Sign in to follow this  
Followers 0
ragweed

way to see what files are on a site...

20 posts in this topic

okay so anybody know a way to view ALL the files on a particular website through a search engine like google? if so what engines?

Share this post


Link to post
Share on other sites

try feeding this into the google search box, replacing stuff with what you want to search for, and example.com with the website you want to look on:

stuff site:example.com

(you could probably get it to list most/all files with a couple of carefully selected keywords)

Share this post


Link to post
Share on other sites
I've heard of it but never got it to work.

thats because they show you the incorrect format on google... you have to have a space before the : for example

download :www.stankdawg.com

Share this post


Link to post
Share on other sites

so, if i wanted to find a prog at site: "blahblah.com" all i have to do is

prog :blahblah.com

Share this post


Link to post
Share on other sites

Try google searches like:

intitle:"index of" mdb

This lets you in on all the poorly configured websites. You can throw mdb, db, cgi, sales.mdb, customer.mdb, waste, etc... it's a good way to surf the net if you're bored. I read it somewhere(governmentsecurity.org) and cannot take credit for it... it's pretty well documented.

Here:

"Index of /admin"

"Index of /password"

"Index of /mail"

"Index of /" +passwd

"Index of /" +password.txt

"Index of /" +.htaccess

index of ftp +.mdb allinurl:/cgi-bin/ +mailto

administrators.pwd.index

authors.pwd.index

service.pwd.index

filetype:config web

gobal.asax index

allintitle: "index of/admin"

allintitle: "index of/root"

allintitle: sensitive filetype:doc

allintitle: restricted filetype :mail

allintitle: restricted filetype:doc site:gov

inurl:passwd filetype:txt

inurl:admin filetype:db

inurl:iisadmin

inurl:"auth_user_file.txt"

inurl:"wwwroot/*."

top secret site:mil

confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)

allinurl:/bash_history

intitle:"Index of" .sh_history

intitle:"Index of" .bash_history

intitle:"index of" passwd

intitle:"index of" people.lst

intitle:"index of" pwd.db

intitle:"index of" etc/shadow

intitle:"index of" spwd

intitle:"index of" master.passwd

intitle:"index of" htpasswd

intitle:"index of" members OR accounts

intitle:"index of" user_carts OR user_cart

ALTERNATIVE INPUTS

_vti_inf.html

service.pwd

users.pwd

authors.pwd

administrators.pwd

shtml.dll

shtml.exe

fpcount.exe

default.asp

showcode.asp

sendmail.cfm

getFile.cfm

imagemap.exe

test.bat

msadcs.dll

htimage.exe

counter.exe

browser.inc

hello.bat

default.asp\

dvwssr.dll

cart32.exe

add.exe

index.jsp

SessionServlet

shtml.dll

index.cfm

page.cfm

shtml.exe

web_store.cgi

shop.cgi

upload.asp

default.asp

pbserver.dll

phf

test-cgi

finger

Count.cgi

jj

php.cgi

php

nph-test-cgi

handler

webdist.cgi

webgais

websendmail

faxsurvey

htmlscript

perl.exe

wwwboard.pl

www-sql

view-source

campas

aglimpse

glimpse

man.sh

AT-admin.cgi

AT-generate.cgi

filemail.pl

maillist.pl

info2www

files.pl

bnbform.cgi

survey.cgi

classifieds.cgi

wrap

cgiwrap

edit.pl

perl

names.nsf

webgais

dumpenv.pl

test.cgi

submit.cgi

guestbook.cgi

guestbook.pl

cachemgr.cgi

responder.cgi

perlshop.cgi

query

w3-msql

plusmail

htsearch

infosrch.cgi

publisher

ultraboard.cgi

db.cgi

formmail.cgi

allmanage.pl

ssi

adpassword.txt

redirect.cgi

cvsweb.cgi

login.jsp

dbconnect.inc

admin

htgrep

wais.pl

amadmin.pl

subscribe.pl

news.cgi

auctionweaver.pl

.htpasswd

acid_main.php

access.log

log.htm

log.html

log.txt

logfile

logfile.htm

logfile.html

logfile.txt

logger.html

stat.htm

stats.htm

stats.html

stats.txt

webaccess.htm

wwwstats.html

source.asp

perl

mailto.cgi

YaBB.pl

mailform.pl

cached_feed.cgi

global.cgi

Search.pl

build.cgi

common.php

show

global.inc

ad.cgi

WSFTP.LOG

index.html~

index.php~

index.html.bak

index.php.bak

print.cgi

register.cgi

webdriver

bbs_forum.cgi

mysql.class

sendmail.inc

CrazyWWWBoard.cgi

search.pl

way-board.cgi

webpage.cgi

pwd.dat

adcycle

post-query

help.cgi

Hope that helps

Share this post


Link to post
Share on other sites

good stuff IO cache... Thanks

Share this post


Link to post
Share on other sites

No prob. Again, I can't take any cred for it... It's a good way to target unpatched servers for xploits... I hear.

Share this post


Link to post
Share on other sites

but we can thank you for bringing the list to us.

Share this post


Link to post
Share on other sites

html gui for log files at:

http://awstats.sourceforge.net/

Good way to see the structure of a site for directory traversal... some actually list authenticated user's activities. From this you can get user names etc.... This particular site looks like all it is is the perl scripts to track access.

Share this post


Link to post
Share on other sites
html gui for log files at:

http://awstats.sourceforge.net/

Good way to see the structure of a site for directory traversal... some actually list authenticated user's activities. From this you can get user names etc.... This particular site looks like all it is is the perl scripts to track access.

this looks like a nice package! I have been looking for a new one and thought we might have to develope our own. This one looks like it almost everything i want, and it could be customized with my additions.

Even with my limited perl, I think i could mod it well enough. ^_^

Share this post


Link to post
Share on other sites

I love Google. It's great for digging up dirt on anyone or searching through any website.

Thanks l0cache for the ideas.

Share this post


Link to post
Share on other sites

I know i'm late to this post........

I was in barnes and noble the other day and saw this book call "Google Hacks" written by Tara Calishain and Rael Dornfest. I filped through it and it looks pretty interesting.

Just thought I would throw that in there.......

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0