Tuesday, February 14, 2017

inurl:.DS_Store intitle:index.of

Find list of files with a .DS_Store file



Google Dorks to find list of files with a .DS_Store file :

inurl:.DS_Store intitle:index.of
intext:.DS_Store & intitle:index -github

About .DS_Store

In the Apple macOS operating system, .DS_Store is a file that stores custom attributes of its containing folder, such as the position of icons or the choice of a background image. The name is an abbreviation of Desktop Services Store, reflecting its purpose.

Monday, November 21, 2016

intext:admin login

Find login portals



INTEXT PARAMETER :



intext:admin login
intext:admin login & inurl:admin/login.asp
intext:admin login & inurl:admin/login.php
intext:admin login & intitle:Admin Portal
intext:admin login & intitle:Admin Login
intext:login
intext:admin

INURL PARAMETER :


inurl:/administrator/index.php
inurl:/administrator.php
inurl:/admin/administrator.php
inurl:/admin/admin.php
inurl:login.php
inurl:logini.php
inurl:admin.php
inurl:admini.php
inurl:admino.php

WITHOUT DORKING :

admin
find login portals
login
login portals

Monday, July 25, 2016

inurl:DiGIR.php

Find precious informations with DIGIR


inurl:DiGIR.php
inurl:/digir/DiGIR.php

What is DiGIR ?


Distributed Generic Information Retrieval (DiGIR) - developing and testing a protocol for single point access to distributed data sources. Based on HTTP, XML, and UDDI.

What can you find with DIGIR ?

  • phones
  • emails
  • ip
  • titles

Thursday, June 30, 2016

inurl:top.htm inurl:currenttime

Find webcams & devices from D-Link Corporation.




inurl:top.htm inurl:currenttime



inurl:IMAGE.JPG & inurl:cidx inside the Google images section.

About D-Link webcams

If you need to monitor your home while you are away, D-Link’s Cloud Cameras allow you to do just that. Designed to fit seamlessly into your home environment, many of our cameras now come with the industry leading mydlink™ Cloud Services, that provides the most simple way of monitoring what matters to you most, from wherever you are. With night vision and on-board recording available, D-Link’s range of Cloud Cameras now offer you the means to simply watch over your baby while they asleep in the nursery or secure your home while you are on an extended vacation.

Tuesday, June 28, 2016

intitle:"IPCam Client"

Find IPCam Client





intext:"Hikvision" inurl:"login.asp"

inurl:axis.cgi ext:cgi

Find webcams




inurl:axis.cgi ext:cgi

inurl:/axis-cgi/jpg/image.cgi

inurl:login inurl:user inurl:pass -intext:pass -intext:user

Find cPanel portals




inurl:login inurl:user inurl:pass -intext:pass -intext:user

About cPanel


Globally Empowering Hosting Providers through Fully Automated Point-And-Click Hosting Platforms by Hosting Centric Professionals

Monday, June 27, 2016

Zixmail inurl:/s/login?

Find login portals




Zixmail inurl:/s/login?

inurl:/s/login? & zixmail

About Zixmail


ZixMail is the desktop email encryption solution that provides individuals with a high level of email security. It's an easy-to-use solution that lets users encrypt and decrypt emails and attachments with a single click. ZixMail features include: Secure and private email messages.

inurl:/awcuser/cgi-bin/

Find Mitel systems




inurl:/awcuser/cgi-bin/

inurl:/awcuser/cgi-bin/conference

inurl:/awcuser/cgi-bin/vcs

About MITEL AWC


Mitel Audio and Web Conferencing (AWC) is a simple, cost-effective and scalable audio and web conferencing solution for small, medium, or large-sized businesses. AWC supports up to 200 audio and web conferencing ports and is the perfect solution for connecting people quickly and simply regardless of their location.

Thursday, June 16, 2016

inurl:.ssh intitle:index.of authorized_keys

Find SSH keys




inurl:.ssh intitle:index.of authorized_keys

Possible result


About SSH

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.

SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.

The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it sees some limited use on Windows as well. In 2015, Microsoft announced that they would include native support for SSH in a future release.

SSH was designed as a replacement for Telnet and for unsecured remote shell protocols such as the Berkeley rlogin, rsh, and rexec protocols. Those protocols send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH, allowing them to read the content of SSH sessions.

Sunday, April 10, 2016

inurl:meshcms/admin/login.jsp & intitle:login

Find login portal access to MeshCMS



inurl:meshcms/admin/login.jsp & intitle:login

inurl:meshcms/admin/login.jsp

About MeshCMS

MeshCMS is an online editing system written in Java. It provides a set of features usually included in a CMS, but it uses a more traditional approach: pages are stored in regular HTML files and all additional features are file-based, without needing a database.

inurl:backoffice intitle:login

Find login portal access to Backoffice CMS



inurl:backoffice intitle:login

About Backoffice CMS

Backoffice can administer content on any cloud-based installation. For example websites, online software, content on touch-screen info kiosks etc. Once the platform is in place, a variety of modules can be implemented according to your needs - in order to enhance the functionality, behaviour and performance of your website. Modules can be individually adapted in order to work the way you want. Special modules can be developed upon request. Below you find examples of commonly used modules, organised into categories.

inurl:9443/vsphere-client

Find VMware vSphere Web Client login portals



inurl:9443/vsphere-client

About VMware vSphere Web Client

The VMware vSphere Web Client is the Web-based application that connects users to the vCenter Server to manage installations and handle inventory objects in a vSphere environment.

inurl:index.php?app=main intitle:sms

Find login portals to playSMS webapp



inurl:index.php?app=main intitle:sms

About playSMS

playSMS is a free and open source SMS management software.

A flexible Web-based mobile portal system that it can be made to fit to various services such as an SMS gateway, bulk SMS provider, personal messaging system, corporate and group communication tools.

default password admin:admin

Friday, March 11, 2016

intitle:Mass Revslider Exl0it1ng

Find websites exploiting the Revslider plugin vulnerability :





intitle:Mass Revslider Exl0it1ng
intext:Mass Revslider Plugin Exl0it1ng
intext:IP Scanner Exploiter Find DB Panel Exploit Dorks Domains 2 IP

Find wordpress websites with the revslider plugin installed :

inurl:wp-content/plugins/revslider/
inurl:revslider
inurl:revslider_admin.php
inurl:revslider_front.php
inurl:plugins/revslider/
intext:Powered by Revslider
intitle:"Index Of/ revslider"
intitle:"Index Of/wp-content/themes/revslider"
intitle:"Index Of/wp-content/plugins/revslider"
intitle:"Index Of/admin/revslider"
intitle:"Index Of/fr/revslider"
intitle:"Index Of/en/revslider"
intitle:"Index Of/us/revslider"
intitle:"Index Of/ar/revslider"
intitle:"Index Of/es/revslider"
intitle:"Index Of/de/revslider"

About the Revslider vulnerabilities :

CVE-2015-5151 : Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

CVE-2014-9735 : The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to upload and execute arbitrary files via an update_plugin action; delete arbitrary sliders via a delete_slider action; and create, update, import, or export arbitrary sliders via unspecified vectors.

CVE-2014-9734 : Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a leak in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.

Monday, February 22, 2016

intitle:webcam 7 inurl:8080 -intext:8080

Dorking to find webcams servers.


intitle:webcam 7 inurl:8080 -intext:8080

Webcam 7. Webcams and ip cameras server for windows

Webcam 7 is a brand new product based on webcamXP. The user interface is the same but it offers more interesting improvements such as: flash video streaming MPEG-4/RTSP IP cameras, audio support in MJPEG. The program is available in beta version and you can install it even if webcamXP has been already installed on your computer. The audio and video of some IP cameras are retrieved by DirectShow RTSP filter. Webcam 7 is developed by Moonware Studios and it is a freeware.

Friday, January 15, 2016

inurl:intranet -intext:intranet

Access to intranet pages :


inurl:intranet -intext:intranet

What is an intranet ?

An intranet is a computer network that uses Internet Protocol technology to share information, operational systems, or computing services within an organization. This term is used in contrast to extranet, a network between organizations, and instead refers to a network within an organization.

intitle:"Shell I" inurl:revslider inurl:error.php inurl:cmd

Find shells inserted using the revslider vulnerability :


intitle:"Shell I" inurl:revslider inurl:error.php inurl:cmd

Friday, October 30, 2015

inurl:.DS_Store intitle:index.of

Sensitives directories :


inurl:.DS_Store intitle:index.of
inurl:.DS_Store intitle:index of

.DS_Store is the name of a file in the Apple OS X operating system for storing custom attributes of a folder such as the position of icons or the choice of a background image. The name is an abbreviation of Desktop Services Store, reflecting its purpose. It is created and maintained by the Finder application in every folder, and has functions similar to the file desktop.ini in Microsoft Windows. Starting with a full stop (period) character, it is hidden in Finder and many Unix utilities. Its internal structure is proprietary.

inurl:webgps intitle:"GPS Monitoring System"

GPS Monitoring System Login Portal :


inurl:webgps intitle:"GPS Monitoring System"