Akses penuh ke PHPMYADMIN



1 deface Mengapa ketika Anda dapat memilikinya?

Buka Google dan ketik ini:

intitle:PhpMyAdmin "Welcome to phpMyAdmin***" running on * as root@*"



Ini akan memberi Anda password dari phpMyAdmin , berarti Anda akan memiliki akses ke semua file, dapat membuat perubahan dll.

======================================

Untuk menemukan website Sandi jenis Admin berikut pada panel Google:

inurl: vti_pvt "service.pwd"

(password akan dienkripsi) "mengubah password terenkripsi untuk hash md5 kemudian menggunakan milw0rm



Juga Anda dapat Anda menggunakan kode bila Anda memiliki waktu luang menikmati ..



Google Search string

-------------------------

=> inurl:/db/main.mdb |ASP-Nuke passwords



filetype:cfm "cfapplication |ColdFusion source with potential passwords name" password



filetype:pass |dbman credentials pass intext:userid



allinurl:auth_user_file.txt |DCForum user passwords



eggdrop filetype:user user |Eggdrop IRC user credentials



filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials



filetype:url +inurl:"ftp://" |FTP bookmarks cleartext passwords

=> inurl:"@"

inurl:zebra.conf intext: |GNU Zebra passwords

password -sample -test

=> tutorial download

filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials



intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials



"htgroup" -intitle:"dist"

apache -htpasswd.c



intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials

htpasswd.bak



"http://*:*@www" bob:bob |HTTP passwords (bob is a sample username)



"sets mode: +k" |IRC channel keys (passwords)



"Your password is * |Remember IRC NickServ registration passwords

this for later use"signin filetype:url |JavaScript authentication credentials

LeapFTP intitle:"index.of./" |LeapFTP client login credentials

sites.ini modified

inurl:lilo.conf filetype:conf |LILO passwords

password -tatercounter2000

-bootpwd –man

filetype:config config intext: |Mcft .NET application credentials

appSettings "User ID" filetype:pwd service |Mcft FrontPage Service Web passwords

intitle:index.of |Mcft FrontPage Web credentials

administrators.pwd

"# -FrontPage-" |Mcft FrontPage Web passwords

inurl:service.pwd

ext:pwd inurl:_vti_pvt inurl: |Mcft FrontPage Web passwords

=> (Service | authors | administrators)inurl:perform filetype:ini |mIRC nickserv credentials



intitle:"index of" intext: |mySQL database credentials

connect.inc

intitle:"index of" intext: |mySQL database credentials

globals.inc

filetype:conf oekakibbs |Oekakibss user passwords



filetype:dat wand.dat |Opera‚ ÄúMagic Wand‚Äù Web credentials



inurl:ospfd.conf intext: |OSPF Daemon Passwords

password -sample -test

-tutorial –downloadindex.of passlist |Passlist user credentialsinurl:passlist.txt |passlist.txt file user credentialsfiletype:dat "password.dat" |password.dat files

inurl:password.log filetype:log |password.log file reveals usernames,

|passwords,and hostnames

filetype:log inurl:"password.log" |password.log files cleartext

|passwordsinurl:people.lst filetype:lst |People.lst generic password file

intitle:index.of config.php |PHP Configuration File database

|credentials

inurl:config.php dbuname dbpass |PHP Configuration File database

|credentialsinurl:nuke filetype:sql |PHP-Nuke credentials

filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials

"USER.PASS="filetype:ini ServUDaemon |servU FTP Daemon credentialsfiletype:conf slapd.conf |slapd configuration files root password

inurl:"slapd.conf" intext: |slapd LDAP credentials

"credentials" -manpage

-"Manual Page" -man: -sample

inurl:"slapd.conf" intext: |slapd LDAP root password

"rootpw" -manpage

-"Manual Page" -man: -samplefiletype:sql "IDENTIFIED BY" –cvs |SQL passwordsfiletype:sql password |SQL passwordsfiletype:ini wcx_ftp |Total Commander FTP passwordsfiletype:netrc password |UNIX .netrc user credentials

index.of.etc |UNIX /etc directories contain

|various credential filesintitle:"Index of..etc" passwd |UNIX /etc/passwd user credentials

intitle:index.of passwd |UNIX /etc/passwd user credentials

passwd.bakintitle:"Index of" pwd.db |UNIX /etc/pwd.db credentialsintitle:Index.of etc shadow |UNIX /etc/shadow user credentialsintitle:index.of master.passwd |UNIX master.passwd user credentials

intitle:"Index of" spwd.db |UNIX spwd.db credentials

passwd -pam.conf

filetype:bak inurl:"htaccess| |UNIX various password file backups

passwd|shadow|htusers filetype:inc dbconn |Various database credentials

filetype:inc intext:mysql_ |Various database credentials, server names

connect

filetype:properties inurl:db |Various database credentials, server names

intext:passwordinurl:vtund.conf intext:pass –cvs |Virtual Tunnel Daemon passwords

inurl:"wvdial.conf" intext: |wdial dialup user credentials

"password"filetype:mdb wwforum |Web Wiz Forums Web credentials"AutoCreate=TRUE password=*" |Website Access Analyzer user passwordsfiletype:pwl pwl |Windows Password List user credentials

filetype:reg reg +intext: |Windows Registry Keys containing user

"defaultusername" intext: |credentials

"defaultpassword"

filetype:reg reg +intext: |Windows Registry Keys containing user

"internet account manager" |credentials

"index of/" "ws_ftp.ini" |WS_FTP FTP credentials

"parent directory"filetype:ini ws_ftp pwd |WS_FTP FTP user credentials

inurl:admin filetype: |asp Generic userlist files

inurl:userlist |

inurl:php inurl: |Half-life statistics file, lists username and

hlstats intext: |other information

Server Username |

filetype:ctl |

inurl:haccess. |Mcft FrontPage equivalent of htaccess

ctl Basic |shows Web user credentials

filetype:reg |

reg intext: |Mcft Internet Account Manager can

"internet account manager" |reveal usernames and more

filetype:wab wab |Mcft Outlook Express Mail address

|books

filetype:mdb inurl:profiles |Mcft Access databases containing

|profiles.

index.of perform.ini |mIRC IRC ini file can list IRC usernames and

|other information

inurl:root.asp?acs=anon |Outlook Mail Web Access directory can be

|used to discover usernames

filetype:conf inurl:proftpd. |PROFTP FTP server configuration file

conf –sample |reveals

|username and server information

filetype:log username putty |PUTTY SSH client logs can reveal

|usernames

|and server information

filetype:rdp rdp |Remote Desktop Connection files reveal user

|credentials

intitle:index.of |UNIX bash shell history reveals commands

.bash_history |typed at a bash command prompt; usernames

|are often typed as argument strings

intitle:index.of |UNIX shell history reveals commands typed at

.sh_history |a shell command prompt; usernames are

|often typed as argument strings

"index of " lck |Various lock files list the user currently using

|a file

+intext:webalizer +intext: |Webalizer Web statistics page lists Web user-

Total Usernames +intext: |names and statistical information

"Usage Statistics for"

filetype:reg reg HKEY_ |Windows Registry exports can reveal

CURRENT_USER |username usernames and other information


mungkin cukup sekian informasi yg saya berikan, semoga bisa membantu kawan2 semua ^_^
pukul 03.21 Label:

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)
 

BLAZE.info Copyright © 2011-2012 | Powered by Blaze.vbs