Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

Files containing juicy info

No usernames or passwords, but interesting stuff none the less.

DATE Title Summary
2004-04-28 inurl:perl/printenv This is the print environemnts script which lists sensitive information such as path names, ser...
2004-04-28 inurl:cgi-bin/printenv This is the print environemnts script which lists sensitive information such as path names, ser...
2004-04-28 inurl:fcgi-bin/echo This is the fastcgi echo script, which provides a great deal of information including port numb...
2004-04-26 inurl:server-status "apache" This page shows all sort of information about the Apache web server. It can be used to track pr...
2004-04-21 "This is a Shareaza Node" These pages are from Shareaza client programs. Various data is displayed including client versi...
2004-04-21 "Running in Child mode" This is a gnutella client that was picked up by google. There is a lot of data present includin...
2004-04-20 allinurl:servlet/SnoopServlet These pages reveal server information such as port, server software version, server name, full ...
2004-04-20 allinurl:/examples/jsp/snp/snoop.jsp These pages reveal information about the server including path information, port information, e...
2004-04-16 inurl:"newsletter/admin/" These pages generally contain newsletter administration pages. Some of these site are password ...
2004-04-16 inurl:"newsletter/admin/" intitle:"... These pages generally contain newsletter administration pages. Some of these site are password ...
2004-04-13 "Index of" / "chat/logs" This search reveals chat logs. Depending on the contents of the logs, these files could contain...
2004-04-08 inurl:vbstats.php "page generated" This is your typical stats page listing referrers and top ips and such. This information can ce...
2004-04-05 "#mysql dump" filetype:sql This reveals mySQL database dumps. These database dumps list the structure and content of datab...
2004-04-05 intitle:index.of cleanup.log This search reveals potential location for mailbox files by keying on the Outlook Express clean...
2004-04-05 intitle:index.of inbox dbx This search reveals potential location for mailbox files. In some cases, the data in this direc...
2004-04-05 intitle:index.of inbox This search reveals potential location for mailbox files. In some cases, the data in this direc...
2004-03-30 "Host Vulnerability Summary Report" This search yeids host vulnerability scanner reports, revealing potential vulnerabilities on ho...
2004-03-30 "Network Vulnerability Assessment Report"... This search yeids vulnerability scanner reports, revealing potential vulnerabilities on hosts a...
2004-03-29 "Thank you for your order" +receipt After placing an order via the web, many sites provide a page containing the phrase "Thank...
2004-03-29 "not for distribution" confidential The terms "not for distribution" and confidential indicate a sensitive document. Resu...
2004-03-24 inurl:changepassword.asp This is a common script for changing passwords. Now, this doesn't actually reveal the password,...
2004-03-22 "Most Submitted Forms and Scripts" "... More www statistics on the web. This one is very nice.. Lots of directory info, and client acce...
2004-03-16 inurl:admin filetype:xls This search can find Excel spreadsheets in an administrative directory or of an administrative ...
2004-03-14 intitle:admin intitle:login This search can find administrative login pages. Not a vulnerability in and of itself, this que...
2004-03-14 inurl:admin intitle:login This search can find administrative login pages. Not a vulnerability in and of itself, this que...
2004-03-04 intitle:index.of ws_ftp.ini ws_ftp.ini is a configuration file for a popular FTP client that stores usernames, (weakly) enc...
2004-03-04 intitle:index.of dead.letter dead.letter contains the contents of unfinished emails created on the UNIX platform. Emails (fi...
2004-03-04 intitle:index.of "Apache" "server a... This is a very basic string found on directory listing pages which show the version of the Apac...
2004-03-04 intitle:"wbem" compaq login "Compaq... These devices are running HP Insight Management Agents for Servers which "provide device i...
2004-03-04 inurl:main.php Welcome to phpMyAdmin From phpmyadmin.net : "phpMyAdmin is a tool written in PHP intended to handle the administ...
2004-03-04 inurl:main.php phpMyAdmin From phpmyadmin.net : "phpMyAdmin is a tool written in PHP intended to handle the administ...
2004-03-04 "phpMyAdmin" "running on" inur... From phpmyadmin.net : "phpMyAdmin is a tool written in PHP intended to handle the administ...
2004-03-04 "robots.txt" "Disallow:" filet... The robots.txt file serves as a set of instructions for web crawlers. The "disallow" ...
2004-03-04 intitle:"Usage Statistics for" "Gen... The webalizer program shows web statistics for web servers. This information includes who is vi...
2004-03-04 intitle:"statistics of" "advanced w... the awstats program shows web statistics for web servers. This information includes who is visi...
2004-03-04 ipsec.conf The ipsec.conf file could help hackers figure out what uber-secure users of freeS/WAN are prote...
2004-03-04 ipsec.secrets from the manpage for ipsec_secrets: "It is vital that these secrets be protected. The file...
2004-03-04 ipsec.secrets from the manpage for ipsec_secrets: "It is vital that these secrets be protected. The file...
2004-03-04 cgiirc.conf This is another less reliable way of finding the cgiirc.config file. CGIIRC is a web-based IRC ...
2004-03-04 cgiirc.conf CGIIRC is a web-based IRC client. Very cool stuff. The cgiirc.config file lists the options for...