Dork : "inurl:dettaglio.php?id="
Exploit :www.victim.com/sito/dettaglio.php?id=[SQL]
Example :http://www.cicloposse.com/dettaglio.php?id=61'
----------------------------------------------------------------------------------------------------------------Dork: inurl:prodotto.php?id)
Exploit:
www.victim.com/prodotto.php?id=[SQL]
Example:http://www.poderimorini.com/en/prodotto.php?id=14'
sql injection dorks
allinurl: \”index php go buy\”
allinurl: \”index.php?go=sell\”
allinurl: \”index php go linkdir\”
allinurl: \”index.php?go=resource_center\”
allinurl: \”resource_center.html\”
allinurl: \”index.php?go=properties\”
allinurl: \”index.php?go=register\”
Error message queries
“A syntax error has
occurred”filetype:ihtml
Informix database errors,
potentially containing function names, filenames, file structure information,
pieces of SQL code and passwords
“Access denied for user” “Using
password”
authorisation errors, potentially
containing user names, function names, file structure information and pieces of
SQL code
“The script whose uid is ” “is not
allowed to access”
access-related PHP errors, potentially containing filenames, function names and file structure information
access-related PHP errors, potentially containing filenames, function names and file structure information
“ORA-00921: unexpected end of SQL
command”
Oracle database errors, potentially
containing filenames, function names and file structure information
“error found handling the request”
cocoon filetype:xml
Cocoon errors, potentially
containing Cocoon version information, filenames, function names and file
structure information
“Invision Power Board Database
Error”
Invision Power Board bulletin board errors, potentially containing function names, filenames, file structure information and piece of SQL code
“Warning: mysql _ query()” “invalid
query”
MySQL database errors, potentially
containing user names, function names, filenames and file structure information
“Error Message : Error loading
required libraries.”
CGI script errors, potentially containing information about operating system and program versions, user names, filenames and file structure information
“#mysql dump” filetype:sql
MySQL database errors, potentially
containing information about database structure and contents
Dork for locating passwords
http://*:*@www” site
passwords for site, stored as the
string “http://username:password@www…”
filetype:bak inurl:”htaccess|passwd|shadow|ht
users”
file backups, potentially containing
user names and passwords
filetype:mdb
inurl:”account|users|admin|admin istrators|passwd|password”
mdb files, potentially containing
password information
intitle:”Index of” pwd.db
pwd.db files, potentially containing
user names and encrypted passwords
inurl:admin inurl:backup
intitle:index.of
directories whose names contain the
words admin and backup
“Index of/” “Parent Directory” “WS _
FTP.ini”
filetype:ini WS _ FTP PWD
WS_FTP configuration files,
potentially containing FTP server access passwords
ext:pwd
inurl:(service|authors|administrators |users) “# -FrontPage-”
files containing Microsoft FrontPage
passwords
filetype:sql (“passwd values ****” |
“password values ****” | “pass values ****” )
files containing SQL code and
passwords inserted into a database
intitle:index.of trillian.ini
configuration files for the Trillian
IM
eggdrop filetype:user
user configuration files for the Eggdrop ircbot
user configuration files for the Eggdrop ircbot
filetype:conf slapd.conf
configuration files for OpenLDAP
inurl:”wvdial.conf”
intext:”password”
configuration files for WV Dial
ext:ini eudora.ini
configuration files for the Eudora
mail client
filetype:mdb inurl:users.mdb
Microsoft Access files, potentially
containing user account information
Searching for personal data and confidential documents
filetype:xls inurl:”email.xls”
email.xls files, potentially
containing contact information
“phone * * *” “address *” “e-mail”
intitle: “curriculum vitae”
CVs
“not for distribution”
confidential documents containing the confidential clause
buddylist.blt
AIM contacts list
intitle:index.of mystuff.xml
Trillian IM contacts list
filetype:ctt “msn”
MSN contacts list
filetype:QDF
QDF database files for the Quicken financial application
intitle:index.of finances.xls
finances.xls files, potentially
containing information on bank accounts, financial summaries and credit card
numbers
intitle:”Index Of” -inurl:maillog
maillog size
maillog files, potentially
containing e-mail
Network Vulnerability Assessment
Report”
“Host Vulnerability Summary Report”
filetype:pdf “Assessment Report”
“This file was generated by Nessus”
“Host Vulnerability Summary Report”
filetype:pdf “Assessment Report”
“This file was generated by Nessus”
reports for network security scans,
penetration tests etc
dork for locating network devices
“Copyright (c) Tektronix, Inc.”
“printer status”
PhaserLink printers
inurl:”printer/main.html”
intext:”settings”
Brother HL printers
intitle:”Dell Laser Printer” ews
Dell printers with EWS technology
intext:centreware inurl:status
Xerox Phaser 4500/6250/8200/8400
printers
inurl:hp/device/this.LCDispatcher
HP printers
intitle:liveapplet inurl:LvAppl
Canon Webview webcams
intitle:”EvoCam” inurl:”webcam.html”
Evocam webcams
inurl:”ViewerFrame?Mode=”
Panasonic Network Camera webcams
(intext:”MOBOTIX M1? |
intext:”MOBOTIX M10?) intext:”Open Menu” Shift-Reload
Mobotix webcams
inurl:indexFrame.shtml Axis
Axis webcams
intitle:”my webcamXP server!”
inurl:”:8080?
webcams accessible via WebcamXP
Server
allintitle:Brains, Corp.
camera webcams accessible via mmEye
intitle:”active webcam page”
Sumber :Millw0rm
Sumber :Millw0rm
0 komentar:
Posting Komentar