«
»

Google Hack : Search Unprotected Directories and files

So, for starters here is a query that will give you a search results page of unprotected directories:

[-inurl(html|htm|php) intitle:"index of" +"last modified" +"parent directory" +description +size]

But, this is kind of boring. Too many unknown program files, text files, web pages etc. Let’s narrow it down. You can narrow it down by looking for something in the name of a file in the list, or by the file type, or both.

For example, this query tries to find any types of files about Jennifer Lopez. Within the directories I found music, image and movie files.

[-inurl(html|htm|php) intitle:"index of" +"last modified" +"parent directory" +description +size +"jennifer lopez"]

Let’s say that we wanted to find any movie files in WMV or AVI format:

[-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(wmv|avi)]

Or audio files in WMA or MP3 format:

[-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(wma|mp3)]

Or images in JPG or GIF format:

[-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(jpg|gif) ]

You can get more specific by specifying both the file types and a search word to hopefully find in the name. For example, the following will attempt to find the infamous Paris Hilton video tape:

[-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(wmv|avi) "paris hilton"]

Or, you can even take a guess at the file name someone might call it:

[-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +("paris_hilton.wmv"|"paris_hilton.avi")]

So there you go. You can combine various search terms and experiment with this. As you’ve seen, this is not an exact science. The directory pages you bring up may have many or even all files which are unrelated to what you are looking for. But, it does make some good hits very often.

I find the most fun searching for movies with an interesting or provocative search term and seeing what comes up. The samples in this article are rather safe and boring, but I’m sure you all have some good ideas of what to try and search for. Do me a favor and post a comment with some interesting queries you’ve had success with, or crazy files that you’ve found (as long as nothing private is given out).

This entry was posted on Monday, April 18th, 2005 at 8:56 pm and is filed under Tips and Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.