GooDork

GooDork is a simple python script designed to allow you to leverage the power of Google Dorking straight from the comfort of your command line. There was a GUI tool we discussed a while back similar to this – Goolag – GUI Tool for Google Hacking.

GooDork offers powerful use of Google’s search directives, by analyzing results from searches using regular expressions that you supply. So basically the purpose of GooDork is to combined Dorking with Regular Expressions.

GooDork allows you to apply regular expressions to any and all of the follow attributes of web applications:

• URL
• Displayable Text
• Anchors
• Many more options will shortly be made available

Dependencies

GooDork uses the following python packages, please make sure all of them are available

• python beautifulsoup4
• python-httplib
• python-urllib
• python-urlparse

If you are using Python 2.6 you’ll most likely have all of these (except BeautifulSoup).

Installing:

The only installation you need do is to download the entire script package, and make sure the dependencies — listed above — are installed on your machine.

You can download GooDork here (using git):

git clone https://github.com/k3170makan/GooDork

Read more

Google Dorks Latest Huge List

Google Dork :   “index of cgi-bin”  

Description :   CGI directories contain scripts which can often be exploited by attackers.

Google Dork : allinurl:"User_info/auth_user_file.txt"

Description : Files containing passwords

 Google Dork: -inurl:htm -inurl:html -inurl:php intitle:”index of” (mpg|avi|wmv) “Coldplay”

Description : Can be used to discover Videos and Mp3 songs (copy the complete string)

 Google Dork :

1. Axis:
   inurl:”view/indexFrame.shtml”inurl:”view/index.shtml”intitle:”Live View / – AXIS”intitle:axis cameraintitle:”axis #Kameramodell#”
2. Canon:
   inurl:sample/LvAppl/
   
3. JVC:
   intitle:”V.Networks [Motion Picture(Java)”
   
   
4. EvoCam:
   intitle:”EvoCam” inurl:”webcam.html”
   
   
5. WebcamXP:
   intitle:”my webcamXP server!”
   
   
6. MOBOTIX:
   inurl:/control/userimage.html
   
   
7. Panasonic:
   inurl:/ViewerFrame?Mode=Motion
   
   
8. FlexWatch:
   inurl:toolam.htmlinurl:viewash.html
   
9. Toshiba:
   intitle:”TOSHIBA Network Camera – User Login”
   
   
10. Sony:
    inurl:/home/homeJ.html

 Description : Used to Dig In WebCams

 Google Dork : "Welcome to phpMyAdmin" AND " Create new database"

 Description : PhpMyAdmin Dork. phpMyAdmin is a widly spread webfrontend used to mantain sql databases.The default security mechanism is to leave it up to the admin of the website to put a .htaccess file in the directory of the application.

 Google Dork :

1. inurl:-cfg intext:"enable password"
   
2. filetype:ini "[FFFTP]” (pass|passwd|password|pwd)
   
3. filetype:sql “phpmyAdmin SQL Dump” (pass|password|passwd|pwd)
4. filetype:sql “PostgreSQL database dump” (pass|password|passwd|pwd)
5. inurl:htpasswd filetype:htpasswd

  Description: For Passwords

 

 Google Dork :

1. inurl:src/login.php
   
2. adminlogin.asp
3. allinurl:”exchange/logon.asp”
4. inurl:+:8443/login.php3

  Description: Login Pages requires SQLI (hint) or other techniques

 

 

Read more