melindad74
Multithreading Wizard
Divine
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
300 XP
Hey guys, It's me Owner of TSP Team.
Yeah, you are wondering who are we and what we do..
Okay, so basically we are a team of crackers
But still, you need a couple of things that have to follow on this tutorial.
Come on and follow me on my way to get this.
Ă‚ÂżWhat search engine is better?
There is no search engine that is better than another, they are simply search engines with
different features which we hackers use to investigate and search
vulnerabilities in different websites, 4 most important and most commonly used, the knowledge learned here
is alsoapplicable to other search engines with minimal differences.
Example: [Google, Bing, Yahoo, Etc]
LIST OF GOOGLE OPERATORS
Allintext: text-> This operator looks for a string
Example: Allintext: Nulled
Allintext: text->This operator searches for a text string within a web page andnot within a URL.
(Can not be used together with others)
-----
Allintitle: text → Search for a text string only within the title of a website.
(I don't know can use together with others)
-----
Intitle: text → Search for a text string within the title of a website.
(It canuse together with others)
----
Allinurl: text → Search for a text string only in the url.
(Can not be used together with others)
----
Inurl: text → Search for a text string in the url. (Can be used together with others)
Author: text → Search articles or news written by name or email address indicated.
(Can be used together with others)
----
Cache: domain.com → With this operator we access the web that Google has in its
cache. Useful for when they deleted a topic and it has not been long
(You can notuse together with others)
----
Link: domain.com This operator is used to search for links that point to
determined website. (Can not be used together with others)
Related: domain.com Search related pages. (Can not be used together with others)
¡Google Advantages!
As we see Google has the advantage (or disadvantage for some) that allows us
collect very interesting information, in this case a javascript file that could
help understand the operation of the web for a future intrusion.
It can be, php c+ etc.
Another advantage of Google that you forget to mention is its cache.
What can be used toto be able to see attacks to webs of months ago or pages already nonexistent.
---
Google Dorks
I will explain a little the different categories there are and what they do as i did with Google Operators.
USERS: Searching by Google we can find from a list of users antler enter a web where when you enter you are an administrator.
A search that we could use serious filetype: xls.
----
"username | password "this search would return a list excel document reversing all the search (filetype: xls) where we would find or user names or passwords
("Username | password). It may be that the list is obsolete and many names of
user no longer exist or the password does not match but there is always a web with at least it works.
-----
PASSWORDS: With the previous example it would also be good to find passwords.
But we will give another example to be able to learn a little as everything goes.
-----
inurl: "passes" OR inurl: "passwords" OR inurl: "credentials" -search -download -techsupt
-git -games -gz -bypass -exe filetype: txt @ yahoo.com OR @gmail OR @hotmail OR
@rediff as we see this search is already a little more complex.
Well let's explain a little bit that is this and how it works.
-----
The inurl: "passes", inurl: "passwords" and inurl: "credentials" will look for a url that contains the
word passes, passwords or credentials, to this we could add inurl: "usernames" what
that would allow us to also find user lists.
-----
Ă‚ÂżSCANNING OF VULNERABLE FILES?
Google can also be used as a
web vulnerability scanner. For example, if we want to search for websites with
LFD vulnerability we could use the following text allinurl: "forcedownload.php? file ="
with this we would find many websites vulnerable to LFD. I would also enter inside
this category if we look for names of vulnerable services for example if we know that
the creators of my little forum have a SQL INJECTION vulnerability we could
search for "AntILeech all rights reserved"
-----
LOG IN PAGES
The last category I'm going to show is that of discovering pages
of login. These pages could help us to be able to enter these pages (with
brute force help) and be able to access the entire web.
A simple: intitle: "Log In" + "Access to AntiLeech Database"
There's one dork, you can go on google and paste it We are done with the teaching of what are dorks.
Ă‚ÂżHow to create dorks?
Okay guys, here we need three things.
​Okay, guy so basically what we are going to do is create some really good dorks while you're just learning while creating your dorks, with a tool. ¿What do i mean with this? Well if you want to start analizing them and check them by yourself it's time to put your pants up and show the world, that you are worth doing something not just realizing that you're lazy asfuck and you don't do anything, so please collaborate at least with me i'm taking 2 hours of my fucking time to explain all of this, so you guys can learn something good based on my words, please pay much attention on what i'll say and I'll leave around here on this information.
----
For example.
champ.php?= i
inurl: "Riot Games" + "League of Legends"
allinurl: "Champ" + "Gold"
------
Pagetypes
[] UserID=
BookID=
Product_ID=
Service_ID=
itemid=
title=
eid=
model=
prodtype=
shopcd=
item_ID=
Cart=
PartID=
ViewType=
keyword=
Item=
search_id=
Cat=
Action=
command=
&game_type=
&GameID=
group_id=
group=
groupCode=
GameID=
GameKey=
GameName=
gameNo=
gamerblogid=
gamereferral=
gamesearch=
gameType=
game_id=
GAME_ID=
game_link=
game_name=
GP=
gpu=
gr_name=
gr=
grade=
[/]
PageFormats
[] .php?
.php3?
.php4?
phpx?
.php
cat/?
.phtml?
events?
products/?
site/?
.cfm?
contact-us?
blog/?
asp
.asp
aspx?
cfm
.cfm
.asp?
.cgi?
.aspx?
.flv?
.pdf?
.jsf?
.ashx?
.raw?
.File?
.tss?
.blog?
.html?
.flv?
.pdf?
.jsf?
.jsp?
.psml?
.raw?
.File?
.tss?
.blog?
.htm?
[/hide]
Okay, guys once we have all of this we are going to go to any Dork Maker around Nulled.
I'll use Ner0x Dork maker, just as an example.
We are going to be able, to use Keyword.io or Keywordtool.io no matter what.
Once we are done generating our dorks.
We need to use an .exe called TextUtils, son we can clean and randomize, if you don't have it slide to my direct messages, i'll be glad to help you out.
Dorks should look like this.
PUT THEM ON SQLi Dumper v8.3
With rotating IP ever 4 minutes.
[ExpressVPN or HMA]
-------------------------------------------------
Yeah, you are wondering who are we and what we do..
Okay, so basically we are a team of crackers
- Ă‚ÂżWhat search engine is better?
- List of GOOGLE operators.
- GOOGLE Advantages.
- GOOGLE Dorks.
- LOG-IN Types.
- Ă‚ÂżHow to create dorks?
But still, you need a couple of things that have to follow on this tutorial.
Come on and follow me on my way to get this.
Ă‚ÂżWhat search engine is better?
There is no search engine that is better than another, they are simply search engines with
different features which we hackers use to investigate and search
vulnerabilities in different websites, 4 most important and most commonly used, the knowledge learned here
is alsoapplicable to other search engines with minimal differences.
Example: [Google, Bing, Yahoo, Etc]
LIST OF GOOGLE OPERATORS
Allintext: text-> This operator looks for a string
Example: Allintext: Nulled
Allintext: text->This operator searches for a text string within a web page andnot within a URL.
(Can not be used together with others)
-----
Allintitle: text → Search for a text string only within the title of a website.
(I don't know can use together with others)
-----
Intitle: text → Search for a text string within the title of a website.
(It canuse together with others)
----
Allinurl: text → Search for a text string only in the url.
(Can not be used together with others)
----
Inurl: text → Search for a text string in the url. (Can be used together with others)
Author: text → Search articles or news written by name or email address indicated.
(Can be used together with others)
----
Cache: domain.com → With this operator we access the web that Google has in its
cache. Useful for when they deleted a topic and it has not been long
(You can notuse together with others)
----
Link: domain.com This operator is used to search for links that point to
determined website. (Can not be used together with others)
Related: domain.com Search related pages. (Can not be used together with others)
¡Google Advantages!
As we see Google has the advantage (or disadvantage for some) that allows us
collect very interesting information, in this case a javascript file that could
help understand the operation of the web for a future intrusion.
It can be, php c+ etc.
Another advantage of Google that you forget to mention is its cache.
What can be used toto be able to see attacks to webs of months ago or pages already nonexistent.
---
Google Dorks
I will explain a little the different categories there are and what they do as i did with Google Operators.
USERS: Searching by Google we can find from a list of users antler enter a web where when you enter you are an administrator.
A search that we could use serious filetype: xls.
----
"username | password "this search would return a list excel document reversing all the search (filetype: xls) where we would find or user names or passwords
("Username | password). It may be that the list is obsolete and many names of
user no longer exist or the password does not match but there is always a web with at least it works.
-----
PASSWORDS: With the previous example it would also be good to find passwords.
But we will give another example to be able to learn a little as everything goes.
-----
inurl: "passes" OR inurl: "passwords" OR inurl: "credentials" -search -download -techsupt
-git -games -gz -bypass -exe filetype: txt @ yahoo.com OR @gmail OR @hotmail OR
@rediff as we see this search is already a little more complex.
Well let's explain a little bit that is this and how it works.
-----
The inurl: "passes", inurl: "passwords" and inurl: "credentials" will look for a url that contains the
word passes, passwords or credentials, to this we could add inurl: "usernames" what
that would allow us to also find user lists.
-----
Ă‚ÂżSCANNING OF VULNERABLE FILES?
Google can also be used as a
web vulnerability scanner. For example, if we want to search for websites with
LFD vulnerability we could use the following text allinurl: "forcedownload.php? file ="
with this we would find many websites vulnerable to LFD. I would also enter inside
this category if we look for names of vulnerable services for example if we know that
the creators of my little forum have a SQL INJECTION vulnerability we could
search for "AntILeech all rights reserved"
-----
LOG IN PAGES
The last category I'm going to show is that of discovering pages
of login. These pages could help us to be able to enter these pages (with
brute force help) and be able to access the entire web.
A simple: intitle: "Log In" + "Access to AntiLeech Database"
There's one dork, you can go on google and paste it We are done with the teaching of what are dorks.
Ă‚ÂżHow to create dorks?
Okay guys, here we need three things.
- SQLi Dumper V8.3
- Dork Generator "For Newbies" No matter witch one
- Pagetypes and Pageformat
- VPN [ExpressVPN or HMA 2.8 Auto Rotating IP.
- Keyword, sites. Keyword.io keywordtool.io ETC.
​Okay, guy so basically what we are going to do is create some really good dorks while you're just learning while creating your dorks, with a tool. ¿What do i mean with this? Well if you want to start analizing them and check them by yourself it's time to put your pants up and show the world, that you are worth doing something not just realizing that you're lazy asfuck and you don't do anything, so please collaborate at least with me i'm taking 2 hours of my fucking time to explain all of this, so you guys can learn something good based on my words, please pay much attention on what i'll say and I'll leave around here on this information.
----
For example.
champ.php?= i
inurl: "Riot Games" + "League of Legends"
allinurl: "Champ" + "Gold"
------
Pagetypes
[] UserID=
BookID=
Product_ID=
Service_ID=
itemid=
title=
eid=
model=
prodtype=
shopcd=
item_ID=
Cart=
PartID=
ViewType=
keyword=
Item=
search_id=
Cat=
Action=
command=
&game_type=
&GameID=
group_id=
group=
groupCode=
GameID=
GameKey=
GameName=
gameNo=
gamerblogid=
gamereferral=
gamesearch=
gameType=
game_id=
GAME_ID=
game_link=
game_name=
GP=
gpu=
gr_name=
gr=
grade=
[/]
PageFormats
[] .php?
.php3?
.php4?
phpx?
.php
cat/?
.phtml?
events?
products/?
site/?
.cfm?
contact-us?
blog/?
asp
.asp
aspx?
cfm
.cfm
.asp?
.cgi?
.aspx?
.flv?
.pdf?
.jsf?
.ashx?
.raw?
.File?
.tss?
.blog?
.html?
.flv?
.pdf?
.jsf?
.jsp?
.psml?
.raw?
.File?
.tss?
.blog?
.htm?
[/hide]
Okay, guys once we have all of this we are going to go to any Dork Maker around Nulled.
I'll use Ner0x Dork maker, just as an example.
We are going to be able, to use Keyword.io or Keywordtool.io no matter what.
Once we are done generating our dorks.
We need to use an .exe called TextUtils, son we can clean and randomize, if you don't have it slide to my direct messages, i'll be glad to help you out.
Dorks should look like this.
PUT THEM ON SQLi Dumper v8.3
With rotating IP ever 4 minutes.
[ExpressVPN or HMA]
-------------------------------------------------