A credential dumps is a list of usernames (usually email addresses) and their related passwords. They might have additional information such as address, credit card details, etc.
And amazingly, some attackers and attack tools publish this information to Pastebin. Pastebin is a site that allows you to paste text into it, get a unique URL for the text, and you can share the URL with somebody else. It’s also a good way to have bots dump their stolen credentials so you can retrieve them without running your own command and control infrastructure. Or a way to share a sample of your stolen credentials with a buyer.
The Googledork contains a qualifier for content just on pastebin.com plus either the key phrase “combo list” or a list of common email domains plus your own domain.
The Googledorks are…
site:pastebin.com “combo list” <yourdomain.com>
site:pastebin.com yahoo.com gmail.com hotmail.com <yourdomain.com>
For this series on Blue Team Googledorks, the introduction post has the information on how to generate your own searches and how to automate the process.
Published on May 6, 2021.
Last Updated on 1 month ago.