Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!
Backup Directories
Google Search: "Index of /backup"
Backup directories are often very interesting places to explore. More than one server has been compromised by a hacker's discovery of sensitive information contained in backup files or directories. Some of the sites in this search meant to reveal the contents of their backup directories, others did not. Think about it. What.s in YOUR backup directories? Would you care to share the contents with the whole of the online world? Probably not. Whether intentional or not, bsp.gsa.gov reveals backup directory through Google. Is this simply yet another misconfigured .gov site? You decide. BSP stands for "best security practices," winning this site the Top GoogleDork award for this category.
Secret Directories
The Following Google Searches Show the secret and Private Directories.
Google Search: index.of.secret
Google Search: index.of.private
Google Search: index.of.secure
Google Search: index.of.protected
Google Search: intitle:"index.of.personal"
Password Directories
Google Search: index.of.password
These directories are named "password." I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with directories named "password" and single html files inside named things liks "horny.htm" or "brittany.htm." These are to boost their search results. Don't click them (unless you want to be buried in an avalanche of p0rn...
ColdFusion
Google Search: intitle:"Index of" cfide
This is the top level directory of ColdFusion, a powerful web development environment. This directory most likely contains sensitive information about a ColdFusion developed site
Picassa
Google Search: "index of" / picasa.ini
Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows the voyer to browse directories of photos uploaded using the picasa software.
phpMyAdmin
Google Search: intitle:"index of /phpmyadmin" modified
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields (http://sourceforge.net/projects/phpmyadmin/). An attacker can use this search to find phpMyAdmin enabled MySQL servers by using the "index of /" method. Consider this an alternative way an attacker could find them besides the older Googledorks for phpMyAdmin.
AlbumArt
Google Search: intitle:index.of /AlbumArt_
Directories containing commercial music. AlbumArt_{.*}.jpg are download/create by MS-Windows Media Player in music directory.
config
Google Search: intitle:index.of.config
These directories can give information about a web servers configuration. This should never be viewable to the public as some files may contain cleartext of encrypted passwords, depending on the level of security. It can also contain information on various ports, security permisions..etc.
FirstClass Login
Google Search: allintitle:"FirstClass Login"
allintitle:"FirstClass Login" this is for firstclass directory listings go to http://[target]/[path]/Search type just ' in search field and you have a list of downloadable files, you don't see all files on server but you can search for a robots.txt with some folders path or other info for site scructure, crawling in this way you have unauthorized access on all files on the target server
Fastream NETFile Folder Listing
Google Search: intitle:"Folder Listing" "Folder Listing" Name Size Date/Time File Folder
directory listing for Fastream NETFile Web Server
Sprint PCS Pictures thumbnails
Google Search: intitle:"pictures thumbnails" site:pictures.sprintpcs.com
This search reveals the photo albums taken by Sprint PCS customers. Pictures taken with Sprint's cell phone service can be shared on their website. This search exposes the thumbnail album, only if the user has elected to share the photo album. Nothing like the Paris Hilton pictures, but there are pictures of people drunk at parties, dancing, girlfriens and so on.
mailbox
Google Search: intitle:index.of /maildir/new/
Search gives you a mailbox dir. Contains a lot of mails.
Shared Folders
Google Search: filetype:ini Desktop.iniintext:mydocs.dll
This dork finds any webshared windows folder inside my docs. You can change the end bit "intext:mydocs.dll" by looking inside any of your your own folders on your pc, looking for the desktop.ini file and add some of the information to the query. For Anouther example - Shell Folders (Favourite etc) filetype:ini Desktop.iniintext:shell32.dll Enjoy
Google Search: intitle:"Index of *" inurl:"my shared folder" size modified
These are index pages of "My Shared Folder". Sometimes they contain juicy stuff like mp3's or avi files. Who needs pay sites for music when you got Google ? :) Uhm, well except for the copyright issue.
Torrents
Google Search: filetype:torrent torrent
Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to shows you can use Google for all kinds of filetypes, not just pdf or html..
Also add "File Name", eg. "Dungeon Siege" or "Alien Vs Preditor" before filetype:torrent torrent.
And you get specific files you are looking for
Upload Portals
Google Search: intitle:upload inurl:upload intext:upload -forum -shop -support -w3c
The search reveals server upload portals. An attacker can use server space for his own benefit.
Invision Power File Manager
Google Search: "Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )
Invision Power File Manager is a popular file management script, written in the popular PHP Scripting Language. It is compatiable with all forms of Unix and Windows and allows the user to control their files via any modern browser.
ftp
Google Search: intitle:"index of" inurl:ftp (pub | incoming)
Adding "inurl:ftp (pub | incoming)" to the "index.of" searches helps locating ftp websites. This query can easily be narrowed further with additional keywords.
cgi-bin directory
Google Search: "intitle:Index.Of /" stats merchant cgi-* etc
This search looks for indexes with the following subdirectories: stats, merchant, online-store and cgi-local or cgi-bin. These servers have a shopping cart application called softcart in their cgi-local or cgi-bin directory. Reportedly, it is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b.
Finding Mp3`s
Google Search: intitle:"index of" -inurl:htm -inurl:html mp3
It fricken rocks, use it and abuse it.
Downfalls to it... a)sometimes you shouldnt include mp3 in the query and getting what you want takes several different methods of searching b)a lot of the time google gives you results and they are not there thanks to good old friend 404 c)finding stuff takes a lot of practice.
Goods... a)ive found whole albums b)ive mass downloaded directories of hundreds of songs that i have intrest in c)its exciting seeing the results, like fining treasure.
Apache Tomcat
Google Search: intitle:"Directory Listing For" intext:Tomcat -int
The Google Hackers Guide explains how to find Apache directory indexes, which are the most common found on the Internet. There are other ways however. This query is a generic search for servers using Tomcat with directory listings enabled. They are a bit more fancy than Apache's default lists and more importantly they will not be found using "index.of".
No comments:
Post a Comment