黑客如何使用google关键字?常用的google关键字有哪些?
站内搜索地址为:
httpwww.google.comcustomdomains=(这里写我们要搜索的站点,比如feelids.com)
进去可以选择www和feelids.com, 当然再选我们要的站内搜索哦!
黑客专用信息和资料搜索地址为:
httpwww.google.comcustomhl=xx-hacker
这里是google关键字的用法,要设置它为中文,则是
httpwww.google.comcustomhl=zh-CN
英文则是httpwww.google.comcustomhl=en
常用的google关键字:
foo1 foo2 (也就是关联,比如搜索xx公司 xx美女)
operatorfoo
filetype123 类型
sitefoo.com 相对直接看网站更有意思,可以得到许多意外的信息
intextfoo
intitle fooltitle 标题哦
allinurlfoo 搜索xx网站的所有相关连接。(踩点必备)
linksfoo 不要说就知道是它的相关链接
allintiltefoo.com 我们可以辅助-来调整搜索的精确程度 直接搜索密码:(引号表示为精确搜索)
当然我们可以再延伸到上面的结果里进行二次搜索
index of htpasswdpasswd
filetypexls username password email
ws_ftp.log
config.php
allinurladmin mdb
service filetypepwd ....或者某个比如pcanywhere的密码后缀cif等 越来越有意思了,再来点更敏感信息
robots.txt Disallow filetypetxt
inurl_vti_cnf (FrontPage的关键索引啦,扫描器的CGI库一般都有地)
allinurl msadcSamplesselectorshowcode.asp
......passwd
examplesjspsnpsnoop.jsp
phpsysinfo
intitleindex of admin
intitledocumetation
inurl 5800(vnc的端口)或者desktop port等多个关键字检索
webmin port 10000
inurladminlogin.asp
intextPowered by GBook365
intitlephp shell Enable stderr filetypephp 直接搜索到phpwebshell foo.org filetypeinc ipsec filetypeconf
intilteerror occurred ODBC request Where (selectinsert) 说白了就是说,可以直接试着查查数据库检索,针对目前流行的sql注射,会发达哦
intitlephp shell Enable stderr filetypephp
Dumping data for table username password
intitleError using Hypernews
Server Software
intitleHTTP_USER_AGENT=Googlebot
HTTP_USER_ANGET=Googlebot THS ADMIN
filetype.doc site.mil classified 直接搜索军方相关word 检查多个关键字:
intitleconfig confixx login password mydomain.com nessus report
report generated by
ipconfig
winipconfig google缓存利用(hoho,最有影响力的东西)推荐大家搜索时候多选搜索所有网站
特别推荐:administrator users 等相关的东西,比如名字,生日等……最惨也可以拿来做字典嘛
cachefoo.com 可以查阅类似结果 先找找网站的管理后台地址:
sitexxxx.com intext管理
sitexxxx.com inurllogin
sitexxxx.com intitle管理
sitea2.xxxx.com inurlfile
sitea3.xxxx.com inurlload
sitea2.xxxx.com intextftp
sitea2.xxxx.com filetypeasp
sitexxxx.com 得到N个二级域名
sitexxxx.com intext@xxxx.com 得到N个邮件地址,还有邮箱的主人的名字什么的
sitexxxx.com intext电话 N个电话
intitleindex of etc
intitleIndex of .sh_history
intitleIndex of .bash_history
intitleindex of passwd
intitleindex of people.lst
intitleindex of pwd.db
intitleindex of etcshadow
intitleindex of spwd
intitleindex of master.passwd
intitleindex of htpasswd
# -FrontPage- inurlservice.pwd allinurlbbs data
filetypemdb inurldatabase
filetypeinc conn
inurldata filetypemdb
intitleindex of data
3) http@www domainname 找一些ISP站点,可以查对方ip的虚拟主机 4) auth_user_file.txt 不实用了,太老了 5) The Master List 寻找邮件列表的 6) intitlewelcome.to.squeezebox 一种特殊的管理系统,默认开放端口90 7) passlist.txt (a better way) 字典 8) A syntax error has occurred filetypeihtml 9) extphp program_listing intitleMythWeb.Program.Listing 10) intitleindex.of abyss.conf 11)extnbe nbe 12)intitleSWW link Please wait..... 14) intitleFreifunk.Net - Status -sitecommando.de 15) intitleWorldClient intext (20032004) Alt-N Technologies. 17) intitleopen-xchange inurllogin.pl 20) intitlesite administration please log in site designed by emarketsouth 21) orA-00921 unexpected end of SQL command 22)intitleYALA Yet Another LDAP Administrator 23)welcome.to phpqladmin Please login -cvsweb 24)intitleSWW link Please wait..... 25)inurlport_255 -htm 27)intitleWorldClient intext (20032004) Alt-N Technologies. 这些是新的一些漏洞技巧,在0days公告公布 extphp program_listing intitleMythWeb.Program.Listing inurlpreferences.ini [emule] intitleIndex of CFIDE administrator access denied for user using password extphp intextPowered by phpNewMan Version 可以看到:pathtonewsbrowse.phpclang=............fileiwant inurlbecommunitycommunityindex.phppageurl= intitleASP FileMan Resend -siteiisworks.com Enter ip inurlphp-ping.php extconf inurlrsyncd.conf -cvs -man intitle private, protected, secret, secure, winnt intitleDocuShare inurldocusharedsweb -faq -gov -edu
#mysql dump filetypesql allow_call_time_pass_reference PATH_INFO Certificate Practice Statement inurl(PDFDOC) LeapFTP intitleindex.of. sites.ini modified
master.passwd mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwdetc (reliable)
people.lst
psyBNC config files
pwd.db
signin filetypeurl
spwd.dbpasswd
trillian.ini
wwwboard WebAdmin inurlpasswd.txt wwwboardwebadmin # -FrontPage- extpwd inurl(serviceauthorsadministratorsusers) # -FrontPage- inurlservice.pwd
AutoCreate=TRUE password=
http@www domainname
index of ws_ftp.ini parent directory
liveice configuration file extcfg -sitesourceforge.net
powered by ducalendar -siteduware.com
Powered by Duclassified -siteduware.com
Powered by Duclassified -siteduware.com DUware All Rights reserved
powered by duclassmate -siteduware.com
Powered by Dudirectory -siteduware.com
powered by dudownload -siteduware.com
Powered By Elite Forum Version .
Powered by Link Department
sets modek
Powered by DUpaypal -siteduware.com
allinurl admin mdb
auth_user_file.txt
config.php
eggdrop filetypeuser user
etc (index.of)
extini eudora.ini
extini Version=... password
exttxt inurlunattend.txt filetypebak inurlhtaccesspasswdshadowhtusers filetypecfg mrtg target -sample -cvs -example filetypecfm cfapplication name password filetypeconf oekakibbs
filetypeconf sc_serv.conf filetypeconf slapd.conf filetypeconfig config intextappSettings User ID filetypedat password.dat filetypedat wand.dat filetypeinc dbconn filetypeinc intextmysql_connect
filetypeinc mysql_connect or mysql_pconnect filetypeinf sysprep filetypeini inurlserv-u.ini
filetypeini inurlflashFXP.ini
filetypeini ServUDaemon
filetypeini wcx_ftp
filetypeini ws_ftp pwd filetypeldb admin filetypelog See `ipsec copyright filetypelog inurlpassword.log filetypemdb inurlusers.mdb filetypemdb wwforum filetypenetrc password filetypepass pass intextuserid filetypepem intextprivate filetypeproperties inurldb intextpassword filetypepwd service
filetypepwl pwl filetypereg regintextdefaultusernameintextdefaultpassword
filetypereg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetypesql (valuesMDvaluespasswordvaluesencrypt)
filetypesql (passwd valuespassword valuespass values )
filetypesqlIDENTIFIED BY -cvs
filetypesql password filetypeurlinurlftpinurl;@ filetypexls username password email htpasswd
htpasswdhtgroup
htpasswdhtpasswd.bak intextenable secret $
intextpowered by Web Wiz Journal intitleindex of intextconnect.inc
intitleindex of intextglobals.inc
intitleIndex of passwords modified intitledupics inurl(add.aspdefault.aspview.aspvoting.asp) -siteduware.com intitleindex.of intextsecring.skrsecring.pgpsecring.bak inurlGRC.DAT intextpassword inurlslapd.conf intextcredentials -manpage -Manual Page -man -sample inurlslapd.conf intextrootpw -manpage -Manual Page -man -sample inurlwvdial.conf intextpassword inurldbmain.mdb inurlchap-secrets -cvs inurlconfig.php dbuname dbpass
inurlfilezilla.xml -cvs inurllilo.conf filetypeconf password -tatercounter -bootpwd -man inurlnuke filetypesql inurlospfd.conf intextpassword -sample -test -tutorial -download 路由配置
inurlpap-secrets -cvs inurlperform filetypeini
inurlsecring extskrextpgpextbak inurlvtund.conf intextpass -cvs inurlzebra.conf intextpassword -sample -test -tutorial -download Generated by phpSystem
generated by wwwstat Host Vulnerability Summary Report ] HTTP_FROM=googlebot googlebot.com Server_Software= Index ofchatlogs 聊天室
Installed Objects Scanner inurldefault.asp Mecury Version Infastructure Group
Microsoft (R) Windows(TM) VersionDrWtsn Copyright (C) extlog Most Submitted Forms and Scripts this section Network Vulnerability Assessment Report not for distribution confidential
phoneaddresse-mail intitlecurriculum vitae phpMyAdmin running on inurlmain.php produced by getstats
Request Details Control Tree Server Variables
robots.txt Disallow filetypetxt Running in Child mode sets modep
sets modes
Thank you for your orderreceipt
This is a Shareaza Node
This report was generated by WebLog
( filetypemailfiletypeemlfiletypemboxfiletypembx ) intextpasswordsubject (inurlrobot.txtinurlrobots.txt ) intextdisallow filetypetxt -sitephp.net -The PHP Group inurlsource inurlurl extpHp FBR ADOBE PHOTOSHOP
AIM buddy lists
allinurlexamplesjspsnpsnoop.jsp
allinurlservletSnoopServlet
cgiirc.conf data filetypemdb -sitegov -sitemil exported email addresses extasp inurlpathto.asp extcgi inurleditcgi.cgi inurlfile= extconf inurlrsyncd.conf -cvs -man
extconf NoCatAuth -cvs extdat bpk.dat
extgho gho extini intextenv.ini
extldif ldif extlog Software Microsoft Internet Information Services .
--------------------------
extmdb inurl.mdb inurlfpdb shop.mdb filetypebkf bkf
filetypeblt buddylist
filetypeblt bltintextscreenname filetypecfg auto_inst.cfg filetypeconf inurlfirewall -intitlecvs
filetypeconfig web.config -CVS filetypectt ctt messenger filetypefp fp
filetypefp fp -sitegov -sitemil -cvs log filetypeinf inurlcapolicy.inf
filetypelic lic intextkey filetypemyd myd -CVS
filetypens ns
filetypeora ora
filetypeora tnsnames
filetypepdb pdb backup (PilotPluckerdb) filetypepot inurljohn.pot
----------------------------------------
filetypepst inurloutlook.pst
filetypepst pst -from -to -date
filetypeqbb qbb
filetyperdp rdp filetypereg Terminal Server Client
filetypevcs vcs
filetypewab wab filetypexls -sitegov inurlcontact
filetypexls inurlemail.xls
Financial spreadsheets finance.xls
Financial spreadsheets finances.xls Ganglia Cluster Reports haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please... iletypelog cron.log
intextSession Startfiletypelog
intextTobias Oetiker traffic analysis intext(passwordpasscode) intext(usernameuseriduser) filetypecsv
intextgmail invite intexthttpgmail.google.comgmaila intextSQLiteManager inurlmain.php intitleApacheStatus (inurlserver-statusinurlstatus.htmlinurlapache.html) intitleAppServ Open Project -sitewww.appservnetwork.com
intitleASP Stats Generator . ASP Stats Generator - weppos intitleFTP root at
intitleindex ofmyd size intitleIndex Of -inurlmaillog maillog size intitleIndex Of cookies.txt size intitleindex of mysql.conf or mysql_config
intitleIndex of upload size parent directory intitleindex.of .diz .nfo last modified
intitleMultimon UPS status page
intitlePHP Advanced Transfer (inurlindex.phpinurlshowrecent.php )
intitlePhpMyExplorer inurlindex.php -cvs
---------------------------------------------------------------------
intitlestatistics of advanced web statistics
intitleSystem StatisticsSystem and Network Information Center
intitleUsage Statistics for Generated by Webalizer
intitlewbem compaq login Compaq Information Technologies Group intitleWeb Server Statistics for
intitleweb server status SSH Telnet
intitlewelcome.to.squeezebox intitleadmin intitlelogin
intitleindex.of Apache server at
intitleindex.of cleanup.log
intitleindex.of dead.letter
intitleindex.of inbox
intitleindex.of inbox dbx intitleintranet inurlintranetintextphone
inurlaxsax-admin.pl -script
inurlcricketgrapher.cgi
inurlbookmark.htm inurlcactiinurlgraph_view.phpSettings Tree View -cvs -RPM
inurlnewsletteradmin
inurlnewsletteradmin intitlenewsletter admin
inurlputty.reg
inurlsmb.conf intextworkgroup filetypeconf conf
---------------------------------------------------------------------------------------------------------- Welcome to ntop! adding new user inurladdnewuser -there are no domains
(inurlcgi-bin.cobalt)(intextWelcome to the Cobalt RaQ) filetypephp HAXPLORER Server Files Browser
intitleWeb Data Administrator - Login inurlConnectComputerprecheck.htminurlRemotelogon.aspx
PHP Shell (unprotected)
PHPKonsole PHPShell filetypephp -echo
Public PHP FileManagers index ofpicasa.ini
index of inurlrecycler
Index of rar r nfo Modified
intitleIndex.Ofstats merchant cgi- etc
Powered by Invision Power File Manager (inurllogin.php)(intitleBrowsing directory)
Web File Browser Use regular expression filetypeini Desktop.ini intextmydocs.dll intextd.aspxidinurld.aspxid
intextPowered By TotalIndex intitleTotalIndex
intitlealbum permissions Users who can modify photos EVERYBODY
intitleDirectory Listing For intextTomcat -intitleTomcat
intitleHFS HttpFileServer
intitleIndex ofinurlmy shared folder size modified
------------------------------------------------------------------------------------------------------------------- File Upload Manager v. rename to extasp powered by DUForum inurl(messagesdetailslogindefaultregister) -siteduware.com
extasp inurlDUgallery intitle. -sitedugallery.com -siteduware.com
extcgi inurlubb_test ezBOO Administrator Panel -cvs filetypecgi inurlcachemgr.cgi
filetypecnf my.cnf -cvs -example
filetypeinc inc intextsetcookie filetypephp inurlviewfile -index.php -idfil
filetypewsdl wsdl intitleASP FileMan Resend -siteiisworks.com intitleIndex ofmodified php.exe intitlephpremoteview filetypephp Name, Size, Type, Modify inurl WWWADMIN.PL intitlewwwadmin
inurlnph-proxy.cgi Start browsing through this CGI-based proxy
inurlplogregister.php
inurlcgi.asxStoreID inurlrobpoll.cgi filetypecgi The Master List More Info about MetaCart Free
mysql backdoor的使用方法 安装mysql backdoor的步骤
Mysql BackDoor是一款针对PHP Mysql服务器开发的后门,后门安装后为Mysql增加一个可以执行系统命令的 "state "函数,并且随 Mysql进程启动一个基于Dll的嗅探型后门,从而巧妙地实现了无端口,无进程,无服务的穿墙木
详情2018-02-09 14:05:40责编:llp 来源:驱动管家简单谈谈哪些类型的网络管理员具有不安全因素?
Jeff Dray最近经过对IT行业的深入调查研究,通过总结和分析针对IT行业列出了一份类别名单。在这里,他定义了七类最不安全的网络管理员。如果你是一名网络管理员,并且已经意识到工作中还存在着不足,看看你属于
详情2018-01-15 16:49:50责编:llp 来源:驱动管家quicktime是什么?quicktime没有正确地解析图形描述符原子怎么办?
受影响系统: Apple QuickTime Player < 7 4 不受影响系统: Apple QuickTime Player 7 4 描述: Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime没有正确地解析图形描述符(IDSC)原子,如果用户受骗打开了包含有畸形IDSC原子的恶意电
详情2018-01-30 15:58:29责编:llp 来源:驱动管家微软lnk漏洞是什么?如何防范微软lnk漏洞的危害?
微软漏洞是在硬件、软件、协议的具体实现或系统安全策略上存在的缺陷,使攻击者能够在未授权的情况下访问或破坏系统,按严重程度分为“紧急”、“重要”、“警告”、“注意”四种。近日,微软 lnk漏洞(快捷方式
详情2018-02-06 13:25:21责编:llp 来源:驱动管家可扩展协议http有哪些常用的安全头部?http协议安全头部的优势
它曾是世界性图书馆梦的开始,现在它是全球知识的聚集地,它是目前最流行的,人们将应用都部署之上的万维网。它是敏捷的代表,它不是单一的实体,它由客户端和服务端组成,它的功能在不断地强大,它还有标准。虽
详情2018-02-13 15:45:42责编:llp 来源:驱动管家遨游游览器更新版本修复的三个问题分别是什么?
在80sec通知遨游存在的安全漏洞之后,遨游于6 30号发布了新版的浏览器,修复了前面提到的安全漏洞,此次更新修复了三个安全问题,主要的问题细节如下:漏洞来源:http: www 80sec com release maxthon-vulns-poc
详情2018-01-24 13:27:49责编:llp 来源:驱动管家木马免杀有哪些绝招?木马免杀的五大绝招
常用的木马免杀方法绝招一:快速搞定瑞星文件查杀操作步骤: 第一步:用OD载入,来到程序的入口点。 第二步:把入口点的第一句PUSH EBP 改成POP EBP 然后保存就可以躲过瑞 星的表面查杀。绝招二:快速定位
详情2018-01-07 09:11:57责编:llp 来源:驱动管家瑞星杀毒软件怎么用?使用瑞星杀毒软件网络版的注意事项
瑞星杀毒软件网络版可以对网络内的计算机进行统一的安装、设置、管理、维护和升级,从而为企业网络提供完善的病毒防范体系。对于初次接触瑞星杀毒软件网络版的用户来讲,使用经验的缺乏和对产品功能的不熟悉都可
详情2018-01-15 14:04:48责编:llp 来源:驱动管家mcu是什么?mcu是怎么被黑客破解的?
MCU就是大家所熟悉的微控制单元,或者单片微型计算机,或者单片机,攻破MCU有很多种方法,下面小编就为大家具体的讲解黑客是怎么破解MCU的。这篇文章是俄国人Sergei P Skorobogatov就读英吉利剑桥大学之博士论文
详情2018-01-24 20:07:20责编:llp 来源:驱动管家rar.exe有什么用?上传rar.exe可以快速下载su目录文件
你想一下,如果su目录文件这么多,难道你要一个个的下载??这明显就很麻烦,有了rar exe一切变的简单了!好了现在来介绍它的用法吧!得到了Webshell后,最好自己传一个rar exe,虽然program files目录有,但是
详情2018-01-12 13:31:18责编:llp 来源:驱动管家
- 小米随身wifi驱动程序能不能在win8.1系统上安装?怎么安装
- Dgservice.exe是什么进程?有什么功能
- 想要复制网页内容怎么办?怎样解决网页不能复制的问题?
- cad快捷键为什么会失灵?cad快捷键无效怎么解决?
- 尼康长焦镜头好不好?尼康长焦镜头有哪些优点
- 佳能镜头哪款最好?佳能镜头介绍
- 【游戏攻略】最顶尖的LYB才会的技能 在垃圾桶中隐身
- win8电脑出现蓝屏代码0x000000ed可以这样修复
- 电脑的分辨率能不能调?分辨率怎么调
- 为你讲解手机贴膜技巧 10分钟教你贴好手机膜
- 百度网盘下载速度太慢是怎么回事?百度网盘限速如何解决
- 防御ddos的基本方法 隐藏服务器真实ip
- 打印机驱动用不了了怎么删除?win7怎么删除打印机驱动
- 安卓手机截屏快捷键是什么?安卓手机怎么截屏?
- 选购摄像机镜头的时候一定要懂得这些技巧
- 【游戏攻略】吃鸡救人的三个细节 学会了吃鸡更轻松
- 电脑一开机就黑屏是怎么回事?电脑开机黑屏原因及解决方法
- 贴膜技巧 教你透明胶定位贴膜法
- 淘宝造物节是什么?淘宝造物节能量有什么用
- 黑客知识 黑客有哪些常用词汇?