory, which is the system folder for many Windows installations. ...
2004-03-29 intitle:"index. of.personal" This directory has various personal documents and pictures. ...
2004-04-19 intitle:"Index of" cfide This is the top level directory of ColdFusion, a powerful web development environment. This directory most likely contains sensitive information about ...
2004-04-23 "index of cgi-bin" CGI directories contain scripts which can often be exploited by attackers. Regardless of the vulnerability of such scripts, a directory listing of the ...
2004-04-28 inurl:j2ee/examples/ jsp This directory contains sample JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an a ...
2004-04-28 inurl:ojspdemos This directory contains sample Oracle JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used ...
2004-04-28 inurl:/pls/sample/ad min_/help/ This is the default installation location of Oracle manuals. This helps in footprinting a server, allowing an attacker to determine software version i ...
2004-05-04 "index of" inurl:recycler This is the default name of the Windows recycle bin. The files in this directory may contain sensitive information. Attackers can also crawl the direc ...
2004-05-11 inurl:/tmp Many times, this search will reveal temporary files and directories on the web server. The information included in these files and directories will va ...
2004-05-13 intitle:intranet inurl:intranet +intext:"huma.. . According to whatis.com: "An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to sh ...
2004-06-01 "Index Of /network" "last modified&... Many of these directories contain information about the network, though an attacker would need a considerable amount of patience to find it. ...
2004-06-02 intitle:"album permissions" "Users ... Gallery (http://gallery.menalto.com) is software that allows users to create webalbums and upload pictures to it. In some installations Gallery lets y ...
2004-06-14 filetype:cfg ks intext:rootpw -sample -test -howto Anaconda is a linux configuration tool like yast on suse linux. The root password is often encrypted - like md5 or read from the shadow. Sometimes an ...
2004-07-12 Index of phpMyAdmin phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/dr ...
2004-07-16 index.of.password These directories are named "password." I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with ...
2004-07-20 "index of" / picasa.ini Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows the voyer to browse directories of photos up ...
2004-08-05 intext:"d.aspx? id" || inurl:"d.aspx.. . "The YouSendIt team was formed to tackle a common problem: secure transmission of large documents online without the use of clumsy client softwar ...
2004-08-26 intitle:index.of /AlbumArt_ Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MS-Windows Media Player in music directory. ...
2004-09-10 intitle:"Index of *" inurl:"my shar... These are index pages of "My Shared Folder". Sometimes they contain juicy stuff like mp3's or avi files. Who needs pay sites for music ...
2004-09-21 intitle:index.of (inurl:fileadmin | intitle:filead... TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, f ...
2004-09-24 intitle:"webadm in - /*" filetype:php dir... Webadmin.php is a free simple Web-based file manager. This search finds sites that use this software. If left unprotected an attacker files can be mod ...
2004-10-19 intitle:"Direct ory Listing For" intext:T... The Google Hackers Guide explains how to find Apache directory indexes, which are the most common found on the Internet. There are other ways however. ...
2004-10-25 index.of.dcim The DCIM directory is the default name for a few brands of digital camers. This is not a big network security risk, but like netcams it can reveal jui ...
2004-10-20 intitle:"index of" -inurl:htm -inurl:htm... Yes! I probably have should have told you guys earlier, but this is how ive been getting 100% of my mp3s. It fricken rocks, use it and abuse it. Do ...
2004-10-31 inurl:explorer.cfm inurl:(dirpath|This_ Directory) Filemanager without authentication. ...
2004-10-31 intitle:"index of" intext:"content .... This dork indicates the "Local settings" dir in most cases, and browseble server directories in general. ...
2004-11-07 "intitle:Index. Of /" stats merchant cgi-... This search looks for indexes with the following subdirectories: stats, merchant, online-store and cgi-local or cgi-bin. These servers have a shopping ...
2004-11-28 intext:"Powered By: TotalIndex" intitle:... TotalIndex v2.0 is an open source script that is designed to replace the simple, and boring default index page of a site which lists the files in an i ...
2004-12-05 intitle:"index of" "parent director... This search uses desktop.ini to track users with a webserver running on their desktop computers. It can easily be extended to find specific documents. ...
2004-12-19 "Powered by Invision Power File Manager"... Invision Power File Manager is a popular file management script, written in the popular PHP Scripting Language. It is compatiable with all forms of Un ...
2004-12-19 intitle:"Index of /CFIDE/" administrator With ColdFusion, you can build and deploy powerful web applications and web services with far less training time and fewer lines of code than ASP, PHP ...
2004-12-19 intitle:index.of abyss.conf These directories reveal the configuration file of the abyss webserver. These files can contain passwords. ...
2004-12-29 allinurl:"/*/_v ti_pvt/" | allinurl:"... Frontpage extensions for Unix ? So be it.. ...
2004-12-30 intitle:"index of" inurl:ftp (pub | inco... Adding "inurl:ftp (pub | incoming)" to the "index.of" searches helps locating ftp websites. This query can easily be narrowed furt ...
2005-01-01 intitle:upload inurl:upload intext:upload -forum -... The search reveals server upload portals.An attacker can use server space for his own benefit. ...
2005-01-05 intitle:"HFS /" +"HttpFileServe r&qu... "The HttpFileServer is a Java based mechanism for providing web access to a set of files on a server. This is very similar to Apache Directory In ...
2005-01-07 "Web File Browser" "Use regular exp... This will ask google to search for a php script used to manage files on a server. The script "Web File Browser" enables users to change file ...
2005-01-09 "Index of" rar r01 nfo Modified 2004 New Warez Directory Lists ...
2005-01-16 filetype:torrent torrent Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to shows you can use Google for all kinds of filetype ...
2005-02-17 filetype:ini Desktop.ini intext:mydocs.dll This dork finds any webshared windows folder inside my docs. You can change the end bit "intext:mydocs.dll" by looking inside any of your yo ...
2005-03-26 intitle:index.of /maildir/new/ search gives you a mailbox dir. Contains a lot of mails. ...
2005-05-02 intitle:index.of WEB-INF Finds java powered web servers which have indexing enabled on their config directory ...
2005-07-21 intitle:"pictur es thumbnails" site:pictu... This search reveals the photo albums taken by Sprint PCS customers. Pictures taken with Sprint's cell phone service can be shared on their websit ...
2005-09-13 intitle:"Backup -Management (phpMyBackup v.0.4... phpMyBackup is an mySQL backup tool, with features like copying backups to a different server using FTP. ...
2005-09-26 intitle:"Folder Listing" "Folder Li... directory listing for Fastream NETFile Web Server ...
2005-09-26 "Directory Listing for" "Hosted by ... directory listing for Xerver web server ...
2005-11-11 log inurl:linklint filetype:txt -"checking&qu.. . Linklint is an Open Source Perl program that checks links on web sites. This search finds the Linklint log directory. Complete site map able to be rec ...
2005-11-28 "Welcome to the directory listing of" &q... this is for NetworkActiv-Web-Server directory listing ...
2005-12-01 "Warning: Installation directory exists at&qu... by this dork you can find fresh installations of Zen-Cartsee Full Disclosure forums fore details... ;) ...
2006-01-16 inurl:install.pl intext:"Reading path paramat... Excelent information for foot holds. Everything from OS, to forum software, etc. Other exploits possible ...
2006-02-28 allintitle:"Fir stClass Login" allintitle:"FirstClass Login" this is for firstclass directory listingsgo to http://[target]/[path]/Search type just ' in search field ...
2006-07-14 intitle:index.of.con fig These directories can give information about a web servers configuration. This should never be viewable to the public as some files may contain cleart ...