List and Packs of Dorks
Code:
[/U][/SIZE][/COLOR][/CENTER][/U][/SIZE][/COLOR][/CENTER][/U][/SIZE][/COLOR][/CENTER]
[COLOR=rgb(65, 168, 95)][SIZE=6][U][CENTER][COLOR=rgb(65, 168, 95)][SIZE=6][U][CENTER][COLOR=rgb(250, 197, 28)][SIZE=6][U][LIST=1]
[*]Date Title Category
[*]2015-05-29 intext:DB_PASSWORD ext:env Files containing passwords
[*]2015-05-29 intitle:"index of" "archive.pst" -contrib Files containing juicy info
[*]2015-05-27 inurl:wp-admin/ intext:css/ Sensitive Directories
[*]2015-05-27 inurl:/wp-admin/post.php?post= Advisories and Vulnerabilities
[*]2015-05-27 inurl:/graphs/ intitle:RouterOs Various Online Devices
[*]2015-05-26 filetype:pub inurl:ssh Files containing juicy info uprisenetwork.com/
[*]2015-05-26 intitle:"Index of ftp" Sensitive Directories
[*]2015-05-26 inurl:/wp-admin/admin-ajax.php?action=revslider www.uprisenetwork.uk _ajax_action Advisories and Vulnerabilities
[*]2015-05-19 ext:csv intext:"password" Files containing passwords
[*]2015-05-18 inurl:upsstats.cgi?host Various Online Devices 2014-10-02 dcid= bn= pin code= Information disclosure of reservation information,which can leak to many other leaks. All re...
[*]2005-06-03 intext:"Powered by X-Cart: shopping cart soft... X-Cart (version 4.0.8) has multiple input validation vulnerabilities. There doesn't seem to be ...
[*]2005-05-29 intext:"powered by Hosting Controller" i... Description:==============Hosting Controller is a complete array of Web hosting automation tool...
[*]2004-11-25 site:ups.com intitle:"Ups Package trackin... Ever use the UPS Automated Tracking Service?? Wanna see where packa uprisenetwork.yt ges are going? Want to Man-i...
[*]2004-10-10 inurl:midicart.mdb MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A...
[*]2004-10-10 "More Info about MetaCart Free" MetaCart is an ASP based shopping Cart application with SQL database. A security vulnerability ... 2015-05-27 inurl:/graphs/ intitle:RouterOs files containing juicy info Ariel Anonis - @ariel_anonis ...
[*]2015-05-18 inurl:upsstats.cgi?host UPS Online Devices. Enjoy!!!. By Rootkit. ... uprise network
[*]2015-04-30 inurl:ftp inurl:Seagate inurl:Backup inurl:Plus in... ## Open Seagate NAS drives inurl:ftp inurl:Seagate inurl:Backup inurl:Plus inurl:Drive Ja...
[*]2015-02-17 intitle:"AP Router New Generation" intex... intitle:"AP Router New Generation" intext:"Status do AP Router" Share-Li...
[*]2015-02-11 inurl:.cgi-bin/luci Directory " Powered by LuCI Trunk". By Rootkit. ...
[*]2015-02-11 inurl:.cgi-bin/webproc inurl:.cgi-bin/webproc Login for various type of router. By Rootkit. ...
[*]2015-02-09 ".git" intitle:"Index of" Shows publicly browsable .git directories ...
[*]2015-01-06 inurl:dyn_sensors.htm MiniGoose II environmental temprature monitoring panel Author:@cns0x ...
[*]2014-10-15 inurl:cgi-bin/mailgraph.cgi Mail statistics Ariel Anonis - @ariel_anonis ...
[*]2014-07-21 inurl:"phy.htm" intitle:"Touchstone... Hits: 4,250 results This dork finds PacketCable 1.0 Touchstone Telephony Modems that are onl...
[*]2014-07-03 SiteScope inurl:/SiteScope/cgi/go.exe/SiteScope?pa... inurl:/SiteScope/cgi/go.exe/SiteScope?page= twitter @firebitsbr ...
[*]2014-05-19 inurl:dfshealth.jsp dork:inurl:dfshealth.jsp direct get the access of hadoop cluster with root user -- Si...
[*]2014-05-08 intext:"Hikvision" inurl:"login.asp... Hikvision IP Camera login page ...
[*]2014-05-06 inurl:"/public.php?service=files" Search for shared files from ownCloud Daniel Maldonado http://caceriadespammers.com.ar ...
[*]2014-02-05 intitle:not accepted inurl:"union+select"... Find IDS and Mod security dork: intitle:not accepted inurl:"union+select" inurl:...
[*]2013-11-25 filetype:jnlp Java Web Start (Java Network Launch Protocol) -- -[Voluntas Vincit Omnia]- website http:/...
[*]2013-11-25 intitle:"RT at a glance" intext:"qu... RT Request Tracker Ticket Database http://www.bestpractical.com/rt/ -- -[Voluntas Vincit ...
[*]2013-11-25 intitle:"IPCam Client" Foscam IPCam By default these cameras attach to the myfoscam.org DDNS. So you could add sit...
[*]2013-09-24 inurl:*/graphs* intitle:"Traffic and system r... With this search you can view results for mikrotik graphics interfaces *Obrigado,*...
[*]2013-09-24 intitle:"Web Client for EDVS" Yet another DVR system. Probably requires Java to display. 4N6 Security ...
[*]2013-09-24 inurl:"/webcm?getpage=" Returns various Actiontec (and often Qwest) branded routers' login pages. 4N6 Security ...
[*]2013-09-24 intitle:"RouterOS router configuration page&q... Returns login portals for Microtik routers running RouterOS version 5 and up. 4N6 Security ...
[*]2013-09-24 inurl:"/cgi-mod/index.cgi" Returns login pages for various Barracuda Networks branded hardware spam filters and mail arch...
[*]2013-09-24 intitle:"SPA504G Configuration" Dork : intitle:"SPA504G Configuration" Result : Gives access to Cisco SPA504G Config...
[*]2013-08-08 intitle:"Web Image Monitor" & inurl:... #Summary: Several printers that use "Web Image Monitor" control panel ( http://ricoh...
[*]2013-08-08 intitle:"Transponder/EOL Configuration:"... #Summary: Cheeta Technologies Transponder Configuration Portal (* http://www.cheetahtech.com)....
[*]2013-08-08 intitle:"NetBotz Network Monitoring Appliance... #Summary:Various Online Divices #Category: Pages containing login portals #Author: g00gl3 5c0...
[*]2013-08-08 intitle:"Weather Wing WS-2" #Summary:Weather Wing (http://www.meteo-system.com/ws2.php) Portal. #Category: Various Online ...
[*]2013-04-22 inurl:/voice/advanced/ intitle:Linksys SPA configu... This allows you to look at linksys VOIP Router Config pages. ...
[*]2013-02-05 inurl:/control/userimage.html Mobotix webcam search. yet another newer search ...
[*]2012-11-02 inurl:"Orion/SummaryView.aspx" intext:&q... Hello, Enumerate Solarwinds Orion network monitoring portals. In some cases, the portal ca...
[*]2012-11-02 inurl:"/level/13|14|15/exec/" inurl:"/level/13|14|15/exec/" Cisco IOS HTTP Auth Vulnerability .. Command before ...
[*]2012-11-02 intitle:"dd-wrt info" intext:"Firmw... This dork finds web interfaces of various routers using custom firmware DD-WRT. Default login...
[*]2012-11-02 inurl:32400/web/index.html Submitting this for the GHDB. These are web accessible Plex Media Servers where you can watch...
[*]2012-11-02 intitle:"Pyxis Mobile Test Page" inurl:&... Pyxis Mobile Test Page intitle:"Pyxis Mobile Test Page" inurl:"mpTest.aspx&qu...
[*]2012-08-21 'apc info' 'apc.php?SCOPE=' This dork will locate Unsecured PHP APC Installations. With regards, Shubham Mittal (Hack ...
[*]2012-08-21 intext:"You may also donate through the Money... Still find alot of equipment running v24 sp1 ...
[*]2012-08-21 intitle:"hp laserjet" inurl:info_configu... HP LaserJet printers ...
[*]2012-05-15 inurl:Settings.aspx intitle:Beyond TV Beyond TV gives you the capability to turn your PC into a high quality, digital video recorder... 2015-03-16 allintext:Copyright Smart PHP Poll. All Rights Res... The dork "allintext:Copyright Smart PHP Poll. All Rights Reserved. -exploit" show al...
[*]2015-03-04 allinurl:moadmin.php -google -github The dork "allinurl:moadmin.php -google -github" show all the sites that uses Mongo D...
[*]2014-12-22 inurl:/elfinder/elfinder.html+intitle:"elFind... Upload Vulnerability Elfinder 2.0 inurl:/elfinder/elfinder.html+intitle:"elFinder 2.0&q...
[*]2014-11-03 inurl:robots.txt intext:CHANGELOG.txt intext:disal... inurl:robots.txt intext:CHANGELOG.txt intext:disallow ext:txt -site:github.com sites that ha...
[*]2014-11-03 inurl:CHANGELOG.txt intext:drupal intext:"SA-... inurl:CHANGELOG.txt intext:drupal intext:"SA-CORE" -intext:7.32 -site:github.com -sit...
[*]2014-10-02 ext:cgi inurl:cgi-bin intext:#!/bin/bash gnu-bash site dorks Ariel Anonis - @ariel_anonis ...
[*]2014-05-05 "OpenSSL" AND "1.0.1 Server at"... Search for all Apache servers that are running specific versions of OpenSSL. These specific ve...
[*]2014-02-05 inurl:"/reports/rwservlet" intext:"... Search Oracle Reports likely vulnerable to DB user/password disclosure (CVE-2012-3152 and CVE...
[*]2013-11-25 inurl:"struts" filetype:action Google search for actoin files wich could be explotable via CVE-2013-2251 "Multiple Remot...
[*]2013-08-08 inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?int... inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin view phpMyAdmin of web sit...
[*]2012-12-31 inurl:/wp-content/w3tc/dbcache/ - Jay Townsend...
[*]2012-12-31 intext:SQL syntax & inurl:index.php?=id & ... # Exploit Title: SQLI Exploit # Google Dork: intext:SQL syntax & inurl:index.php?=id &...
[*]2012-08-21 intext: intext: intext: intext: intext: More than 100k sites affected It will show asp sites that are vulnerable to sql injection (...
[*]2012-05-15 intitle:awen+intitle:asp.net Hi, This google dork exposes any already uploaded asp.net shells which are available in Bac...
[*]2012-05-15 intitle:"-N3t" filetype:php undetectable intitle:"-N3t" filetype:php undetectable Search WebShell indexed on a page. -- ...
[*]2011-12-23 inurl:.php intitle:- BOFF 1.0 intext:[ Sec. Info ] This search attempts to find the BOFF 1.0 Shell. Author: alsa7r ...
[*]2011-11-25 filetype:php inurl:tiki-index.php +sirius +1.9.* Finds servers vulnerable to the CVE-2007-5423 exploit. Author: Matt Jones ...
[*]2011-11-24 filetype:php inanchor:c99 inurl:c99 intitle:c99she... This search attempts to find the c99 backdoor that may be knowingly or unknowingly installed o...
[*]2011-11-19 inurl:php intitle:"Cpanel , FTP CraCkeR" locates cpanel and ftp cracker. Author: alsa7r ...
[*]2011-10-11 intitle:#k4raeL - sh3LL intitle:#k4raeL - sh3LL Finds K4rael Shell , though many of them are dead but we can get som...
[*]2011-09-26 inurl:view.php?board1_sn= locates a webapp vulnerable to SQL injection ...
[*]2011-07-26 intitle:m1n1 1.01 find the b374k shell.... Submitted by : biLLbud ...
[*]2011-05-03 intitle:Locus7shell intext:"Software:" intitle:Locus7shell intext:"Software:" Submitted by lionaneesh -- Thanks Ane...
[*]2011-03-23 intitle:"[EasyPHP] - Administration" Unprotected EasyPHP Admin page detection.. Author: Aneesh Dogra (lionaneesh) ...
[*]2011-02-24 MySQL: ON MSSQL: OFF Oracle: OFF MSSQL: OFF Postgr... Author :- eXeSoul You will get lots of web shells even some private shells....
[*]2011-02-24 intitle:cyber anarchy shell Submitter: eXeSoul cyber anarchy shell ...
[*]2010-12-10 inurl:/vb/install/upgrade.php Vbulletin custom updrade wizards. Author: ScOrPiOn...
[*]2010-12-10 inurl:/vb/install/install.php Vbulletin installation wizards, allow users to modify installation parameters. May also reveal ...
[*]2010-12-09 "CGI-Telnet Unit-x Team Connected to *.com&qu... Locates CGI-Telnet web shells. Author: ScOrPiOn...
[*]2010-12-08 "www.*.com - c99shell" OR "www.*.ne... Locates c99 web shells Author: ScOrPiOn...
[*]2010-12-07 "safe_mode: * PHP version: * cURL: * MySQL... Locates r57 web shells Author: ScOrPiOn...
[*]2010-12-07 "r57shell" Locates r57 web shells Author: ScOrPiOn...
[*]2010-12-07 "r57shell 1.4" Locates r57 web shells Author: ScOrPiOn...
[*]2010-12-07 "[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] ... Locates r57 web shells Author: ScOrPiOn...
[*]2010-11-13 inurl:index.php?pagedb=rss -Vulnerability -inurl CVE: 2007-4007 EDB-ID: 4221 This google dork possibly exposes sites with the Article Direct...
[*]2006-05-03 intitle:"Uploader - Uploader v6" -pixloa... File upload servers, dangerous if used in couple with mytrashmail.com...
[*]2006-04-25 intitle:"MvBlog powered" MvBlog is prone to multiple input-validation vulnerabilities. These issues are due to a failure...
[*]2006-02-03 intitle:"Horde :: My Portal" -"[Tic... Hi It will give you administrative ownership over Horde webmail system plus all users in Hord...
[*]2006-01-22 inurl:rpSys.html Web configuration pages for various types of systems. Many of these systems are not password pr...
[*]2006-01-16 filetype:pl intitle:"Ultraboard Setup" setup pages to the ultraboard system....
[*]2012-05-15 intitle:"HtmlAnvView:D7B039C1" This dork finds Wireless Security/Webcams that are accessible from the web. The interesting p...
[*]2004-10-10 inurl:shopdbtest.asp shopdbtest is an ASP page used by several e-commerce products. A vulnerability in the script al...
[*]2004-07-12 Comersus.mdb database Comersus is an e-commerce system and has been installed all over the world in more than 20000 s...
[*]2004-06-25 VP-ASP Shop Administrators only VP-ASP (Virtual Programming - ASP) has won awards both in the US and France. It is now in use i...
[*]2004-06-06 POWERED BY HIT JAMMER 1.0! Hit Jammer is a Unix compatible script that allows you to manage the content and traffic exchan...
[/LIST]
[CENTER]
Bonus Updated Dorks 2024
1° 1Million of Dorks: 1M WordList
2" SQLi: SQLite WordList
Credits/Source: mccleod1290
---------------------------------------------------------------
Little Data Collected, Leaked DB:
1° 1Million of Dorks: 1M WordList
2" SQLi: SQLite WordList
Credits/Source: mccleod1290
---------------------------------------------------------------
Little Data Collected, Leaked DB:
Code:
APP_NAME=sucerp
APP_VERSION=1
APP_ENV=production
# database settings
DB_CONNECTION=mysql
DB_HOST=192.168.1.47
DB_PORT=3306
DB_DATABASE=sucerp
DB_USERNAME=sucerp
DB_PASSWORD=mxsgdf45iop00fd7d0s1
# asset versioning
BASE_DIR=/home/httpd/sucerp
VERSIONADO=true
VERSION=1.2
URL_BASE=https://www.sucerp.com.ar/.env
# ws sj
USER_SJWS=sucerp
PASSWORD_SJWS=Jonath4nR3c11