2020 Google Dorking List

2020 Google Dorking List

A 2020 Google Dorking List.

"Index of" inurl:htdocs inurl:xampp
"Index of" inurl:phpmyadmin
"Index of" inurl:webalizer
"index of" "database.sql.zip"
intext:"@gmail.com" AND intext:"@yahoo.com" filetype:sql
intext:"class JConfig {" inurl:configuration.php
intitle: "index of" "./" "./bitcoin"
intitle:"Apache2 Ubuntu Default Page: It works"
intitle:"IIS Windows Server" -inurl:"IIS Windows Server"
intitle:"Index of" inurl:wp-json/oembed
intitle:"Index of" phpmyadmin
intitle:"Index of" wp-admin
intitle:"Swagger UI - " + "Show/Hide"
intitle:"index of /" intext:/backup
intitle:"index of" ".cpanel/caches/config/"
intitle:"index of" "/aws.s3/"
intitle:"index of" admin inurl:login.cgi
intitle:"index of" drupal
intitle:"index of" hosts.csv | firewalls.csv | linux.csv | windows.csv
intitle:"index of" unattend.xml
intitle:"qBittorrent Web UI" inurl:8080
intitle:OmniDB intext:"user. pwd. Sign in."
intitle:Test Page for the Nginx HTTP Server on Fedora
intitle:index.of.?.sql
inurl: /filemanager/dialog.php
inurl: admin/login.aspx
inurl:'/scopia/entry/index.jsp'
inurl:/admin/index.php
inurl:/filedown.php?file=
inurl:/index.aspx/login
inurl:/login/index.jsp -site:hertz.*
inurl:/portal/apis/fileExplorer/
inurl:8443 AND -intitle:8443 AND -intext:8443 prohibited|restricted|unauthorized
inurl:Dashboard.jspa intext:"Atlassian Jira Project Management Software"
inurl:_cpanel/forgotpwd
inurl:app/kibana intext:Loading Kibana
inurl:bc.googleusercontent.com intitle:index of
inurl:cgi/login.pl
inurl:office365 AND intitle:"Sign In | Login | Portal"
inurl:zoom.us/j and intext:scheduled for
s3 site:amazonaws.com filetype:log
s3 site:amazonaws.com intext:dhcp filetype:txt inurl:apollo
site:*/auth intitle:login
site:amazonaws.com inurl:login.php
site:com inurl:jboss filetype:log -github.com
site:drive.google.com /preview intext:movie inurl:flv | wmv | mp4 -pdf -edit -view
site:https://docs.google.com/spreadsheets edit

intext:Welcome to WildFly 10 & intitle:Welcome to WildFly 10 -jboss.org -stackoverflow.com

Find juicy WildFly 10 instances.

INTEXST PARAMETER + INTITLE PARAMETER

intext:Welcome to WildFly 10 & intitle:Welcome to WildFly 10 -jboss.org -stackoverflow.com

Result :

- Find WildFly 10 instances.

inurl:/admin/login.asp & intext:password

Find admin portals

INURL PARAMETER + INTEXT PARAMETER :

inurl:/admin/login.asp & intext:password

Result :

intext:/wp-content/uploads/wpsc/

Find Wordpress directories

INTEXT PARAMETER :

intext:/wp-content/uploads/wpsc/

Result :

Sensitive directories

About :

WordPress, an open source software used by bloggers. (© Wikipedia)

intitle:Login to Webmin & intext:Login to Webmin

Find Webmin login forms

INTEXT PARAMETER + INTEXT PARAMETER :

intext:Webmin & intext:You must enter a username and password to login to the server on
intitle:Login to Webmin & intext:Login to Webmin
intitle:Login to Webmin & intext:Login to Webmin & intext:Remember login permanently?

Result :

Many Webmin login forms.

About Webmin :

Webmin is a web-based system configuration tool for Unix-like systems, although recent versions can also be installed and run on Windows. With it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify and control open source apps, such as the Apache HTTP Server, PHP or MySQL. (© Wikipedia)

site:facebook.com & intext:dvdrip

Discover the global state of the Piracy on Internet.

site:facebook.com & intext:dvdrip

site:pinterest.com & intext:dvdrip

site:google.com & intext:dvdrip

site:wordpress.com & intext:dvdrip

site:github.com & intext:dvdrip

site:twitter.com & intext:dvdrip

site:reddit.com & intext:dvdrip

Pattern :

site:name & intext:kind

Results :

+ Direct link to pirated contents.
+ The global state is positive for piracy as there is no control.
+ @ is relaying piracy content. | # #Piracy

inurl:login.php & intitle:Admin Login

Find admin login forms

INURL PARAMETER + INTEXT PARAMETER :

inurl:login.php & intitle:Admin Login
inurl:login.aspx & intitle:Admin Login
inurl:login & intitle:Admin Login

Result :

We obtain many forms.

intext:Hacked By & intext:Mr.Optimuz_r00t

Find defaced websites or pages

INTEXT PARAMETER + INTEXT PARAMETER :

intext:Hacked By & intext:Mr.Optimuz_r00t
intext:Hacked By & intext:Mr.DreamX196

Result :

Hacked By Mr.Optimuz_r00t - Indonesian Intelegent Security - Mr.DreamX196 | AnoaGhost | Mr.Syntax_Error | 51N1CH1 | Mr.XSecr3t | Mr.Guy | Unknown~X | YaroiDariko | Mr.Optimuz_r00t | SoBakso404 | Mr.X_Kn0ck_0X | MrCopoExe | ./RootFound404 |

Note :

Blank page is the next era...

intext:Dump with BackWPup & filetype:sql

Find BackWPup Wordpress dump files

INTEXT + FILETYPE PARAMETER :

intext:Dump with BackWPup & filetype:sql
intext:Plugin for WordPress by Daniel Huesken & filetype:sql
intext:Dump on & intext:Huesken & filetype:sql

intext:© 2016 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443

Find Plesk panels

INTEXT PARAMETER + INURL PARAMETER :

intext:© 2016 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2016 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443 -plesk.com

Tests with a different year :

intext:© 2017 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2015 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2014 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2013 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2012 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2011 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443
intext:© 2010 Parallels IP Holdings GmbH. All rights reserved. & inurl:8443

inurl:.DS_Store intitle:index.of

Find list of files with a .DS_Store file

Google Dorks to find list of files with a .DS_Store file :

inurl:.DS_Store intitle:index.of
intext:.DS_Store & intitle:index -github

About .DS_Store

In the Apple macOS operating system, .DS_Store is a file that stores custom attributes of its containing folder, such as the position of icons or the choice of a background image. The name is an abbreviation of Desktop Services Store, reflecting its purpose.

intext:admin login

Find login portals

INTEXT PARAMETER :

intext:admin login
intext:admin login & inurl:admin/login.asp
intext:admin login & inurl:admin/login.php
intext:admin login & intitle:Admin Portal
intext:admin login & intitle:Admin Login
intext:login
intext:admin

INURL PARAMETER :

inurl:/administrator/index.php
inurl:/administrator.php
inurl:/admin/administrator.php
inurl:/admin/admin.php
inurl:login.php
inurl:logini.php
inurl:admin.php
inurl:admini.php
inurl:admino.php

WITHOUT DORKING :

admin
find login portals
login
login portals

intext:"WebFig Login" & intitle:"RouterOS router configuration page"

Find Mikrotik login panels

intext:"WebFig Login" & intitle:"RouterOS router configuration page"

About Mikrotik

Mikrotīkls SIA, known internationally as MikroTik, is a Latvian manufacturer of computer networking equipment. It sells wireless products and routers.

intitle:"IPCam Client"

Find IPCam Client

intext:"Hikvision" inurl:"login.asp"

inurl:login inurl:user inurl:pass -intext:pass -intext:user

Find cPanel portals

inurl:login inurl:user inurl:pass -intext:pass -intext:user

About cPanel

Globally Empowering Hosting Providers through Fully Automated Point-And-Click Hosting Platforms by Hosting Centric Professionals

intext:"powered by webcamXP 5"

Find webcamXP webcams

intext:"powered by webcamXP 5"

intext:"powered by webcamXP"

About webcamXP

webcamXP is the most popular webcam and network camera software for Windows.

It allows you to monitor your belongings from any location with access to Internet by turning your computer into a security system.

Connect remotely by using other computers or your mobile phone. Broadcast live video to your website. Schedule automatic captures or recordings. Trig specific actions using the motion detector. You can easily use those features among others with webcamXP.

It supports a large selection of Network Cameras (1500+) and is used in multiple industries including national security (police, army), aerospace and defense, museums, hotels, shops, zoos and many others.

Most important for us is to provide a stable and high-performance software. webcamXP is designed to be online 24/7 while using reasonable resources on your computer.

intext:"Forum software by XenForo™"

Find XenForo forums

intext:"Forum software by XenForo™"

About XenForo

A compelling community experience.

Intuitive. Social. Engaging. Fast. XenForo brings a fresh outlook to forum software.

Usage (1.4.1)

api.php?action=getGroup&value=' UNION ALL SELECT
NULL%2CNULL%2CNULL%2CNULL%2CNULL%2CCONCAT(IFNULL(CAST(%40%40HOSTNAME AS
CHAR)%2C0x20))%2CNULL%23

api.php?action=getUsers&value=' UNION ALL SELECT
CONCAT(IFNULL(CAST(%40%40HOSTNAME AS CHAR)%2C0x20))%2CNULL%23

intext:"Powered by BOMGAR"

Find online Bomgar devices

intext:"Powered by BOMGAR"

intitle:"Remote Support Portal | Powered by BOMGAR"

About Bomgar

Access is Power. Bomgar keeps it Secure.

Connections are powerful. Every day, you rely on connections between people and technology to enable operations, support customers, and drive performance. When connections are efficient and effective, people are empowered and productive. But when the power of those connections is compromised, business grinds to a halt...or worse.

Bomgar's Secure Access solutions allow you to unleash the power of access because your connections are secure.

intitle:Mass Revslider Exl0it1ng

Find websites exploiting the Revslider plugin vulnerability :

intitle:Mass Revslider Exl0it1ng
intext:Mass Revslider Plugin Exl0it1ng
intext:IP Scanner Exploiter Find DB Panel Exploit Dorks Domains 2 IP

Find wordpress websites with the revslider plugin installed :

inurl:wp-content/plugins/revslider/
inurl:revslider
inurl:revslider_admin.php
inurl:revslider_front.php
inurl:plugins/revslider/
intext:Powered by Revslider
intitle:"Index Of/ revslider"
intitle:"Index Of/wp-content/themes/revslider"
intitle:"Index Of/wp-content/plugins/revslider"
intitle:"Index Of/admin/revslider"
intitle:"Index Of/fr/revslider"
intitle:"Index Of/en/revslider"
intitle:"Index Of/us/revslider"
intitle:"Index Of/ar/revslider"
intitle:"Index Of/es/revslider"
intitle:"Index Of/de/revslider"

About the Revslider vulnerabilities :

CVE-2015-5151 : Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

CVE-2014-9735 : The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to upload and execute arbitrary files via an update_plugin action; delete arbitrary sliders via a delete_slider action; and create, update, import, or export arbitrary sliders via unspecified vectors.

CVE-2014-9734 : Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a leak in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.

inurl:intranet -intext:intranet

Access to intranet pages :

inurl:intranet -intext:intranet

What is an intranet ?

An intranet is a computer network that uses Internet Protocol technology to share information, operational systems, or computing services within an organization. This term is used in contrast to extranet, a network between organizations, and instead refers to a network within an organization.