Professional Documents
Culture Documents
Table of Contents
intitle:index.of Returns pages that have the term "index of" in their title. This is a way
to search for directory listings. You can also try: intitle:"index.of "parent
directory"
intitle:index.of.admin Returns pages that have the term "index of" in their title and the word
admin anywhere on the page, in the URL, and in the text. (Also try:
intitle:"index of" admin)
intitle:index.of.private Returns pages that have the term "index of" in their title and the word
private anywhere on the page, in the URL, and in the text. (Also try:
intitle:"index of" private)
intitle:"index of" "backup files" Returns pages that have the term "index of" in their title and the phrase
backup files anywhere on the page, in the URL, and in the text.
allintext: Finds a string of text within a page. It does not look in the title, URL or
links.
Page 2
"Hack You Way To Security" Advanced Hacking Expressions
Finding Credit Cards: numrange: You need two numbers here; a high and low number,
separated by a dash. A hacker will create a query that
would look like this to search for VISA and MasterCard
numbers: 4400-5500
filetype:afm Abassis Finance Manager
filetype:ab4 Accounting & Business File
filetype:tax Intuit Turbo Tax
filetype:mny Microsoft Money
filetype:mbf Microsoft Money Back-up Files
filetype:ptdb Peachtree Accounting
filetype:qbb Quickbooks Back-up Files
filetype:qbw Quickbooks Files
filetype:qdf Quicken
Page 3
"Hack You Way To Security" Advanced Hacking Expressions
AIM and IRC Chat Log Files intext:"Sesssion Start * * * *:* *" filetype:log
Page 4
"Hack You Way To Security" Advanced Hacking Expressions
Databases
Page 5
"Hack You Way To Security" Advanced Hacking Expressions
Try: http://groups.google.com/advanced_group_search)
filetype:pst pst ( contacts | address | inbox) Finds personal outlook mail folder sitting on the
Internet.
filetype:reg reg +intext:"internet account manager" Finds Windows retistry keys for Internet e-mail.
e-mail address filetype:csv csv CSV (Comma Separated Version) file for stored e-mail
addresses.
intitle:index.of dead.letter A Unix based file that contains unfinished e-mails that
may contain sensitive or confidential information.
inurl:fcgi-bin/echo A fastcgi echo script reveals a lot of information from e-
mail addresses to server information.
filetype:pst pst –from –to –date Finds outlook PST files
intitle:"Index of" –inurl:mailog mailog size Reveals usernames, e-mail addresses, user
login/logout times, IP addresses, directories on the
server and more.
Page 6
"Hack You Way To Security" Advanced Hacking Expressions
Login Portals
Page 7
"Hack You Way To Security" Advanced Hacking Expressions
SharePoint inurl:/_layouts/settings
Page 8
"Hack You Way To Security" Advanced Hacking Expressions
intitle:index.of "server at" Finds the directory that shows the server version information of any
given Web site that has this directory. Knowing what server operating
system allows a hacker to exploit a known vulnerability.
Page 9