google搜索语法,黑客必学

利用google 半秒破 500 網!利用google 半秒破 500 網!
其實 google 搜尋器變了駭客工具也不是新聞,
老手早亦用到,新手的也可來試試。 
只要將以下 字串 作搜尋的話,你都得到很多密碼, 
當然若要得心應手便需要更多研究及借助其他軟件, 
但初步先懂得去找。
-------------------------------------------------------------------------------------------
inurl:
inurl: 是駭客重要的搜尋方法,可搜到網址包括的關鍵字,
例如填上 allinurl:login password 作搜尋,便會很易找到有 login 和 password 的網頁。
-------------------------------------------------------------------------------------------
filetype:
filetype: 是駭客專用語法,例如想找 mdb 的數據庫檔案,可用 password filetype:mdb 作搜尋,
便會找到密碼文件,進階用法可配合 inurl: 使用,例如 girl filetype:jpg site:com 便可搜到所有標
題 .com 網站,而檔案為 girl.jp 或網頁內容有 girl 字串的。
-------------------------------------------------------------------------------------------
Index of /admin
搜到的結果大多數是容野峇嵺@ index browsing 的網站,隨便按下一個連結便看到網站的資料夾和
檔案分佈。 
-------------------------------------------------------------------------------------------
"Index of /" +password.txt
有些站長會將密碼儲存成 password.txt 檔案,如配合 index browsing 的弁遄A將 google 的關
鍵字串成 "Index of /" +password.txt 作搜尋,便找到很多 password.txt 
-------------------------------------------------------------------------------------------
以下還有更多輸入搜尋法,有時間可自行玩玩!
"Index of /admin" 
"Index of /password" 
"Index of /mail" 
"Index of /" +passwd 
"Index of /" +password.txt 
"Index of /" +.htaccess 
index of ftp +.mdb allinurl:/####/ +mailto
administrators.pwd.index 
authors.pwd.index 
service.pwd.index 
filetype:config web 
gobal.asax index
allintitle: "index of/admin" 
allintitle: "index of/root" 
allintitle: sensitive filetype:doc 
allintitle: restricted filetype :mail 
allintitle: restricted filetype:doc site:gov
inurl:passwd filetype:txt 
inurl:admin filetype:db 
inurl:iisadmin 
inurl:"auth_user_file.txt" 
inurl:"wwwroot/*."

top secret site:mil 
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe) 
allinurl:/bash_history
intitle:"Index of" .sh_history 
intitle:"Index of" .bash_history 
intitle:"index of" passwd 
intitle:"index of" people.lst 
intitle:"index of" pwd.db 
intitle:"index of" etc/shadow 
intitle:"index of" spwd 
intitle:"index of" master.passwd 
intitle:"index of" htpasswd 
intitle:"index of" members OR accounts 
intitle:"index of" user_carts OR user_cart 
Google a Dream come true

****************************** ComSec ***********************************
article by: ComSec
date: 25.5.2003
Simplified
INTRO=========
a week or so back i had an e-mail from a friend (FLW) asking me if i had any 
info on google search tips
he was surprised on the amount of info available and open via google...this 
got me thinking , well i have seen many various search strings in several 
papers....so i thought i would put them all together on the one page...and 
up-date as new one are discovered...so if i missed any to be added to the 
list please let me know and i shall add some more....

**************************************************************************** 
WARNING:::i hold no responsibility for what you do via the information 
supplied here...this is for educational purpose only , use at your own risk 
you have been warned 
****************************************************************************
thanks
ComSec aka ZSL

SUMMERY=======
Everyone knows google in the security sector...and what a powerful tool it is, 
just by entering certain search strings you can gain a vast amount of knowledge 
and information of your chosen target...often revealing sensitive data...this 
is all down to badly configured systems...brought on by sloppy administration 
allowing directory indexing and accessing , password files , log entrys , 
files , paths ,etc , etc

Search Tips
so how do we start ?
the common search inputs below will give you an idea...for instance if you 
want to search for the an index of "root"
in the search box put in exactly as you see it below
==================
example 1:

allintitle: "index of/root"

result:
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=allintitle%3A+%22index+of%2Froot%22&btnG=Google+Search
what it reveals is 2,510 pages that you can possible browse at your will...
====================
example 2

inurl:"auth_user_file.txt"
http://www.google.com/search?num=100&hl=en&lr=&ie=ISO-8859-1&q=inurl%3A%22auth_user_file.txt%22&btnG=Google+Search
this result spawned 414 possible files to access
here is an actual file retrieved from a site and edited , we know who the 
admin is and we have the hashes thats a job for JTR (john the ripper)
txUKhXYi4xeFs|master|admin|Worasit|Junsawang|xxx@xxx|on
qk6GaDj9iBfNg|tomjang||Bug|Tom|xxx@xxx|on
with the many variations below it should keep you busy for a long time mixing 
them   reveals many different permutations
*************************************
SEARCH PATHS....... more to be added
*************************************
"Index of /admin" 
"Index of /password" 
"Index of /mail" 
"Index of /" +passwd 
"Index of /" +password.txt 
"Index of /" +.htaccess 
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index 
authors.pwd.index 
service.pwd.index 
filetype:config web 
gobal.asax index
allintitle: "index of/admin" 
allintitle: "index of/root" 
allintitle: sensitive filetype:doc 
allintitle: restricted filetype :mail 
allintitle: restricted filetype:doc site:gov
inurl:passwd filetype:txt 
inurl:admin filetype:db 
inurl:iisadmin 
inurl:"auth_user_file.txt" 
inurl:"wwwroot/*."

top secret site:mil 
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe) 
allinurl:/bash_history
intitle:"Index of" .sh_history 
intitle:"Index of" .bash_history 
intitle:"index of" passwd 
intitle:"index of" people.lst 
intitle:"index of" pwd.db 
intitle:"index of" etc/shadow 
intitle:"index of" spwd 
intitle:"index of" master.passwd 
intitle:"index of" htpasswd 
intitle:"index of" members OR accounts 
intitle:"index of" user_carts OR user_cart
ALTERNATIVE INPUTS====================
_vti_inf.html 
service.pwd 
users.pwd 
authors.pwd 
administrators.pwd 
shtml.dll 
shtml.exe 
fpcount.exe 
default.asp 
showcode.asp 
sendmail.cfm 
getFile.cfm 
imagemap.exe 
test.bat 
msadcs.dll 
htimage.exe 
counter.exe 
browser.inc 
hello.bat 
default.asp\ 
dvwssr.dll 
cart32.exe 
add.exe 
index.jsp 
SessionServlet 
shtml.dll 
index.cfm 
page.cfm 
shtml.exe 
web_store.cgi 
shop.cgi 
upload.asp 
default.asp 
pbserver.dll 
phf 
test-cgi 
finger 
Count.cgi 
jj 
php.cgi 
php 
nph-test-cgi 
handler 
webdist.cgi 
webgais 
websendmail 
faxsurvey 
htmlscript 
perl.exe 
wwwboard.pl 
www-sql 
view-source 
campas 
aglimpse 
glimpse 
man.sh 
AT-admin.cgi 
AT-generate.cgi 
filemail.pl 
maillist.pl 
info2www 
files.pl 
bnbform.cgi 
survey.cgi 
classifieds.cgi 
wrap 
cgiwrap 
edit.pl 
perl 
names.nsf 
webgais 
dumpenv.pl 
test.cgi 
submit.cgi 
guestbook.cgi 
guestbook.pl 
cachemgr.cgi 
responder.cgi 
perlshop.cgi 
query 
w3-msql 
plusmail 
htsearch 
infosrch.cgi 
publisher 
ultraboard.cgi 
db.cgi 
formmail.cgi 
allmanage.pl 
ssi 
adpassword.txt 
redirect.cgi 
cvsweb.cgi 
login.jsp 
dbconnect.inc 
admin 
htgrep 
wais.pl 
amadmin.pl 
subscribe.pl 
news.cgi 
auctionweaver.pl 
.htpasswd 
acid_main.php 
access.log 
log.htm 
log.html 
log.txt 
logfile 
logfile.htm 
logfile.html 
logfile.txt 
logger.html 
stat.htm 
stats.htm 
stats.html 
stats.txt 
webaccess.htm 
wwwstats.html 
source.asp 
perl 
mailto.cgi 
YaBB.pl 
mailform.pl 
cached_feed.cgi 
global.cgi 
Search.pl 
build.cgi 
common.php 
show 
global.inc 
ad.cgi 
WSFTP.LOG 
index.html~ 
index.php~ 
index.html.bak 
index.php.bak 
print.cgi 
register.cgi 
webdriver 
bbs_forum.cgi 
mysql.class 
sendmail.inc 
CrazyWWWBoard.cgi 
search.pl 
way-board.cgi 
webpage.cgi 
pwd.dat 
adcycle
本篇文章来源于 黑基网-中国最大的网络安全站点 原文链接:http://www.hackbase.com/tech/2012-01-31/65850_1.html

你可能感兴趣的:(渗透思维,kali渗透测试工具详解)