Introduction
Remember the ability to describe people in general is IQ, EQ to describe, but to now this era of surging information, search providers are also increasingly important issue in penetration testing or other everyday life, master the search techniques can often be more effective.Following is a brief summary of what I am familiar with the search syntax:
basis
intext: search only the text portion of the page contained (that is, ignore the title, text, URL, etc.) (management,).
Site: you can limit your search domain of ex:. site: baidu.com filetype: txt TXT file Find
filetype: suffix search for the file name or extension (doc.mdb.ppt.swf.sql ...)
allintitle: search all keywords constitute the title of the page but it is recommended not to use.
Link: you can get an all contain a specified URL of the page For example the list:. link: www.google.com you can get all connect to the Google page
Intitle or Allintitle: search in the page header
Related: displays the site
inanchor or allinanchor: search restrictions described in the link anchor text pages are Search
Inurl or Allinurl: find text in the URL (including a large number of special characters, the most widely used) for the URL contained on search pages (File,).
Phonebook: Search phone list
Rphonebook: Search Home phone list
Bphonebook: Business Phone List
Author: Author Search in Google newsgroup posts
Group: search Google Title
Inanchor: find text in the link text
Masgid: to find Google posts by news the above mentioned id
dateRange: Find pages published within a specific date range
insubject: Search Googlegroup subject line
cache: show cached version of the page
stocks: search for stock information
info: display a summary of Google
define: displays the definition of a term
Numrang: search numbers need a minimum number of two parameters, one of the largest number, with dash separated
+ added words are ignored
- ignored excludes a word
- a synonym that is similar to the word
. single wildcard
* wildcard can represent multiple letters
, "" exact match queries
Boolean operators:
and and
or or
not not
Use
1 |
"Welcome to phpmyadmin ***" "running on * as root@*" intitle:phpmyadmin |
Database program and error files
“Assessment report” “nessus” filetype:pdf
Security Scan Report
“advanced guestbook * powered” inurl:addentry.php
intitle:”View img” inurl:viewimg.php
Program contains SQL injection port and the path can be modified weak
“php version” intitle:phpinfo inurl:info.php
Sensitive information
intitle:”usage Statistics(统计表) for” intext:”Total Unique Usernames”
username
intitle: CV OR intitle: CV "Thomas Fischer"
intitle: CV OR intitle: ext CV: pdf OR ext: doc
resume
allintext: name email phone address intext:”thomas fischer(人物)” ext:pdf
Twiki inurl:”View/Main” “thomas fischer”
Description Identification private information (name, address, phone, telephone extension)
intitle:”live View/ -AXIS” | inurl:view/view.shtml
inurl:”ViewFrame?Mode=”
inurl:”MultiCameraFrame?Mode=”
inturl:”axis-cgi/mjpg”
intext:”MOBOTIX M1″
intext:”Open Menu”
inurl:”view/index.shtml”
Online Webcam
“index of” (private | secure | geheim | gizli)
“robots.txt” “User-agent” ext:txt
“this document is private | confidential| secret” ext:doc | ext:pdf | ext:xls
intitle:”index of” “jpg | png | bmp” inurl”personal | inurl:private
Confidential directories and files
“index of” inbox.dbx
“To parent directory” inurl:”Identities”
Personal letters / e-mail
“session start” “session ident” thomas ext:txt
Chat Logs
-“public | pubring | pubkeysignature | pgp | and | or |release” ext:gpg
-intext:”and” (ext:enc | ext:axx)
“ciphervalue” ext:xml
An encrypted message
“Begin (DSA | RSA)” ext:key、“index of” “secring.gpg”
Search privacy password
“index of” slave_datatrans OR from_master
Search key
“create table” insert into” “pass|passwd|password” (ext:sql | ext:dump | ext:txt)、“your password * is” (ext:csv | ext.doc | ext:txt)
Searching for a user name and password
inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin
Find phpMyAdmin background page can be accessed by unauthorized
“OpenSSL” AND “1.0.1 Server at” OR “1.0.1a Server at” OR “1.0.1b Server at” OR “1.0.1c Server at” OR “1.0.1d Server at” OR “1.0.1e Server at” OR “1.0.1f Server at”
Other extensions
While using the search syntax can also collect some of these URLs, but a lot of things to help it find
Search Baidu disk:
every cloud search: http://so.ygyhg.com
stay Papaya: http://md5.daimugua.com
Zhong Kui Eye: https://www.zoomeye.org
shoudan: HTTPS: // the WWW. shodan.io
SeeBug: https://www.seebug.org
Yahoo: https://sg.search.yahoo.com
will be the international version https://www.bing.com
MAEZW https://so.mezw.com
Other niche search engines:
https://bird.so/
https://search.avira.com/#/
https://suche.gmx.net/web
https://r0.ru/
HTTPS: // the WWW .yandex.com /
https://search.avira.com/
https://www.qwant.com
https://www.ecosia.org/
Search network disk
to disk http://www.quzhuanpan.com/
fat searches http://www.panc.cc
ostrich http://www.tuoniao.me/
disk search http://www.pansou.com
007 http://wangpan007.com
Baidu disk http://sobaidupan.com
dish lot http://www.panduoduo.net/
Xilin Street http://www.xilinjie.com/
little https://www.xiaoso.net
磁力资源^.^
https://btso.pw/search/
https://a8bt.cc/
http://www.btcherry.info/
https://rarbg.is/torrents.php
http://storebt.cc/
https://idope.se/
https://www.69mag.xyz/
Animation resources
animation garden http://share.dmhy.org/
meow search https://nyaso.com/
Gringo's https://gelbooru.com/
D station http://www.dilidili.com/
Citrus plan http : //mikanani.me/
simple animation http://www.36dm.com/
tidal empty animation http://www.xkdmbt.com/
Man cartoon cat http://www.comicat.org/
Meng Fan group https: / /bangumi.moe/
EBook search engine
forfrigg http://forfrigg.com/
dove Mount search https://www.jiumodiary.com/
kindleshare https://sk.kindleshare.cn
https://www.owllook.net/
Site navigation
insect tribe search http://search.chongbuluo.com/
insect tribe resource search http://magnet.chongbuluo.com/
penetration division http://shentoushi.top/
etc. ,,,,,,
Look out
Between (1) operator, colon, keywords are no spaces.
(2) Boolean operators (AND, OR, NOT) and special characters (-, +) is still used as a high-level query operators, but can not put them on before the colon and colon to separate and operators.
(3) advanced operators and individual query can be a mixture of
(. 4) ALL operator (operator beginning ALL) very strange. In general, a query only once ALL operator, and can not mix with other operators.
(5) can refer to other more search tips: https://www.exploit-db.com/google-hacking-database/?action=search&ghdb_search_cat_id=0&ghdb_search_text=
Reference links
http://baike.so.com/doc/6950859-7173260.html
http://blog.jobbole.com/72211/
http://www.nxadmin.com/web/120.html