GHDB
GHDB :: sensitive Directories
| Date | Title | Summary | |
| 2003-06-24 | Look in my backup directories! Please? | Backup directories are often very interesting places to explore. More than one server has been compromised by a hacker's discovery of sensitive i … |  |
| 2003-06-27 | secret | What kinds of goodies lurk in directories marked as "secret?" Find out… … | |
| 2003-06-27 | private | What kinds of things might you find in directories marked "private?" let's find out…. … | |
| 2003-06-27 | winnt | The \WINNT directory is the directory that Windows NT is installed into by default. Now just because google can find them, this doesn't necessari … | |
| 2003-06-27 | secure | What could be hiding in directories marked as "secure?" let's find out… … | |
| 2003-06-27 | protected | What could be in a directory marked as "protected?" Let's find out… … | |
| 2003-06-27 | index.of.password | These directories are named "password." I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with … | |
| 2004-03-16 | inurl:backup intitle:index.of inurl:admin | This query reveals backup directories. These directories can contain various information ranging from source code, sql tables, userlists, and even pas … | |
| 2003-08-12 | "Welcome to phpMyAdmin" " Create ne… | phpMyAdmin is a widly spread webfrontend used to mantain sql databases. The default security mechanism is to leave it up to the admin of the website t … | |
| 2004-02-10 | intitle:"Index of c:\Windows" | These pages indicate that they are sharing the C:\WINDOWS directory, which is the system folder for many Windows installations. … | |
| 2004-03-29 | intitle:"index. of.personal" | This directory has various personal documents and pictures. … | |
| 2004-04-19 | intitle:"Index of" cfide | This is the top level directory of ColdFusion, a powerful web development environment. This directory most likely contains sensitive information about … | |
| 2004-04-23 | "index of cgi-bin" | CGI directories contain scripts which can often be exploited by attackers. Regardless of the vulnerability of such scripts, a directory listing of the … | |
| 2004-04-28 | inurl:j2ee/examples/ jsp | This directory contains sample JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used by an a … | |
| 2004-04-28 | inurl:ojspdemos | This directory contains sample Oracle JSP scripts which are installed on the server. These programs may have security vulnerabilities and can be used … | |
| 2004-04-28 | inurl:/pls/sample/ad min_/help/ | This is the default installation location of Oracle manuals. This helps in footprinting a server, allowing an attacker to determine software version i … | |
| 2004-05-04 | "index of" inurl:recycler | This is the default name of the Windows recycle bin. The files in this directory may contain sensitive information. Attackers can also crawl the direc … | |
| 2004-05-11 | inurl:/tmp | Many times, this search will reveal temporary files and directories on the web server. The information included in these files and directories will va … | |
| 2004-05-13 | intitle:intranet inurl:intranet +intext:"huma.. . | According to whatis.com: "An intranet is a private network that is contained within an enterprise. [...] The main purpose of an intranet is to sh … | |
| 2004-06-01 | "Index Of /network" "last modified&… | Many of these directories contain information about the network, though an attacker would need a considerable amount of patience to find it. … | |
| 2004-06-02 | intitle:"album permissions" "Users … | Gallery (http://gallery.menalto.com) is software that allows users to create webalbums and upload pictures to it. In some installations Gallery lets y … | |
| 2004-06-14 | filetype:cfg ks intext:rootpw -sample -test -howto | Anaconda is a linux configuration tool like yast on suse linux. The root password is often encrypted – like md5 or read from the shadow. Sometimes an … | |
| 2004-07-12 | Index of phpMyAdmin | phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/dr … | |
| 2004-07-16 | index.of.password | These directories are named "password." I wonder what you might find in here. Warning: sometimes p0rn sites make directories on servers with … | |
| 2004-07-20 | "index of" / picasa.ini | Picasa is an 'Automated Digital Photo Organizer' recently aquired by Google. This search allows the voyer to browse directories of photos up … | |
| 2004-08-05 | intext:"d.aspx? id" || inurl:"d.aspx.. . | "The YouSendIt team was formed to tackle a common problem: secure transmission of large documents online without the use of clumsy client softwar … | |
| 2004-08-26 | intitle:index.of /AlbumArt_ | Directories containing commercial music.AlbumArt_{.*}.jpg are download/create by MS-Windows Media Player in music directory. … | |
| 2004-09-10 | intitle:"Index of *" inurl:"my shar… | These are index pages of "My Shared Folder". Sometimes they contain juicy stuff like mp3's or avi files. Who needs pay sites for music … | |
| 2004-09-21 | intitle:index.of (inurl:fileadmin | intitle:filead… | TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets, featuring a set of ready-made interfaces, f … | |
| 2004-09-24 | intitle:"webadm in – /*" filetype:php dir… | Webadmin.php is a free simple Web-based file manager. This search finds sites that use this software. If left unprotected an attacker files can be mod … | |
| 2004-10-19 | intitle:"Direct ory Listing For" intext:T… | The Google Hackers Guide explains how to find Apache directory indexes, which are the most common found on the Internet. There are other ways however. … | |
| 2004-10-25 | index.of.dcim | The DCIM directory is the default name for a few brands of digital camers. This is not a big network security risk, but like netcams it can reveal jui … | |
| 2004-10-20 | intitle:"index of" -inurl:htm -inurl:htm… | Yes! I probably have should have told you guys earlier, but this is how ive been getting 100% of my mp3s. It fricken rocks, use it and abuse it. Do … | |
| 2004-10-31 | inurl:explorer.cfm inurl:(dirpath|This_ Directory) | Filemanager without authentication. … | |
| 2004-10-31 | intitle:"index of" intext:"content …. | This dork indicates the "Local settings" dir in most cases, and browseble server directories in general. … | |
| 2004-11-07 | "intitle:Index. Of /" stats merchant cgi-… | This search looks for indexes with the following subdirectories: stats, merchant, online-store and cgi-local or cgi-bin. These servers have a shopping … | |
| 2004-11-28 | intext:"Powered By: TotalIndex" intitle:… | TotalIndex v2.0 is an open source script that is designed to replace the simple, and boring default index page of a site which lists the files in an i … | |
| 2004-12-05 | intitle:"index of" "parent director… | This search uses desktop.ini to track users with a webserver running on their desktop computers. It can easily be extended to find specific documents. … | |
| 2004-12-19 | "Powered by Invision Power File Manager"… | Invision Power File Manager is a popular file management script, written in the popular PHP Scripting Language. It is compatiable with all forms of Un … | |
| 2004-12-19 | intitle:"Index of /CFIDE/" administrator | With ColdFusion, you can build and deploy powerful web applications and web services with far less training time and fewer lines of code than ASP, PHP … | |
| 2004-12-19 | intitle:index.of abyss.conf | These directories reveal the configuration file of the abyss webserver. These files can contain passwords. … | |
| 2004-12-29 | allinurl:"/*/_v ti_pvt/" | allinurl:"… | Frontpage extensions for Unix ? So be it.. … | |
| 2004-12-30 | intitle:"index of" inurl:ftp (pub | inco… | Adding "inurl:ftp (pub | incoming)" to the "index.of" searches helps locating ftp websites. This query can easily be narrowed furt … | |
| 2005-01-01 | intitle:upload inurl:upload intext:upload -forum -… | The search reveals server upload portals.An attacker can use server space for his own benefit. … | |
| 2005-01-05 | intitle:"HFS /" +"HttpFileServe r&qu… | "The HttpFileServer is a Java based mechanism for providing web access to a set of files on a server. This is very similar to Apache Directory In … | |
| 2005-01-07 | "Web File Browser" "Use regular exp… | This will ask google to search for a php script used to manage files on a server. The script "Web File Browser" enables users to change file … | |
| 2005-01-09 | "Index of" rar r01 nfo Modified 2004 | New Warez Directory Lists … | |
| 2005-01-16 | filetype:torrent torrent | Torrent files .. don't expect to find spectacular stuff with this kind of string, this just to shows you can use Google for all kinds of filetype … | |
| 2005-02-17 | filetype:ini Desktop.ini intext:mydocs.dll | This dork finds any webshared windows folder inside my docs. You can change the end bit "intext:mydocs.dll" by looking inside any of your yo … | |
| 2005-03-26 | intitle:index.of /maildir/new/ | search gives you a mailbox dir. Contains a lot of mails. … | |
| 2005-05-02 | intitle:index.of WEB-INF | Finds java powered web servers which have indexing enabled on their config directory … | |
| 2005-07-21 | intitle:"pictur es thumbnails" site:pictu… | This search reveals the photo albums taken by Sprint PCS customers. Pictures taken with Sprint's cell phone service can be shared on their websit … | |
| 2005-09-13 | intitle:"Backup -Management (phpMyBackup v.0.4… | phpMyBackup is an mySQL backup tool, with features like copying backups to a different server using FTP. … | |
| 2005-09-26 | intitle:"Folder Listing" "Folder Li… | directory listing for Fastream NETFile Web Server … | |
| 2005-09-26 | "Directory Listing for" "Hosted by … | directory listing for Xerver web server … | |
| 2005-11-11 | log inurl:linklint filetype:txt -"checking&qu.. . | Linklint is an Open Source Perl program that checks links on web sites. This search finds the Linklint log directory. Complete site map able to be rec … | |
| 2005-11-28 | "Welcome to the directory listing of" &q… | this is for NetworkActiv-Web-Server directory listing … | |
| 2005-12-01 | "Warning: Installation directory exists at&qu… | by this dork you can find fresh installations of Zen-Cartsee Full Disclosure forums fore details… ;) … | |
| 2006-01-16 | inurl:install.pl intext:"Reading path paramat… | Excelent information for foot holds. Everything from OS, to forum software, etc. Other exploits possible … | |
| 2006-02-28 | allintitle:"Fir stClass Login" | allintitle:"FirstClass Login" this is for firstclass directory listingsgo to http://[target]/[path]/Search type just ' in search field … | |
| 2006-07-14 | intitle:index.of.con fig | These directories can give information about a web servers configuration. This should never be viewable to the public as some files may contain cleart … | |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?