google中常用的入侵语法
http://www.cnsu.org-->inurl/
adminàinurl
.asp ――》filetype
标题――》intitle
页面文字――》intext
页面编号――》numeange
- 逻辑非,“A-B”表示包含A没有B的网页
*代表单个字符
or操作
“”用短语做关键字,必须加上引号,不然会被当作与操作
.空格
Google对一些网路上出现频率极高的英文单词,如“i”、“com”、“www”等,以及一些符号如“*”、“.”等,作忽略处理
可以用+强制搜索
下面的语句是我搜集来的,大家可以试着用下
比如用Intitle:welcome.to.iis.4.0 IIS4会找到好多winNT的主机,呵呵
Site:sohu.com
Site:sohu.com-site:www.sohu.com
Intitle:index.of/admin
Intitle:index.of apache server.at
Intitle:test.page.for.apache “it workd”
Allintitle:Netscape Fasr Track Server Home Page
Intitle:”welcome to windows 2000 internet services”
IIS—win2000
Allintitle:welcome to windows XP server internet
services iis---XP
Intitle:welcome.to.iis.4.0 IIS4
Allintrtle:”welcome to internet information server”
IIS-- generic
Intitle:”apache http server”
Intitle:”documentation”
Intitle:””error using hypernews””server software”
“HTTP_USER_AGENT=Googlebot”
“HTTP_USER_AGENT=Googlebot”TNS_ADMIN
Inurl:/admin/login.asp
Intitle:”remote desktop wen connection”
“welcome to *” “Your password is *”
Inurl(browse top_rated power_search hot create_admin_user)+”powered
by inde xu”
“adding new user” inurl:addnewuser –“there are no
domain”
Filetype:log inurl:”password.log”
Intitle:”PHP Shell *” “enable stderr” filetype:php
Intitle:confixx login password
“powered by rover”
Inurl:iisadmpwd
Inurl:5800
“VNC desktop” inurl:5800
Inurl:webmin inurl:10000
Inurl:8080 –intext:8080
“access denird for user” “using password”
“# Dumping data for table”
“# Dumping data for table” username password
“# Dumping data for table
(username user users password)”
Inurl:main.php welcome to phpmyadmin
Intitle:”phpmyadmin running on *” welcome to phpmyadmin
Filetype:inc intext:mysql connect
Filetype:sql + “INENTIFIED BY” –cvs
Filetype:sql + “INENTIFIED BY” (“grant * on *” “create
user”)
“this report lists” “identified by internet scaner”
ACID “by roman danyliw” Filetype:PHP
小提示:用google hacking工具搜索这些,真的是多快好省啊:)
最新相关文章发表评论