GHDB :: Error Messages
| Date | Title | Summary | |
| 2003-06-24 | Coldfusion Error Pages |
These aren't too horribly bad, but there are SO MANY of them. These sites got googlebotted while the site was having "technical difficulties … |
 |
| 2003-06-24 | MYSQL error message: supplied argument…. |
One of many potential error messages that spew interesting information. The results of this message give you real path names inside the webserver as w … |
|
| 2003-08-15 | "Chatologica MetaSearch" "stack tra… |
There is soo much crap in this error message… Apache version, CGI environment vars, path names, stack-freaking-dumps, process ID's, perl versio … |
|
| 2004-01-09 | ORA-00921: unexpected end of SQL command |
Another SQL error message from Cesar. This one coughs up full web pathnames and/or php filenames. … |
|
| 2004-03-04 | sitebuildercontent | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names … |
|
| 2004-03-04 | sitebuilderfiles | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names … |
|
| 2004-03-04 | sitebuilderpictures | This is a default directory for the sitebuilder web design software program. If these people posted web pages with default sitebuilder sirectory names … |
|
| 2004-03-04 | IIS 4.0 error messages |
IIS 4.0 servers. Extrememly old, incredibly easy to hack… … |
|
| 2004-03-04 | Windows 2000 web server error messages |
Windows 2000 web servers. Aging, fairly easy to hack, especially out of the box… … |
|
| 2004-03-04 | IIS web server error messages |
This query finds various types of IIS servers. This error message is fairly indicative of a somewhat unmodified IIS server, meaning it may be easier t … |
|
| 2004-03-04 | Internal Server Error |
This one shows the type of web server running on the site, and has the ability to show other information depending on how the message is internally fo … |
|
| 2004-03-04 | mysql error with query |
Another error message, this appears when an SQL query bails. This is a generic mySQL message, so there's all sort of information hackers can use, … |
|
| 2004-03-04 | sQL syntax error | Another generic SQL message, this message can display path names and partial SQL code, both of which are very helpful for hackers… … |
|
| 2004-03-04 | ORA-00936: missing expression |
A generic ORACLE error message, this message can display path names, function names, filenames and partial database code, all of which are very helpfu … |
|
| 2004-03-04 | "Supplied argument is not a valid MySQL resul… |
Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for ha … |
|
| 2004-03-04 | ORA-00921: unexpected end of SQL command |
Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for ha … |
|
| 2004-03-04 | "ORA-00933: SQL command not properly ended&qu… |
An Oracle error message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hacker … |
|
| 2004-03-04 | "Unclosed quotation mark before the character… |
An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker … |
|
| 2004-03-04 | "Incorrect syntax near" |
An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker … |
|
| 2004-03-04 | "Incorrect syntax near" |
An SQL Server error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker … |
|
| 2004-03-04 | "PostgreSQL query failed: ERROR: parser: pa… |
An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker … |
|
| 2004-03-04 | supplied argument is not a valid PostgreSQL result |
An PostgreSQL error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hacker … |
|
| 2004-03-04 | "Syntax error in query expression " -the |
An Access error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers… … |
|
| 2004-03-04 | "An illegal character has been found in the s… |
An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers. … |
|
| 2004-03-04 | "A syntax error has occurred" filetype:i… |
An Informix error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers … |
|
| 2004-03-04 | "detected an internal error [IBM][CLI Driver]… |
A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for … |
|
| 2004-03-04 | An unexpected token "END-OF-STATEME NT" w… |
A DB2 error message, this message can display path names, function names, filenames, partial code and program state, all of which are very helpful for … |
|
| 2004-03-04 | "Warning: Cannot modify header information – … |
A PHP error message, this message can display path names, function names, filenames and partial code, all of which are very helpful for hackers… … |
|
| 2004-03-04 | "access denied for user" "using pas… |
Another SQL error message, this message can display the username, database, path names and partial SQL code, all of which are very helpful for hackers … |
|
| 2004-03-04 | intitle:"Under construction" "does … |
This error message can be used to narrow down the operating system and web server version which can be used by hackers to mount a specific attack. … |
|
| 2004-03-04 | "Can't connect to local" intitle:wa… |
Another SQL error message, this message can display database name, path names and partial SQL code, all of which are very helpful for hackers… … |
|
| 2004-03-16 | filetype:asp "Custom Error Message" Cate… |
This is an ASP error message that can reveal information such as compiler used, language used, line numbers, program names and partial source code. … |
|
| 2004-03-16 | "Fatal error: Call to undefined function"… |
This error message can reveal information such as compiler used, language used, line numbers, program names and partial source code. … |
|
| 2004-03-11 | warning "error on line" php sablotron |
sablotron is an XML toolit thingie. This query hones in on error messages generated by this toolkit. These error messages reveal all sorts of interest … |
|
| 2004-04-19 | intitle:"Error Occurred" "The error… |
This is a typical error message from ColdFusion. A good amount of information is available from an error message like this including lines of source c … |
|
| 2004-04-28 | intitle:"Execut ion of this script not permitt… |
This is a cgiwrap error message which displays admin name and email, port numbers, path names, and may also include optional information like phone nu … |
|
| 2004-05-28 | "Invision Power Board Database Error" |
These are SQL error messages, ranging from to many connections, access denied to user xxx, showing full path info to the php files etc.. There is an e … |
|
| 2004-06-15 | intitle:"Error using Hypernews" "Se… |
HyperNews is a cross between the WWW and Usenet News. Readers can browse through the messages written by other people and reply to those messages. Thi … |
|
| 2004-06-24 | intitle:"Error Occurred While Processing Requ… |
Cold fusion error messages logging the SQL SELECT or INSERT statements and the location of the .cfm file on the webserver.An attacker could use this i … |
|
| 2004-06-24 | ht://Dig htsearch error |
The ht://Dig system is a complete world wide web indexing and searching system for a domain or intranet. A list of publically available sites that use … |
|
| 2004-07-09 | intext:"Warning : Failed opening" "o… |
These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and incl … |
|
| 2004-07-14 | PHP application warnings failing "include_pat… |
These error messages reveal information about the application that created them as well as revealing path names, php file names, line numbers and incl … |
|
| 2004-07-16 | "Internal Server Error" "server at&… |
We have a similar search already, but it relies on "500 Internal Server" which doesn't appear on all errors like this one. It reveals t … |
|
| 2004-07-16 | filetype:php inurl:"logging. php" "D… |
Discuz! Board error messages related to MySQL. The error message may be empty or contain path information or the offending SQL statement. All discuz! … |
|
| 2004-07-16 | "ORA-12541: TNS:no listener" intitle:&qu… |
In many cases, these pages display nice bits of SQL code which can be used by an attacker to mount attacks against the SQL database itself. Other piec … |
|
| 2004-07-26 | "ASP.NET_Sessio nId" "data source=&q… |
.NET pages revealing their datasource and sometimes the authentication credentials with it. The complete debug line looks something like this for exam … |
|
| 2004-07-29 | "error found handling the request" cocoo… |
Cocoon is an XML publishing framework. It allows you to define XML documents and transformations to be applied on it, to eventually generate a present … |
|
| 2004-08-14 | filetype:log "PHP Parse error" | "P… |
This search will show an attacker some PHP error logs wich may contain information on wich an attack can be based. … |
|
| 2004-08-25 | "Warning: pg_connect(): Unable to connect to … |
This search reveals Postgresql servers in yet another way then we had seen before. Path information appears in the error message and sometimes databas … |
|
| 2004-09-07 | snitz! forums db path error |
snitz forums uses a microsoft access databases for storage and the default name is "Snitz_forums_2000.mdb". The installation recommends chan … |
|
| 2004-10-16 | "The script whose uid is " "is not … |
This PHP error message is revealing the webserver's directory and user ID. … |
|
| 2004-11-13 | intitle:Configuratio n.File inurl:softcart.exe |
This search finds configuration file errors within the softcart application. It includes the name of the configuration file and discloses server file … |
|
| 2004-11-28 | "Warning: mysql_query()" "invalid q… |
MySQL query errors revealing database schema and usernames. … |
|
| 2005-01-26 | intext:"Error Message : Error loading require… |
This throws up pages which contain "CGI ERROR" reports – which include the file (and line number) of the errors occurence, the version of Pe … |
|
| 2005-04-05 | Netscape Application Server Error page |
This error message highlights potentially unpatched or misconfigured Netscape Application Server or iPlanet application servers. An inquisitive mind w … |
|
| 2005-04-07 | "SQL Server Driver][SQL Server]Line 1: In… |
you can find many servers infected with sql injection … |
|
| 2005-04-26 | "Parse error: parse error, unexpected T_VARIA… |
PHP error with a full web root path disclosure … |
|
| 2005-04-26 | intitle:"Defaul t PLESK Page" |
Plesk Server Administrator (PSA) is web based software that enables remote administration of web servers. It can be used on Linux and other systems th … |
|
| 2005-08-16 | "There seems to have been a problem with the&… |
search reveals database errors on vbulletin sites. View the page source and you can get information about the sql query executed, this can help in all … |
|
| 2005-09-25 | "Warning: Supplied argument is not a valid Fi… |
This error message cqan reveal path information. This message (like other error messages) is often posted to help forums, although the message still r … |
|
| 2005-09-25 | "Warning:" "SAFE MODE Restriction i… |
This error message reveals full path information. Recommend use of site: operator to narrow searches. … |
|
| 2006-03-13 | filetype:asp + "[ODBC SQL" |
This search returns more than just the one I saw already here. This one will return all ODBC SQL error pages including all data returned in the error. … |
|
| 2006-04-25 | "Warning: Division by zero in" "on … |
Just another error that reveals full paths. … |
|
| 2006-04-25 | "Warning: mysql_connect(): Access denied for … |
This dork reveals logins to databases that were denied for some reason. … |
|
| 2006-04-25 | "Warning:" "failed to open stream: … |
Just another error message. … | |
| 2006-04-25 | "Warning: Bad arguments to (join|implode) () … |
and another error. open it from cache when not working. … |
|
| 2006-04-25 | "Unable to jump to row" "on MySQL r… |
another error message … | |
| 2006-06-15 | intitle:"Apache Tomcat" "Error Repo… |
Apache Tomcat Error messages. These can reveal various kinds information depending on the type of error. … |
|
