Posted: . At: 8:47 AM. This was 2 weeks ago. Post ID: 19529
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.



Sponsored



Finding password files and other information online using Google Dorks.

by

Finding files such as the /etc/passwd file on web servers is very easy online.

There are heaps of servers where the /etc directory is exposed online. Using a simple Google Dork, it is possible to find exposed /etc/passwd files.

index of: /etc/passwd

This just works perfectly.

I found this example online.

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
_apt:x:104:65534::/nonexistent:/bin/false
Debian-exim:x:105:109::/var/spool/exim4:/bin/false
messagebus:x:106:110::/var/run/dbus:/bin/false
ntp:x:107:112::/home/ntp:/bin/false
sshd:x:108:65534::/run/sshd:/usr/sbin/nologin
rdnssd:x:109:65534::/var/run/rdnssd:/bin/false
vnstat:x:110:113::/var/lib/vnstat:/bin/false
postfix:x:111:115::/var/spool/postfix:/bin/false
varnish:x:112:117::/nonexistent:/bin/false
vcache:x:113:117::/nonexistent:/bin/false
varnishlog:x:114:117::/nonexistent:/bin/false
mysql:x:115:118:MySQL Server,,,:/var/lib/mysql:/bin/false
memcache:x:116:119:Memcached,,,:/nonexistent:/bin/false
sensu:x:999:999:Sensu Monitoring Framework:/opt/sensu:/bin/false
newrelic:x:998:998:New Relic daemons:/opt/newrelic:/bin/false
shellinabox:x:117:120:Shell In A Box,,,:/var/lib/shellinabox:/bin/false
ansible:x:1000:1000:Cloudways Ansible:/var/cw/ansible:/bin/bash
systeam:x:1001:1001:Cloudways Systeam:/var/cw/systeam:/bin/bash
master_tgycmhqabh:x:1002:33::/home/master:/usr/bin/mysecureshell
mtwggxjdwg:x:1003:33::/home/481123.cloudwaysapps.com/mtwggxjdwg:/usr/sbin/nologin
qfycpgjxzf:x:1004:33::/home/481123.cloudwaysapps.com/qfycpgjxzf:/usr/sbin/nologin
jungkmsdth:x:1005:33::/home/481123.cloudwaysapps.com/jungkmsdth:/usr/sbin/nologin
rnueayafdj:x:1008:33::/home/481123.cloudwaysapps.com/rnueayafdj:/usr/sbin/nologin
frankel2020:x:1008:33::/home/481123.cloudwaysapps.com/rnueayafdj:/usr/bin/mysecureshell
zbuhrzhuey:x:1009:33::/home/481123.cloudwaysapps.com/zbuhrzhuey:/usr/sbin/nologin
fhssneufja:x:1010:33::/home/481123.cloudwaysapps.com/fhssneufja:/usr/sbin/nologin
zcard-team:x:1010:33::/home/481123.cloudwaysapps.com/fhssneufja:/usr/bin/mysecureshell
fxxsvsbzyn:x:1011:33::/home/481123.cloudwaysapps.com/fxxsvsbzyn:/usr/sbin/nologin
platformops:x:1012:1012:Cloudways PlatformOps:/var/cw/platformops:/bin/bash
systemd-coredump:x:997:997:systemd Core Dumper:/:/usr/sbin/nologin
redis:x:103:122::/var/lib/redis:/usr/sbin/nologin

To find SSH keys online, use this Google Dork.

index of /etc/ssh/ssh_config

This will find /etc/ssh directories that could contain SSH keys.

To find directories that contain SSL keys, use this Google Dork.

index of /etc/ssl

This could be very useful.

To find directories containing database backups on websites, use this Google Dork. These could contain passwords and user accounts and would be very useful to get ahold of.

indexof /backup database

There are plenty of SSH keys available online, this is how to get ahold of them. Use this Google Dork to download SSH keys whenever you wish.

intitle:"index of /" ssh

Finally, to find Putty logs that contain a lot of useful information, use this Google Dork.

filetype:log username putty

Find Amazon AWS buckets online using this simple Google Dork.

site:http://amazonaws.com inurl:". s3.amazonaws.com/"

Open s3 buckets can be a nightmare in terms of bill shock.

https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1.


1 thought on “Finding password files and other information online using Google Dorks.”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.