CVE Certified
GHDB

Google Hacking Database

Footholds

Examples of queries that can help a hacker gain a foothold into a web server

DATE Title Summary
2011-09-26 inurl:"amfphp/browser/servicebrowser.swf"... AMFPHP service browser, debug interface. Author: syddd ...
2011-01-09 allintext:"fs-admin.php" A foothold using allintext:"fs-admin.php" shows the world readable directories of a...
2006-05-03 (intitle:"SHOUTcast Administrator")|(int... sHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to...
2006-03-15 (intitle:"WordPress â€Ã... Alter setup configuration files.add ?step=1...
2006-03-06 "index of /" ( upload.cfm | upload.asp |... searches for scripts that let you upload files which you can then execute on the server....
2006-02-08 "Please re-enter your password It must match ... Invision Powerboard registration pages. Plain and simple....
2006-01-04 inurl:"tmtrack.dll?" This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust ...
2005-10-06 inurl:polly/CP You can get into admin panel without logging....
2005-09-25 intitle:"net2ftp" "powered by net2f... net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means ...
2005-08-15 intitle:MyShell 1.1.0 build 20010923 Basicly MyShell is a php program that allows you to execute commands remotely on whichever serv...
2005-05-02 intitle:"YALA: Yet Another LDAP Administrator... YALA is a web-based LDAP administration GUI. The idea is to simplify the directory administrati...
2005-04-27 intitle:"ERROR: The requested URL could not b... squid error messages, most likely from reverse proxy servers....
2004-12-19 inurl:"phpOracleAdmin/php" -download -cv... phpOracleAdmin is intended to be a webbased Oracle Object Manager.In many points alike phpMyAdm...
2004-11-28 PHPKonsole PHPShell filetype:php -echo PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver....
2004-11-28 filetype:php HAXPLORER "Server Files Browser&... Haxplorer is a webbased filemanager which enables the user to browse files on the webserver. Yo...
2004-11-06 inurl:ConnectComputer/precheck.htm | inurl:Remote/... Windows Small Business Server 2003: The network configuration page is called "ConnectCompu...
2004-10-22 (inurl:81/cgi-bin/.cobalt/) | (intext:"Welco... The famous Sun linux appliance. The default page displays this text:"Congratulations on Ch...
2004-10-09 intitle:"Web Data Administrator - Login" The Web Data Administrator is a utility program implemented in ASP.NET that enables you to easi...
2004-07-20 "adding new user" inurl:addnewuser -&quo... Allows an attacker to create an account on a server running Argosoft mail server pro for window...
2004-07-12 PHP Shell (unprotected) PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary she...