Find any Microsoft Frontpage website with the username and password exposed. This is amazingly stupid.
intext:" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) |
This is an example.
# -FrontPage-
therose:WK7JNgYcDkzac |
A Similar search. This also finds websites with the password exposed. This is in the _vti_pvt/service.pwd file.
intext:"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd |
An example of this.
# -FrontPage- admin:$1$E773NX74$OW00c952gkxgBmlitq7yT0 |
How to find PHPMyAdmin instances that are not secured, this really works well.
intext:"phpMyAdmin" "running on" inurl:"main.php" |
Find many MySQl database dumps.
intext:"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the" |
Yet another search to find various MySQL dumps with passwords and other information.
filetype:sql “insert into” (pass|passwd|password) |
The MD5 encryption standard is well outdated by now, but this Google Dork still finds websites using it…
filetype:sql ("values * MD5" | "values * password" | "values * encrypt") |
Yet another Google Dork. This one can find backups of .htaccess files. This tells a penetration tester what permissions are existing on a server.
filetype:bak inurl:"htaccess|passwd|shadow|htusers" |
para que sirve inanchor y link
what program i need to scan for SQL ?
or how?
thanks for the help
Just use the searches I used, this will work. Google does it all for you.
what is the name of the SQL scanner?
or how i scan for this ?
thanks for the help