Scribd
Upload
1K views

Man Trap

This document provides a list of search queries and techniques for finding sensitive information on websites using Google. It includes queries to find administrative directories, password files, backup files containing usernames and passwords, financial documents, email inboxes, server configuration information, and software license keys. The document also lists common file extensions that can be searched and describes operators that can be combined with search queries.

Uploaded by

moccitano
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
1K views

Man Trap

This document provides a list of search queries and techniques for finding sensitive information on websites using Google. It includes queries to find administrative directories, password files, backup files containing usernames and passwords, financial documents, email inboxes, server configuration information, and software license keys. The document also lists common file extensions that can be searched and describes operators that can be combined with search queries.

Uploaded by

moccitano
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

ex :

Index of /admin
Index of /passwd
Index of /password
Index of /mail
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"
"Index of /admin.asp"
"Index of /login.asp"
Sintaks inurl: atau allinurl: dapat dikombinasikan dengan sintaks yang lainnya seper
ti pada daftar dibawah ini :
inurl: /cgi-bin/cart32.exe
inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php
inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/ +mailto allinurl:/scripts/cart32.exe
llinurl:/CuteNews/show_archives.php
allinurl:/phpinfo.php
allinurl:/privmsg.php
allinurl:/privmsg.php
inurl:cgi-bin/go.cgi?go=*
allinurl:.cgi?page=*.txt
allinurul:/modules/My_eGallery
Penggunaan lain dari sintaks intitle: atau allintitle: yang dikombinasikan dengan si
ntaks lainnya antara lain :
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
ntitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
allintitle:*.php?filename=*
allintitle:*.php?page=*
allintitle:*.php?logon=*
Dibawah ini ada beberapa contoh kasus:
(silahkan mencoba...segala resiko berkenaan dengan security website yang dituju.
..merupakan tanggung jawab masing-masing)
Operator dasar
+, -, ~ , ., *, , |, OR
Operator tambahan
allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, inf
o:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:,
numrange:, daterange
Extensi yang dapat dicari:
HyperText Markup Language (html)
Microsoft PowerPoint (ppt)
Adobe Portable Document Format (pdf)
Microsoft Word (doc)
Adobe PostScript (ps)
Microsoft Works (wks, wps, wdb)
Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
Microsoft Excel (xls)
Microsoft Write (wri)
Lotus WordPro (lwp)
Rich Text Format (rtf)
MacWrite (mw)
Shockwave Flash (swf)
Text (ans, txt)
Pencarian berdasarkan range
komputer Rp5000000..7000000
Pencarian gaji
Salary filetype: xls site: edu
Salary filetype: xls site: edu
Informasi financial
Filetype: xls checking account credit card -intext: Application -intext: Form
Intitle: Index of finances.xls
Mencari inbox e-mail
Intitle: Index.of inurl: Inbox (456) (mit mailbox)
Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)
Mendeteksi OS
"Microsoft-IIS/5.0 server at
Intitle: Welcome to Windows 2000 Internet Services IIS 5.0
Intitle: Test.Page.for.Apache seeing.this.instead
Intitle: Test.page SSL/TLS-aware
Mencari password
Inurl: etc inurl: passwd
Intitle: Index of..etc passwd
"# -FrontPage-" inurl: service.pwd
Inurl: admin.pwd filetype: pwd
Filetype: inc dbconn
Filetype: inc intext: mysql_connect
Filetype: ini +ws_ftp +pwd
Filetype: log inurl: password.log
Mencari User Name
+intext: "webalizer" +intext: Total Usernames +intext: Usage Statistics for
Mencari License Key
Filetype: lic lic intext: key
Sensitve Directories Listing
Intitle: Index of cfide
Intitle: index.of.winnt
Intitle: index of iissamples

You might also like