Sacado de un libro guardado en mi computadora
intitle:”Index of” passwords modified
allinurl:auth_user_file.txt
“access denied for user” “using password”
“A syntax error has occurred” filetype:ihtml
allinurl: admin mdb
“ORA-00921: unexpected end of SQL command”
inurl:passlist.txt
“Index of /backup”
“Chatologica MetaSearch” “stack tracking:”
Se imaginaran q son estos:
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
Directorios y contraseñas al descubierto:
“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
En estas busquedas se está cambiando el nombre luego de “parent directory ”, lo cambiamos por lo que se quiera y lo que se pueda y se obtendrá distintos resultados.
Ejemplos:
?intitle:index.of? mp3
Solo hay que poner el nombre del cantante o canción
Ejemplo: ?intitle:index.of? mp3 Metallica
inurl:microsoft filetype:iso
Pueden cambiar la busqueda a lo que quieran, ejemplo: Microsoft a Linux , iso a rar ….
“# -FrontPage-” inurl:service.pwd
Contraseñas de Frontpage Cheesy
“AutoCreate=TRUE password=*”
Contraseñas de “Website Access Analyzer”, un programa japonés que crea estadísticas web.
“http://*:*@www” dominio
Contraseñas, solo se substituye “dominio” por el dominio que busques sin el .com, .net o lo que sea.
Ejemplo:
“http://*:*@www” micronosoft or “http://*:*@www”micronosoft
Otro modo es escribiendo:
“http://bob:bob@www”
“sets mode: +k”
Esta busqueda muestra contraseñas de los canales de IRC en los logs.
allinurl: admin mdb
Bases de datos Grin
allinurl:auth_user_file.txt
Archivo de contraseñas de DCForum’s y DCShop(carrito de compras). Este archivo contiene muchas contraseñas crackeables, nombres de usuarios y emails.
intitle:”Index of” config.php
Estos archivos nomarlmente contienen el usuarios,dir y contraseña de las bases de datos.Tendras administracion total de la DB.
eggdrop filetype:user user
Nombres de usuario y contraseñas en canales de IRC.
intitle:index.of.etc
Esta búsqueda te mostrará la pagina principal de la carpeta etc/ donde se pueden encontrar muchos archivos importantes y contraseñas, no siempre se encontrarán contraseñas pero puedes encontrar muchas cosas interesantes aca.
filetype:bak inurl:”htaccess|passwd|shadow|htusers”
Esto mostrará muchos archivos de backups(respaldos) creados por programas o por el administrador.
Si necesitas buscar algun numero serial para algun programa,digamos windows XP profesional.
“Windows XP Professional” 94FBR
El 94FBR es debido a que este pedazo de código se encuentra en muchos de los CD-keys de windows, asi que esto disminuirá la cantidad de paginas pornos que intentan engañarte, no queremos que sus ojos vírgenes vean otra cosa cuando se busca algo bueno .
¿Para qué tomarse la molestia de arremeter contra un sitio web en busca de vulnerabilidades que hayan pasado inadvertidas cuando se puede entrar con toda comodidad por la puerta delantera?
Estas intrusiones se pueden realizar gracias a que existen bases de datos con conexión a Internet. Como las herramientas de gestión de bases de datos utilizan plantillas (templates) estandarizadas para presentar los datos en la red, al ingresar ciertas frases específicas, el usuario muchas veces puede acceder directamente a las páginas que utilizan esas plantillas. Por ejemplo, al ingresar la frase “Select a database to view” (seleccionar una base de datos para ver) -una fase habitual en la interfaz de base de datos FileMaker Pro- en el Google, se obtuvieron alrededor de 200 links, de los cuales casi todos conducían a bases de datos creadas con FileMaker a las que se puede acceder online.
Por ejemplo si usas lo siguiente:
1 – www.google.com
2 – Buscar
“Index of /admin” + passwd
o
“Index of /wwwboard” + passwd
o
“Index of /backup” + mdb
Se verán grandes resultados!
Si escribes lo que aparece abajo en el buscador de google podras acceder a base de datos, contraseñas, webs con bugs, hasta a números de tarjeta de crédito. Practica un poco y prueba los distintos comandos, luego crea tus propias lineas para buscar. Un buen sitio de información de como hackear con google es http://johnny.ihackstuff.com/ está en inglés, pero no llegarás a nada si no visitas páginas como esta
filetype:htpasswd htpasswd
intitle:”Index of” “.htpasswd” -intitle:”dist” -apache -htpasswd.c
index.of.private (algo privado)
intitle:index.of master.passwd
inurl:passlist.txt (para encontrar listas de passwords)
intitle:”Index of..etc” passwd
intitle:admin intitle:login
“Incorrect syntax near” (SQL script error)
intitle:”the page cannot be found” inetmgr (debilidad en IIS4)
intitle:index.of ws_ftp.ini
“Supplied arguments is not a valid PostgreSQL result” (possible debilidad SQL)
_vti_pvt password intitle:index.of (Frontpage)
inurl:backup intitle:index.of inurl:admin
“Index of /backup”
index.of.password
index.of.winnt
inurl:”auth_user_file.txt”
“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
Index of /” +.htaccess
Index of ftp +.mdb allinurl:/cgi-bin/ +mailto
allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
administrator.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
inurl:passwd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:”auth_user_file.txt”
inurl:”wwwroot/*.”
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:”Index of” .sh_history
intitle:”Index of” .bash_history
intitle:”Index of” passwd
intitle:”Index of” people.1st
intitle:”Index of” pwd.db
intitle:”Index of” etc/shadow
intitle:”Index of” spwd
intitle:”Index of” master.passwd
intitle:”Index of” htpasswd
intitle:”Index of” members OR accounts
intitle:”Index of” user_carts OR user _cart
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
test-cgi
wwwboard.pl
www-sql
pwd.dat
ws_ftp.log
http://usuarios.lycos.es/unsafebytes/hackingfreestyle/hackearcongoogle.htm
Revelar datos con Google no parece nada complicado, especialmente para todos los sistemas mal configurados… una búsqueda específica permite mostrar directorios poniendo en un índice y accediendo, la contraseña, los archivos, los caminos, etc, etc…
Las Puntas de la búsqueda
las entradas de la búsqueda comúnes debajo de le dará una idea… por ejemplo si usted quiere buscar el un índice de “root”
En la caja de la búsqueda puesta exactamente en como usted véalo debajo
source jhonyyhackstuff.com
Ejemplo 1:
allintitle: “index of/root”
Resultad:
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=allintitle%3A+%22index+of%2Froot%22&btnG=Google+Search
lo que revela es 2,510 páginas que usted puede ver y posiblemente se encuentre su testamento…
Ejemplo 2:
inurl:”auth_user_file.txt”
http://www.google.com/search?num=100&hl=en&lr=&ie=ISO-8859-1&q=inurl%3A%22auth_user_file.txt%22&btnG=Google+Search
Este da un resultado de 414 posibles archivos para acceder
INVESTIGUE LOS CAMINOS…….
*************************************
“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
“Index of /” +password.txt
“Index of /” +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
inurl:passwd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:”auth_user_file.txt”
inurl:”wwwroot/*.”
top secret site:mil
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:”Index of” .sh_history
intitle:”Index of” .bash_history
intitle:”index of” passwd
intitle:”index of” people.lst
intitle:”index of” pwd.db
intitle:”index of” etc/shadow
intitle:”index of” spwd
intitle:”index of” master.passwd
intitle:”index of” htpasswd
intitle:”index of” members OR accounts
intitle:”index of” user_carts OR user_cart
34 comentarios:
Hello, i read your blog from time to time and i own a similar one and i was just curious if you get a
lot of spam comments? If so how do you prevent it, any plugin or anything you can advise?
I get so much lately it's driving me insane so any assistance is very much appreciated.
Here is my web blog: This Webpage
Wow that was odd. I just wrote an extremely long
comment but after I clicked submit my comment didn't appear. Grrrr... well I'm not writing
all that over again. Anyways, just wanted to
say superb blog!
my website Suggested Resource site
Today, I went to the beach with my kids. I found a sea shell and gave it to my 4 year old daughter and said "You can hear the ocean if you put this to your ear." She put
the shell to her ear and screamed. There was a hermit crab inside and it pinched her ear.
She never wants to go back! LoL I know this is totally off topic but I had to tell someone!
Feel free to visit my webpage: auto insurance company ratings
Howdy! My spouse and I frequently write guest posts for other
website owners to help gain publicity to our work, as well
as provide wonderful content to website owners.
It really is a win win situation! If you are interested feel free to email me at: ophelia.
mcclain@inbox.com so we may talk further. Thankyou!
My blog post :: Read the Full Article
Doh! I was domain shopping at namecheap.com and went to type in the domain name: http://www.
blogger.com/comment.g?blogID=16653195&postID=4526639086940083000 and guess
who already purchased it? You did! lol j/k. I was about to buy this domain name but realized it was taken so I
figured I'd come check it out. Good blog!
My web site :: check my source
I must thank you for the efforts you've put in penning this site. I'm hoping to
view the same high-grade content from you in the
future as well. In truth, your creative writing abilities has encouraged me to get my own blog now ;)
my web-site :: click here...
Howdy! It appears as though we both have a passion for the same thing.
Your blog, "Blogger: Seguridad Blog" and mine are very similar.
Have you ever thought of authoring a guest post for a similar blog?
It will definitely help gain publicity to your blog (my website recieves a lot of targeted traffic).
If you're interested, email me at: enid-watkins@googlemail.com. Appreciate it
My web-site :: similar site
Hey I know this is off topic but I was wondering if you knew of any
widgets I could add to my blog that automatically tweet my newest twitter updates.
I've been looking for a plug-in like this for quite some time and was hoping maybe you would have some experience with something like this. Please let me know if you run into anything. I truly enjoy reading your blog and I look forward to your new updates.
Feel free to visit my web blog ... Learn Even more Here
Hi! Do you know if they make any plugins to assist with Search Engine Optimization?
I'm trying to get my blog to rank for some targeted keywords but I'm not seeing
very good gains. If you know of any please share. Kudos!
Take a look at my web-site; Full Article
Hi there! I was curious to know if setting up a blog such your own:
http://www.blogger.com/comment.g?blogID=16653195&postID=4526639086940083000 is challenging to do for unskilled people?
I have been hoping to develop my own website for a while now but
have been turned off mainly because I've always believed it demanded tons of work. What do you think? Thank you
My homepage moved here
With havin so much content and articles do you
ever run into any problems of plagorism or copyright infringement?
My website has a lot of exclusive content I've either authored myself or outsourced but it looks like a lot of it is popping it up all over the internet without my agreement. Do you know any solutions to help protect against content from being ripped off? I'd genuinely appreciate
it.
Here is my page :: this site
I'm starting a new online website directory and was wondering if I can submit your blog? I'm
trying to grow my directory slowly by hand
so that it retains quality. I will make sure and put your
blog in the best category and I'll also use, "Blogger: Seguridad Blog" as your anchor text. Please be sure to let me know if this is ok with you by emailing me at: freeman_cisneros@gmail.com. Thanks
Feel free to visit my blog - Continued
I know this if off topic but I'm looking into starting my own blog and was wondering what all is required to get set up? I'm assuming having a
blog like yours would cost a pretty penny? I'm not very web smart so I'm not 100% positive.
Any recommendations or advice would be greatly appreciated.
Thank you
Check out my web-site - georgia auto insurance
I'm starting up a new internet website directory and was wondering if I can submit your website? I'm trying
to increase my directory little by little by hand so that it
retains top quality. I'll make sure and put your blog in the correct category and I'll additionally use, "Blogger: Seguridad Blog" as your anchor text.
Make sure you let me know if this is ok with you by mailing me at: scott-moen@yahoo.
de. Many thanks
Also visit my blog post: link building package (print-und-webdesign.ch)
Howdy would you mind stating which blog platform you're using? I'm looking to
start my own blog soon but I'm having a hard time choosing between BlogEngine/Wordpress/B2evolution and Drupal. The reason I ask is because your layout seems different then most blogs and I'm looking for something unique.
P.S My apologies for being off-topic but I had to ask!
Here is my webpage ... Read A great deal more
Hello! My spouse and I frequently write guest articles or blog posts for other website owners to help gain exposure to
our work, as well as provide superb content to site owners.
It really is a win win situation! If you happen to be interested feel free to contact me at: kelly.
nestor@gawab.com so we may communicate further. Cheers!
Stop by my web-site - Read Even more
I am curious to find out what blog platform you happen to be
working with? I'm having some minor security problems with my latest site and I would like to find something more risk-free. Do you have any recommendations?
My page - auto insurance quotes :: ::
Howdy just wanted to give you a quick heads up and let you
know a few of the images aren't loading correctly. I'm not sure why but I think its a linking issue.
I've tried it in two different web browsers and both show the same outcome.
Feel free to visit my website: compare auto insurance quote
Your site appears to be having some compatibilty issues in my
internet explorer browser. The wording seems to be running off the webpage pretty bad.
If you would like you can email me at: agnes_sanders@gmail.
com and I will shoot you over a screen shot of
the problem.
Look at my web-site: website link building
When I initially commented I clicked the "Notify me when new comments are added"
checkbox and now each time a comment is added I get three e-mails with the same comment.
Is there any way you can remove me from that service?
Cheers!
my site Click This Link
Hi there! I just found your internet site: Blogger:
Seguridad Blog when I was searching reddit.
com. It looks as though someone appreciated your site so much they decided to
bookmark it. I'll certainly be returning here more often.
Here is my web page :: Read Full Report (buckget.com)
Heya! I'm at work surfing around your blog from my new apple iphone! Just wanted to say I love reading through your blog and look forward to all your posts! Carry on the superb work!
my weblog great post to read
Hey I know this is off topic but I was wondering if you knew of any widgets I could add to my blog
that automatically tweet my newest twitter updates.
I've been looking for a plug-in like this for quite some time and was hoping maybe you would have some experience with something like this. Please let me know if you run into anything. I truly enjoy reading your blog and I look forward to your new updates.
Feel free to surf to my web site; auto insurance calgary ()
Hi there! Do you know if they make any plugins to protect against hackers?
I'm kinda paranoid about losing everything I've worked hard on.
Any suggestions?
My web-site :: Learn Even more Here - -
Hello there! Do you know if they make any plugins to safeguard
against hackers? I'm kinda paranoid about losing everything I've worked hard
on. Any recommendations?
Also visit my page More methods
Have you ever thought about adding a little bit more than just your articles?
I mean, what you say is fundamental and everything.
However imagine if you added some great photos or videos to give your posts
more, "pop"! Your content is excellent but
with images and clips, this site could undeniably be one of
the best in its field. Terrific blog!
Also visit my web blog; More Material
Very good article. I certainly love this website.
Stick with it!
Feel free to visit my site Read the Full Report (http://howtogetbacklinks.weebly.com)
Very good site you have here but I was curious about if you knew of any message boards that
cover the same topics talked about here? I'd really like to be a part of group where I can get opinions from other experienced people that share the same interest. If you have any suggestions, please let me know. Kudos!
my web blog: Full Article ()
What's up, this weekend is good designed for me, as this moment i am reading this fantastic educational paragraph here at my residence.
Look at my web blog - helpful resources ()
Good day! My spouse and I often write guest articles or blog posts
for other blog site owners to help increase publicity to our work, as
well as provide fantastic content to weblog owners.
It truly is a win win situation! If you happen to be interested feel free to email me at: maryellenmcclung@gmail.
com so we can communicate further. Thanks alot :)!
Here is my blog seo backlinks service
Does your site have a contact page? I'm having a tough time locating it but, I'd like to send
you an email. I've got some ideas for your blog you might be interested in hearing. Either way, great blog and I look forward to seeing it develop over time.
My web blog; car and auto insurance
Hey there! I've been reading your weblog for some time now and finally got the courage to go ahead and give you a shout out from Houston Tx! Just wanted to mention keep up the excellent job!
my web blog :: who is the best seo company
Doh! I was domain name searching at namecheap.com and went to type in the domain name: http:
//www.blogger.com/comment.g?blogID=16653195&postID=4526639086940083000 and guess who already acquired it?
You did! haha j/k. I was about to shop for this domain name but
noticed it was taken so I thought I'd come check it out. Good blog!
Check out my site: contextual link building service
Hello there. Sorry to trouble you but I happened to run across your blog
and noticed you are using the exact same theme as me.
The only issue is on my website, I'm unable to get the design and style looking like yours. Would you mind e-mailing me at: ilse_spooner@vegemail.com so I can get this figured out. By the way I have bookmarked your site: http://www.blogger.com/comment.g?blogID=16653195&postID=4526639086940083000 and will be visiting frequently. Thanks alot :)!
my web-site :: seo link building
Publicar un comentario