40 Google Dorks that you can use for various purposes から学ぶ

ソース:

medium.com

訳:

脆弱性や機密情報の発見など、さまざまな目的に使用できる 40の Google Dork を紹介します。

General Dorks:

1. `intitle:”Index of”`
2. `intitle:”Index of” site:example.com`
3. `filetype:log inurl:”access.log”`
4. `filetype:sql inurl:wp-content/backup-*`
5. `intext:”Welcome to phpMyAdmin”`
6. `intitle:”Login — WordPress”`
7. `intext:”Powered by WordPress”`

Database-Related Dorks:

8. `inurl:/phpmyadmin/index.php`
9. `intext:”phpMyAdmin MySQL-Dump” filetype:sql`
10. `inurl:/db/websql/`
11. `inurl:/phpPgAdmin/index.php`
12. `intext:”phpPgAdmin — Login”`

Search for Vulnerabilities:

13. `intext:”Error Message” intext:”MySQL server” intext:”on * using password:”`
14. `intext:”Warning: mysql_connect()” intext:”on line” filetype:php`

 

 

Authentication-Related Dorks:

27. `intitle:”Login” inurl:/admin`
28. `intitle:”Login” inurl:/login`
29. `inurl:”/admin/login.php”`

Exposed Control Panels:

30. `intitle:”Control Panel” inurl:/admin`
31. `intitle:”Control Panel” inurl:/cpanel`

Exposed IoT Devices:

32. `intitle:”Smart TV” inurl:/cgi-bin/login`
33. `intitle:”Router Login” inurl:/login`

Finding PHP Info Pages:

34. `intitle:”PHP Version” intext:”PHP Version”`

Exposing Sensitive Files on Government Sites:

35. `site:gov inurl:*.doc | inurl:*.pdf | inurl:*.xls | inurl:*.ppt | inurl:*.rtf | inurl:*.ps`

Exposed Network Devices:

36. `intitle:”Brother” intext:”View Configuration”`
37. `intitle:”Network Print Server” filetype:html`
38. `intitle:”HP LaserJet” inurl:SSI/index.htm`

File Upload Vulnerabilities:

39. `inurl:/uploadfile/ filetype:php`
40. `intext:”File Upload” inurl:/php/`