Home » Forums » SecGuru Forums » Technical Discussion

google dork's

Points: 314 views Comments: 1 Comments Tag: , Submitted by eee on Fri, 2007-02-23 20:01.

well if someone want to share with some of his own or what he found on net this is the right place:

php shells / yes i know most of them will be honeypots but we got proxy's right? ;) :

  • intitle:"PHP Shell *" "Enable stderr" filetype:php
  • PHPKonsole PHPShell filetype:php -echo
  • "inurl:[name of shell]"

want some mail adressess?

+NOSPAM@hotmail.com | +NOSPAM@gmail.com | +NOSPAM@yahoo.com
"* at * dot com" | "* at * dot net" | "* at * dot uk" | "* at * dot mx"
etc. etc.

....

to be continued...

e.

‹ honeypots anyone?

Dorking for Snort Sigs

Submitted by Param on Sat, 2007-02-24 15:07.

I use google api to test my web based snort signatures for false positives. For example, I wrote a VML snort signature then ...

1. Search for all VML and colorinfo page urls via Google api
2. Start snort with the custom vml signature
3. Use curl or wget to request all the urls generated by google api
4. Check if snort signature triggers on non-malicious pages

»

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.