ext:xml ("mode_passive"|"mode_default")

Google dork Description: ext:xml ("mode_passive"|"mode_default")
Google search: ext:xml ("mode_passive"|"mode_default")
Submited: 2012-11-02

So the dork is:

ext:xml ("mode_passive"|"mode_default")

This dork finds Filezilla XML files.� To be more specific;

��� recentservers.xml
��� sitemanager.xml
��� filezilla.xml

These files contain clear text usernames and passwords.� They also contain the hostname or IP to connect to as well as the port.� Most of these results will be for FTP however, you can also get port 22 to SSH in.� This dork of course can be modified to target a specific website by appending site:whateversite.com.� You can also look for a specific username like root by appending "root" to the dork.��