How To Find Unprotected Website Directories & Get “Interesting” Files

Ads by Google

With all the risks involved in using file sharing networks, browsing unprotected website directories is probably a lot easier and safer.  Only when you start doing that do you realise half the stuff that people keep in their website folders (Sports Illustrated magazines!)

Then you start to realise how silly they are for not password protecting those folders and leaving them wide open for the whole world to walk in and take a look!

This might be really old news for a lot of people but I thought I would just quickly jot down the search parameters for finding files in unprotected website directories.

In case you don’t know, an unprotected website directory is a website that doesn’t have an “index” file created for it – index.htm, index.html, index.php.  So if you try to access a website directory which doesn’t have a password controlling it or which doesn’t have an index page, you will be able to see a list of all the files and folders that are inside that directory. If you can see that, you can then click on the files and both download them and open them.

Here’s what a typical unprotected directory looks like :

Directories like these will have all kinds of files. Things like pictures, music, video files, documents, you name it.

Ads by Google

Now you can do a general search and go through literally hundreds of thousands of these directories. But to do that sort of search is both time consuming and a bit mind numbing. But if you want to do it, just put into the search box (be it Google, Yahoo, whatever) the following search string :

-inurl(html|htm|php) intitle:”index of” +”last modified” +”parent directory” +description +size

This will bring up EVERYTHING and you can go hunting for whatever you can find.  Good luck.

But don’t you want to be selective?  Don’t you want to look for something in particular?  Well, if so, you can change the search string to look for ONLY pictures or ONLY music or ONLY video.  So….

-inurl:(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(wmv|avi)

This will only look for wmv and avi video files.  You can easily alter it if you don’t want “wmv” or “avi” or if you want “mpg” instead.   You get the idea.

-inurl:(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(jpg|gif)

This will only look for jpg and gif files. Again, you can alter the file formats to suit yourself.

-inurl:(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(wma|mp3)

This will only look for wma and mp3 music files.  Again you can easily change the file formats to suit yourself.

Just put the search string you need into the search engine box.   Then hit the ‘enter’ button and your results will come up.   I guarantee you’ll be hooked for ages trying to see what you can find!   You can also put a certain search term after your file format so :

[-inurl:(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(jpg|gif) “britney spears”]

Obviously you are not going to get perfect results.   You are going to have to wade through a lot of irrelevant and useless stuff some of the time but quite often you do find a lot of good stuff too.   It’s quite fun peeking into people’s unprotected folders seeing what they have stashed away.   Stuff like embarrassing photos, drunken videos, “provocative” material, and much more.

Some people have embedded these search algorithims into software which makes it easier to search for files.  One of them is Clickster which I reviewed last May. It searches for MP3’s in peoples unprotected directories and it has a very nice simple GUI.

Some of you might say what right do we have to go browsing through people’s website folders?   But look at it this way – these people posted this stuff online – in an unprotected unsecure website folder. It’s as if they are asking for it to be found. They are making no effort to keep it hidden or secure and putting it out on the World Wide Web is the most stupidest thing in the world to do if you want to keep something private and hidden.

So go out there, find it and enjoy it. Oh and let us know in the comments some of the stuff you managed to find in your searches.

Image Credit : dullhunk

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Web for Kids
Web for Kids
19 Members
Deep Web Communities
Deep Web Communities
33 Members
Awesome Websites
Awesome Websites
67 Members
Best Music Services
Best Music Services
25 Members
Ads by Google
Comments (36)
  • Ali raza

    How can I run these commands for specific website?

    Thanks

  • Aswath

    hi i need a video demo on this . pls anyone share a link

  • Peter

    So, in fact, is this still a valid procedure? Thanks for your update.

  • Peter

    Just noticed that these comments were posted before snowden… hm sorry guys… you may have changed your point of view since then..

  • Peter

    So you guys hate Snowden too? You consider that knowledge should be limited to a group of privileged people?

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.