CVE Certified
GHDB

Google Hacking Database

Footholds

Examples of queries that can help a hacker gain a foothold into a web server

DATE Title Summary
2014-01-03 intitle:"WSO 2.4" [ Sec. Info ], [ Files... dork to find uploaded WSO 2.4 shell by hackers. found by Anon?M ID ...
2014-01-03 intitle:"=[ 1n73ct10n privat shell ]=" the dork is used to find uploaded 1n73ct10n Shell on website. found by Anon?M ID ...
2013-11-25 filetype:php intext:"!C99Shell v. 1.0 beta&qu... php backdoor: c99 shell -- -[Voluntas Vincit Omnia]- website http://www.erisresearch.org/...
2013-11-25 intitle:"uploader by ghost-dz" ext:php intitle:"uploader by ghost-dz" ext:php...
2013-08-08 inurl:1337w0rm.php intitle:1337w0rm Finds websites that have 1337w0rm's CPanel cracker uploaded. Since the Cracker is relatively n...
2012-11-02 inurl:"r00t.php" This dork finds websites that were hacked, backdoored and contains their system information e...
2012-11-02 intitle:C0ded By web.sniper User & Domain || Symlink Using this dork you can find the User and the Domains of the Serv...
2012-11-02 intitle:Priv8 SCR I am Un0wn_X Symlink User configs intitle:Priv8 SCR ...
2011-09-26 inurl:"amfphp/browser/servicebrowser.swf"... AMFPHP service browser, debug interface. Author: syddd ...
2011-01-09 allintext:"fs-admin.php" A foothold using allintext:"fs-admin.php" shows the world readable directories of a...
2006-05-03 (intitle:"SHOUTcast Administrator")|(int... sHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to...
2006-03-15 (intitle:"WordPress â€Ã... Alter setup configuration files.add ?step=1...
2006-03-06 "index of /" ( upload.cfm | upload.asp |... searches for scripts that let you upload files which you can then execute on the server....
2006-02-08 "Please re-enter your password It must match ... Invision Powerboard registration pages. Plain and simple....
2006-01-04 inurl:"tmtrack.dll?" This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust ...
2005-10-06 inurl:polly/CP You can get into admin panel without logging....
2005-09-25 intitle:"net2ftp" "powered by net2f... net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means ...
2005-08-15 intitle:MyShell 1.1.0 build 20010923 Basicly MyShell is a php program that allows you to execute commands remotely on whichever serv...
2005-05-02 intitle:"YALA: Yet Another LDAP Administrator... YALA is a web-based LDAP administration GUI. The idea is to simplify the directory administrati...
2005-04-27 intitle:"ERROR: The requested URL could not b... squid error messages, most likely from reverse proxy servers....