Monday, October 23, 2017
Saturday, April 22, 2006
I got it from here.
First of all, what’s an unprotected web directory? It’s one that does not have an “index” file created for it–index.htm, index.html, index.php or some other more rarely used file types. If you try to access a non-password controlled directory that does not have an index file, the system will build a listing of files that are within the directory. If you get that, you can then click on the files and run them with a viewer or player or even download them.
So, for starters here is a query that will give you a search results page of unprotected directories:
But, this is kind of boring. Too many unknown program files, text files, web pages etc. Let’s narrow it down. You can narrow it down by looking for something in the name of a file in the list, or by the file type, or both.
For example, this query tries to find any types of files about Jennifer Lopez. Within the directories I found music, image and movie files.
Let’s say that we wanted to find any movie files in WMV or AVI format:
You can get more specific by specifying both the file types and a search word to hopefully find in the name. For example, the following will attempt to find the infamous Paris Hilton video tape:Or, you can even take a guess at the file name someone might call it:
So there you go. You can combine various search terms and experiment with this. As you’ve seen, this is not an exact science. The directory pages you bring up may have many or even all files which are unrelated to what you are looking for. But, it does make some good hits very often.
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums