100 DAYS OF HACKING — DAY 3
woohoo, sup fellow hackers. it’s day 3 / 100 we have a long way to go.
DAY 3 :
It’s Sunday! so what? it’s the perfect time to practice CTFs and to forget about all of my other programming subjects.
Objectives of Day 3 :
- Applying for null byte student scholarship
- Completing the remaining half of passive information gathering (i want to share some cool google dorks and tools so stay around)
Report of Day 3 :
https://share.hsforms.com/1mXS2zCxFQ1Ct8zsnOf3lsg4d2c8?utm_source=hubspot+form I applied for this scholarship and my achievements section sucked :(.
So it went well unfortunately I'm writing this blog on day 4 still maintaining my tryhackme streaks instead of Snapchat well I guess that’s good for me.
The interesting and fun(evil) google dorks according to me are here as follows :
intitle:(“Index of” AND “wp-content/plugins/boldgrid-backup/=”)
this muwah (chef's kiss) works like a charm for finding WordPress directories and instantly proceeding to run wp-scanner
site:*gov.* intitle:index.of db
who doesn’t like to find blunders in .gov domains
filetype:sql intext:password | pass | passwd intext:username intext:INSERT INTO `users` VALUES
I never thought this one would work but to my surprise, it did find some shitty websites which have exposed SQL dumps and even login error pages
intitle:”Vue Element Admin” intext:”Username : admin” OR intext:”Username : editor” OR intext:”Password : any"
This is created by my friend and it got listed in the exploit database awesome right!!
I’ve completed learning basic recon tools and completed a tryhackme room on google dorking.
sbin/shutdown(day3)