Google Dork For "Remote File Inclusion"

Google dorks are the center of the Google Hacking. Many hackers use google to find vulnerable webpages and later use these vulnerabilities for hacking.

Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation.

List Of Google Dork For Remote File Inclusion:
  • inurl:rte/my_documents/my_files
  • inurl:/my_documents/my_files/
  • inurl:/shoutbox/expanded.php?conf=
  • inurl:/main.php?x=
  • inurl:/myPHPCalendar/admin.php?cal_dir=
  • inurl:/index.php/main.php?x=
  • inurl:/index.php?include=
  • inurl:/index.php?x=
  • inurl:/index.php?open=
  • inurl:/index.php?visualizar=
  • inurl:/template.php?pagina=
  • inurl:/index.php?pagina=
  • inurl:/index.php?inc=
  • inurl:"index.php?page=contact.php"
  • inurl:"template.php?goto="
  • inurl:"video.php?content="
  • inurl:"pages.php?page="
  • inurl:"index1.php?choix="
  • inurl:tinybrowser/upload.php
  • inurl:examples/uploadbutton.html
  • inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
  • inurl:/include/new-visitor.inc.php?lvc_include_dir=
  • inurl:/_functions.php?prefix=
  • inurl:/cpcommerce/_functions.php?prefix=
  • inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
  • inurl:/modules/agendax/addevent.inc.php?agendax_path=
  • inurl:/ashnews.php?pathtoashnews=
  • inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
  • inurl:/pm/lib.inc.php?pm_path=
  • inurl:/b2-tools/gm-2-b2.php?b2inc=
  • inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
  • inurl:/modules/agendax/addevent.inc.php?agendax_path=
  • inurl:/includes/include_once.php?include_file=
  • inurl:/e107/e107_handlers/secure_img_render.php?p=
  • intitle:index of? inurl:kindeditor

How to Use Google Dork For Remote File Inclusion:
  1. Copy anyone of the Google dork from above list
  2. Paste it in Google Search textbox and click Search
  3. Now, the Vulnerable Websites are listed in search result
  4. Click anyone of the link,You will find upload option on it 
  5. Now, you can upload your files like Images,HTML files,Document,Shell,RAT,etc.. ,
This is a simple method to find Remote File Inclusion(RFI) Vulnerable Websites using Google Dork. For an hacker google is not only a search engine its also a tool for hacking. Thank you!!
 

Comments

  1. UnknowMarch 8, 2019 at 12:44 PM

    Equally, you can click on the Fight Pass case in the pre-match menu that provides more information on what you can get if you buy one. The Clash Card is compelling first season, which itself lasts for a few months. salsaroc.com Fortnite Generator

    ReplyDelete

Post a Comment

Popular posts from this blog

How to Install Android OS in Your Computer?

Image
We all know about Google Android operating system which comes installed in almost all latest smartphones whether its Samsung Galaxy S5 or Google Nexus. You'll find Android OS in almost all latest touch-enabled mobile phones. It has become the most popular operating system for mobile phones and tablets. Did you know you can install or test Google Android OS in your PC? People who don't have an Android mobile phone but want to test Android OS in their Desktop computer or laptop, will definitely find this article useful. If you remember, we have shared a software " BlueStacks " in past which works like an Android emulator and allows you to install and run almost all Google Android apps on your Windows PC. But it doesn't provide a full experience of Google Android OS. Today in this topic, we are going to share a fully functional Google Android OS copy which can be installed in your PC and can be used as a primary operating system. And if you don'
Read more

Colasoft MAC Scanner (hack tools)

Image
 Colasoft MAC Scanner allows to scan the network and get a list of MAC addresses along with IP address, machine name, and manufacturer's information. It can automatically detect all subnets according to the IP addresses configured on multiple NICs of a machine. It supports multi-threaded scanning.  Click to download
Read more