Scribd
Upload
3K views5 pages

Dork Fast Cut

This document contains a list of Google dorks categorized into different sections for finding sensitive information like passwords, vulnerabilities, and other types of content. Some of the categories covered include FTP passwords, XSS vulnerabilities, PHP files, SQL dumps, WordPress plugins, password files, free software/content, and live webcam views. The dorks provided are queries that can be used in Google to search for specific filetypes, directories, pages, or content to potentially discover unprotected sensitive information.

Uploaded by

Wahyu Putra K
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
3K views5 pages

Dork Fast Cut

This document contains a list of Google dorks categorized into different sections for finding sensitive information like passwords, vulnerabilities, and other types of content. Some of the categories covered include FTP passwords, XSS vulnerabilities, PHP files, SQL dumps, WordPress plugins, password files, free software/content, and live webcam views. The dorks provided are queries that can be used in Google to search for specific filetypes, directories, pages, or content to potentially discover unprotected sensitive information.

Uploaded by

Wahyu Putra K
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 5

-= Contents =A.

)
B.)
C.)
D.)
E.)
F.)
G.)
H.)
I.)
A.)

FTP PASSWORD GOOGLE DORKS


XSS GGOOGLE DORKS
PHP GOOGLE DORKS
SQL DORKS
WORDPRESS DORKS
PASSWORD FILE DORKS
MISC. DORKS
FREE SWAG DORKS
WEBCAM DORKS
FTP PASSWORD GOOGLE DORKS

1.)
ws_ftp.ini configuration file search:
intitle:index.of ws_ftp.ini
2.)
ws_ftp.ini configuration file with Parent Directory search:
filetype:ini ws_ftp pwd
3.)
Variation:
index of/ ws_ftp.ini parent directory
4. Variation:
+htpasswd +WS_FTP.LOG filetype:log
5.
Variation:
(Substitute vulnerablesite.com with your site you want to search
allinurl: Vulnerablesite.com WS_FTP.LOG filetype:log
B.
XSS GOOGLE DORKS
1. cart32 executable file.
allinurl:/scripts/cart32.exe
2.) Cute news php file.
allinurl:/CuteNews/show_archives.php
3.) phpinfo.php file.
allinurl:/phpinfo.php
C.) PHP GOOGLE DORKS
1.) config.php file search:
intitle:index.of config.php
2.) PHP file contents search:
intitle:Index of phpinfo.php
3.)
-download.php directory transversal vulneralbilities:
inurl:download.php?=filename

4.)
-upload.php search:
intitle:index.of upload.php
inurl:upload.php
D.)
SQL PASSWORD DUMP DORKS
1.) SQL dumps saved to database search. (Some of the more common passwords for y
ou):
a.) 123456 = hashed password
ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e
b.) 654321 = hashed password
ext:sql intext:@gmail.com intext:c33367701511b4f6020ec61ded352059
c.) password = hashed password
ext:sql intext:@gmail.com intext:5f4dcc3b5aa765d61d8327deb882cf99
d.) 12345678 = hashed password
ext:sql intext:@gmail.com intext:25d55ad283aa400af464c76d713c07ad
e.)
iloveyou = hashed password
ext:sql intext:@gmail.com intext:f25a2fc72690b780b2a14e140ef6a9e0
2.)
a.)
b.)
c.)
d.)
e.)
f.)

Variation of above search:


ext:sql intext:INSERT INTO
ext:sql intext:INSERT INTO
ext:sql intext:INSERT INTO
ext:sql intext:INSERT INTO
ext:sql intext:INSERT INTO
ext:sql intext:INSERT INTO

intext:@gmail.com intext:password
intext:@yahoo.com intext:password
intext:@hotmail.com intext:password
intext:@att.net intext:password
intext:@comcast.net intext:password
intext:@verizon.net intext:password

3.) SQLi
allinurl:/privmsg.php
E.) WORDPRESS GOOGLE DORKS
1.) Asset Manager Plugin Exploit Unprotected Remote File Upload Vuleralbility.
inurl:Editor/assetmanager/assetmanager.asp
2.) Timthumb Plugin Exploit Attacker can attach a shell to a image file and uplo
ad the shell. (It has been patched, but there are still a lot of webmasters who
have NOT updated!)
inurl:index.of thumb.php
inurl:thumb.php
3.) Search for plugins directory:
inurl:wp-content/plugins/
4.) Search for themes directory:
inurl:wp-content/themes/
F.)

PASSWORD FILE GOOGLE DORKS

1.) Search for Microsoft Excel data file:


Login: * password =* filetype: xls
2.) Search for auth_user_file:
allinurl: auth_user_file.txt
3.) Search for username/password saved in Microsoft Excel files:
filetype: xls inurl: password.xls
4.) Search for login pages:
intitle: login password
5.) Search for master password page:
intitle: Index of master.passwd
6.) Search for backup directory:
index of /backup
7.) Search for password backup file index:
intitle:index.of passwd.bak
8.) Search for password databases:
intitle:index.of pwd.db
intitle:index of pwd.db
9.) Search for /etc/passwd/ index:
intitle:index of .. etc passwd
10.) Search for plaintext password file:
index.of passlist.txt
inurl:passlist.txt
11.) Search for hidden documents/password files:
index.of.secret
index.of.private
12.) Search for PhpMyAdmin files:
# PhpMyAdmin MySQL-Dump filetype: txt
13.) Hidden Superuser (root) data files:
inurl:ipsec.secrets-history-bugs
inurl:ipsec.secrets holds shared secrets
14.) Find the information files:
inurl:ipsec.conf-intitle:manpage
15.) Search for a stored password in a database:
filetype:ldb admin
16.) Search for admin.php file:
inurl:search/admin.php
17.) Search for password log files:
inurl:password.log filetype:log
18.) Search for Hkey_Current_User in registry files:
filetype: reg HKEY_CURRENT_USER username
19.) Search for username/password file backups:
Http://username: password @ www filetype: bak inurl: htaccess | passwd | shadow | h

t users
20.) Search for username/password files:
filetype:mdb inurl:account|users|admin|administrators|passwd|password mdb files
21.) Search for Microsoft Frontpage passwords:
ext:pwd inurl:(service|authors|administrators|users) # -FrontPage-
22.) Search for SQL database Code and passwords:
filetype: sql ( passwd values **** | password values **** | pass values ****)
23.) Search for e-mail account files:
intitle: Index Of-inurl: maillog
G.) MISC. DORKS
1.) WebWiz Rich Text Editor (RTE) Remote file upload vulneralbility:
inurl:rte/my_documents/my_files
2.) EZFilemanager Remote file upload vulneralbility:
inurl:ezfilemanager/ezfilemanager.php
3.) robots.txt See directories hidden from crawlers. Also sometimes you can pull
off a directory transversal with this:
inurl:robots.txt
4.) Serial Numbers Look for software serial numbers
software name 94FBR
H.)
FIND FREE SWAG
1.) site:*.com intitle:Thank You For Your Order intext:Click Here to Download
2.) site:*.net intitle:Thank You For Your Order intext:Click Here to Download
3.) site:*.co intitle:Thank You For Your Order intext:Click Here to Download
4.) site:*.org intitle:Thank You For Your Order intext:Click Here to Download
5.) site:*.biz intitle:Thank You For Your Order intext:Click Here to Download
6.) site:*.tv intitle:Thank You For Your Order intext:Click Here to Download
7.) site:*.co.uk intitle:Thank You For Your Order intext:Click Here to Download
8.) site:*.org.uk intitle:Thank You For Your Order intext:Click Here to Download
9.) site:*.eu intitle:Thank You For Your Order intext:Click Here to Download
10.) intitle:Thank you for your purchase! intext:PLR OR MRR OR Package OR Bonus
11.) intitle:Thank you for your order! intext:PLR OR MRR OR Package OR Bonus
12.) intitle:Thank you for your order! intext:PLR OR MRR
13.) intitle:Thank you for your Purchase! intext:PLR OR MRR
14.) inurl:/thankyou*.html intitle:Thank you for your order!
15.) intext:Click Here To Download
16.) inurl:thanks intext:Thank You For Your Order! Click Here filetype:html
17.) intitle:Thank You For Your Order! intext:Private Label
18.) intitle:Thank You For Your Purchased! intext:Private Label
19.) intext:Thank You For Your Order intext:PLR
20.) intitle:Thank You For Your Order! intext:download
21.) intitle:Thank You For Your Order intext:Click Here To Download Now
22.) intitle:Thank you for your purchase! intext:Click Here to Download
23.) * thank you for your order download
24.) * intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonu
s
25.) * intitle:Thank you for your order! intext:PLR OR MRR

26.)
27.)
28.)
29.)
30.)
31.)
32.)
33.)
34.)
35.)
36.)
37.)
38.)
39.)
40.)
41.)
42.)

* intitle:Thank You For Your Purchase! intext:Click Here to Download


* intitle:Thank You For Your Order! intext:download
inurl:index.of .mp3
inurl:index.of .mov
inurl:index.of .iso
?intitle:index.of? mp3
?intitle:index.of? mov
?intitle:index.of? iso
inurl:insert filetype:iso+OR+exe+OR+zip+OR+rar+OR+gzip+OR+tar
intext:parent directory intext:[EXE]
intext:parent directory index of:[EXE]
intext:parent directory index of:[RAR]
intext:parent directory intext:[VID]
intext:parent directory index of:[VID]
intext:parent directory intext:[MP3]
intext:parent directory index of:[MP3]
intext:parent directory index of:[Gamez]

I.) WEBCAM GOOGLE DORKS


1.)
2.)
3.)
4.)
5.)

inurl:/view.index.shtml
inurl:/view.shtml
intitle:Live View / AXIS | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy