Tag: dork

and another google password dork

Just when you think that all possible google password dorks have been found and documented. For the ones still not familiar with the google hacking database (just click it) :)

I just stumbled upon this new dork to find passwords(and all other kind of interesting network related data(just enter the following into google):

ext:pcap password

example stuff you can find(I have censored the sensitive information using ***):

+OK Hello there.

AUTH

-ERR Invalid command.

USER ***

+OK Password required.

PASS ***

+OK logged in.

STAT

+OK 0 0

QUIT

+OK Bye-bye.

This was just a quick post…cause I honestly didn’t think people would STILL let google index their sensitive stuff.

Google Dork

Well I suspect that people already know about this. I didn’t, so I felt like blogging about it. Often when searching for specific directories on google it can be a pain in the ass, I mean you can combine “inurl” and “intitle” but still… so the other day I stumblod upon this nice feature of the “site” command. you can actually append a directory name to it!!

site:<[sitename].tld>/directortyname/

That actually seems to yield better results. For example I used it to search for a specific directory on some TLD and it worked fine. I particularly like it because it makes searching for a specific directory with specific characteristics a lot easier. A nice example to try for example could be, it results in (almost) only include directories which allow directory listing:

site:org/include/ intitle:”index of”

If you stretch it even further you *COULD* argue that you can do a directory search withouth actually hitting the target, of course it would be limited to the directories indexed by google.

If you already knew it then oh well…if not enjoy.