Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

Footholds

Examples of queries that can help a hacker gain a foothold into a web server


DATE Title Summary
2015-06-23 ext:asp intext:Smart.Shell 1.0 BY P0Uy@_$3r\/3R - A new WebShell interesting. Have Fun. By Rootkit. ...
2014-01-03 intitle:"WSO 2.4" [ Sec. Info ], [ Files... dork to find uploaded WSO 2.4 shell by hackers. found by Anon?M ID ...
2014-01-03 intitle:"=[ 1n73ct10n privat shell ]=" the dork is used to find uploaded 1n73ct10n Shell on website. found by Anon?M ID ...
2013-11-25 filetype:php intext:"!C99Shell v. 1.0 beta&qu... php backdoor: c99 shell -- -[Voluntas Vincit Omnia]- website http://www.erisresearch.org/...
2013-11-25 intitle:"uploader by ghost-dz" ext:php intitle:"uploader by ghost-dz" ext:php...
2013-08-08 inurl:1337w0rm.php intitle:1337w0rm Finds websites that have 1337w0rm's CPanel cracker uploaded. Since the Cracker is relatively n...
2012-11-02 inurl:"r00t.php" This dork finds websites that were hacked, backdoored and contains their system information e...
2012-11-02 intitle:C0ded By web.sniper User & Domain || Symlink Using this dork you can find the User and the Domains of the Serv...
2012-11-02 intitle:Priv8 SCR I am Un0wn_X Symlink User configs intitle:Priv8 SCR ...
2011-09-26 inurl:"amfphp/browser/servicebrowser.swf"... AMFPHP service browser, debug interface. Author: syddd ...
2011-01-09 allintext:"fs-admin.php" A foothold using allintext:"fs-admin.php" shows the world readable directories of a...
2006-05-03 (intitle:"SHOUTcast Administrator")|(int... sHOUTcast is a free-of-charge audio homesteading solution. It permits anyone on the internet to...
2006-03-15 (intitle:"WordPress â€Ã... Alter setup configuration files.add ?step=1...
2006-03-06 "index of /" ( upload.cfm | upload.asp |... searches for scripts that let you upload files which you can then execute on the server....
2006-02-08 "Please re-enter your password It must match ... Invision Powerboard registration pages. Plain and simple....
2006-01-04 inurl:"tmtrack.dll?" This query shows installations of Serena Teamtrack. (www.serena.com).You may be able to adjust ...
2005-10-06 inurl:polly/CP You can get into admin panel without logging....
2005-09-25 intitle:"net2ftp" "powered by net2f... net2ftp is a web-based FTP client written in PHP. Lets explain this in detail. Web-based means ...
2005-08-15 intitle:MyShell 1.1.0 build 20010923 Basicly MyShell is a php program that allows you to execute commands remotely on whichever serv...
2005-05-02 intitle:"YALA: Yet Another LDAP Administrator... YALA is a web-based LDAP administration GUI. The idea is to simplify the directory administrati...
2005-04-27 intitle:"ERROR: The requested URL could not b... squid error messages, most likely from reverse proxy servers....
2004-12-19 inurl:"phpOracleAdmin/php" -download -cv... phpOracleAdmin is intended to be a webbased Oracle Object Manager.In many points alike phpMyAdm...
2004-11-28 PHPKonsole PHPShell filetype:php -echo PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver....
2004-11-28 filetype:php HAXPLORER "Server Files Browser&... Haxplorer is a webbased filemanager which enables the user to browse files on the webserver. Yo...
2004-11-06 inurl:ConnectComputer/precheck.htm | inurl:Remote/... Windows Small Business Server 2003: The network configuration page is called "ConnectCompu...
2004-10-22 (inurl:81/cgi-bin/.cobalt/) | (intext:"Welco... The famous Sun linux appliance. The default page displays this text:"Congratulations on Ch...
2004-10-09 intitle:"Web Data Administrator - Login" The Web Data Administrator is a utility program implemented in ASP.NET that enables you to easi...
2004-07-20 "adding new user" inurl:addnewuser -&quo... Allows an attacker to create an account on a server running Argosoft mail server pro for window...
2004-07-12 PHP Shell (unprotected) PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary she...
2004-07-12 Public PHP FileManagers PHPFM is an open source file manager written in PHP. It is easy to set up for a beginner, but s...
2004-05-20 +htpasswd +WS_FTP.LOG filetype:log WS_FTP.LOG can be used in many ways to find more information about a server. This query is very...
2003-09-09 intitle:admin intitle:login Admin Login pages. Now, the existance of this page does not necessarily mean a server is vulner...