To find some cool stuff on the Internet in 2022, use these useful Google Dorks.
To find some backup files on websites such as SQL backups and other useful stuff that can be used to harvest passwords, use this example.
"Index of /backup" |
You never know what you might find.
Find copies of a certain Linux program for download.
"parent directory "gimp -xxx -html -htm -php -shtml -opendivx -md5 -md5sums |
This is useful to find a copy of the Gimp to download for Linux.
Find websites with an exposed .htaccess file. This can provide insight into the workings of the website a little bit.
filetype:bak inurl:"htaccess|passwd|shadow|htusers" |
Sometimes you might even find a passwd file listing usernames. That can be a great find.
Here is a related example, this will help find an exposed /etc/ folder.
index of /etc/ |
This can be useful to see the passwd file on a site as well as other useful files.
Another way to find open directories with the /etc/passwd file available to view.
intitle:index of \etc\passwd |
Plenty of sites have open folders you can view everything in the /etc folder. It is very interesting if this allows viewing the /etc/passwd file containing all user account names and the group and user ID numbers. Plus the home directory of the user. Below is an example, this would have been a very busy site if it is still running.
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 | emmescan:x:1031:1033::/home/emmescan:/bin/false familles:x:1032:1034::/home/familles:/usr/local/cpanel/bin/noshell gandhibuilders:x:1034:1036::/home/gandhibuilders:/usr/local/cpanel/bin/noshell gratefix:x:1035:1037::/home/gratefix:/usr/local/cpanel/bin/noshell gyancorp:x:1037:1039::/home/gyancorp:/usr/local/cpanel/bin/noshell healthin:x:1038:1040::/home/healthin:/usr/local/cpanel/bin/noshell himgiri1:x:1039:1041::/home/himgiri1:/usr/local/cpanel/bin/noshell hiteshparmar:x:1040:1042::/home/hiteshparmar:/usr/local/cpanel/bin/noshell holidayb:x:1041:1043::/home/holidayb:/usr/local/cpanel/bin/noshell indiavertex:x:1042:1044::/home/indiavertex:/usr/local/cpanel/bin/noshell inrrenet:x:1043:1045::/home/inrrenet:/usr/local/cpanel/bin/noshell invisibl:x:1044:1046::/home/invisibl:/usr/local/cpanel/bin/noshell kludirak:x:1046:1048::/home/kludirak:/usr/local/cpanel/bin/noshell kundudan:x:1047:1049::/home/kundudan:/usr/local/cpanel/bin/noshell lbstcorg:x:1048:1050::/home/lbstcorg:/usr/local/cpanel/bin/noshell lkshcom:x:1049:1051::/home/lkshcom:/usr/local/cpanel/bin/noshell luscom:x:1050:1052::/home/luscom:/usr/local/cpanel/bin/noshell modtechn:x:1052:1054::/home/modtechn:/usr/local/cpanel/bin/noshell musicpro:x:1053:1055::/home/musicpro:/usr/local/cpanel/bin/noshell newaji12:x:1054:1056::/home/newaji12:/usr/local/cpanel/bin/noshell oceanviaco:x:1056:1058::/home/oceanviaco:/usr/local/cpanel/bin/noshell oscmurico:x:1057:1059::/home/oscmurico:/usr/local/cpanel/bin/noshell paulinei:x:1060:1062::/home/paulinei:/usr/local/cpanel/bin/noshell positive:x:1061:1063::/home/positive:/usr/local/cpanel/bin/noshell prajaktp:x:1062:1064::/home/prajaktp:/usr/local/cpanel/bin/noshell priteshd:x:1064:1066::/home/priteshd:/usr/local/cpanel/bin/noshell radheyelectrical:x:1065:1067::/home/radheyelectrical:/usr/local/cpanel/bin/noshell rajgopal:x:1067:1069::/home/rajgopal:/usr/local/cpanel/bin/noshell reenieon:x:1068:1070::/home/reenieon:/usr/local/cpanel/bin/noshell romeowed:x:1069:1071::/home/romeowed:/usr/local/cpanel/bin/noshell rvadmin:x:1070:1072::/home/rvadmin:/usr/local/cpanel/bin/noshell saquacom:x:1072:1074::/home/saquacom:/usr/local/cpanel/bin/noshell sarqldcom:x:1073:1075::/home/sarqldcom:/usr/local/cpanel/bin/noshell sealmaticindia:x:1074:1076::/home/sealmaticindia:/usr/local/cpanel/bin/noshell shreeworldwide:x:1075:1077::/home/shreeworldwide:/usr/local/cpanel/bin/noshell shrishub:x:1076:1078::/home/shrishub:/usr/local/cpanel/bin/noshell shwetaonline:x:1077:1079::/home/shwetaonline:/usr/local/cpanel/bin/noshell siddharthmurarka:x:1078:1080::/home/siddharthmurarka:/usr/local/cpanel/bin/noshell sketchplaymedia:x:1079:1081::/home/sketchplaymedia:/usr/local/cpanel/bin/noshell skshospl:x:1080:1082::/home/skshospl:/usr/local/cpanel/bin/noshell smileaga:x:1081:1083::/home/smileaga:/usr/local/cpanel/bin/noshell solinoxi:x:1082:1084::/home/solinoxi:/usr/local/cpanel/bin/noshell soorina:x:1083:1085::/home/soorina:/usr/local/cpanel/bin/noshell surajahuja:x:1084:1086::/home/surajahuja:/usr/local/cpanel/bin/noshell tbdesai:x:1085:1087::/home/tbdesai:/usr/local/cpanel/bin/noshell terrana:x:1086:1088::/home/terrana:/usr/local/cpanel/bin/noshell tfabrikb:x:1087:1089::/home/tfabrikb:/usr/local/cpanel/bin/noshell thoughtb:x:1088:1090::/home/thoughtb:/usr/local/cpanel/bin/noshell tristarsprings:x:1089:1091::/home/tristarsprings:/usr/local/cpanel/bin/noshell usasealmatic:x:1091:1093::/home/usasealmatic:/usr/local/cpanel/bin/noshell varahigr:x:1092:1094::/home/varahigr:/usr/local/cpanel/bin/noshell vcebhopa:x:1093:1095::/home/vcebhopa:/usr/local/cpanel/bin/noshell vexlin:x:1094:1096::/home/vexlin:/usr/local/cpanel/bin/noshell vishwagr:x:1095:1097::/home/vishwagr:/usr/local/cpanel/bin/noshell webarcco:x:1096:1098::/home/webarcco:/usr/local/cpanel/bin/noshell zenithtinsco:x:1097:1099::/home/zenithtinsco:/usr/local/cpanel/bin/noshell parsolar:x:1098:1100::/home/parsolar:/usr/local/cpanel/bin/noshell reliableaccessor:x:1099:1101::/home/reliableaccessor:/usr/local/cpanel/bin/noshell newageindustrial:x:1100:1102::/home/newageindustrial:/usr/local/cpanel/bin/noshell chateando1:x:1101:1103::/home/chateando1:/usr/local/cpanel/bin/noshell raasinfra:x:1102:1104::/home/raasinfra:/usr/local/cpanel/bin/noshell almightyeducatio:x:1104:1106::/home/almightyeducatio:/usr/local/cpanel/bin/noshell apoorvaexportimp:x:1105:1107::/home/apoorvaexportimp:/usr/local/cpanel/bin/noshell risecargo:x:1107:1109::/home/risecargo:/usr/local/cpanel/bin/noshell seaskyexpressco:x:1109:1111::/home/seaskyexpressco:/usr/local/cpanel/bin/noshell lacascada:x:1110:1112::/home/lacascada:/bin/bash capozucca:x:1111:1113::/home/capozucca:/bin/bash distriatlantico:x:1114:1116::/home/distriatlantico:/bin/bash pratameshevents:x:1115:1117::/home/pratameshevents:/usr/local/cpanel/bin/noshell pasarelaadmin:x:1116:1118::/home/pasarelaadmin:/bin/bash replxicon:x:1117:1119::/home/replxicon:/usr/local/cpanel/bin/noshell lospaisas:x:1119:1121::/home/lospaisas:/bin/bash cartagochat:x:1120:1122::/home/cartagochat:/bin/bash protaxnc:x:1121:1123::/home/protaxnc:/bin/bash gruhonline:x:1122:1124::/home/gruhonline:/usr/local/cpanel/bin/noshell saila:x:1123:1125::/home/saila:/usr/local/cpanel/bin/noshell papro:x:1124:1126::/home/papro:/usr/local/cpanel/bin/noshell rhythmscapes:x:1125:1127::/home/rhythmscapes:/usr/local/cpanel/bin/noshell graficaspalatino:x:1126:1128::/home/graficaspalatino:/bin/bash sealmaticrussia:x:1127:1129::/home/sealmaticrussia:/usr/local/cpanel/bin/noshell andersonparker:x:1128:1130::/home/andersonparker:/usr/local/cpanel/bin/noshell villarobledo:x:1129:1131::/home/villarobledo:/bin/bash isesoftworld:x:1130:1132::/home/isesoftworld:/usr/local/cpanel/bin/noshell miinfo:x:1131:1133::/home/miinfo:/bin/bash |
There are a lot of users in this example.
Find all JupyterHub instances with Google Dorks.
intitle:"JupyterHub" inurl:/hub/login |
This is very effective.
And find Admin Control Panels on the Internet with this Google Dork.
admin/controlpanel.htm |
nice list of dorks