Google Hacking Database (GHDB)
Search the Google Hacking Database or browse GHDB categories
Sensitive Directories
Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret
DATETitleSummary
!""#-"$-!% &rivate hat kinds of things might you find in directories marked (&rivate)( let's find out.....!""#-"$-!%secret hat kinds of goodies lurk in directories marked as (secret)( *ind out......!""#-"$-!+,ook in my backu& directories lease) Backu& directories are often very interesting &laces to e&lore. /ore than one server has been ...!""+-0!-#"intitle1(inde of( inurl1ft& 2&ub 3 inco... 4dding (inurl1ft& 2&ub 3 incoming5( to the (inde.of( searches hel&s locati...!""+-0!-!6allinurl1(7879vti9&vt7( 3 allinurl1(... *ront&age etensions for :ni ) So be it.....!""+-0!-06intitle1inde.of abyss.conf These directories reveal the configuration file of the abysswebserver. These files can contain...!""+-0!-06intitle1(;nde of 7<*;D=7( administrator ith <old*usion> you can build and de&loy &owerful weba&&lications and web services with far l...!""+-0!-06(owered by ;nvision ower *ile /anager(... ;nvision ower *ile /anager is a &o&ular file management scri&t> written in the &o&ular H Scr...!""+-0!-"?intitle1(inde of( (&arent director... This search uses deskto&.ini to track users with a webserver running on their deskto& com&uters...!""+-00-!@intet1(owered By1 Total;nde( intitle1... Total;nde v!." is an o&en source scri&t that is designed to re&lace the sim&le> and boring def...!""+-00-"%(intitle1;nde.Af 7( stats merchant cgi-... This search looks for indees with the following subdirectories1 stats> merchant> online-store ...!""+-0"-#0intitle1(inde of( intet1(content.... This dork indicates the (,ocal settings( dir in most cases> and browseble server dire...!""+-0"-!"intitle1(inde of( -inurl1htm -inurl1htm... es ; &robably have should have told you guys earlier> but this is how ive been getting 0""C ...!""+-0"-!?inde.of.dcim The D<;/ directory is the default name for a few brands of digital camers. This is not a big ne...!""+-0"-06intitle1(Directory ,isting *or( intet1T... The Google Hackers Guide e&lains how to find 4&ache directory indees> which are the most comm...!""+-"6-!+intitle1(webadmin - 78( filety&e1&h& dir... ebadmin.&h& is a free sim&le eb-based file manager. This search finds sites that use this sof...!""+-intitle1inde.of 2inurl1fileadmin 3 TA# is a free A&en Source content management
"6-!0intitle1filead... system for enter&rise &ur&oses on the web and in...!""+-"6-0"intitle1(;nde of 8( inurl1(my shar... These are inde &ages of (/y Shared *older(. Sometimesthey contain uicy stuff like ...!""+-"@-!$intitle1inde.of 74lbum4rt9 Directories containing commercial music.4lbum4rt9E.8F.&g are download7create by /S-indows /ed...!""+-"@-"?intet1(d.as&)id( 33 inurl1(d.as&... (The ouSend;t team was formed to tackle a common &roblem1 secure transmission of large do...!""+-"%-!"(inde of( 7 &icasa.ini icasa is an '4utomated Digital hoto Arganier' recently auired by Google. This search allows...!""+-"%-0$inde.of.&assword These directories are named (&assword.( ; wonder what you might find in here. arning...!""+-0"-#0inurl1e&lorer.cfm inurl12dir&ath3This9Directory5 *ilemanager without authentication....!""+-"%-0!;nde of &h&/y4dmin &h&/y4dmin is a tool written in H intended to handle the administration of /ySI, over the eb...!""+-"$-0+filety&e1cfg ks intet1root&w -sam&le -test -howto 4naconda is a linu configuration tool like yast on suse linu. The root &assword is often encr...!""+-"$-"!intitle1(album &ermissions( (:sers ... Gallery 2htt&177gallery.menalto.com5 is software that allows users to create webalbums and u&lo...!""+-"$-"0(;nde Af 7network( (last modifiedJ... /any of these directories contain information about the network> though an attacker would need ...!""+-"?-0#intitle1intranet inurl1intranet Kintet1(huma... 4ccording to whatis.com1 (4n intranet is a &rivate network that is contained within an ent...!""+-"?-00inurl17tm& /any times> this search will reveal tem&orary files and directories on the web server. The info...!""+-"?-"+(inde of( inurl1recycler This is the default name of the indows recycle bin. The files in this directory may contain se...!""+-"+-!@inurl17&ls7sam&le7admin97hel&7 This is the default installation location of Aracle manuals.This hel&s in foot&rinting a serve...!""+-"+-!@inurl1os&demos This directory contains sam&le Aracle LS scri&ts which are installed on the server. These &rog...!""+-"+-!@inurl1!ee7eam&les7s& This directory contains sam&le LS scri&ts which are installed on the server. These &rograms ma...!""+-"+-!#(inde of cgi-bin( <G; directories contain scri&ts which can often be e&loited by attackers. Megardless of the vu...!""+-"+-06intitle1(;nde of( cfide This is the to& level directory of <old*usion> a &owerful web develo&ment environment. This dir...!""+-"#-!6intitle1(inde.of.&ersonal( This directory has various &ersonal documents and &ictures....!""+-"!-0"intitle1(;nde of c1Nindows( These &ages indicate that they are sharing the <1N;ODAS directory> which is the system folder...!""#-"@-0!(elcome to &h&/y4dmin( ( <reate ne... &h&/y4dmin is a widly s&read webfrontend used to mantain sl databases. The default security me...!""+-"#-0$inurl1backu& intitle1inde.of inurl1admin This uery reveals backu& directories. These directories can contain various information rangin...!""#-"$-!%inde.of.&assword These directories are named (&assword.( ; wonder what you might find in here. arning...!""#- &rotected hat could be in a directory marked as (&rotected)( ,et's
"$-!%find out......!""#-"$-!%secure hat could be hiding in directories marked as (secure)( let's find out......!""#-"$-!%winnt The N;OOT directory is the directory that indows OT is installed into by default. Oow ust be...!"0?-"?-!%inurl1w&-admin7 intet1css7 The dork finds misconfigured ordress sites. 4uthor1OickiP. ...!"0?-"?-!$intitle1(;nde of ft&( This dork finds o&en ft&s. This is a base dork> where you can add intet1(ssh7( for ...!"0?-"+-!#intitle1inde.of.dro&bo Sensitive Directories 4riel 4nonis - Qariel9anonis ...!"0?-"+-"#intitle1inde.of.accounts Dork for directory with accounts. By Mootkit. ...!"0?-"+-"#intitle1inde.of K(;ndeed by 4&ache11Gallery... Google dork for finding rivate &ics R5 1D 0#lacPDemAn ...!"0?-"!-!%inurl17w&-content7w&backitu&9backu&s Melates to htt&s177word&ress.org7&lugins7w&-backitu&7 Sensitive data7site ri&s7db ri&s in &u...!"0?-"!-06(<onfig( intitle1(;nde of( in... Directory with keys of v&n servers. By Mootkit. ...!"0?-"!-00(os9users( intitle1(;nde of( (os9users( intitle1(;nde of( *iles of configuration of user Loomla serve...!"0?-"0-"$inurl17cgi-bin7.cgi *inds o&en inde of 7cgi-bin. ...!"0+-"!-"?allinurl17hide9my9w& i ust found a google dork that is file7&ath disclosure of Hide /y &lugin Google dork -...!"0#-00-!?intitle1(inde of( intet1(.ds9stor... /ac ASU directories -- -VWoluntas Wincit AmniaX- website htt&177www.erisresearch.org7 Go...!"0#-"6-!+intitle1(inde of( myshare Google search for shared HDD directories or shared directories on servers. Gives access to oft...!"0#-"@-"@inurl1@"@" intitle1(Dashboard VLenkinsX( Summary1 4cces to Lenkins Dashboard 4uthor1 g""gl# ?c"u% ...!"0#-"@-"@intitle1inde.of intet1.bash9history the GHDB on subect 2intitle1inde.of intet1.bash9history5 finds all home users directory &at...!"0#-"@-"@intet1am&&-dav-unsecure1Ya&r0Y$A6sc&DIYLGw!T"... =&loit Title1 google dork for a&ache directory listing by url edit Google Dork1 intet1a...!"0#-"+-"6(inde of( inurl1sym Google Dork1 (inde of( inurl1sym ou can Steal the symlinks of other Servers 4...!"0#-"+-"6(inde of( inurl1root intitle1symlink Google Dork1 inde of( inurl1root intitle1symlink Steal Athers Symlink 4uthor1 :n"wn...!"0!-00-"!inurl1ckfinder intet1(ckfinder.html( in... Dork1 inurl1ckfinder intet1(ckfinder.html( intitle1(;nde of 7ckfinder( ...!"00-00-06inurl17am&& this dork looks for servers with am&& installed...!"0"-00-0"allintet1(ebServerU Server at( Iuick and dirty ebserverU HTT server google dork ...!"0"-00-0"intitle1inde.of ios -site1cisco.com Google search for <isco ;AS images 4uthor1 fdisk...!"0"-00-0"intitle1inde.of cisco asa -site1cisco.com Google search for i74sa images 4uthor1 fdisk...
!""$-"%-0+intitle1inde.of.config These directories can give information about a web servers configuration. This should never be ...!""$-"!-!@allintitle1(*irst<lass ,ogin( allintitle1(*irst<lass ,ogin( this is for firstclass directory listingsgo to htt&177V...!""$-"0-0$inurl1install.&l intet1(Meading &ath &aramat...=celent information for foot holds. =verything from AS>to forum software> etc. Ather e&loits...!""?-0!-"0(arning1 ;nstallation directory eists atJu... by this dork you can find fresh installations of Zen-<artsee *ull Disclosure forums fore detail...!""?-00-!@(elcome to the directory listing of( J... this is for Oetwork4ctiv-eb-Server directory listing...!""?-00-00log inurl1linklint filety&e1tt -(checkingJu...,inklint is an A&en Source erl &rogram that checks linkson web sites. This search finds the ,...!""?-"6-!$(Directory ,isting for( (Hosted by ... directory listing for Uerver web server...!""?-"6-!$intitle1(*older ,isting( (*older ,i... directory listing for *astream O=T*ile eb Server...!""?-"6-0#intitle1(Backu&-/anagement 2&h&/yBacku& v.".+... &h&/yBacku& is an mySI, backu& tool> with features like co&ying backu&s to a different server u...!""?-"%-!0intitle1(&ictures thumbnails( site1&ictu... This search reveals the &hoto albums taken by S&rint <Scustomers. ictures taken with S&rint'...!""?-"?-"!intitle1inde.of =B-;O* *inds ava &owered web servers which have indeing enabled on their config directory...!""?-"#-!$intitle1inde.of 7maildir7new7 search gives you a mailbo dir. <ontains a lot of mails....!""?-"!-0%filety&e1ini Deskto&.ini intet1mydocs.dll This dork finds any webshared windows folder inside my docs. ou can change the end bit (i...!""?-"0-0$filety&e1torrent torrent Torrent files .. don't e&ect to find s&ectacular stuff with this kind of string> this ust to ...!""?-"0-"6(;nde of( rar r"0 nfo /odified !""+ Oew are Directory ,ists...!""?-"0-"%(eb *ile Browser( (:se regular e&... This will ask google to search for a &h& scri&t used to manage files on a server. The scri&t J...!""?-"0-"?intitle1(H*S 7( K(Htt&*ileServerJu... (The Htt&*ileServer is a Lava based mechanism for &roviding web access to a set of files o...!""?-"0-"0intitle1u&load inurl1u&load intet1u&load -forum -... The search reveals server u&load &ortals.4n attacker can use server s&ace for his own benefit....!"0$-00-!6Hostinger [ !"0$. 4ll rights reserved inurl1defaul... Google Dork1 Hostinger [ !"0$. 4ll rights reserved inurl1default.&h& Hostinger web hosting c...!"0$-00-!6inurl1(.esy.es7default.&h&( Dork1 inurl1(.esy.es7default.&h&( ou can add \Here is a list of files in your &ub...!"0$-0"-"+inde1(html7s7editor7fckeditor7editor7filema...name find liferay file &age Google dork Descri&tion1 inde1(html7s7editor7fckeditor7ed...!"0$-"@-"@inurl17*<Peditor7editor7filemanager7u&load7 inurl17*<Peditor7editor7filemanager7u&load7 ,et's you go through un&rotected files in the *<...!"0$-"%-!%inurl1&ictures intitle1inde.of inurl1&ictures intitle1inde.of ,oads of &ersonal &ictures and what not Sent from trum& t...!"0$-"$-"$inurl1trash intitle1inde.of Ane man's trash is another man's treasure. inurl1trash intitle1inde.of Decoy ...!"0$-inurl1.ssh intitle1inde.of authoried9keys SSH Peys inurl1.ssh intitle1inde.of authoried9keys
