Things you can do with google
Find
Botnets
Find
People/Info/DoX
Find
Vulnerable Sites
View
Deleted Files/Sites
Finding
things you're not supposed to
Obtaining
things for free
Today I'm going to be showing you how to do all of these and more and how to
protect yourself against them.
1. Find botnets and hide your botnet
This first one is pretty simple and I have compiled a table of what you need to
search for to view each botnet panel.
Botnet Name - Dork - Default Pass
Andromeda - intitle:Andromeda bot webpanel - N/A
Cythosia - intitle:Cythosia V2 Bot Webpanel - Login - admin
BlackShades HTTP - intitle:Blackshades Bot - N/A
UmbraLoader - inurl:"/Panel/Ext.ux.form.CheckboxCombo/" - admin:admin
VetrexNet - allintext:"VertexNet - Loader coded by DarkCoderSc" - N/A
All you need to do is type in the dork in google click a result and try the
password or you can bruteforce it.
To prevent this is rather simple open up your botnet source in your favourite
text editor and look for the <title></title> tags and change this
to something other than *insert botnet name here* for instance
<title>Free WebMail Client</title>
this should fix most dorks but I'm not really sure of a way to hide Umbra
without editing the whole source and renaming folders
2. Finding Info and DoXing
This one is pretty simple, you need to find one or two email addresses or
usernames and google this intext:emailoruserhere this will bring up
more results open all of them up and look through each one until you find
another username linked to it then simply repeat until you have a social
network account or a full dox.
You can even do intext:phonenumberorrealname
However if you know their real name do intext:username,realname
This is not a tutorial on doxing, it is simply explaining what you
can do with google.
3. Find Vulnerable Sites
There is quite a few ways to discover hackable sites, one of the first we will
cover is finding websites that have not yet been set up properly, so you can
configure them yourself.
PHPMyAdmin
"Welcome to phpMyAdmin" AND " Create new database"
Password Finding
inurl:-cfg intext:"enable password"
filetype:ini "[FFFTP]” (pass|passwd|password|pwd)
filetype:sql “phpmyAdmin SQL Dump” (pass|password|passwd|pwd)
filetype:sql “PostgreSQL database dump” (pass|password|passwd|pwd)
inurl:htpasswd filetype:htpasswd
inurl:service.pwd
allinurl:authuserfile.txt
SQLi Vuln Sites
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:lay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:age.php?id=
inurl:games.php?id=
inurl:age.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:tray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurl:spr.php?id=
inurl:ages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:rod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=, inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:rod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:ost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()
I just came across this one
inurl:"/root/etc/passwd" intext:"home/*:"
I tried a few results and quite a few seem to 403 but you may be able
to find something with this.
4. Find Deleted Files Or Sites
This one is really simple it shows you things that have been removed from the
internet, there is a few ways to do this but this is the one I have found most
helpful.
I've only managed to get this to work in google chrome but the dork is
cache:siteurlhere.com
I find this helps greatly when looking at removed pastebin entries
5. Finding Things You're Not Supposed To
I
personally love this kind of dork as you can find so much useful info
allintitle: restricted filetype:doc site:gov
Will show you some interesting documents hosted on .gov sites.
You can easily do this with your favorite site for instance
allintitle: Secret filetype:txt site:mysite.com
Should show you everything on mysite.com with the word secret in the
title with the extension .txt
You can also look at online security cameras.
intitle:”Live View / – AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1? intext:”Open Menu”
intext:”MOBOTIX M10? intext:”Open Menu”
intext:”MOBOTIX D10? intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console – Web Monitor”
6. Obtaining things for free
This one is in my opinion the best as
who doesn't like free stuff?
6.1 - Free Music
This very simple dork can get you free downloads to music
1 - intitle:songnamehere.mp3
2 - intitle:songnamehere filetype.mp3
6.2 - Paid Stuff For Free
This other simple dork can find pages that people are taken too after
they purchase a product
site:*.com intitle:”Thank You For Your Purchase” intext:Click Here to Download
Play about with this one a bit there's quite a few variations.
6.3 - Free Movies and Games
Each of these dorks could be useful it may not be though they all respond to
things I have seen people call their folders to contian things like this
“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Thats
the end guys,
I
hope you have enjoyed this guide and you take something from it.
./Greetz :
McAfee offers a high level of security and has an advanced scanning feature. The McAfee firewall secures the users from unknown websites. It also gives the users a full report about the threats which the antivirus had already blocked from the system. The retail card of McAfee will permit the users to download, install and activate McAfee product to their system by inserting a compact disk or going to its website.
Mcafee.com/Activate
A printer is a human-made device; it will meet some glitches in future, just dial the toll-free number of HP printer support for customers 24/7.
HP Printer support | Epson Printer Support