Google Hacking

Others 2020-04-22 18:05:14 views: null

Introduction to Google Hacking syntax

GoogleHacking common syntax

1. intext: (only valid for Google) use a character in the body content of the webpage as the search condition
 2. intitle: use a character in the webpage title as the search condition
 3 , cache: search the search engine about Some content cache may find valuable information in the expired content
 4 , filetype / ext: specify a format type file as the search object
 5 , inurl: search for URLs containing specified characters
 6 , site: in the specified ( Domain name) Site search related content

 

GoogleHacking other syntax

1 , quotes ' '  ' after the key marked with quotation marks, the quotation marks as part of the whole search 
2 , or two or more simultaneous search keywords
 3 , Link search for a website link link: baidu.com are returned to all URL 4 linked to baidu
 , info to find some basic information of the specified site

 

Google hacking grammar collection site

https://www.exploit-db.com/google-hacking-database/

 

GoogleHacking Classic Grammar

GoogleHacking typical usage

Manage background address

site: target.com intext: admin | background | background management | login | login | username | password | system | account | login | system 
site: target.com inurl: login | inurl: admin | inurl: manage | inurl: manager | inurl: admin_login | inurl: system | inurl: backend 
site: target.com intitle: admin | background | background management | login | login

 

Upload vulnerability address

site:target.com inurl:file
site:target.com inurl:upload

 

Inject page

site:target.com inurl:php?id=

 

Editor page

site: target.com inurl: ewebeditor

 

Directory traversal vulnerability

site:target.com intitle:index.of

 

SQL error

site:target.com intext:"sql syntax near" | intext:"syntax error has occurred" | intext:"incorrect syntax near" | intext:"unexpected end of SQL command" | intext:"Warning: mysql_connect()" | intext:”Warning: mysql_query()" | intext:”Warning: pg_connect()"

 

phpinfo()

site:target.com ext:php intitle:phpinfo "published by the PHP Group"

 

Configuration file leak

site:target.com ext:.xml | .conf | .cnf | .reg | .inf | .rdp | .cfg | .txt | .ora | .ini

 

Database file leak

site:target.com ext:.sql | .dbf | .mdb | .db

 

Log file leak

site:target.com ext:.log

 

Backup and historical file disclosure

site:target.com ext:.bkf | .bkp | .old | .backup | .bak | .swp | .rar | .txt | .zip | .7z | .sql | .tar.gz | .tgz | .tar

 

Public document disclosure

site:target.com filetype:.doc | .docx | .xls | .xlsx | .ppt | .pptx | .odt | .pdf | .rtf | .sxw | .psw | .csv

 

Email information

site:target.com intext:@target.com
site:target.com 邮件
site:target.com email

 

Social worker information

site: target.com intitle: account number | password | work number | student number | ID card

 

Guess you like

Origin www.cnblogs.com/R-S-PY/p/12751856.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com