Friday, December 27, 2013

5:51 AM

Prerequisites: (This one is Easy!)
1. A modern webbrowser and a internet.
2. Time

Method 1: Facebook!
We will be using a google dork to find usernames and passwords of many accounts including Facebook!

The Dork: intext:charset_test= email= default_persistent=
Enter that into Google, and you will be presented with several sites that have username and passwords lists!


Method 2: WordPress!

This will look for WordPress backup files Which do contain the passwords, and all data for the site!
The Dork: filetype:sql inurl:wp-content/backup-*

Method 3: WWWBoard!

This will look for the user and passwords of WWWBoard users
The Dork: inurl:/wwwboard/passwd.txt

Method 4: FrontPage!

This will find all users and passwords, similar to above.
The Dork: ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"

Method 5: Symfony!
This finds database information and logins
The Dork: inurl:config/databases.yml -trac -trunk -"Google Code" -source -repository

Method 6: TeamSpeak! (big one!!!!!)
This will search for the server.dbs file (a Sqlite database file With the SuperAdmin username and password!!!)
The Dork: server-dbs "intitle:index of"

Method 7: TeamSpeak2!!! (also big!)
This will find the log file which has the Super Admin user and pass in the Top 100 lines. Look for "superadmin account info:"
The Dork: "inurl:Teamspeak2_RC2/server.log"

Method 8: Get Admin pass!
Simple dork which looks for all types of admin info
The Dork: "admin account info" filetype:log

Method 9: Private keys! (not any more!) 
This will find any .pem files which contain private keys.
The Dork: filetype:pem pem intext:private

And the Ultimate one, the regular directory full of passwords....
Method 10: The Dir of Passwords! 
Simple one!
The Dork: intitle:"Index of..etc" passwd

0 comments:

Post a Comment