Senin, 30 Januari 2012

mencari password dan username...


google sebagai web pencarian no 1 saat ini emang belum ada duanya.
teknik pencarian dengan penggunaan macam tipe dan operator membuat user dapat membuat berbagai macam variasi pencarian.


semua tabel dalam artikel ini diambil dari buku“google hacking for penetration testers”, mungkin ada temen2 yang belum sempet baca jadi saya tulis aja biar semua bisa menikmati. biar temen2 yang masih newbie (termasuk aq...hehehehehehe...) gag kaget kalo seseorang bisa dapet banyak password dari website. jadi gak usah heran….
TABEL KATA KATA KUNCI MENDAPATKAN USERNAMES
———————————————————
KATA KUNCI KETERANGAN
———————————————————
inurl:admin inurl: userlist Generic userlist file
———————————————————
inurl:admin filetype: asp Generic userlist filesinurl:userlist
———————————————————
inurl:php inurl: Half-life statistics file, lists username andhlstats intext: other informationServer Username
———————————————————
filetype:ctl inurl:haccess. Microsoft FrontPage equivalent of htaccessctl Basic shows Web user credentials
———————————————————
filetype:reg reg intext: Microsoft Internet Account Manager can
———————————————————
”internet account manager” reveal usernames and morefiletype:wab wab Microsoft Outlook Express Mail addressbooks
———————————————————
filetype:mdb inurl:profiles Microsoft Access databases containingprofiles.
———————————————————
index.of perform.ini mIRC IRC ini file can list IRC usernames andother information
———————————————————
inurl:root.asp?acs=anon Outlook Mail Web Access directory can beused to discover usernames
———————————————————
filetype:conf inurl:proftpd. PROFTP FTP server configuration fileconf –sample revealsusername and server information
———————————————————
filetype:log username putty PUTTY SSH client logs can revealusernamesand server information
———————————————————
filetype:rdp rdp Remote Desktop Connection files reveal usercredentials
———————————————————
intitle:index.of UNIX bash shell history reveals commands.bash_history typed at a bash command prompt; usernamesare often typed as argument strings
———————————————————
intitle:index.of UNIX shell history reveals commands typed at.sh_history a shell command prompt; usernames areoften typed as argument strings
———————————————————
“index of ” lck Various lock files list the user currently usinga file
———————————————————
+intext:webalizer +intext: Webalizer Web statistics page lists Web user-Total Usernames +intext: names and statistical information”Usage Statistics for”
———————————————————
filetype:reg reg HKEY_ Windows Registry exports can revealCURRENT_USER username usernames and other information
———————————————————


TABEL KATA-KATA KUNCI MENDAPATKAN PASSWORD
———————————————————
KATA KUNCI KETERANGAN
———————————————————
inurl:/db/main.mdb ASP-Nuke passwords
———————————————————
filetype:cfm “cfapplication ColdFusion source with potential passwordsname” password
———————————————————
filetype:pass dbman credentialspass intext:userid
———————————————————
allinurl:auth_user_file.txt DCForum user passwords
———————————————————
eggdrop filetype:user user Eggdrop IRC user credentials
———————————————————
filetype:ini inurl:flashFXP.ini FlashFXP FTP credentials
———————————————————
filetype:url +inurl:”ftp://%e2%80%9d/ FTP bookmarks cleartext passwords+inurl:”@”
———————————————————
inurl:zebra.conf intext: GNU Zebra passwordspassword -sample -test-tutorial –download
———————————————————
filetype:htpasswd htpasswd HTTP htpasswd Web user credentials
———————————————————
intitle:”Index of” “.htpasswd” HTTP htpasswd Web user credentials“htgroup” -intitle:”dist”-apache -htpasswd.c
———————————————————
intitle:”Index of” “.htpasswd” HTTP htpasswd Web user credentialshtpasswd.bak
———————————————————
http://*:*@www%e2%80%9d/ bob:bob HTTP passwords (bob is a sample username)
———————————————————
“sets mode: +k” IRC channel keys (passwords)
———————————————————
“Your password is * Remember IRC NickServ registration passwordsthis for later use”
———————————————————
signin filetype:url JavaScript authentication credentials
———————————————————
LeapFTP intitle:”index.of./” LeapFTP client login credentialssites.ini modified
———————————————————
inurl:lilo.conf filetype:conf LILO passwordspassword -tatercounter2000-bootpwd –man
———————————————————
filetype:config config intext: Microsoft .NET application credentialsappSettings “User ID”
———————————————————
filetype:pwd service Microsoft FrontPage Service Web passwords
———————————————————
intitle:index.of Microsoft FrontPage Web credentialsadministrators.pwd
———————————————————
“# -FrontPage-” Microsoft FrontPage Web passwordsinurl:service.pwdext:pwd inurl:_vti_pvt inurl: Microsoft FrontPage Web passwords(Service authors administrators)
———————————————————
inurl:perform filetype:ini mIRC nickserv credentials
———————————————————
intitle:”index of” intext: mySQL database credentialsconnect.inc
———————————————————
intitle:”index of” intext: mySQL database credentialsglobals.inc
———————————————————
filetype:conf oekakibbs Oekakibss user passwords
———————————————————
filetype:dat wand.dat Opera‚ ÄúMagic Wand‚Äù Web credentials
———————————————————
inurl:ospfd.conf intext: OSPF Daemon Passwordspassword -sample -test-tutorial –download
———————————————————
index.of passlist Passlist user credentials
———————————————————
inurl:passlist.txt passlist.txt file user credentials
———————————————————
filetype:dat “password.dat” password.dat files
———————————————————
inurl:password.log filetype:log password.log file reveals usernames,passwords,and hostnames
———————————————————
filetype:log inurl:”password.log” password.log files cleartextpasswords
———————————————————
inurl:people.lst filetype:lst People.lst generic password file
———————————————————
intitle:index.of config.php PHP Configuration File databasecredentials
———————————————————
inurl:config.php dbuname dbpass PHP Configuration File databasecredentials
———————————————————
inurl:nuke filetype:sql PHP-Nuke credentials
———————————————————
filetype:conf inurl:psybnc.conf psyBNC IRC user credentials“USER.PASS=”
———————————————————
filetype:ini ServUDaemon servU FTP Daemon credentials
———————————————————
filetype:conf slapd.conf slapd configuration files root password
———————————————————
inurl:”slapd.conf” intext: slapd LDAP credentials”credentials” -manpage-”Manual Page” -man: -sample
———————————————————
inurl:”slapd.conf” intext: slapd LDAP root password”rootpw” -manpage-”Manual Page” -man: -sample
———————————————————
filetype:sql “IDENTIFIED BY” –cvs SQL passwords
———————————————————
filetype:sql password SQL passwords
———————————————————
filetype:ini wcx_ftp Total Commander FTP passwords
———————————————————
filetype:netrc password UNIX .netrc user credentials
———————————————————
index.of.etc UNIX /etc directories containvarious credential files
———————————————————
intitle:”Index of..etc” passwd UNIX /etc/passwd user credentials
———————————————————
intitle:index.of passwd UNIX /etc/passwd user credentialspasswd.bak
———————————————————
intitle:”Index of” pwd.db UNIX /etc/pwd.db credentials
———————————————————
intitle:Index.of etc shadow UNIX /etc/shadow user credentials
———————————————————
intitle:index.of master.passwd UNIX master.passwd user credentials
———————————————————
intitle:”Index of” spwd.db UNIX spwd.db credentialspasswd -pam.conf
———————————————————
filetype:bak inurl:”htaccess UNIX various password file backupspasswdshadowhtusers
———————————————————
filetype:inc dbconn Various database credentials
———————————————————
filetype:inc intext:mysql_ Various database credentials, server namesconnect
———————————————————
filetype:properties inurl:db Various database credentials, server namesintext:password
———————————————————
inurl:vtund.conf intext:pass –cvs Virtual Tunnel Daemon passwords
———————————————————
inurl:”wvdial.conf” intext: wdial dialup user credentials”password”
———————————————————
filetype:mdb wwforum Web Wiz Forums Web credentials
———————————————————
“AutoCreate=TRUE password=*” Website Access Analyzer user passwords
———————————————————
filetype:pwl pwl Windows Password List user credentials
———————————————————
filetype:reg reg +intext: Windows Registry Keys containing user”defaultusername” intext: credentials”defaultpassword”
———————————————————
filetype:reg reg +intext: Windows Registry Keys containing user”internet account manager” credentials
———————————————————
“index of/” “ws_ftp.ini” WS_FTP FTP credentials“parent directory”
———————————————————
filetype:ini ws_ftp pwd WS_FTP FTP user credentials
———————————————————
inurl:/wwwboard wwwboard user credentials
———————————————————
mungkin temen2 ada yang mau lihat password dari website jerman?mungkin sebaiknya kita juga mengganti kata “password” dengan memakai bahasa jerman tentunya dibawah ini adalah tabel 5 negara beserta terjemahan password dalam bahasa masing2 negara.
—————————————————–

BAHASA KATA-KATA TRANSLATE

—————————————————–
German password Kennwort
Spanish password contraseña
French password mot de passe
Italian password parola d’accesso
Portuguese password senha
Dutch password Paswoord
—————————————————–
setelah temen2 banyak dapet password, apa yang akan kalin lakukan?
JANGAN berbuat jahat yang pasti,
lihat2 aja isinya atau lu terlalu baik dengan kasi tau admin. jangan lupa sediakan JOHN THE RIPPER dirumah, sapa tau password yang disimpan udah dalam keadaan terenkripsi.


keterangan :karena ketidak teraturan kata2 pada artikel ini, setelah tanda “” berarti itu merupakan keterangan dari kata kunci. MOHON MAAF
hehehehehhehehehehheee

slamat mencari...
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)