Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Protocolos Inseguros
inurl:”CgiStart?page=”
inurl:/view.shtml
intitle:”Live View / – AXIS
inurl:view/view.shtml
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG) (disconnected)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
Taller Google Hacking
Google dorks de cámaras libres
inurl:view/view.shtml
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
(disconnected)
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
Taller Google Hacking
“Google Hacking”: "Index of /" +password.txt
Taller Google Hacking
http://file.ychlpyss.edu.hk/~r101319/password%20t
est/
Taller Google Hacking
“Google Hacking”: allintitle:"Network Camera
NetworkCamera"
Taller Google Hacking
“Google Hacking”: allintitle:"Network Camera
NetworkCamera"
Taller Google Hacking
“Google Hacking”: intitle:"index of" compartida
Taller Google Hacking
“Google Hacking”: intitle:"index of" privado
Taller Google Hacking
“Crawling”: site:*.ulibertadores.edu.co -www
Taller Google Hacking
“SQL”: filetype:inc intext:mysql_connect
Taller Google Hacking
“SQL”: filetype:sql +"IDENTIFIED BY" -cvs
Taller Google Hacking
“PRINTER”: intitle:"Network Print Server"
filetype:shtm
Taller Google Hacking
“PRINTER”: intitle:"Network Print Server"
filetype:shtm
Taller Google Hacking
“PRINTER”:
http://draskr5.ub.ntnu.no/u_server.shtm?port=LPT1
Taller Spyse
• https://spyse.com/tools
Taller Spyse
• https://spyse.com/target/domain/ulibertadores.
edu.co#subdomain-list
Taller Spyse
• https://spyse.com/target/domain/ulibertadores.
edu.co
Taller Spyse
• https://spyse.com/target/domain/santander.ulib
ertadores.edu.co
Taller Spyse
• https://spyse.com/target/cve/CVE-2018-17189
Taller Shodan
Esta herramienta nos sirve para identificar dispositivos
que están expuestos en Internet. Para usar esta
herramienta se requiere de un registro.
• Comandos de Ubicación:
“country:US”, “state:LA”, “city:Denver”, “postal:12345”
• Comandos de Red:
“org:Bing”, “net:192.168.0.50”, “hostname:sony.com”,
“port:3309”
• Comandos de Software
“os:Linux”, “product:Apache” y “version:1.6.8”
https://beta.shodan.io/search/filters
Taller Shodan
product:"Exim smtpd" version:<4.92
Taller Shodan
ip:190.242.99.231
Taller Shodan
net:190.242.99.0/24
Taller Shodan
org:"JAB Wireless, INC."
Taller Shodan
hostname:mail.kinetic-eng.com
Taller Shodan
http.title:"Fundación Universitaria Los Libertadores"
Taller Shodan
http.html:"Fundación Universitaria Los
Libertadores"
Taller Shodan
https://www.shodan.io/domain/ulibertadores.edu.co
Taller Shodan
vuln:CVE-2021-26855
Taller Zoom
app:"Microsoft Exchange Server"
NOTAS
site:https://cdn-10.anonfile.com/ filetype:txt -- si
cambias esto por xslx por doc, pdf, .rar. zip. 7z
para leaks.
filetype:log username putty
site:.s3.amazonaws.com |
site:http://storage.googleapis.com |
site:http://amazonaws.com "ulibertadores"
filetype:env intext:"APP_ENV"
DB_USERNAME filetype:env
filename:passwd path:etc site:*.edu.co
filtype:sql site:*.edu.co
site:*.edu.co ext:bkf | ext:bkp | ext:bak | ext:old |
ext:backup