Donate to us via Paypal!
I'd prefer to die standing, than to live on my knees - Che Guevara
Sunday, April 18, 2021
 Need Help?
Members Online
Total Online: 81
Guests Online: 81
Members Online: 0

Registered Members: 135474
Newest Member: trucmuche
Latest Articles

Google Hacking

Arrow Image Google Hacking

Google hacking at its finest..

Using Google, and some finely crafted searches we can find a lot of interesting information.

For Example we can find:
Credit Card Numbers
Software / MP3\'s
...... (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in.

Try a few of these searches:
intitle:\"Index of\" passwords modified
\"access denied for user\" \"using password\"
\"A syntax error has occurred\" filetype:ihtml
allinurl: admin mdb
\"ORA-00921: unexpected end of SQL command\"
\"Index of /backup\"
\"Chatologica MetaSearch\" \"stack tracking:\"

Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999

\"parent directory \" /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

\"parent directory \" DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

\"parent directory \"Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

\"parent directory \" Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

\"parent directory \" MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

\"parent directory \" Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.


put this string in google search:

?intitle:index.of? mp3

You only need add the name of the song/artist/singer.

Example: ?intitle:index.of? mp3 jackson


put this string in google search:

inurl:microsoft filetype:iso

You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…

\"# -FrontPage-\" inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!

\"AutoCreate=TRUE password=*\"
This searches the password for \"Website Access Analyzer\", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author\'s site at:

\"http://*:*@www\" domainname
This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

\"http://*:*@www\" bangbus or \"http://*:*@www\"bangbus

Another way is by just typing
\"http://bob:[email protected]\"

\"sets mode: +k\"
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

allinurl: admin mdb
Not all of these pages are administrator\'s access databases containing usernames, passwords and other sensitive information, but many are!

DCForum\'s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)

intitle:\"Index of\" config.php
This search brings up sites with \"config.php\" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.

eggdrop filetype:user user
These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.

This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!

filetype:bak inurl:\"htaccess|passwd|shadow|htusers\"
This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.

Let\'s pretend you need a serial number for windows xp pro.

In the google search bar type in just like this - \"Windows XP Professional\" 94FBR

the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of \'fake\' porn sites that trick you.

or if you want to find the serial for winzip 8.1 - \"Winzip 8.1\" 94FBR


wolfmankurdon January 30 2006 - 14:28:58
looks copied may not be but I don't know just has that feel. No offence Terminal Error
godon January 30 2006 - 16:29:56
it is copied B) from http://johnny.iha. . .
wolfmankurdon January 30 2006 - 21:56:04
system_meltdownon January 31 2006 - 16:52:34
Yep I thought so, I recognised all the things from it from when I went on there
pwnmstron February 01 2006 - 21:17:16
FrontPage passwds, they look like www558:3zG9AKVCdD22I how do you crack it?
system_meltdownon February 02 2006 - 21:23:00
Get JTR (john the ripper) google it
EnglishPandaon May 29 2006 - 16:02:12
Even though it is copied and you deserve no credit for it. This article sucked anyway!Shock
acidburnzon April 18 2008 - 10:29:23
yes its copied because i av already read the original article with lil bit more detail from
terminal erroron May 18 2009 - 01:39:59
omg i was like 14 since i last even LOOKED on here..since then i left all this crap and relised theres more too life then /:bullshit...Seriously if your sad enough to moan about a copy and paste then FUCKIN'ELL! Sorry for trying to just spread something that sparked an intrest...And just for the record, An artical = A story, report, or opinion piece in a newspaper, magazine, journal, internet etc; WHO THE FUCK SAID IT HAD TO BE MINE!!! AND YES THAT IS FROM DEFINE: ON GOOGLE!!!:angry:
Post Comment


You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.