OSINT Escapades #2

Time for another round of interesting finds on the internet. Hopefully I’ll go through my findings more and compile more of these posts soon.

Before I jump in, wanted to include an awesome tool I’ve been using along with shodan;

LeakLooker

Highly recommend! Been finding some really interesting databases that I will definitely share some pictures of in future posts ;]

Also, I put a little basic list of Google Dorks on my github here

At the bottom of this post, I’ll include some of the dorks I used to find some interesting stuff (with the URL/sites changed)

Okay! Lets do it!

First up is an FTP user/password I found via Google Drive

FTP-Google-
I believe this was some type of news site

Next we have a trove of screenshots of texts I found from some investigation which I’m assuming is from an attorneys misconfigured infrastructure

attorney-texts
Wonder if this is an investigation into inappropriate behavior at work because this guy seems a little creepy. Especially as the texts went on… 

The next one doesn’t have much to look at, but it was certainly surprising to find.

airport-meeting
This is a recording of an entire meeting of staff from an airport. It was definitely around the time of the government shutdown because they were discussing it although I didn’t listen to the entire hour and half. 

And the last one is the blueprints of the Town Hall, Multiple Fire Stations and Multiple Police Stations including all floors of a town in the US. Pretty scary to think about as I imagine at least the Police Station layout is private. Correct me if I’m wrong?

police-station-blueprint
I’ve only included the first floor of the police station, sorry I won’t be sharing the rest with strangers on the internet 😛

As promised here are some dorks I’ve used in the past to find some interesting stuff:

site:*.ny.us -www -html

“@gmail.com” site:s3.amazonaws.com -assets

site:*-*.static.optonline.net -Wilton -jWIN -Technics -Passover -Aural

inurl:’gov’ filetype:sql -github.com -gitlab.die -gitlab.die-netzmacher.de

‘Index Of’ site:*.be filetype:txt

allinurl:Warrants?bidId=

inurl:’users’ filetype:sql -github -gitlab -gitlab2

inurl:gov inurl:http -inurl:https

aspx?zone= site:example.org
extensions you can search for:

zip
db
sql
sqlite
mdb
log
ini
conf
config
pdf
xls
txt
xlsx
csv
doc
bak
conf
dat
dbconn
ora
pem
DB
ACCDB
NSF
FP7
ORC
json
RC
xml
tsv
orc
parquet
tar.gz
localstorage
7z
sh
raw
env
rar
DB
ACCDB
NSF
FP7

Check out the other entries in this series!

END TRANSMISSION

3 thoughts on “OSINT Escapades #2

Leave a Reply