2000+ google Dorks LFI + Sensitive

Assalam-o-alaikum,

Here is the list of some amazing dorks still working i know it is not a complete list but, may be help

you finding LFI , web , and some sensitive data vulnerable sites dorks .

Click link to get on dorks paragraph:

• Start Of List
• LFI  Dorks
• Sensitive data Contained Dorks.

*********************************786**********************************

Back To Top

• allinurl:*.php?txtCodiInfo=
• inurl:read.php?=
• inurl:”ViewerFrame?Mode=”
• inurl:index.php?id=
• inurl:trainers.php?id=
• inurl:buy.php?category=
• inurl:article.php?ID=
• inurl:play_old.php?id=
• inurl:declaration_more.php?decl_id=
• inurl:pageid=
• inurl:games.php?id=
• inurl:page.php?file=
• inurl:newsDetail.php?id=
• inurl:gallery.php?id=
• inurl:article.php?id=
• inurl:show.php?id=
• inurl:staff_id=
• inurl:newsitem.php?num=
• inurl:readnews.php?id=
• inurl:top10.php?cat=
• inurl:historialeer.php?num=
• inurl:reagir.php?num=
• inurl:Stray-Questions-View.php?num=
• inurl:forum_bds.php?num=
• inurl:game.php?id=
• inurl:view_product.php?id=
• inurl:newsone.php?id=
• inurl:sw_comment.php?id=
• inurl:news.php?id=
• inurl:avd_start.php?avd=
• inurl:event.php?id=
• inurl:product-item.php?id=
• inurl:sql.php?id=
• inurl:news_view.php?id=
• inurl:select_biblio.php?id=
• inurl:humor.php?id=
• inurl:aboutbook.php?id=
• inurl:ogl_inet.php?ogl_id=
• inurl:fiche_spectacle.php?id=
• inurl:communique_detail.php?id=
• inurl:sem.php3?id=
• inurl:kategorie.php4?id=
• inurl:news.php?id=
• inurl:index.php?id=
• inurl:faq2.php?id=
• inurl:show_an.php?id=
• inurl:preview.php?id=
• inurl:loadpsb.php?id=
• inurl:opinions.php?id=
• inurl:spr.php?id=
• inurl:pages.php?id=
• inurl:announce.php?id=
• inurl:clanek.php4?id=
• inurl:participant.php?id=
• inurl:download.php?id=
• inurl:main.php?id=
• inurl:review.php?id=
• inurl:chappies.php?id=
• inurl:prod_detail.php?id=
• inurl:viewphoto.php?id=
• inurl:article.php?id=
• inurl:person.php?id=
• inurl:productinfo.php?id=
• inurl:showimg.php?id=
• inurl:view.php?id=
• inurl:website.php?id=
• inurl:hosting_info.php?id=
• inurl:gallery.php?id=
• inurl:rub.php?idr=
• inurl:view_faq.php?id=
• inurl:artikelinfo.php?id=
• inurl:detail.php?ID=
• inurl:index.php?=
• inurl:profile_view.php?id=
• inurl:category.php?id=
• inurl:publications.php?id=
• inurl:fellows.php?id=
• inurl:downloads_info.php?id=
• inurl:prod_info.php?id=
• inurl:shop.php?do=part&id=
• inurl:productinfo.php?id=
• inurl:collectionitem.php?id=
• inurl:band_info.php?id=
• inurl:product.php?id=
• inurl:releases.php?id=
• inurl:ray.php?id=
• inurl:produit.php?id=
• inurl:pop.php?id=
• inurl:shopping.php?id=
• inurl:productdetail.php?id=
• inurl:post.php?id=
• inurl:viewshowdetail.php?id=
• inurl:clubpage.php?id=
• inurl:memberInfo.php?id=
• inurl:section.php?id=
• inurl:theme.php?id=
• inurl:page.php?id=
• inurl:shredder-categories.php?id=
• inurl:tradeCategory.php?id=
• inurl:product_ranges_view.php?ID=
• inurl:shop_category.php?id=
• inurl:transcript.php?id=
• inurl:channel_id=
• inurl:item_id=
• inurl:newsid=
• inurl:trainers.php?id=
• inurl:news-full.php?id=
• inurl:news_display.php?getid=
• inurl:index2.php?option=
• inurl:readnews.php?id=
• inurl:top10.php?cat=
• inurl:newsone.php?id=
• inurl:event.php?id=
• inurl:product-item.php?id=
• inurl:sql.php?id=
• inurl:aboutbook.php?id=
• inurl:preview.php?id=
• inurl:loadpsb.php?id=
• inurl:pages.php?id=
• inurl:material.php?id=
• inurl:clanek.php4?id=
• inurl:announce.php?id=
• inurl:chappies.php?id=
• inurl:read.php?id=
• inurl:viewapp.php?id=
• inurl:viewphoto.php?id=
• inurl:rub.php?idr=
• inurl:galeri_info.php?l=
• inurl:review.php?id=
• inurl:iniziativa.php?in=
• inurl:curriculum.php?id=
• inurl:labels.php?id=
• inurl:story.php?id=
• inurl:look.php?ID=
• inurl:newsone.php?id=
• inurl:aboutbook.php?id=
• inurl:material.php?id=
• inurl:opinions.php?id=
• inurl:announce.php?id=
• inurl:rub.php?idr=
• inurl:galeri_info.php?l=
• inurl:tekst.php?idt=
• inurl:newscat.php?id=
• inurl:newsticker_info.php?idn=
• inurl:rubrika.php?idr=
• inurl:rubp.php?idr=
• inurl:offer.php?idf=
• inurl:art.php?idm=
• inurl:title.php?id=
• intitle:axis intitle:”video server”
• inurl:indexFrame.shtml Axis
• ?intitle:index.of? mp3 artist-name-here
• “intitle:index of”
• inurl:index.php?id=
• inurl:trainers.php?id=
• inurl:buy.php?category=
• inurl:article.php?ID=
• inurl:play_old.php?id=
• inurl:declaration_more.php?decl_id=
• inurl:Pageid=
• inurl:games.php?id=
• inurl:page.php?file=
• inurl:newsDetail.php?id=
• inurl:gallery.php?id=
• inurl:article.php?id=
• inurl:show.php?id=
• inurl:staff_id=
• inurl:newsitem.php?num=
• inurl:readnews.php?id=
• inurl:top10.php?cat=
• inurl:historialeer.php?num=
• inurl:reagir.php?num=
• inurl:forum_bds.php?num=
• inurl:game.php?id=
• inurl:view_product.php?id=
• inurl:newsone.php?id=
• inurl:sw_comment.php?id=
• inurl:news.php?id=
• inurl:avd_start.php?avd=
• inurl:event.php?id=
• inurl:product-item.php?id=
• inurl:sql.php?id=
• inurl:news_view.php?id=
• inurl:select_biblio.php?id=
• inurl:humor.php?id=
• inurl:aboutbook.php?id=
• inurl:fiche_spectacle.php?id=
• inurl:communique_detail.php?id=
• inurl:sem.php3?id=
• inurl:kategorie.php4?id=
• inurl:news.php?id=
• inurl:index.php?id=
• inurl:faq2.php?id=
• inurl:show_an.php?id=
• inurl:preview.php?id=
• inurl:loadpsb.php?id=
• inurl:opinions.php?id=
• inurl:spr.php?id=
• inurl:pages.php?id=
• inurl:announce.php?id=
• inurl:clanek.php4?id=
• inurl:participant.php?id=
• inurl:download.php?id=
• inurl:main.php?id=
• inurl:review.php?id=
• inurl:chappies.php?id=
• inurl:read.php?id=
• inurl:prod_detail.php?id=
• inurl:viewphoto.php?id=
• inurl:article.php?id=
• inurl:person.php?id=
• inurl:productinfo.php?id=
• inurl:showimg.php?id=
• inurl:view.php?id=
• inurl:website.php?id=
• inurl:hosting_info.php?id=
• inurl:gallery.php?id=
• inurl:rub.php?idr=
• inurl:view_faq.php?id=
• inurl:artikelinfo.php?id=
• inurl:detail.php?ID=
• inurl:index.php?=
• inurl:profile_view.php?id=
• inurl:category.php?id=
• inurl:publications.php?id=
• inurl:fellows.php?id=
• inurl:downloads_info.php?id=
• inurl:prod_info.php?id=
• inurl:shop.php?do=part&id=
• inurl:Productinfo.php?id=
• inurl:collectionitem.php?id=
• inurl:band_info.php?id=
• inurl:product.php?id=
• inurl:releases.php?id=
• inurl:ray.php?id=
• inurl:produit.php?id=
• inurl:pop.php?id=
• inurl:shopping.php?id=
• inurl:productdetail.php?id=
• inurl:post.php?id=
• inurl:viewshowdetail.php?id=
• inurl:clubpage.php?id=
• inurl:memberInfo.php?id=
• inurl:section.php?id=
• inurl:theme.php?id=
• inurl:page.php?id=
• inurl:shredder-categories.php?id=
• inurl:tradeCategory.php?id=
• inurl:product_ranges_view.php?ID=
• inurl:shop_category.php?id=
• inurl:transcript.php?id=
• inurl:channel_id=
• inurl:item_id=
• inurl:newsid=
• inurl:trainers.php?id=
• inurl:news-full.php?id=
• inurl:news_display.php?getid=
• inurl:index2.php?option=
• inurl:readnews.php?id=
• inurl:top10.php?cat=
• inurl:newsone.php?id=
• inurl:event.php?id=
• inurl:product-item.php?id=
• inurl:sql.php?id=
• inurl:aboutbook.php?id=
• inurl:review.php?id=
• inurl:loadpsb.php?id=
• inurl:ages.php?id=
• inurl:material.php?id=
• inurl:clanek.php4?id=
• inurl:announce.php?id=
• inurl:chappies.php?id=
• inurl:read.php?id=
• inurl:viewapp.php?id=
• inurl:viewphoto.php?id=
• inurl:rub.php?idr=
• inurl:galeri_info.php?l=
• inurl:review.php?id=
• inurl:iniziativa.php?in=
• inurl:curriculum.php?id=
• inurl:labels.php?id=
• inurl:story.php?id=
• inurl:look.php?ID=
• inurl:newsone.php?id=
• inurl:aboutbook.php?id=
• inurl:material.php?id=
• inurl:opinions.php?id=
• inurl:announce.php?id=
• inurl:rub.php?idr=
• inurl:galeri_info.php?l=
• inurl:tekst.php?idt=
• inurl:newscat.php?id=
• inurl:newsticker_info.php?idn=
• inurl:rubrika.php?idr=
• inurl:rubp.php?idr=
• inurl:offer.php?idf=
• inurl:art.php?idm=
• inurl:title.php?id=
• inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
• inurl:”id=” & intext:”Warning: mysql_fetch_array()
• inurl:”id=” & intext:”Warning: mysql_num_rows()
• inurl:”id=” & intext:”Warning: session_start()
• inurl:”id=” & intext:”Warning: getimagesize()
• inurl:”id=” & intext:”Warning: is_writable()
• inurl:”id=” & intext:”Warning: getimagesize()
• inurl:”id=” & intext:”Warning: Unknown()
• inurl:”id=” & intext:”Warning: session_start()
• inurl:”id=” & intext:”Warning: mysql_result()
• inurl:”id=” & intext:”Warning: pg_exec()
• inurl:”id=” & intext:”Warning: mysql_result()
• inurl:”id=” & intext:”Warning: mysql_num_rows()
• inurl:”id=” & intext:”Warning: mysql_query()
• inurl:”id=” & intext:”Warning: array_merge()
• inurl:”id=” & intext:”Warning: preg_match()
• inurl:”id=” & intext:”Warning: ilesize()
• inurl:”id=” & intext:”Warning: filesize()
• inurl:”id=” & intext:”Warning: filesize()
• inurl:”id=” & intext:”Warning: require()
• intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
• intext:”Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed.” -edu
• intext:”Mail admins login here to administrate your domain.”
• intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
• intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
• intext:”Storage Management Server for” intitle:”Server Administration”
• intext:”Welcome to” inurl:”cp” intitle:”H-SPHERE” inurl:”begin.html” -Fee
• intext:”vbulletin” inurl:admincp
• intitle:”*- HP WBEM Login” | “You are being prompted to provide login account information for *” | “Please provide the information requested and press
• intitle:”Admin Login” “admin login” “blogware”
• intitle:”Admin login” “Web Site Administration” “Copyright”
• intitle:”AlternC Desktop”
• intitle:”Athens Authentication Point”
• intitle:”b2evo > Login form” “Login form. You must log in! You will have to accept cookies in order to log in” -demo -site:b2evolution.net
• intitle:”Cisco CallManager User Options Log On” “Please enter your User ID and Password in the spaces provided below and click the Log On button to co
• intitle:”ColdFusion Administrator Login”
• intitle:”communigate pro * *” intitle:”entrance”
• intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
• intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
• intitle:”Dell Remote Access Controller”
• intitle:”Docutek ERes – Admin Login” -edu
• intitle:”Employee Intranet Login”
• intitle:”eMule *” intitle:”- Web Control Panel” intext:”Web Control Panel” “Enter your password here.”
• intitle:”ePowerSwitch Login”
• intitle:”eXist Database Administration” -demo
• intitle:”EXTRANET * – Identification”
• intitle:”EXTRANET login” -.edu -.mil -.gov
• intitle:”EZPartner” -netpond
• intitle:”Flash Operator Panel” -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
• intitle:”i-secure v1.1″ -edu
• intitle:”Icecast Administration Admin Page”
• intitle:”iDevAffiliate – admin” -demo
• intitle:”ISPMan : Unauthorized Access prohibited”
• intitle:”ITS System Information” “Please log on to the SAP System”
• intitle:”Kurant Corporation StoreSense” filetype:bok
• intitle:”ListMail Login” admin -demo
• intitle:”Login -
• intitle:”Login to @Mail” (ext:pl | inurl:”index”) -dwaffleman
• intitle:”Login to Cacti”
• intitle:”Login to the forums – @www.aimoo.com” inurl:login.cfm?id=
• intitle:”MailMan Login”
• intitle:”Member Login” “NOTE: Your browser must have cookies enabled in order to log into the site.” ext:php OR ext:cgi
• intitle:”Merak Mail Server Web Administration” -ihackstuff.com
• intitle:”microsoft certificate services” inurl:certsrv
• intitle:”MikroTik RouterOS Managing Webpage”
• intitle:”MX Control Console” “If you can’t remember”
• intitle:”Novell Web Services” “GroupWise” -inurl:”doc/11924″ -.mil -.edu -.gov -filetype:pdf
• intitle:”Novell Web Services” intext:”Select a service and a language.”
• intitle:”oMail-admin Administration – Login” -inurl:omnis.ch
• intitle:”OnLine Recruitment Program – Login”
• intitle:”Philex 0.2*” -s?ri?t -site:freelists.org
• intitle:”PHP Advanced Transfer” inurl:”login.php”
• intitle:”php icalendar administration” -site:sourceforge.net
• intitle:”php icalendar administration” -site:sourceforge.net
• intitle:”phpPgAdmin – Login” Language
• intitle:”PHProjekt – login” login password
• intitle:”please login” “your password is *”
• intitle:”Remote Desktop Web Connection” inurl:tsweb
• intitle:”SFXAdmin – sfx_global” | intitle:”SFXAdmin – sfx_local” | intitle:”SFXAdmin – sfx_test”
• intitle:”SHOUTcast Administrator” inurl:admin.cgi
• intitle:”site administration: please log in” “site designed by emarketsouth”
• intitle:”Supero Doctor III” -inurl:supermicro
• intitle:”SuSE Linux Openexchange Server” “Please activate Javas?ri?t!”
• intitle:”teamspeak server-administration
• intitle:”Tomcat Server Administration”
• intitle:”TOPdesk ApplicationServer”
• intitle:”TUTOS Login”
• intitle:”TWIG Login”
• intitle:”vhost” intext:”vHost . 2000-2004″
• intitle:”Virtual Server Administration System”
• intitle:”VisNetic WebMail” inurl:”/mail/”
• intitle:”VitalQIP IP Management System”
• intitle:”VMware Management Interface:” inurl:”vmware/en/”
• intitle:”VNC viewer for Java”
• intitle:”web-cyradm”|”by Luc de Louw” “This is only for authorized users” -tar.gz -site:web-cyradm.org
• intitle:”WebLogic Server” intitle:”Console Login” inurl:console
• intitle:”Welcome Site/User Administrator” “Please select the language” -demos
• intitle:”Welcome to Mailtraq WebMail”
• intitle:”welcome to netware *” -site:novell.com
• intitle:”WorldClient” intext:”? (2003|2004) Alt-N Technologies.”
• intitle:”xams 0.0.0..15 – Login”
• intitle:”XcAuctionLite” | “DRIVEN BY XCENT” Lite inurl:admin
• intitle:”XMail Web Administration Interface” intext:Login intext:password
• intitle:”Zope Help System” inurl:HelpSys
• intitle:”ZyXEL Prestige Router” “Enter password”
• intitle:”inc. vpn 3000 concentrator”
• intitle:(“TrackerCam Live Video”)|(“TrackerCam Application Login”)|(“Trackercam Remote”) -trackercam.com
• intitle:asterisk.management.portal web-access
• intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
• intitle:Group-Office “Enter your username and password to login”
• intitle:ilohamail “
• IlohaMail”
• intitle:ilohamail intext:”Version 0.8.10″ “
• IlohaMail”
• intitle:IMP inurl:imp/index.php3
• intitle:Login * Webmailer
• intitle:Login intext:”RT is ? Copyright”
• intitle:Node.List Win32.Version.3.11
• intitle:Novell intitle:WebAccess “Copyright *-* Novell, Inc”
• intitle:open-xchange inurl:login.pl
• intitle:Ovislink inurl:private/login
• intitle:phpnews.login
• intitle:plesk inurl:login.php3
• inurl:”/admin/configuration. php?” Mystore
• inurl:”/slxweb.dll/external?name=(custportal|webticketcust)”
• inurl:”1220/parse_xml.cgi?”
• inurl:”631/admin” (inurl:”op=*”) | (intitle:CUPS)
• inurl:”:10000″ intext:webmin
• inurl:”Activex/default.htm” “Demo”
• inurl:”calendar.asp?action=login”
• inurl:”default/login.php” intitle:”kerio”
• inurl:”gs/adminlogin.aspx”
• inurl:”php121login.php”
• inurl:”suse/login.pl”
• inurl:”typo3/index.php?u=” -demo
• inurl:”usysinfo?login=true”
• inurl:”utilities/TreeView.asp”
• inurl:”vsadmin/login” | inurl:”vsadmin/admin” inurl:.php|.asp
• inurl:/admin/login.asp
• inurl:/cgi-bin/sqwebmail?noframes=1
• inurl:/Citrix/Nfuse17/
• inurl:/dana-na/auth/welcome.html
• inurl:/eprise/
• inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:”Miva Merchant Administration Login” -inurl:cheap-malboro.net
• inurl:/modcp/ intext:Moderator+vBulletin
• inurl:/SUSAdmin intitle:”Microsoft Software upd?t? Services”
• inurl:/webedit.* intext:WebEdit Professional -html
• inurl:1810 “Oracle Enterprise Manager”
• inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
• inurl::2082/frontend -demo
• inurl:administrator “welcome to mambo”
• inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0
• inurl:cgi-bin/ultimatebb.cgi?ubb=login
• inurl:Citrix/MetaFrame/default/default.aspx
• inurl:confixx inurl:login|anmeldung
• inurl:coranto.cgi intitle:Login (Authorized Users Only)
• inurl:csCreatePro.cgi
• inurl:default.asp intitle:”WebCommander”
• inurl:exchweb/bin/auth/owalogon.asp
• inurl:gnatsweb.pl
• inurl:ids5web
• inurl:irc filetype:cgi cgi:irc
• inurl:login filetype:swf swf
• inurl:login.asp
• inurl:login.cfm
• inurl:login.php “SquirrelMail version”
• inurl:metaframexp/default/login.asp | intitle:”Metaframe XP Login”
• inurl:mewebmail
• inurl:names.nsf?opendatabase
• inurl:ocw_login_username
• inurl:orasso.wwsso_app_admin.ls_login
• inurl:postfixadmin intitle:”postfix admin” ext:php
• inurl:search/admin.php
• inurl:textpattern/index.php
• inurl:WCP_USER
• inurl:webmail./index.pl “Interface”
• inurl:webvpn.html “login” “Please enter your”

LFI DORKS

Back To Top

• inurl:/view/lang/index.php?page=?page=
• inurl:/shared/help.php?page=
• inurl:act=
• inurl:action=
• inurl:API_HOME_DIR=
• inurl:board=
• inurl:cat=
• inurl:client_id=
• inurl:cmd=
• inurl:cont=
• inurl:current_frame=
• inurl:date=
• inurl:detail=
• inurl:dir=
• inurl:display=
• inurl:download=
• inurl:f=
• inurl:file=
• inurl:fileinclude=
• inurl:filename=
• inurl:firm_id=
• inurl:g=
• inurl:getdata=
• inurl:go=
• inurl:HT=
• inurl:idd=
• inurl:inc=
• inurl:incfile=
• inurl:incl=
• inurl:include_file=
• inurl:include_path=
• inurl:infile=
• inurl:info=
• inurl:ir=
• inurl:lang=
• inurl:language=
• inurl:link=
• inurl:load=
• inurl:main=
• inurl:mainspot=
• inurl:msg=
• inurl:num=
• inurl:openfile=
• inurl:p=
• inurl:page=
• inurl:pagina=
• inurl:path=
• inurl:path_to_calendar=
• inurl:pg=
• inurl:qry_str=
• inurl:ruta=
• inurl:safehtml=
• inurl:section=
• inurl:showfile=
• inurl:side=
• inurl:site_id=
• inurl:skin=
• inurl:static=
• inurl:str=
• inurl:strona=
• inurl:sub=
• inurl:tresc=
• inurl:url=
• inurl:user=
• inurl:ajax.php?page=

Contain Sensitive Data

Back To Top

• filetype:bak createobject sa
• filetype:bak inurl:”htaccess|passwd|shadow|htusers”
• filetype:cfg mrtg “target
• filetype:cfm “cfapplication name” password
• filetype:conf oekakibbs
• filetype:conf slapd.conf
• filetype:config config intext:appSettings “User ID”
• filetype:dat “password.dat”
• filetype:dat inurl:Sites.dat
• filetype:dat wand.dat
• filetype:inc dbconn
• filetype:inc intext:mysql_connect
• filetype:inc mysql_connect OR mysql_pconnect
• filetype:inf sysprep
• filetype:ini inurl:”serv-u.ini”
• filetype:ini inurl:flashFXP.ini
• filetype:ini ServUDaemon
• filetype:ini wcx_ftp
• filetype:ini ws_ftp pwd
• filetype:ldb admin
• filetype:log “See `ipsec –copyright”
• filetype:log inurl:”password.log”
• filetype:mdb inurl:users.mdb
• filetype:mdb wwforum
• filetype:netrc password
• filetype:pass pass intext:userid
• filetype:pem intext:private
• filetype:properties inurl:db intext:password
• filetype:pwd service
• filetype:pwl pwl
• filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword”
• filetype:reg reg +intext:â? WINVNC3â?
• filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
• filetype:sql “insert into” (pass|passwd|password)
• filetype:sql (“values * MD5″ | “values * password” | “values * encrypt”)
• filetype:sql +”IDENTIFIED BY” -cvs
• filetype:sql password
• filetype:url +inurl:”ftp://” +inurl:”;@”
• filetype:xls username password email
• htpasswd
• htpasswd / htgroup
• htpasswd / htpasswd.bak
• intext:”enable password 7″
• intext:”enable secret 5 $”
• intext:”EZGuestbook”
• intext:”Web Wiz Journal”
• intitle:”index of” intext:connect.inc
• intitle:”index of” intext:globals.inc
• intitle:”Index of” passwords modified
• intitle:”Index of” sc_serv.conf sc_serv content
• intitle:”phpinfo()” +”mysql.default_password” +”Zend s?ri?ting Language Engine”
• intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
• intitle:index.of administrators.pwd
• intitle:Index.of etc shadow
• intitle:index.of intext:”secring.skr”|”secring.pgp”|”secring.bak”
• intitle:rapidshare intext:login
• inurl:”calendars?ri?t/users.txt”
• inurl:”editor/list.asp” | inurl:”database_editor.asp” | inurl:”login.asa” “are set”
• inurl:”GRC.DAT” intext:”password”
• inurl:”Sites.dat”+”PASS=”
• inurl:”slapd.conf” intext:”credentials” -manpage -”Manual Page” -man: -sample
• inurl:”slapd.conf” intext:”rootpw” -manpage -”Manual Page” -man: -sample
• inurl:”wvdial.conf” intext:”password”
• inurl:/db/main.mdb
• inurl:/wwwboard
• inurl:/yabb/Members/Admin.dat
• inurl:ccbill filetype:log
• inurl:cgi-bin inurl:calendar.cfg
• inurl:chap-secrets -cvs
• inurl:config.php dbuname dbpass
• inurl:filezilla.xml -cvs
• inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
• inurl:nuke filetype:sql
• inurl:ospfd.conf intext:password -sample -test -tutorial -download
• inurl:pap-secrets -cvs
• inurl:pass.dat
• inurl:perform filetype:ini
• inurl:perform.ini filetype:ini
• inurl:secring ext:skr | ext:pgp | ext:bak
• inurl:server.cfg rcon password
• inurl:ventrilo_srv.ini adminpassword
• inurl:vtund.conf intext:pass -cvs
• inurl:zebra.conf intext:password -sample -test -tutorial -download
• filetype:bkf bkf
• filetype:blt “buddylist”
• filetype:blt blt +intext:screenname
• filetype:cfg auto_inst.cfg
• filetype:cnf inurl:_vti_pvt access.cnf
• filetype:conf inurl:firewall -intitle:cvs
• filetype:config web.config -CVS
• filetype:ctt Contact
• filetype:ctt ctt messenger
• filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”
• filetype:fp3 fp3
• filetype:fp5 fp5 -site:gov -site:mil -”cvs log”
• filetype:fp7 fp7
• filetype:inf inurl:capolicy.inf
• filetype:lic lic intext:key
• filetype:log access.log -CVS
• filetype:log cron.log
• filetype:mbx mbx intext:Subject
• filetype:myd myd -CVS
• filetype:ns1 ns1
• filetype:ora ora
• filetype:ora tnsnames
• filetype:pdb pdb backup (Pilot | Pluckerdb)
• filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
• filetype:pot inurl:john.pot
• filetype:PS ps
• filetype:pst inurl:”outlook.pst”
• filetype:pst pst -from -to -date
• filetype:qbb qbb
• filetype:QBW qbw
• filetype:rdp rdp
• filetype:reg “Terminal Server Client”
• filetype:vcs vcs
• filetype:wab wab
• filetype:xls -site:gov inurl:contact
• filetype:xls inurl:”email.xls”
• Financial spreadsheets: finance.xls
• Financial spreadsheets: finances.xls
• Ganglia Cluster Reports
• haccess.ctl (one way)
• haccess.ctl (VERY reliable)
• ICQ chat logs, please…
• intext:”Session Start * * * *:*:* *” filetype:log
• intext:”Tobias Oetiker” “traffic analysis”
• intext:(password | passcode) intext:(username | userid | user) filetype:csv
• intext:gmail invite intext:http://gmail.google.com/gmail/a
• intext:SQLiteManager inurl:main.php
• intext:ViewCVS inurl:Settings.php
• intitle:”admin panel” +”RedKernel”
• intitle:”Apache::Status” (inurl:server-status | inurl:status.html | inurl:apache.html)
• intitle:”AppServ Open Project” -site:www.appservnetwork.com
• intitle:”ASP Stats Generator *.*” “ASP Stats Generator” “2003-2004 weppos”
• intitle:”Big Sister” +”OK Attention Trouble”
• intitle:”curriculum vitae” filetype:doc
• intitle:”edna:streaming mp3 server” -forums
• intitle:”FTP root at”
• intitle:”index of” +myd size
• intitle:”Index Of” -inurl:maillog maillog size
• intitle:”Index Of” cookies.txt size
• intitle:”index of” mysql.conf OR mysql_config
• intitle:”Index of” upload size parent directory
• intitle:”index.of *” admin news.asp configview.asp
• intitle:”index.of” .diz .nfo last modified
• intitle:”Joomla – Web Installer”
• intitle:”LOGREP – Log file reporting system” -site:itefix.no
• intitle:”Multimon UPS status page”
• intitle:”PHP Advanced Transfer” (inurl:index.php | inurl:showrecent.php )
• intitle:”PhpMyExplorer” inurl:”index.php” -cvs
• intitle:”statistics of” “advanced web statistics”
• intitle:”System Statistics” +”System and Network Information Center”
• intitle:”urchin (5|3|admin)” ext:cgi
• intitle:”Usage Statistics for” “Generated by Webalizer”
• intitle:”wbem” compaq login “Compaq Information Technologies Group”
• intitle:”Web Server Statistics for ****”
• intitle:”web server status” SSH Telnet
• intitle:”Welcome to F-Secure Policy Manager Server Welcome Page”
• intitle:”welcome.to.squeezebox”
• intitle:admin intitle:login
• intitle:Bookmarks inurl:bookmarks.html “Bookmarks
• intitle:index.of “Apache” “server at”
• intitle:index.of cleanup.log
• intitle:index.of dead.letter
• intitle:index.of inbox
• intitle:index.of inbox dbx
• intitle:index.of ws_ftp.ini
• intitle:intranet inurl:intranet +intext:”phone”
• inurl:”/axs/ax-admin.pl” -script
• inurl:”/cricket/grapher.cgi”
• inurl:”bookmark.htm”
• inurl:”cacti” +inurl:”graph_view.php” +”Settings Tree View” -cvs -RPM
• inurl:”newsletter/admin/”
• inurl:”newsletter/admin/” intitle:”newsletter admin”
• inurl:”putty.reg”
• inurl:”smb.conf” intext:”workgroup” filetype:conf conf
• inurl:*db filetype:mdb
• inurl:/cgi-bin/pass.txt
• inurl:/_layouts/settings
• inurl:admin filetype:xls
• inurl:admin intitle:login
• inurl:backup filetype:mdb
• inurl:build.err
• inurl:cgi-bin/printenv
• inurl:cgi-bin/testcgi.exe “Please distribute TestCGI”
• inurl:changepassword.asp
• inurl:ds.py
• inurl:email filetype:mdb
• inurl:fcgi-bin/echo
• inurl:forum filetype:mdb
• inurl:forward filetype:forward -cvs
• inurl:getmsg.html intitle:hotmail
• inurl:log.nsf -gov
• inurl:main.php phpMyAdmin
• inurl:main.php Welcome to phpMyAdmin
• inurl:netscape.hst
• inurl:netscape.hst
• inurl:netscape.ini
• inurl:odbc.ini ext:ini -cvs
• inurl:perl/printenv
• inurl:php.ini filetype:ini
• inurl:preferences.ini “[emule]“
• inurl:profiles filetype:mdb
• inurl:report “EVEREST Home Edition “
• inurl:server-info “Apache Server Information”
• inurl:server-status “apache”
• inurl:snitz_forums_2000.mdb
• inurl:ssl.conf filetype:conf
• inurl:tdbin
• inurl:vbstats.php “page generated”
• inurl:wp-mail.php + “There doesn’t seem to be any new mail.”
• inurl:XcCDONTS.asp
• intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
• intext:”Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed.” -edu
• intext:”Mail admins login here to administrate your domain.”
• intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
• intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
• intext:”Storage Management Server for” intitle:”Server Administration”
• intext:”Welcome to” inurl:”cp” intitle:”H-SPHERE” inurl:”begin.html” -Fee
• intext:”vbulletin” inurl:admincp
• intitle:”*- HP WBEM Login” | “You are being prompted to provide login account information for *” | “Please provide the information requested and press
• intitle:”Admin Login” “admin login” “blogware”
• intitle:”Admin login” “Web Site Administration” “Copyright”
• intitle:”AlternC Desktop”
• intitle:”Athens Authentication Point”
• intitle:”b2evo > Login form” “Login form. You must log in! You will have to accept cookies in order to log in” -demo -site:b2evolution.net
• intitle:”Cisco CallManager User Options Log On” “Please enter your User ID and Password in the spaces provided below and click the Log On button to co
• intitle:”ColdFusion Administrator Login”
• intitle:”communigate pro * *” intitle:”entrance”
• intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
• intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
• intitle:”Dell Remote Access Controller”
• intitle:”Docutek ERes – Admin Login” -edu
• intitle:”Employee Intranet Login”
• intitle:”eMule *” intitle:”- Web Control Panel” intext:”Web Control Panel” “Enter your password here.”
• intitle:”ePowerSwitch Login”
• intitle:”eXist Database Administration” -demo
• intitle:”EXTRANET * – Identification”
• intitle:”EXTRANET login” -.edu -.mil -.gov
• intitle:”EZPartner” -netpond
• intitle:”Flash Operator Panel” -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
• intitle:”i-secure v1.1″ -edu
• intitle:”Icecast Administration Admin Page”
• intitle:”iDevAffiliate – admin” -demo
• intitle:”ISPMan : Unauthorized Access prohibited”
• intitle:”ITS System Information” “Please log on to the SAP System”
• intitle:”Kurant Corporation StoreSense” filetype:bok
• intitle:”ListMail Login” admin -demo
• intitle:”Login -
• intitle:”Login Forum
• AnyBoard” intitle:”If you are a new user:” intext:”Forum
• AnyBoard” inurl:gochat -edu
• intitle:”Login to @Mail” (ext:pl | inurl:”index”) -dwaffleman
• intitle:”Login to Cacti”
• intitle:”Login to the forums – @www.aimoo.com” inurl:login.cfm?id=
• intitle:”MailMan Login”
• intitle:”Member Login” “NOTE: Your browser must have cookies enabled in order to log into the site.” ext:php OR ext:cgi
• intitle:”Merak Mail Server Web Administration” -ihackstuff.com
• intitle:”microsoft certificate services” inurl:certsrv
• intitle:”MikroTik RouterOS Managing Webpage”
• intitle:”MX Control Console” “If you can’t remember”
• intitle:”Novell Web Services” “GroupWise” -inurl:”doc/11924″ -.mil -.edu -.gov -filetype:pdf
• intitle:”Novell Web Services” intext:”Select a service and a language.”
• intitle:”oMail-admin Administration – Login” -inurl:omnis.ch
• intitle:”OnLine Recruitment Program – Login”
• intitle:”Philex 0.2*” -script -site:freelists.org
• intitle:”PHP Advanced Transfer” inurl:”login.php”
• intitle:”php icalendar administration” -site:sourceforge.net
• intitle:”php icalendar administration” -site:sourceforge.net
• intitle:”phpPgAdmin – Login” Language
• intitle:”PHProjekt – login” login password
• intitle:”please login” “your password is *”
• intitle:”Remote Desktop Web Connection” inurl:tsweb
• intitle:”SFXAdmin – sfx_global” | intitle:”SFXAdmin – sfx_local” | intitle:”SFXAdmin – sfx_test”
• intitle:”SHOUTcast Administrator” inurl:admin.cgi
• intitle:”site administration: please log in” “site designed by emarketsouth”
• intitle:”Supero Doctor III” -inurl:supermicro
• intitle:”SuSE Linux Openexchange Server” “Please activate JavaScript!”
• intitle:”teamspeak server-administration
• intitle:”Tomcat Server Administration”
• intitle:”TOPdesk ApplicationServer”
• intitle:”TUTOS Login”
• intitle:”TWIG Login”
• intitle:”vhost” intext:”vHost . 2000-2004″
• intitle:”Virtual Server Administration System”
• intitle:”VisNetic WebMail” inurl:”/mail/”
• intitle:”VitalQIP IP Management System”
• intitle:”VMware Management Interface:” inurl:”vmware/en/”
• intitle:”VNC viewer for Java”
• intitle:”web-cyradm”|”by Luc de Louw” “This is only for authorized users” -tar.gz -site:web-cyradm.org
• intitle:”WebLogic Server” intitle:”Console Login” inurl:console
• intitle:”Welcome Site/User Administrator” “Please select the language” -demos
• intitle:”Welcome to Mailtraq WebMail”
• intitle:”welcome to netware *” -site:novell.com
• intitle:”WorldClient” intext:”? (2003|2004) Alt-N Technologies.”
• intitle:”xams 0.0.0..15 – Login”
• intitle:”XcAuctionLite” | “DRIVEN BY XCENT” Lite inurl:admin
• intitle:”XMail Web Administration Interface” intext:Login intext:password
• intitle:”Zope Help System” inurl:HelpSys
• intitle:”ZyXEL Prestige Router” “Enter password”
• intitle:”inc. vpn 3000 concentrator”
• intitle:(“TrackerCam Live Video”)|(“TrackerCam Application Login”)|(“Trackercam Remote”) -trackercam.com
• intitle:asterisk.management.portal web-access
• intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
• intitle:Group-Office “Enter your username and password to login”
• intitle:ilohamail “
• intitle:ilohamail intext:”Version 0.8.10″ “
• intitle:IMP inurl:imp/index.php3
• intitle:Login * Webmailer
• intitle:Login intext:”RT is ? Copyright”
• intitle:Node.List Win32.Version.3.11
• intitle:Novell intitle:WebAccess “Copyright *-* Novell, Inc”
• intitle:open-xchange inurl:login.pl
• intitle:Ovislink inurl:private/login
• intitle:phpnews.login
• intitle:plesk inurl:login.php3
• inurl:”/admin/configuration. php?” Mystore
• inurl:”/slxweb.dll/external?name=(custportal|webticketcust)”
• inurl:”1220/parse_xml.cgi?”
• inurl:”631/admin” (inurl:”op=*”) | (intitle:CUPS)
• inurl:”:10000″ intext:webmin
• inurl:”Activex/default.htm” “Demo”
• inurl:”calendar.asp?action=login”
• inurl:”default/login.php” intitle:”kerio”
• inurl:”gs/adminlogin.aspx”
• inurl:”php121login.php”
• inurl:”suse/login.pl”
• inurl:”typo3/index.php?u=” -demo
• inurl:”usysinfo?login=true”
• inurl:”utilities/TreeView.asp”
• inurl:”vsadmin/login” | inurl:”vsadmin/admin” inurl:.php|.asp
• nurl:/admin/login.asp
• inurl:/cgi-bin/sqwebmail?noframes=1
• inurl:/Citrix/Nfuse17/
• inurl:/dana-na/auth/welcome.html
• inurl:/eprise/
• inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:”Miva Merchant Administration Login” -inurl:cheap-malboro.net
• inurl:/modcp/ intext:Moderator+vBulletin
• inurl:/SUSAdmin intitle:”Microsoft Software Update Services”
• inurl:/webedit.* intext:WebEdit Professional -html
• inurl:1810 “Oracle Enterprise Manager”
• inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
• inurl::2082/frontend -demo
• inurl:administrator “welcome to mambo”
• inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0
• inurl:cgi-bin/ultimatebb.cgi?ubb=login
• inurl:Citrix/MetaFrame/default/default.aspx
• inurl:confixx inurl:login|anmeldung
• inurl:coranto.cgi intitle:Login (Authorized Users Only)
• inurl:csCreatePro.cgi
• inurl:default.asp intitle:”WebCommander”
• inurl:exchweb/bin/auth/owalogon.asp
• inurl:gnatsweb.pl
• inurl:ids5web
• inurl:irc filetype:cgi cgi:irc
• inurl:login filetype:swf swf
• inurl:login.asp
• inurl:login.cfm
• inurl:login.php “SquirrelMail version”
• inurl:metaframexp/default/login.asp | intitle:”Metaframe XP Login”
• inurl:mewebmail
• inurl:names.nsf?opendatabase
• inurl:ocw_login_username
• inurl:orasso.wwsso_app_admin.ls_login
• inurl:postfixadmin intitle:”postfix admin” ext:php
• inurl:search/admin.php
• inurl:textpattern/index.php
• inurl:WCP_USER
• inurl:webmail./index.pl “Interface”
• inurl:webvpn.html “login” “Please enter your” Login (“admin account info”) filetype:log
• !Host=*.* intext:enc_UserPassword=* ext:pcf
• “# -FrontPage-” ext:pwd inurl:(service | authors | administrators | users) “# -FrontPage-” inurl:service.pwd
• “AutoCreate=TRUE password=*”
• “http://*:*@www” domainname
• “index of/” “ws_ftp.ini” “parent directory”
• “liveice configuration file” ext:cfg -site:sourceforge.net
• “parent directory” +proftpdpasswd
• Duclassified” -site:duware.com “DUware All Rights reserved”
• duclassmate” -site:duware.com
• Dudirectory” -site:duware.com
• dudownload” -site:duware.com
• Elite Forum Version *.*”
• Link Department”
• “sets mode: +k”
• “your password is” filetype:log
• DUpaypal” -site:duware.com
• allinurl: admin mdb
• auth_user_file.txt
• config.php
• eggdrop filetype:user user
• enable password | secret “current configuration” -intext:the
• etc (index.of)
• ext:asa | ext:bak intext:uid intext:pwd -”uid..pwd” database | server | dsn
• ext:inc “pwd=” “UID=”
• ext:ini eudora.ini
• ext:ini Version=4.0.0.4 password
• ext:passwd -intext:the -sample -example
• ext:txt inurl:unattend.txt
• ext:yml database inurl:config
• LeapFTP intitle:”index.of./” sites.ini modified
• master.passwd
• mysql history files
• NickServ registration passwords
• passlist
• passlist.txt (a better way)
• passwd
• passwd / etc (reliable)
• people.lst
• psyBNC config files
• pwd.db
• server-dbs “intitle:index of”
• signin filetype:url
• spwd.db / passwd
• trillian.ini
• wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
• [WFClient] Password= filetype:ica
• intitle:”remote assessment” OpenAanval Console
• intitle:opengroupware.org “resistance is obsolete” “Report Bugs” “Username” “password”
• “bp blog admin” intitle:login | intitle:admin -site:johnny.ihackstuff.com
• “Emergisoft web applications are a part of our”
• “Establishing a secure Integrated Lights Out session with” OR intitle:”Data Frame – Browser not HTTP 1.1 compatible” OR intitle:”HP Integrated Lights-
• “HostingAccelerator” intitle:”login” +”Username” -”news” -demo
• “iCONECT 4.1 :: Login”
• “IMail Server Web Messaging” intitle:login
• “inspanel” intitle:”login” -”cannot” “Login ID” -site:inspediumsoft.com
• “intitle:3300 Integrated Communications Platform” inurl:main.htm
• “Login – Sun Cobalt RaQ”
• “login prompt” inurl:GM.cgi
• “Login to Usermin” inurl:20000
• “Microsoft CRM : Unsupported Browser Version”
• “OPENSRS Domain Management” inurl:manage.cgi
• “pcANYWHERE EXPRESS Java Client”
• “Please authenticate yourself to get access to the management interface”
• “please log in”
• “Please login with admin pass” -”leak” -sourceforge
• CuteNews” “2003..2005 CutePHP”
• DWMail” password intitle:dwmail
• Merak Mail Server Software” -.gov -.mil -.edu -site:merakmailserver.com
• Midmart Messageboard” “Administrator Login”
• Monster Top List” MTL numrange:200-
• UebiMiau” -site:sourceforge.net
• “site info for” “Enter Admin Password”
• “SquirrelMail version” “By the SquirrelMail development Team”
• “SysCP – login”
• “This is a restricted Access Server” “Javas?ri?t Not Enabled!”|”Messenger Express” -edu -ac
• “This section is for Administrators only. If you are an administrator then please”
• “ttawlogin.cgi/?action=”
• “VHCS Pro ver” -demo
• “VNC Desktop” inurl:5800
• “Web-Based Management” “Please input password to login” -inurl:johnny.ihackstuff.com
• “WebExplorer Server – Login” “Welcome to WebExplorer Server”
• “WebSTAR Mail – Please Log In”
• “You have requested access to a restricted area of our website. Please authenticate yourself to continue.”
• “You have requested to access the management functions” -.edu
• (intitle:”Please login – Forums
• UBB.threads”)|(inurl:login.php “ubb”)
• (intitle:”Please login – Forums
• WWWThreads”)|(inurl:”wwwthreads/login.php”)|(inurl:”wwwthreads/login.pl?Cat=”)
• (intitle:”rymo Login”)|(intext:”Welcome to rymo”) -family
• (intitle:”WmSC e-Cart Administration”)|(intitle:”WebMyStyle e-Cart Administration”)
• (inurl:”ars/cgi-bin/arweb?O=0″ | inurl:arweb.jsp) -site:remedy.com -site:mil
• 4images Administration Control Panel
• allintitle:”Welcome to the Cyclades”
• allinurl:”exchange/logon.asp”
• allinurl:wps/portal/ login
• ASP.login_aspx “ASP.NET_SessionId”
• CGI:IRC Login
• ext:cgi intitle:”control panel” “enter your owner password to continue!”
• ez Publish administration
• filetype:php inurl:”webeditor.php”
• filetype:pl “Download: SuSE Linux Openexchange Server CA”
• filetype:r2w r2w
• intitle:”Login Forum
• AnyBoard” intitle:”If you are a new user:” intext:”Forum
• AnyBoard” inurl:gochat -edu
• Login (“
• Jetbox One CMS â?¢” | “
• Jetstream ? *”)
• Novell NetWare intext:”netware management portal version”
• Outlook Web Access (a better way)
• PhotoPost PHP Upload
• PHPhotoalbum Statistics
• PHPhotoalbum Upload
• Please enter a valid password! inurl:polladmin
• intitle:”DocuShare” inurl:”docushare/dsweb/” -faq -gov -edu
• “#mysql dump” filetype:sql
• “#mysql dump” filetype:sql 21232f297a57a5a743894a0e4a801fc3
• “allow_call_time_pass_reference” “PATH_INFO”
• “Certificate Practice Statement” inurl:(PDF | DOC)
• “Generated by phpSystem”
• “generated by wwwstat”
• “Host Vulnerability Summary Report”
• “HTTP_FROM=googlebot” googlebot.com “Server_Software=”
• “Index of” / “chat/logs”
• “Installed Objects Scanner” inurl:default.asp
• “MacHTTP” filetype:log inurl:machttp.log
• “Mecury Version” “Infastructure Group”
• “Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)” ext:log
• “Most Submitted Forms and s?ri?ts” “this section”
• “Network Vulnerability Assessment Report”
• “not for distribution” confidential
• “not for public release” -.edu -.gov -.mil
• “phone * * *” “address *” “e-mail” intitle:”curriculum vitae”
• “phpMyAdmin” “running on” inurl:”main.php”
• “produced by getstats”
• “Request Details” “Control Tree” “Server Variables”
• “robots.txt” “Disallow:” filetype:txt
• “Running in Child mode”
• “sets mode: +p”
• “sets mode: +s”
• “Thank you for your order” +receipt
• “This is a Shareaza Node”
• “This report was generated by WebLog”
• ( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
• (intitle:”PRTG Traffic Grapher” inurl:”allsensors”)|(intitle:”PRTG Traffic Grapher – Monitoring Results”)
• (intitle:WebStatistica inurl:main.php) | (intitle:”WebSTATISTICA server”) -inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob
• (inurl:”robot.txt” | inurl:”robots.txt” ) intext:disallow filetype:txt
• +”:8080″ +”:3128″ +”:80″ filetype:txt
• +”HSTSNR” -”netop.com”
• -site:php.net -”The PHP Group” inurl:source inurl:url ext:pHp
• 94FBR “ADOBE PHOTOSHOP”
• AIM buddy lists
• allinurl:/examples/jsp/snp/snoop.jsp
• allinurl:cdkey.txt
• allinurl:servlet/SnoopServlet
• cgiirc.conf
• cgiirc.conf
• contacts ext:wml
• data filetype:mdb -site:gov -site:mil
• exported email addresses
• ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidential
• ext:asp inurl:pathto.asp
• ext:ccm ccm -catacomb
• ext:CDX CDX
• ext:cgi inurl:editcgi.cgi inurl:file=
• ext:conf inurl:rsyncd.conf -cvs -man
• ext:conf NoCatAuth -cvs
• ext:dat bpk.dat
• ext:gho gho
• ext:ics ics
• ext:ini intext:env.ini
• ext:jbf jbf
• ext:ldif ldif
• ext:log “Software: Microsoft Internet Information Services *.*”
• ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
• ext:nsf nsf -gov -mil
• ext:plist filetype:plist inurl:bookmarks.plist
• ext:pqi pqi -database
• ext:reg “username=*” putty
• ext:txt “Final encryption key”
• ext:txt inurl:dxdiag
• ext:vmdk vmdk
• ext:vmx vmx
• filetype:asp DBQ=” * Server.MapPath(“*.mdb”)
• filetype:bkf bkf
• filetype:blt “buddylist”
• filetype:blt blt +intext:screenname
• filetype:cfg auto_inst.cfg
• filetype:cnf inurl:_vti_pvt access.cnf
• filetype:conf inurl:firewall -intitle:cvs
• filetype:config web.config -CVS
• filetype:ctt Contact
• filetype:ctt ctt messenger
• filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”
• filetype:fp3 fp3
• filetype:fp5 fp5 -site:gov -site:mil -”cvs log”
• filetype:fp7 fp7
• filetype:inf inurl:capolicy.inf
• filetype:lic lic intext:key
• filetype:log access.log -CVS
• filetype:log cron.log
• filetype:mbx mbx intext:Subject
• filetype:myd myd -CVS
• filetype:ns1 ns1
• filetype:ora ora
• filetype:ora tnsnames
• filetype:pdb pdb backup (Pilot | Pluckerdb)
• filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
• filetype:pot inurl:john.pot
• filetype:PS ps
• filetype:pst inurl:”outlook.pst”
• filetype:pst pst -from -to -date
• filetype:qbb qbb
• filetype:QBW qbw
• filetype:rdp rdp
• filetype:reg “Terminal Server Client”
• filetype:vcs vcs
• filetype:wab wab
• filetype:xls -site:gov inurl:contact
• filetype:xls inurl:”email.xls”
• Financial spreadsheets: finance.xls
• Financial spreadsheets: finances.xls
• haccess.ctl (one way)
• haccess.ctl (VERY reliable)
• ICQ chat logs, please…
• intext:”Session Start * * * *:*:* *” filetype:log
• intext:”Tobias Oetiker” “traffic analysis”
• intext:(password | passcode) intext:(username | userid | user) filetype:csv
• intext:gmail invite intext:http://gmail.google.com/gmail/a
• intext:SQLiteManager inurl:main.php
• intext:ViewCVS inurl:Settings.php
• intitle:”admin panel” +”
• RedKernel”
• intitle:”Apache::Status” (inurl:server-status | inurl:status.html | inurl:apache.html)
• intitle:”AppServ Open Project” -site:www.appservnetwork.com
• intitle:”ASP Stats Generator *.*” “ASP Stats Generator” “2003-2004 weppos”
• intitle:”Big Sister” +”OK Attention Trouble”
• intitle:”curriculum vitae” filetype:doc
• intitle:”edna:streaming mp3 server” -forums
• intitle:”FTP root at”
• intitle:”index of” +myd size
• intitle:”Index Of” -inurl:maillog maillog size
• intitle:”Index Of” cookies.txt size
• intitle:”index of” mysql.conf OR mysql_config
• intitle:”Index of” upload size parent directory
• intitle:”index.of *” admin news.asp configview.asp
• intitle:”index.of” .diz .nfo last modified
• intitle:”Joomla – Web Installer”
• intitle:”LOGREP – Log file reporting system” -site:itefix.no
• intitle:”Multimon UPS status page”
• intitle:”PHP Advanced Transfer” (inurl:index.php | inurl:showrecent.php )
• intitle:”PhpMyExplorer” inurl:”index.php” -cvs
• intitle:”statistics of” “advanced web statistics”
• intitle:”System Statistics” +”System and Network Information Center”
• intitle:”urchin (5|3|admin)” ext:cgi
• intitle:”Usage Statistics for” “Generated by Webalizer”
• intitle:”wbem” compaq login “Compaq Information Technologies Group”
• intitle:”Web Server Statistics for ****”
• intitle:”web server status” SSH Telnet
• intitle:”Welcome to F-Secure Policy Manager Server Welcome Page”
• intitle:”welcome.to.squeezebox”
• intitle:admin intitle:login
• intitle:Bookmarks inurl:bookmarks.html “Bookmarks
• intitle:index.of “Apache” “server at”
• intitle:index.of cleanup.log
• intitle:index.of dead.letter
• intitle:index.of inbox
• intitle:index.of inbox dbx
• intitle:index.of ws_ftp.ini
• intitle:intranet inurl:intranet +intext:”phone”
• inurl:”/axs/ax-admin.pl” -s?ri?t
• inurl:”/cricket/grapher.cgi”
• inurl:”bookmark.htm”
• inurl:”cacti” +inurl:”graph_view.php” +”Settings Tree View” -cvs -RPM
• inurl:”newsletter/admin/”
• inurl:”newsletter/admin/” intitle:”newsletter admin”
• inurl:”putty.reg”
• inurl:”smb.conf” intext:”workgroup” filetype:conf conf
• inurl:*db filetype:mdb
• inurl:/cgi-bin/pass.txt
• inurl:/_layouts/settings
• inurl:admin filetype:xls
• inurl:admin intitle:login
• inurl:backup filetype:mdb
• inurl:build.err
• inurl:cgi-bin/printenv
• inurl:cgi-bin/testcgi.exe “Please distribute TestCGI”
• inurl:changepassword.asp
• inurl:ds.py
• inurl:email filetype:mdb
• inurl:fcgi-bin/echo
• inurl:forum filetype:mdb
• inurl:forward filetype:forward -cvs
• inurl:getmsg.html intitle:hotmail
• inurl:log.nsf -gov
• inurl:main.php phpMyAdmin
• inurl:main.php Welcome to phpMyAdmin
• inurl:netscape.hst
• inurl:netscape.hst
• inurl:netscape.ini
• inurl:odbc.ini ext:ini -cvs
• inurl:perl/printenv
• inurl:php.ini filetype:ini
• inurl:preferences.ini “[emule]“
• inurl:profiles filetype:mdb
• inurl:report “EVEREST Home Edition “
• inurl:server-info “Apache Server Information”
• inurl:server-status “apache”
• inurl:snitz_forums_2000.mdb
• inurl:ssl.conf filetype:conf
• inurl:tdbin
• inurl:vbstats.php “page generated”
• inurl:wp-mail.php + “There doesn’t seem to be any new mail.”
• inurl:XcCDONTS.asp
• ipsec.conf
• ipsec.secrets
• “detected an internal error [IBM][CLI Driver][DB2/6000]“
• “error found handling the request” cocoon filetype:xml
• “Fatal error: Call to undefined function” -reply -the -next
• “Incorrect syntax near”
• “Incorrect syntax near”
• “Internal Server Error” “server at”
• “Invision Power Board Database Error”
• “ORA-00933: SQL command not properly ended”
• “ORA-12541: TNS:no listener” intitle:”error occurred”
• “Parse error: parse error, unexpected T_VARIABLE” “on line” filetype:php
• “PostgreSQL query failed: ERROR: parser: parse error”
• “Supplied argument is not a valid MySQL result resource”
• “Syntax error in query expression ” -the
• “The script whose uid is ” “is not allowed to access”
• “There seems to have been a problem with the” ” Please try again by clicking the Refresh button in your web browser.”
• “Unable to jump to row” “on MySQL result index” “on line”
• “Unclosed quotation mark before the character string”
• “Warning: Bad arguments to (join|implode) () in” “on line” -help -forum
• “Warning: Cannot modify header information – headers already sent”
• “Warning: Division by zero in” “on line” -forum
• “Warning: mysql_connect(): Access denied for user: ‘*@*” “on line” -help -forum
• “Warning: mysql_query()” “invalid query”
• “Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL”
• “Warning: Supplied argument is not a valid File-Handle resource in”
• “Warning:” “failed to open stream: HTTP request failed” “on line”
• “Warning:” “SAFE MODE Restriction in effect.” “The script whose uid is” “is not allowed to access owned by uid 0 in” “on line”
• “SQL Server Driver][SQL Server]Line 1: Incorrect syntax near”
• An unexpected token “END-OF-STATEMENT” was found
• Coldfusion Error Pages
• filetype:asp + “[ODBC SQL"
• filetype:asp "Custom Error Message" Category Source
• filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"
• filetype:php inurl:"logging.php" "Discuz" error
• ht://Dig htsearch error
• IIS 4.0 error messages
• IIS web server error messages
• Internal Server Error
• intext:"Error Message : Error loading required libraries."
• intext:"Warning: Failed opening" "on line" "include_path"
• intitle:"Apache Tomcat" "Error Report"
• intitle:"Default PLESK Page"
• intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
• intitle:"Error Occurred" "The error occurred in" filetype:cfm
• intitle:"Error using Hypernews" "Server Software"
• intitle:"Execution of this script not permitted"
• intitle:"Under construction" "does not currently have"
• intitle:Configuration.File inurl:softcart.exe
• MYSQL error message: supplied argument....
• mysql error with query
• Netscape Application Server Error page
• ORA-00921: unexpected end of SQL command
• ORA-00921: unexpected end of SQL command
• ORA-00936: missing expression
• PHP application warnings failing "include_path"
• sitebuildercontent
• sitebuilderfiles
• sitebuilderpictures
• Snitz! forums db path error
• SQL syntax error
• Supplied argument is not a valid PostgreSQL result
• warning "error on line" php sablotron
• Windows 2000 web server error messages
• "ftp://" "www.eastgame.net"
• "html allowed" guestbook
• ": vBulletin Version 1.1.5"
• "Select a database to view" intitle:"filemaker pro"
• "set up the administrator user" inurl:pivot
• "There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row
• "Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin
• "Welcome to Intranet"
• "Welcome to PHP-Nuke" congratulations
• "Welcome to the Prestige Web-Based Configurator"
• "YaBB SE Dev Team"
• "you can now password" | "this is a special page only seen by you. your profile visitors" inurl:imchaos
• ("Indexed.By"|"Monitored.By") hAcxFtpScan
• (inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
• allinurl:"index.php" "site=sglinks"
• allinurl:install/install.php
• allinurl:intranet admin
• filetype:cgi inurl:"fileman.cgi"
• filetype:cgi inurl:"Web_Store.cgi"
• filetype:php inurl:vAuthenticate
• filetype:pl intitle:"Ultraboard Setup"
• Gallery in configuration mode
• Hassan Consulting's Shopping Cart Version 1.18
• intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
• intitle:"Gateway Configuration Menu"
• intitle:"Horde :: My Portal" -"[Tickets"
• intitle:"Mail Server CMailServer Webmail" "5.2"
• intitle:"MvBlog powered"
• intitle:"Remote Desktop Web Connection"
• intitle:"Samba Web Administration Tool" intext:"Help Workgroup"
• intitle:"Terminal Services Web Connection"
• intitle:"Uploader - Uploader v6" -pixloads.com
• intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
• intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
• intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
• inurl:"/NSearch/AdminServlet"
• inurl:"index.php? module=ew_filemanager"
• inurl:aol*/_do/rss_popup?blogID=
• inurl:footer.inc.php
• inurl:info.inc.php
• inurl:ManyServers.htm
• inurl:newsdesk.cgi? inurl:"t="
• inurl:pls/admin_/gateway.htm
• inurl:rpSys.html
• inurl:search.php vbulletin
• inurl:servlet/webacc
• natterchat inurl:home.asp -site:natterchat.co.uk
• XOOPS Custom Installation
• inurl:htpasswd filetype:htpasswd
• inurl:yapboz_detay.asp
• + View Webcam User Accessing
• allinurl:control/multiview
• inurl:"ViewerFrame?Mode="
• intitle:"WJ-NT104 Main Page"
• inurl:netw_tcp.shtml
• intitle:"supervisioncam protocol"
• mail filetype:csv -site:gov intext:name
• Microsoft Money Data Files
• mt-db-pass.cgi files
• MySQL tabledata dumps
• mystuff.xml - Trillian data files
• OWA Public Folders (direct view)
• Peoples MSN contact lists
• php-addressbook "This is the addressbook for *" -warning
• private key files (.csr)
• private key files (.key)
• Quicken data files
• rdbqds -site:.edu -site:.mil -site:.gov
• robots.txt
• site:edu admin grades
• site:www.mailinator.com inurl:ShowMail.do
• SQL data dumps
• Squid cache server reports
• Unreal IRCd
• WebLog Referrers
• Welcome to ntop!
• Fichier contenant des informations sur le r?seau :
• filetype:log intext:"ConnectionManager2"
• "apricot - admin" 00h
• "by Reimar Hoven. All Rights Reserved. Disclaimer" | inurl:"log/logdb.dta"
• "Network Host Assessment Report" "Internet Scanner"
• "Output produced by SysWatch *"
• "Phorum Admin" "Database Connection" inurl:forum inurl:admin
• phpOpenTracker" Statistics
• "powered | performed by Beyond Security's Automated Scanning" -kazaa -example
• "Shadow Security Scanner performed a vulnerability assessment"
• "SnortSnarf alert page"
• "The following report contains confidential information" vulnerability -search
• "The statistics were last upd?t?d" "Daily"-microsoft.com
• "this proxy is working fine!" "enter *" "URL***" * visit
• "This report lists" "identified by Internet Scanner"
• "Traffic Analysis for" "RMON Port * on unit *"
• "Version Info" "Boot Version" "Internet Settings"
• ((inurl:ifgraph "Page generated at") OR ("This page was built using ifgraph"))
• Analysis Console for Incident Databases
• ext:cfg radius.cfg
• ext:cgi intext:"nrg-" " This web page was created on "
• filetype:pdf "Assessment Report" nessus
• filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"
• filetype:php inurl:nqt intext:"Network Query Tool"
• filetype:vsd vsd network -samples -examples
• intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]” -filetype:htm
• intitle:”ADSL Configuration page”
• intitle:”Azureus : Java BitTorrent Client Tracker”
• intitle:”Belarc Advisor Current Profile” intext:”Click here for Belarc’s PC Management products, for large and small companies.”
• intitle:”BNBT Tracker Info”
• intitle:”Microsoft Site Server Analysis”
• intitle:”Nessus Scan Report” “This file was generated by Nessus”
• intitle:”PHPBTTracker Statistics” | intitle:”PHPBT Tracker Statistics”
• intitle:”Retina Report” “CONFIDENTIAL INFORMATION”
• intitle:”start.managing.the.device” remote pbx acc
• intitle:”sysinfo * ” intext:”Generated by Sysinfo * written by The Gamblers.”
• intitle:”twiki” inurl:”TWikiUsers”
• inurl:”/catalog.nsf” intitle:catalog
• inurl:”install/install.php”
• inurl:”map.asp?” intitle:”WhatsUp Gold”
• inurl:”NmConsole/Login.asp” | intitle:”Login – Ipswitch WhatsUp Professional 2005″ | intext:”Ipswitch WhatsUp Professional 2005 (SP1)” “Ipswitch, Inc”
• inurl:”sitescope.html” intitle:”sitescope” intext:”refresh” -demo
• inurl:/adm-cfgedit.php
• inurl:/cgi-bin/finger? “In real life”
• inurl:/cgi-bin/finger? Enter (account|host|user|username)
• inurl:/counter/index.php intitle:”+PHPCounter 7.*”
• inurl:CrazyWWWBoard.cgi intext:”detailed debugging information”
• inurl:login.jsp.bak
• inurl:ovcgi/jovw
• inurl:phpSysInfo/ “created by phpsysinfo”
• inurl:portscan.php “from Port”|”Port Range”
• inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl
• inurl:statrep.nsf -gov
• inurl:status.cgi?host=all
• inurl:testcgi xitami
• inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin
• inurl:webutil.pl
• Looking Glass
• site:netcraft.com intitle:That.Site.Running Apache
• “A syntax error has occurred” filetype:ihtml
• “access denied for user” “using password”
• “An illegal character has been found in the statement” -”previous message”
• “ASP.NET_SessionId” “data source=”
• “Can’t connect to local” intitle:warning
• “Chatologica MetaSearch” “stack tracking”
• “detected an internal error [IBM][CLI Driver][DB2/6000]“
• “error found handling the request” cocoon filetype:xml
• “Fatal error: Call to undefined function” -reply -the -next
• “Incorrect syntax near”
• “Incorrect syntax near”
• “Internal Server Error” “server at”
• “Invision Power Board Database Error”
• “ORA-00933: SQL command not properly ended”
• “ORA-12541: TNS:no listener” intitle:”error occurred”
• “Parse error: parse error, unexpected T_VARIABLE” “on line” filetype:php
• “PostgreSQL query failed: ERROR: parser: parse error”
• “Supplied argument is not a valid MySQL result resource”
• “Syntax error in query expression ” -the
• “The s?ri?t whose uid is ” “is not allowed to access”
• “There seems to have been a problem with the” ” Please try again by clicking the Refresh button in your web browser.”
• “Unable to jump to row” “on MySQL result index” “on line”
• “Unclosed quotation mark before the character string”
• “Warning: Bad arguments to (join|implode) () in” “on line” -help -forum
• “Warning: Cannot modify header information – headers already sent”
• “Warning: Division by zero in” “on line” -forum
• “Warning: mysql_connect(): Access denied for user: ‘*@*” “on line” -help -forum
• “Warning: mysql_query()” “invalid query”
• “Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL”
• “Warning: Supplied argument is not a valid File-Handle resource in”
• “Warning:” “failed to open stream: HTTP request failed” “on line”
• “Warning:” “SAFE MODE Restriction in effect.” “The s?ri?t whose uid is” “is not allowed to access owned by uid 0 in” “on line”
• “SQL Server Driver][SQL Server]Line 1: Incorrect syntax near”
• An unexpected token “END-OF-STATEMENT” was found
• Coldfusion Error Pages
• filetype:asp + “[ODBC SQL"
• filetype:asp "Custom Error Message" Category Source
• filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"
• filetype:php inurl:"logging.php" "Discuz" error
• ht://Dig htsearch error
• IIS 4.0 error messages
• IIS web server error messages
• Internal Server Error
• intext:"Error Message : Error loading required libraries."
• intext:"Warning: Failed opening" "on line" "include_path"
• intitle:"Apache Tomcat" "Error Report"
• intitle:"Default PLESK Page"
• intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
• intitle:"Error Occurred" "The error occurred in" filetype:cfm
• intitle:"Error using Hypernews" "Server Software"
• intitle:"Execution of this s?ri?t not permitted"
• intitle:"Under construction" "does not currently have"
• intitle:Configuration.File inurl:softcart.exe
• MYSQL error message: supplied argument....
• mysql error with query
• Netscape Application Server Error page
• ORA-00921: unexpected end of SQL command
• ORA-00921: unexpected end of SQL command
• ORA-00936: missing expression
• PHP application warnings failing "include_path"
• sitebuildercontent
• sitebuilderfiles
• sitebuilderpictures
• Snitz! forums db path error
• SQL syntax error
• Supplied argument is not a valid PostgreSQL result
• warning "error on line" php sablotron
• Windows 2000 web server error messages
• "ftp://" "www.eastgame.net"
• "html allowed" guestbook
• : vBulletin Version 1.1.5"
• "Select a database to view" intitle:"filemaker pro"
• "set up the administrator user" inurl:pivot
• "There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row
• "Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin
• "Welcome to Intranet"
• "Welcome to PHP-Nuke" congratulations
• "Welcome to the Prestige Web-Based Configurator"
• "YaBB SE Dev Team"
• "you can now password" | "this is a special page only seen by you. your profile visitors" inurl:imchaos
• ("Indexed.By"|"Monitored.By") hAcxFtpScan
• (inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
• allinurl:"index.php" "site=sglinks"
• allinurl:install/install.php
• allinurl:intranet admin
• filetype:cgi inurl:"fileman.cgi"
• filetype:cgi inurl:"Web_Store.cgi"
• filetype:php inurl:vAuthenticate
• filetype:pl intitle:"Ultraboard Setup"
• Gallery in configuration mode
• Hassan Consulting's Shopping Cart Version 1.18
• intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
• intitle:"Gateway Configuration Menu"
• intitle:"Horde :: My Portal" -"[Tickets"
• intitle:"Mail Server CMailServer Webmail" "5.2"
• intitle:"MvBlog powered"
• intitle:"Remote Desktop Web Connection"
• intitle:"Samba Web Administration Tool" intext:"Help Workgroup"
• intitle:"Terminal Services Web Connection"
• intitle:"Uploader - Uploader v6" -pixloads.com
• intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
• intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
• intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
• inurl:"/NSearch/AdminServlet"
• inurl:"index.php? module=ew_filemanager"
• inurl:aol*/_do/rss_popup?blogID=
• inurl:footer.inc.php
• inurl:info.inc.php
• inurl:ManyServers.htm
• inurl:newsdesk.cgi? inurl:"t="
• inurl:pls/admin_/gateway.htm
• inurl:rpSys.html
• inurl:search.php vbulletin
• inurl:servlet/webacc
• natterchat inurl:home.asp -site:natterchat.co.uk
• XOOPS Custom Installation
• inurl:htpasswd filetype:htpasswd
• inurl:yapboz_detay.asp + View Webcam User Accessing
• allinurl:control/multiview
• inurl:"ViewerFrame?Mode="
• intitle:"WJ-NT104 Main Page"
• inurl:netw_tcp.shtml
• intitle:"supervisioncam protocol"
• "Duclassified" -site:duware.com "DUware All Rights reserved"
• "duclassmate" -site:duware.com
• "Dudirectory" -site:duware.com
• "dudownload" -site:duware.com
• "Elite Forum Version *.*"
• "Link Department"
• "sets mode: +k"
• "your password is" filetype:log
• "DUpaypal" -site:duware.com
• "A syntax error has occurred" filetype:ihtml
• "access denied for user" "using password"
• "Chatologica MetaSearch" "stack tracking:"
• "Index of /backup"
• "ORA-00921: unexpected end of SQL command"
• "parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• "parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• "parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• "parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• "parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• "parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• ?intitle:index.of? mp3 name
• allintitle:"Network Camera NetworkCamera"
• allinurl: admin mdb
• allinurl:auth_user_file.txt
• intitle:"live view" intitle:axis
• intitle:axis intitle:"video server"
• intitle:liveapplet
• inurl:"ViewerFrame?Mode="
• inurl:axis-cgi/jpg
• inurl:axis-cgi/mjpg (motion-JPEG)
• inurl:passlist.txt
• inurl:view/index.shtml
• inurl:view/indexFrame.shtml
• inurl:view/view.shtml
• inurl:ViewerFrame?Mode=Refresh
• liveapplet
• !Host=*.* intext:enc_UserPassword=* ext:pcf
• " -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)
• "A syntax error has occurred" filetype:ihtml
• "About Mac OS Personal Web Sharing"
• "access denied for user" "using password"
• "allow_call_time_pass_reference" "PATH_INFO"
• "An illegal character has been found in the statement" -"previous message"
• "ASP.NET_SessionId" "data source="
• "AutoCreate=TRUE password=*"
• "Can't connect to local" intitle:warning
• "Certificate Practice Statement" inurl:(PDF | DOC)
• "Chatologica MetaSearch" "stack tracking"
• "Copyright © Tektronix, Inc." "printer status"
• "detected an internal error [IBM][CLI Driver][DB2/6000]“
• “Dumping data for table”
• “Error Diagnostic Information” intitle:”Error Occurred While”
• “error found handling the request” cocoon filetype:xml
• “Fatal error: Call to undefined function” -reply -the -next
• “Generated by phpSystem”
• “generated by wwwstat”
• “Host Vulnerability Summary Report”
• “HTTP_FROM=googlebot” googlebot.com “Server_Software=”
• “IMail Server Web Messaging” intitle:login
• “Incorrect syntax near”
• “Index of /” +.htaccess
• “Index of /” +passwd
• “Index of /” +password.txt
• “Index of /admin”
• “Index of /mail”
• “Index Of /network” “last modified”
• “Index of /password”
• “index of /private” site:mil
• “index of /private” -site:net -site:com -site:org
• “Index of” / “chat/logs”
• “index of/” “ws_ftp.ini” “parent directory”
• “Installed Objects Scanner” inurl:default.asp
• “Internal Server Error” “server at”
• “liveice configuration file” ext:cfg
• “Login – Sun Cobalt RaQ”
• “Mecury Version” “Infastructure Group”
• “Microsoft ® Windows * ™ Version * DrWtsn32 Copyright ©” ext:log
• “More Info about MetaCart Free”
• “Most Submitted Forms and Scripts” “this section”
• “mysql dump” filetype:sql
• “mySQL error with query”
• “Network Vulnerability Assessment Report”
• “not for distribution” confidential
• “ORA-00921: unexpected end of SQL command”
• “ORA-00933: SQL command not properly ended”
• “ORA-00936: missing expression”
• “pcANYWHERE EXPRESS Java Client”
• “phone * * *” “address *” “e-mail” intitle:”curriculum vitae”
• “phpMyAdmin MySQL-Dump” “INSERT INTO” -”the”
• “phpMyAdmin MySQL-Dump” filetype:txt
• “phpMyAdmin” “running on” inurl:”main.php”
• “PostgreSQL query failed: ERROR: parser: parse error”
• “Powered by mnoGoSearch – free web search engine software”
• “powered by openbsd” +”powered by apache”
• “Powered by UebiMiau” -site:sourceforge.net
• “produced by getstats”
• “Request Details” “Control Tree” “Server Variables”
• “robots.txt” “Disallow:” filetype:txt
• “Running in Child mode”
• “sets mode: +k”
• “sets mode: +p”
• “sets mode: +s”
• “Supplied argument is not a valid MySQL result resource”
• “Supplied argument is not a valid PostgreSQL result”
• “Thank you for your order” +receipt
• “This is a Shareaza Node”
• “This report was generated by WebLog”
• “This summary was generated by wwwstat”
• “VNC Desktop” inurl:5800
• “Warning: Cannot modify header information – headers already sent”
• “Web File Browser” “Use regular expression”
• “xampp/phpinfo
• “You have an error in your SQL syntax near”
• “Your password is * Remember this for later use”
• aboutprinter.shtml
• allintitle: “index of/admin”
• allintitle: “index of/root”
• allintitle: restricted filetype :mail
• allintitle: restricted filetype:doc site:gov
• allintitle: sensitive filetype:doc
• allintitle:..”Test page for Apache Installation..”
• allintitle:admin.php
• allinurl:”.r{}_vti_cnf/”
• allinurl:admin mdb
• allinurl:auth_user_file.txt
• allinurl:servlet/SnoopServlet
• An unexpected token “END-OF-STATEMENT” was found
• camera linksys inurl:main.cgi
• Canon Webview netcams
• Comersus.mdb database
• confidential site:mil
• ConnectionTest.java filetype:html
• data filetype:mdb -site:gov -site:mil
• eggdrop filetype:user user
• ext:conf NoCatAuth -cvs
• ext:pwd inurl:(service | authors | administrators | users) “# -FrontPage-”
• ext:txt inurl:unattend.txt
• filetype:ASP ASP
• filetype:ASPX ASPX
• filetype:BML BML
• filetype:cfg ks intext:rootpw -sample -test -howto
• filetype:cfm “cfapplication name” password
• filetype:CFM CFM
• filetype:CGI CGI
• filetype:conf inurl:psybnc.conf “USER.PASS=”
• filetype:dat “password.dat
• filetype:DIFF DIFF
• filetype:DLL DLL
• filetype:DOC DOC
• filetype:FCGI FCGI
• filetype:HTM HTM
• filetype:HTML HTML
• filetype:inf sysprep
• filetype:JHTML JHTML
• filetype:JSP JSP
• filetype:log inurl:password.log
• filetype:MV MV
• filetype:pdf “Assessment Report” nessus
• filetype:PDF PDF
• filetype:PHP PHP
• filetype:PHP3 PHP3
• filetype:PHP4 PHP4
• filetype:PHTML PHTML
• filetype:PL PL
• filetype:PPT PPT
• filetype:PS PS
• filetype:SHTML SHTML
• filetype:STM STM
• filetype:SWF SWF
• filetype:TXT TXT
• filetype:XLS XLS
• htpasswd / htpasswd.bak
• Index of phpMyAdmin
• index of: intext:Gallery in Configuration mode
• index.of passlist
• intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
• intext:”d.aspx?id” || inurl:”d.aspx?id”
• intext:”enable secret 5 $”
• intext:”powered by Web Wiz Journal”
• intext:”SteamUserPassphrase=” intext:”SteamAppUser=” -”username” -”user”
• intitle:”— VIDEO WEB SERVER —” intext:”Video Web Server” “Any time & Any where” username password
• intitle:”500 Internal Server Error” “server at”
• intitle:”actiontec” main setup status “Copyright 2001 Actiontec Electronics Inc”
• intitle:”Browser Launch Page”
• intitle:”DocuShare” inurl:”docushare/dsweb/” -faq -gov -edu
• intitle:”EverFocus.EDSR.applet”
• intitle:”Index of” “.htpasswd” “htgroup” -intitle:”dist” -apache -htpasswd.c
• intitle:”Index of” .bash_history
• intitle:”Index of” .mysql_history
• intitle:”Index of” .mysql_history
• intitle:”Index of” .sh_history
• intitle:”Index of” cfide
• intitle:”index of” etc/shadow
• intitle:”index of” htpasswd
• intitle:”index of” intext:globals.inc
• intitle:”index of” master.passwd
• intitle:”index of” members OR accounts
• intitle:”index of” passwd
• intitle:”Index of” passwords modified
• intitle:”index of” people.lst
• intitle:”index of” pwd.db
• intitle:”Index of” pwd.db
• intitle:”index of” spwd
• intitle:”Index of” spwd.db passwd -pam.conf
• intitle:”index of” user_carts OR user_cart
• intitle:”Index of..etc” passwd
• intitle:”iVISTA.Main.Page”
• intitle:”network administration” inurl:”nic”
• intitle:”OfficeConnect Cable/DSL Gateway” intext:”Checking your browser”
• intitle:”remote assessment” OpenAanval Console
• intitle:”Remote Desktop Web Connection” inurl:tsweb
• intitle:”switch login” “IBM Fast Ethernet Desktop”
• intitle:”SWW link” “Please wait…..”
• intitle:”teamspeak server-administration
• intitle:”TUTOS Login”
• intitle:”VMware Management Interface:” inurl:”vmware/en/”
• intitle:”Welcome to the Advanced Extranet Server, ADVX!”
• intitle:”Welcome to Windows 2000 Internet Services”
• intitle:”Connection Status” intext:”Current login”
• intitle:”inc. vpn 3000 concentrator”
• intitle:asterisk.management.portal web-access
• intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
• intitle:index.of administrators.pwd
• intitle:index.of cgiirc.config
• intitle:Index.of etc shadow site:passwd
• intitle:index.of intext:”secring.skr”|”secring.pgp”|”secring.bak”
• intitle:index.of master.passwd
• intitle:index.of passwd passwd.bak
• intitle:index.of people.lst
• intitle:index.of trillian.ini
• intitle:Novell intitle:WebAccess “Copyright *-* Novell, Inc”
• intitle:opengroupware.org “resistance is obsolete” “Report Bugs” “Username” “password”
• intitle:open-xchange inurl:login.pl
• inurl:”:10000″ intext:webmin
• inurl:”8003/Display?what=”
• inurl:”auth_user_file.txt”
• inurl:”GRC.DAT” intext:”password”
• inurl:”printer/main.html” intext:”settings”
• inurl:”slapd.conf” intext:”credentials” -manpage -”Manual Page” -man: -sample
• inurl:”slapd.conf” intext:”rootpw” -manpage -”Manual Page” -man: -sample
• inurl:”ViewerFrame?Mode=”
• inurl:”wvdial.conf” intext:”password”
• inurl:”wwwroot/
• inurl:/Citrix/Nfuse17/
• inurl:/db/main.mdb
• inurl:/wwwboard
• inurl:access
• inurl:admin filetype:db
• inurl:asp
• inurl:buy
• inurl:ccbill filetype:log
• inurl:cgi
• inurl:cgiirc.config
• inurl:config.php dbuname dbpass
• inurl:data
• inurl:default.asp intitle:”WebCommander”
• inurl:download
• inurl:file
• inurl:filezilla.xml -cvs
• inurl:forum
• inurl:home
• inurl:hp/device/this.LCDispatcher
• inurl:html
• inurl:iisadmin
• inurl:inc
• inurl:info
• inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
• inurl:list
• inurl:login filetype:swf swf
• inurl:mail
• inurl:midicart.mdb
• inurl:names.nsf?opendatabase
• inurl:new
• inurl:nuke filetype:sql
• inurl:order
• inurl:ospfd.conf intext:password -sample -test -tutorial -download
• inurl:pages
• inurl:pap-secrets -cvs
• inurl:passlist.txt
• Ultima Online loginservers
• inurl:Proxy.txt
• inurl:public
• inurl:search
• inurl:secring ext:skr | ext:pgp | ext:bak
• inurl:shop
• inurl:shopdbtest.asp
• inurl:software
• inurl:support
• inurl:user
• inurl:vtund.conf intext:pass -cvs s
• inurl:web
• inurl:zebra.conf intext:password -sample -test -tutorial -download
• LeapFTP intitle:”index.of./” sites.ini modified
• POWERED BY HIT JAMMER 1.0!
• signin filetype:url
• site:ups.com intitle:”Ups Package tracking” intext:”1Z ### ### ## #### ### #”
• top secret site:mil
• Ultima Online loginservers
• VP-ASP Shop Administrators only
• XAMPP “inurl:xampp/index” 
• intitle:”Index of” .sh_history
• intitle:”Index of” .bash_history
• intitle:”index of” passwd
• intitle:”index of” people.lst
• intitle:”index of” pwd.db
• intitle:”index of” etc/shadow
• intitle:”index of” spwd
• intitle:”index of” master.passwd
• intitle:”index of” htpasswd
• intitle:”index of” members OR accounts
• intitle:”index of” user_carts OR user_cart
• allintitle: sensitive filetype:doc
• allintitle: restricted filetype :mail
• allintitle: restricted filetype:doc site:gov
• allintitle:*.php?filename=*
• allintitle:*.php?page=*
• allintitle:*.php?logon=*
• +(”index of”) +(”/ebooks”|”/book”) +(chm|pdf|zip|rar) +apache
• allinurl: +(rar|chm|zip|pdf|tgz|lit)
• “parent directory ” Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• “parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• “parent directory ” applications -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• “parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
• “parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sum

• Start Of List
• LFI  Dorks
• Sensitive data Contained Dorks.

I don't know there are different discoverers of each dork ,if owner want to credit itself he can say in comments , but the main part is, it is very long list and accurate !!


Khuda Hafiz,

regards,
Zulqurnain jutt