Googling for the Juicy Stuff

Check out Google a Dream come true (otherwise known as WATCH WHAT YOU PUBLISH ON THE WORLD WIDE WEB!!!)

Got to the honey page that linked to the paper above via search:

intitle: "Index+of..etc" + passwd

from via Google search for:


via MSNBC via Slashdot.

I’ve seen this before (Google does, after all, index everything it finds that isn’t blocked by a robots.txt file) but it appears that it has gotten rather extreme.


SEARCH PATHS……. more to be added


“Index of /admin”
“Index of /password”
“Index of /mail”
“Index of /” +passwd
“Index of /” +password.txt
“Index of /” +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto

filetype:config web
gobal.asax index

allintitle: “index of/admin”
allintitle: “index of/root”
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

inurl:passwd filetype:txt
inurl:admin filetype:db

WARNING: It is NOT a good idea to just go downloading files that are out there (even though by publishing the files on webservers the files are being “published” to the public, although almost certainly unknowingly). Webservers keep logs of files accessed, the IP address of the person accessing the files, and it really wouldn’t be hard to correlate your IP with a visit and a download. So resist the urge to go downloading people’s [probably] sensitive files. An email to the site admin wouldn’t hurt, though! 😉

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

sell diamonds