17 Oct 2012

SQL Injection Dorks using Google


Here is a list of some frequently and rarely used SQL injections as Google Dorks.


inurl:"ViewerFrame?Mode="

intitle:axis intitle:"video server"

inurl:indexFrame.shtml Axis

?intitle:index.of? mp3 artist-name-here

"intitle:index of"

"A syntax error has occurred" filetype:ihtml

"access denied for user" "using password"

"Chatologica MetaSearch" "stack tracking:"

"Index of /backup"

"ORA-00921: unexpected end of SQL command"

"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

?intitle:index.of? mp3 name

allintitle:"Network Camera NetworkCamera"

allinurl: admin mdb

allinurl:auth_user_file.txt

intitle:"live view" intitle:axis

intitle:axis intitle:"video server"

intitle:liveapplet

inurl:"ViewerFrame?Mode="

inurl:axis-cgi/jpg

inurl:axis-cgi/mjpg (motion-JPEG)

inurl:passlist.txt

inurl:view/index.shtml

inurl:view/indexFrame.shtml

inurl:view/view.shtml

inurl:ViewerFrame?Mode=Refresh

liveapplet

!Host=*.* intext:enc_UserPassword=* ext:pcf

" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)

"A syntax error has occurred" filetype:ihtml

"About Mac OS Personal Web Sharing"

"access denied for user" "using password"

"allow_call_time_pass_reference" "PATH_INFO"

"An illegal character has been found in the statement" -"previous message"

"ASP.NET_SessionId" "data source="

"AutoCreate=TRUE password=*"

"Can't connect to local" intitle:warning

"Certificate Practice Statement" inurl:(PDF | DOC)

"Chatologica MetaSearch" "stack tracking"

"Copyright © Tektronix, Inc." "printer status"

"detected an internal error [IBM][CLI Driver][DB2/6000]"

"Dumping data for table"

"Error Diagnostic Information" intitle:"Error Occurred While"

"error found handling the request" cocoon filetype:xml

"Fatal error: Call to undefined function" -reply -the -next

"Generated by phpSystem"

"generated by wwwstat"

"Host Vulnerability Summary Report"

"HTTP_FROM=googlebot" googlebot.com "Server_Software="

"IMail Server Web Messaging" intitle:login

"Incorrect syntax near"

"Index of /" +.htaccess

"Index of /" +passwd

"Index of /" +password.txt

"Index of /admin"

"Index of /mail"

"Index Of /network" "last modified"

"Index of /password"

"index of /private" site:mil

"index of /private" -site:net -site:com -site:org

"Index of" / "chat/logs"

"index of/" "ws_ftp.ini" "parent directory"

"Installed Objects Scanner" inurl:default.asp

"Internal Server Error" "server at"

"liveice configuration file" ext:cfg

"Login - Sun Cobalt RaQ"

"Mecury Version" "Infastructure Group"

"Mcft ® Windows * ™ Version * DrWtsn32 Copyright ©" ext:log

"More Info about MetaCart Free"

"Most Submitted Forms and Scripts" "this section"

"mysql dump" filetype:sql

"mySQL error with query"

"Network Vulnerability Assessment Report"

"not for distribution" confidential

"ORA-00921: unexpected end of SQL command"

"ORA-00933: SQL command not properly ended"

"ORA-00936: missing expression"

"pcANYWHERE EXPRESS Java Client"

"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"

"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the"

"phpMyAdmin MySQL-Dump" filetype:txt

"phpMyAdmin" "running on" inurl:"main.php"

"PostgreSQL query failed: ERROR: parser: parse error"

"Powered by mnoGoSearch - free web search engine software"

"powered by openbsd" +"powered by apache"

"Powered by UebiMiau" -site:sourceforge.net

"produced by getstats"

"Request Details" "Control Tree" "Server Variables"

"robots.txt" "Disallow:" filetype:txt

"Running in Child mode"

"sets mode: +k"

"sets mode: +p"

"sets mode: +s"

"Supplied argument is not a valid MySQL result resource"

"Supplied argument is not a valid PostgreSQL result"

"Thank you for your order" +receipt

"This is a Shareaza Node"

"This report was generated by WebLog"

"This summary was generated by wwwstat"

"VNC Desktop" inurl:5800

"Warning: Cannot modify header information - headers already sent"

"Web File Browser" "Use regular expression"

"xampp/phpinfo

"You have an error in your SQL syntax near"

"Your password is * Remember this for later use"

aboutprinter.shtml

allintitle: "index of/admin"

allintitle: "index of/root"

allintitle: restricted filetype :mail

allintitle: restricted filetype:doc site:gov

allintitle: sensitive filetype:doc

allintitle:.."Test page for Apache Installation.."

allintitle:admin.php

allinurl:".r{}_vti_cnf/"

allinurl:admin mdb

allinurl:auth_user_file.txt

allinurl:servlet/SnoopServlet

An unexpected token "END-OF-STATEMENT" was found

camera linksys inurl:main.cgi

Canon Webview netcams

Comersus.mdb database

confidential site:mil

ConnectionTest.java filetype:html

data filetype:mdb -site:gov -site:mil

eggdrop filetype:user user

ext:conf NoCatAuth -cvs

ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"

ext:txt inurl:unattend.txt

filetype:ASP ASP

filetype:ASPX ASPX

filetype:BML BML

filetype:cfg ks intext:rootpw -sample -test -howto

filetype:cfm "cfapplication name" password

filetype:CFM CFM

filetype:CGI CGI

filetype:conf inurl:psybnc.conf "USER.PASS="

filetype:dat "password.dat

filetype:DIFF DIFF

filetype:DLL DLL

filetype:DOC DOC

filetype:FCGI FCGI

filetype:HTM HTM

filetype:HTML HTML

filetype:inf sysprep

filetype:JHTML JHTML

filetype:JSP JSP

filetype:log inurl:password.log

filetype:MV MV

filetype:pdf "Assessment Report" nessus

filetype:PDF PDF

filetype:PHP PHP

filetype:PHP3 PHP3

filetype:PHP4 PHP4

filetype:PHTML PHTML

filetype:PL PL

filetype:PPT PPT

filetype:PS PS

filetype:SHTML SHTML

filetype:STM STM

filetype:SWF SWF

filetype:TXT TXT

filetype:XLS XLS

htpasswd / htpasswd.bak

Index of phpMyAdmin

index of: intext:Gallery in Configuration mode

index.of passlist

intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"

intext:"d.aspx?id" || inurl:"d.aspx?id"

intext:"enable secret 5 $"

intext:"powered by Web Wiz Journal"

intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"

intitle:"--- VIDEO WEB SERVER ---" intext:"Video Web Server" "Any time & Any where" username password

intitle:"500 Internal Server Error" "server at"

intitle:"actiontec" main setup status "Copyright 2001 Actiontec Electronics Inc"

intitle:"Browser Launch Page"

intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu

intitle:"EverFocus.EDSR.applet"

intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c

intitle:"Index of" .bash_history

intitle:"Index of" .mysql_history

intitle:"Index of" .mysql_history

intitle:"Index of" .sh_history

intitle:"Index of" cfide

intitle:"index of" etc/shadow

intitle:"index of" htpasswd

intitle:"index of" intext:globals.inc

intitle:"index of" master.passwd

intitle:"index of" members OR accounts

intitle:"index of" passwd

intitle:"Index of" passwords modified

intitle:"index of" people.lst

intitle:"index of" pwd.db

intitle:"Index of" pwd.db

intitle:"index of" spwd

intitle:"Index of" spwd.db passwd -pam.conf

intitle:"index of" user_carts OR user_cart

intitle:"Index of..etc" passwd

intitle:"iVISTA.Main.Page"

intitle:"network administration" inurl:"nic"

intitle:"OfficeConnect Cable/DSL Gateway" intext:"Checking your browser"

intitle:"remote assessment" OpenAanval Console

intitle:"Remote Desktop Web Connection" inurl:tsweb

intitle:"switch login" "IBM Fast Ethernet Desktop"

intitle:"SWW link" "Please wait....."

intitle:"teamspeak server-administration

intitle:"TUTOS Login"

intitle:"VMware Management Interface:" inurl:"vmware/en/"

intitle:"Welcome to the Advanced Extranet Server, ADVX!"

intitle:"Welcome to Windows 2000 Internet Services"

intitle:"Connection Status" intext:"Current login"

intitle:"inc. vpn 3000 concentrator"

intitle:asterisk.management.portal web-access

intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com

intitle:index.of administrators.pwd

intitle:index.of cgiirc.config

intitle:Index.of etc shadow site:passwd

intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"

intitle:index.of master.passwd

intitle:index.of passwd passwd.bak

intitle:index.of people.lst

intitle:index.of trillian.ini

intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc"

intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"

intitle:open-xchange inurl:login.pl

inurl:":10000" intext:webmin

inurl:"8003/Display?what="

inurl:"auth_user_file.txt"

inurl:"GRC.DAT" intext:"password"

inurl:"printer/main.html" intext:"settings"

inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample

inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample

inurl:"ViewerFrame?Mode="

inurl:"wvdial.conf" intext:"password"

inurl:"wwwroot/

inurl:/Citrix/Nfuse17/

inurl:/db/main.mdb

inurl:/wwwboard

inurl:access

inurl:admin filetype:db

inurl:asp

inurl:buy

inurl:ccbill filetype:log

inurl:cgi

inurl:cgiirc.config

inurl:config.php dbuname dbpass

inurl:data

inurl:default.asp intitle:"WebCommander"

inurl:download

inurl:file

inurl:filezilla.xml -cvs

inurl:forum

inurl:home

inurl:hp/device/this.LCDispatcher

inurl:html

inurl:iisadmin

inurl:inc

inurl:info

inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man

inurl:list

inurl:login filetype:swf swf

inurl:mail

inurl:midicart.mdb

inurl:names.nsf?opendatabase

inurl:new

inurl:nuke filetype:sql

inurl:order

inurl:ospfd.conf intext:password -sample -test -tutorial -download

inurl:pages

inurl:pap-secrets -cvs

inurl:passlist.txt

Ultima Online loginservers

inurl:Proxy.txt

inurl:public

inurl:search

inurl:secring ext:skr | ext:pgp | ext:bak

inurl:shop

inurl:shopdbtest.asp

inurl:software

inurl:support

inurl:user

inurl:vtund.conf intext:pass -cvs s

inurl:web

inurl:zebra.conf intext:password -sample -test -tutorial -download

LeapFTP intitle:"index.of./" sites.ini modified

signin filetype:url

site:ups.com intitle:"Ups Package tracking" intext:"1Z ### ### ## #### ### #"

top secret site:mil

Ultima Online loginservers

VP-ASP Shop Administrators only

XAMPP "inurl:xampp/index"

intitle:”Live View / - AXIS” | inurl:view/view.shtml^

inurl:ViewerFrame?Mode=

inurl:ViewerFrame?Mode=Refresh

inurl:axis-cgi/jpg

inurl:axis-cgi/mjpg (motion-JPEG)

inurl:view/indexFrame.shtml

inurl:view/index.shtml

inurl:view/view.shtml

liveapplet

intitle:”live view” intitle:axis

intitle:liveapplet

allintitle:”Network Camera NetworkCamera”

intitle:axis intitle:”video server”

intitle:liveapplet inurl:LvAppl

intitle:”EvoCam” inurl:”webcam.html”

intitle:”Live NetSnap Cam-Server feed”

intitle:”Live View / - AXIS”

intitle:”Live View / - AXIS 206M”

intitle:”Live View / - AXIS 206W”

intitle:”Live View / - AXIS 210?

inurl:indexFrame.shtml Axis

inurl:”MultiCameraFrame?Mode=Motion”

intitle:start inurl:cgistart

intitle:”WJ-NT104 Main Page”

intext:”MOBOTIX M1? intext:”Open Menu”

intext:”MOBOTIX M10? intext:”Open Menu”

intext:”MOBOTIX D10? intext:”Open Menu”

intitle:snc-z20 inurl:home/

intitle:snc-cs3 inurl:home/

intitle:snc-rz30 inurl:home/

intitle:”sony network camera snc-p1?

intitle:”sony network camera snc-m1?

site:.viewnetcam. com -www. viewnetcam. com

intitle:”Toshiba Network Camera” user login

intitle:”netcam live image”

intitle:”i-Catcher Console - Web Monitor”

Happy Hacking. :)

0 comments:

Post a Comment

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Online Project management