Ready to Start Your Career?

Find Dumped Password using Google Dork

Sahad Mk's profile image

By: Sahad Mk

February 3, 2018

In this post, I introduce some sensitive information- passwords usingGooglee dorks. This technique would help you in various phases of your penetration test.1.ext:sql intext:username intext:password This piece of query retrieve the clear text password of database files.ex:
mysql> SELECT * FROM userss;+--------+-------------------+------------+| userid | username | password |+--------+-------------------+------------+| 1 | Barack Obama | Top*Secret | | 2 | Angela Merkel | D-Mark | | 3 | Lula da Silva | sAmBa | | 4 | Fidel Castro | el Che | | 5 | Silvio Berlusconi | ruby | +--------+-------------------+------------+5 rows in set (0.00 sec)So this is an example result of x-site...so just cross your fingers for more sensitive information.2.filetype:txt username password email This will retry txt files containing username, password, and email information.ex:ontrol Panel: https://x.com:2083 Username: foclient Domain: xxxxxxxxxxxxx.in Password: Z9KF7c7BZgct 1st Nameserver: xxxx.hostgator.com 2nd Nameserver: xxx.hostgator.com Server IP: xx.xx.xxx.xxx Customize dorks yourself for more interesting sensitive information. Thanks happy hunting...
 
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry