Table 8.9 shows some queries that can be used to locate various login portals. Refer to
Chapter 4 for more information about login portals and the information they reveal.
Table 8.9 Queries That Locate Login Portals
Login Portal Query
.NET login pages ASP.login_aspx “ASP.NET_SessionId”
4images Gallery “4images Administration Control Panel”
Aanval Intrusion Detection intitle:”remote assessment” OpenAanval
Console Console
ActiveX Login inurl:”Activex/default.htm” “Demo”
Affiliate Tracking Software intitle:”iDevAffiliate - admin” -demo
Aimoo intitle:”Login to the forums -
@www.aimoo.com” inurl:login.cfm?id=
AlternC Desktop intitle:”AlternC Desktop”
Ampache intitle:Ampache intitle:”love of music” pass-
word | login | “Remember Me.” -welcome
Anyboard Login Portals intitle:”Login Forum Powered By AnyBoard”
intitle:”If you are a new user:” intext:”Forum
Powered By AnyBoard” inurl:gochat -edu
aspWebCalendar inurl:”calendar.asp?action=login”
Asterisk Recording Interface intitle:ARI “Phone System Administrator”
Athens Access Management intitle:”Athens Authentication Point”
system
b2evolution intitle:”b2evo > Login form” “Login form. You
must log in! You will have to accept cookies in
order to log in” -demo -site:b2evolution.net
Bariatric Advantage inurl:”/?pagename=AdministratorLogin”
BEA WebLogic Server 8.1 intitle:”WebLogic Server” intitle:”Console
Login” inurl:console
betaparticle “bp blog admin” intitle:login | intitle:admin -
site:johnny.ihackstuff.com
bitboard2 intext:””BiTBOARD v2.0” BiTSHiFTERS Bulletin

Board”
Blogware Login Portal intitle:”Admin Login” “admin login” “blog-
ware”
Cacti intitle:”Login to Cacti”
Cash Crusader “site info for” “Enter Admin Password”
Tracking Down Web Servers, Login Portals, and Network Hardware • Chapter 8 311
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 311
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
CGIIRC filetype:cgi inurl:”irc.cgi” | intitle:”CGI:IRC
Login”
CGIIRC inurl:irc filetype:cgi cgi:irc
Cisco CallManager CallManager intitle:”Cisco CallManager User Options Log
On” “Please enter your User ID and Password
in the spaces provided below and click the Log
On button to co
Cisco VPN 3000 concentrators intitle:”inc. vpn 3000 concentrator”
Cisco WebVPN Services Module inurl:webvpn.html “login” “Please enter your”
Citrix Metaframe inurl:metaframexp/default/login.asp |
intitle:”Metaframe XP Login”
Citrix Metaframe inurl:/Citrix/Nfuse17/
CMS/Blogger inurl:textpattern/index.php
ColdFusion intitle:”ColdFusion Administrator Login”
ColdFusion inurl:login.cfm
Communigate Pro intitle:communigate pro entrance
Confixx inurl:confixx inurl:login|anmeldung
Coranto inurl:coranto.cgi intitle:Login (Authorized
Users Only)
CPanel inurl::2082/frontend -demo

Create Pro. inurl:csCreatePro.cgi
CUPS inurl:”631/admin” (inurl:”op=*”) |
(intitle:CUPS)
CuteNews “powered by CuteNews” “2003 2005
CutePHP”
Cyclades TS1000 and TS2000 allintitle:”Welcome to the Cyclades”
Web Management Service
Dell OpenManage inurl:”usysinfo?login=true”
Dell Remote Access Controller intitle:”Dell Remote Access Controller”
Docutek Eres intitle:”Docutek ERes - Admin Login” -edu
DWMail “Powered by DWMail” password
intitle:dwmail
Easy File Sharing Web Server intitle:”Login - powered by Easy File Sharing
Web
EasyAccess Web inurl:ids5web
312 Chapter 8 • Tracking Down Web Servers, Login Portals, and Network Hardware
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 312
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
EasySite “You have requested access to a restricted area
of our website. Please authenticate yourself to
continue.”
Ecommerce inurl:”vsadmin/login” | inurl:”vsadmin/admin”
inurl:.php|.asp -”Response.Buffer = True” -
javascript
eHealth inurl:bin.welcome.sh | inurl:bin.welcome.bat |
intitle:eHealth.5.0
Emergisoft “Emergisoft web applications are a part of
our”

eMule intitle:”eMule *” intitle:”- Web Control Panel”
intext:”Web Control Panel” “Enter your pass-
word here.”
Ensim WEBppliance Pro. intitle:”Welcome Site/User Administrator”
“Please select the language” -demos
Enterprise Manager 10g Grid inurl:1810 “Oracle Enterprise Manager”
Control
ePowerSwitch D4 Guard intitle:”ePowerSwitch Login”
eRecruiter intitle:”OnLine Recruitment Program - Login” -
johnny.ihackstuff
eXist intitle:”eXist Database Administration” -demo
Extranet login pages intitle:”EXTRANET login” edu mil gov -
johnny.ihackstuff
eZ publish Admin intitle:”eZ publish administration”
EZPartner intitle:”EZPartner” -netpond
Fiber Logic Management “Web-Based Management” “Please input pass-
word to login” -inurl:johnny.ihackstuff.com
Flash Operator Panel intitle:”Flash Operator Panel” -ext:php -wiki -
cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE
-inurl:lists
FlashChat FlashChat v4.5.7
Free Perl Guestbook (FPG) ext:cgi intitle:”control panel” “enter your
owner password to continue!”
Generic inurl:login.asp
Generic inurl:/admin/login.asp
Generic “please log in”
Tracking Down Web Servers, Login Portals, and Network Hardware • Chapter 8 313
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 313
Table 8.9 continued Queries That Locate Login Portals

Login Portal Query
Generic “This section is for Administrators only. If you
are an administrator then please”
Generic intitle:”Member Login” “NOTE: Your browser
must have cookies enabled in order to log into
the site.” ext:php OR ext:cgi
Generic (with password) intitle:”please login” “your password is *”
GNU GNATS inurl:gnatsweb.pl
GradeSpeed inurl:”gs/adminlogin.aspx”
GreyMatter “login prompt” inurl:GM.cgi
Group-Office intitle:Group-Office “Enter your username and
password to login”
HostingAccelerator ControlPanel “HostingAccelerator” intitle:”login”
+”Username” -”news” -demo
HP WBEM Clients intitle:”*- HP WBEM Login” | “You are being
prompted to provide login account informa-
tion for *” | “Please provide the information
requested and press
H-SPHERE intext:”Welcome to” inurl:”cp” intitle:”H-
SPHERE” inurl:”begin.html” -Fee
IBM TotalStorage Open Software intext:”Storage Management Server for”
intitle:”Server Administration”
IBM WebSphere allinurl:wps/portal/ login
Icecast intext:”Icecast Administration Admin Page”
intitle:”Icecast Administration Admin Page”
iCMS intitle:”Content Management System” “user
name”|”password”|”admin” “Microsoft IE 5.5”
-mambo -johnny.ihackstuff
iCMS intitle:”Content Management System” “user
name”|”password”|”admin” “Microsoft IE 5.5”

-mambo -johnny.ihackstuff
iCONECTnxt “iCONECT 4.1 :: Login”
IlohaMail intitle:ilohamail intext:”Version 0.8.10”
“Powered by IlohaMail”
IlohaMail intitle:ilohamail “Powered by IlohaMail”
IMail Server “IMail Server Web Messaging” intitle:login
314 Chapter 8 • Tracking Down Web Servers, Login Portals, and Network Hardware
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 314
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
INDEXU +”Powered by INDEXU”
inurl:(browse|top_rated|power
Inspanel “inspanel” intitle:”login” -”cannot” “Login ID”
-site:inspediumsoft.com
Intranet login pages intitle:”Employee Intranet Login”
iPlanet Messenger Express “This is a restricted Access Server” “Javascript
Not Enabled!”|”Messenger Express” -edu -ac
I-Secure intitle:”i-secure v1.1” -edu
ISPMan intitle:”ISPMan : Unauthorized Access prohib-
ited”
Jetbox Login (“Powered by Jetbox One CMS” |
“Powered by Jetstream *”)
Kerio Mail server inurl:”default/login.php” intitle:”kerio”
Kurant StoreSense admin logon intitle:”Kurant Corporation StoreSense” file-
type:bok
Lights Out “Establishing a secure Integrated Lights Out
session with” OR intitle:”Data Frame - Browser
not HTTP 1.1 compatible” OR intitle:”HP
Integrated Lights-

Linux Openexchange Server filetype:pl “Download: SuSE Linux
Openexchange Server CA”
Listmail intitle:”ListMail Login” admin -demo
Lotus Domino inurl:names.nsf?opendatabase
Lotus Domino Web inurl:”webadmin” filetype:nsf
Administration.
MailEnable Standard Edition inurl:mewebmail
MailMan intitle:”MailMan Login”
Mailtraq WebMail intitle:”Welcome to Mailtraq WebMail”
Mambo inurl:administrator “welcome to mambo”
MDaemon intitle:”WorldClient” intext:”(2003|2004) Alt-N
Technologies.”
Merak Email Server “Powered by Merak Mail Server Software” -
.gov mil edu -site:merakmailserver.com -
johnny.ihackstuff
Merak Email Server intitle:”Merak Mail Server Web
Administration” -ihackstuff.com
Tracking Down Web Servers, Login Portals, and Network Hardware • Chapter 8 315
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 315
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
MetaFrame Presentation Server inurl:Citrix/MetaFrame/default/default.aspx
Microsoft Certificate Services intitle:”microsoft certificate services”
Authority (CA) inurl:certsrv
Microsoft CRM Login portal. “Microsoft CRM : Unsupported Browser
Version”
Microsoft Outlook or allinurl:”exchange/logon.asp”
Microsoft Exchange
Microsoft Outlook or inurl:”exchange/logon.asp” OR

Microsoft Exchange intitle:”Microsoft Outlook Web Access -
Logon”
Microsoft Software Update inurl:/SUSAdmin intitle:”Microsoft Software
Services Update Services”
Microsoft’s Remote Desktop intitle:Remote.Desktop.Web.Connection
Web Connection inurl:tsweb
Midmart Messageboard “Powered by Midmart Messageboard”
“Administrator Login”
Mikro Tik Router intitle:”MikroTik RouterOS Managing
Webpage”
Mitel 3300 Integrated “intitle:3300 Integrated Communications
Communications Platform (ICP) Platform” inurl:main.htm
Miva Merchant inurl:/Merchant2/admin.mv |
inurl:/Merchant2/admin.mvc | intitle:”Miva
Merchant Administration Login” -inurl:cheap-
malboro.net
Monster Top List “Powered by Monster Top List” MTL num-
range:200-
MX Logic intitle:”MX Control Console” “If you can’t
remember”
Neoteris Instant Virtual inurl:/dana-na/auth/welcome.html
Extranet (IVE)
Netware servers ( v5 and up ) Novell NetWare intext:”netware management
portal version”
Novell Groupwise intitle:Novell intitle:WebAccess “Copyright *-*
Novell, Inc”
Novell GroupWise intitle:”Novell Web Services” intext:”Select a
service and a language.”
316 Chapter 8 • Tracking Down Web Servers, Login Portals, and Network Hardware
Continued

452_Google_2e_08.qxd 10/5/07 1:03 PM Page 316
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
Novell GroupWise intitle:”Novell Web Services” “GroupWise” -
inurl:”doc/11924” mil edu gov -filetype:pdf
Novell login portals intitle:”welcome to netware *” -
site:novell.com
oMail-webmail intitle:”oMail-admin Administration - Login” -
inurl:omnis.ch
Open groupware intitle:opengroupware.org “resistance is obso-
lete” “Report Bugs” “Username” “password”
Openexchange Server intitle:”SuSE Linux Openexchange Server”
“Please activate JavaScript!”
Openexchange Server inurl:”suse/login.pl”
OpenSRS Domain “OPENSRS Domain Management”
Management System inurl:manage.cgi
Open-Xchange 5 intitle:open-xchange inurl:login.pl
Oracle Single Sign-On solution inurl:orasso.wwsso_app_admin.ls_login
Oscommerce Admin inurl:”/admin/configuration. php?” Mystore
Outlook Web Access Login Portal inurl:exchweb/bin/auth/owalogon.asp
Ovislink intitle:Ovislink inurl:private/login
pcANYWHERE EXPRESS Java Client “pcANYWHERE EXPRESS Java Client”
Philex intitle:”Philex 0.2*” -script -site:freelists.org
Photo Gallery Managment “Please authenticate yourself to get access to
Systems the management interface”
PhotoPost -Login inurl:photopost/uploadphoto.php
PHP Advacaned TRansfer intitle:”PHP Advanced Transfer”
inurl:”login.php”
PHP iCalendar intitle:”php icalendar administration” -
site:sourceforge.net

PHP iCalendar intitle:”php icalendar administration” -
site:sourceforge.net
PHP Poll Wizard 2 Please enter a valid password! inurl:polladmin
PHP121 inurl:”php121login.php”
PHPhotoalbum intitle:”PHPhotoalbum - Upload” |
inurl:”PHPhotoalbum/upload”
PHPhotoalbum inurl:PHPhotoalbum/statistics
intitle:”PHPhotoalbum - Statistics”
Tracking Down Web Servers, Login Portals, and Network Hardware • Chapter 8 317
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 317
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
phpMySearch inurl:search/admin.php
PhpNews intitle:phpnews.login
phpPgAdmin intitle:”phpPgAdmin - Login” Language
PHProjekt intitle:”PHProjekt - login” login password
PHPsFTPd “Please login with admin pass” -”leak” -
sourceforge
PhpWebMail filetype:php login
(intitle:phpWebMail|WebMail)
Plesk intitle:plesk inurl:login.php3
Plesk inurl:+:8443/login.php3
Polycom WebCommander inurl:default.asp intitle:”WebCommander”
Postfix intext:”Mail admins login here to administrate
your domain.”
Postfix Admin login pages inurl:postfixadmin intitle:”postfix admin”
ext:php
Qmail intext:”Master Account” “Domain Name”
“Password” inurl:/cgi-bin/qmailadmin

Qmail intext:”Master Account” “Domain Name”
“Password” inurl:/cgi-bin/qmailadmin
Quicktime streaming server inurl:”1220/parse_xml.cgi?”
Real Estate intitle:”site administration: please log in” “site
designed by emarketsouth”
RemotelyAnywhere inurl:2000 intitle:RemotelyAnywhere -
site:realvnc.comg
Request System (inurl:”ars/cgi-bin/arweb?O=0” |
inurl:arweb.jsp)
RT intitle:Login intext:”RT is * Copyright”
rymo (intitle:”rymo Login”)|(intext:”Welcome to
rymo”) -family
Sak Mail intitle:endymion.sak.mail.login.page |
inurl:sake.servlet
SalesLogix inurl:”/slxweb.dll/external?name=
(custportal|webticketcust)”
SAP Internet Transaction Server intitle:”ITS System Information” “Please log on
to the SAP System”
318 Chapter 8 • Tracking Down Web Servers, Login Portals, and Network Hardware
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 318
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
ServiceDesk intitle:”AdventNet ManageEngine ServiceDesk
Plus” intext:”Remember Me”
SFXAdmin intitle:”SFXAdmin - sfx_global” |
intitle:”SFXAdmin - sfx_local” |
intitle:”SFXAdmin - sfx_test”
Shockwave (Flash) login inurl:login filetype:swf swf
SHOUTcast intitle:”SHOUTcast Administrator”

inurl:admin.cgi
Sift Group intitle:”Admin login” “Web Site
Administration” “Copyright”
SilkRoad Eprise inurl:/eprise/
SilkyMail (intitle:”SilkyMail by Cyrusoft International, Inc
SquirrelMail inurl:login.php “SquirrelMail version”
SquirrelMail “SquirrelMail version” “By the SquirrelMail
Development Team”
SQWebmail. inurl:/cgi-bin/sqwebmail?noframes=1
Sun Cobalt RaQ “Login - Sun Cobalt RaQ”
Supero Doctor III Remote intitle:”Supero Doctor III” -inurl:supermicro
Management
Surgemail “SurgeMAIL” inurl:/cgi/user.cgi ext:cgi
Synchronet Bulletin Board System intitle:Node.List Win32.Version.3.11
SysCP “SysCP - login”
Tarantella “ttawlogin.cgi/?action=”
TeamSpeak intitle:”teamspeak server-administration
Terracotta web manager “You have requested to access the manage-
ment functions” edu
This finds login portals for intitle:”Tomcat Server Administration”
Apache Tomcat, an open source
Java servlet container which can
run as a standalone server or
with an Apache web server.
Topdesk intitle:”TOPdesk ApplicationServer”
TrackerCamà intitle:(“TrackerCam Live Video”)|(“TrackerCam
Application Login”)|(“Trackercam Remote”) -
trackercam.com
TUTOS intitle:”TUTOS Login”
Tracking Down Web Servers, Login Portals, and Network Hardware • Chapter 8 319

Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 319
Table 8.9 continued Queries That Locate Login Portals
Login Portal Query
TWIG intitle:”TWIG Login”
TYPO3 inurl:”typo3/index.php?u=” -demo
UBB.classic inurl:cgi-bin/ultimatebb.cgi?ubb=login
UBB.threads (intitle:”Please login - Forums powered by
UBB.threads”)|(inurl:login.php “ubb”)
UebiMiau “Powered by UebiMiau” -site:sourceforge.net
Ultima Online game. filetype:cfg login “LoginServer=”
UltiPro Workforce Management inurl:”utilities/TreeView.asp”
Usermin “Login to Usermin” inurl:20000
vBulletin inurl:/modcp/ intext:Moderator+vBulletin
vBulletin Admin Control Panel intext:”vbulletin” inurl:admincp
VHCS “VHCS Pro ver” -demo
vHost intitle:”vhost” intext:”vHost . 2000-2004”
VISAS intitle:”Virtual Server Administration System”
VisNetic WebMail intitle:”VisNetic WebMail” inurl:”/mail/”
VitalQIP Web Client intitle:”VitalQIP IP Management System”
VMware GSX Server intitle:”VMware Management Interface:”
inurl:”vmware/en/”
VNC “VNC Desktop” inurl:5800
VNC intitle:”VNC viewer for Java”
VOXBOX intitle:asterisk.management.portal web-access
webadmin. filetype:php inurl:”webeditor.php”
WebConnect inurl:WCP_USER
Web-cyradm intitle:”web-cyradm”|”by Luc de Louw” “This is
only for authorized users” -tar.gz -site:web-
cyradm.org -johnny.ihackstuff

WebEdit inurl:/webedit.* intext:WebEdit Professional -
html
WebExplorer Server “WebExplorer Server - Login” “Welcome to
WebExplorer Server”
Webmail intitle:Login * Webmailer
Webmail inurl:webmail./index.pl “Interface”
Webmail intitle:”Login to @Mail” (ext:pl | inurl:”index”)
-dwaffleman
320 Chapter 8 • Tracking Down Web Servers, Login Portals, and Network Hardware
Continued
452_Google_2e_08.qxd 10/5/07 1:03 PM Page 320