What Is Google Hacking? And How To Execute It? Penetration Testers

0
137

Here is a small tutorial explaining you the basic commands of google hacking,you can play with them and make your own etc.google hacking for penetration testers hacking tools …

An Introduction:

Google Hacking

Google ( http://www.google.com ), can give lots of info to a hacker, to download files etc. The reason is because google has lots of options on its search engine.

Google search options:

FileType:

We can search for specific files ex. *.xls, *.doc, *.pdf, *.ps, *.ppt, *.rtf, *.db, *.mdb, *.cfg, *.pwd, *.dat, etc. – usage example.:

Google Hacking

Filetype:xls “pass”

Google Hacking

Inurl: We can specify a word, and it will return us all urls which contains the word – usage example.: inurl:admin

” Index of ” : We can find directory listings of specific folders on servers – usage example.: “index of” admin or index.of.admin

Site: We can find specific sites (domain names) ex. *.com, *.org, *.mi, *.gov, etc. – usage exaple.: site:gov or site:gov “Soprano”

Intitle: We can find specific urls with a specific title – usage example.: intitle:securityillusions

Link: Allows us to check which site links to a specific site – usage example.: link:security illusions

“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Note: that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.

Credit Cards:

Amex Numbers: 300000000000000..399999999999999 MC Numbers: 5178000000000000..5178999999999999 visa 4356000000000000..4356999999999999

Music Search

Google Hacking

Put this string in google search:

?intitle:index.of? mp3

You only need the name of the song/artist/album

Example: ?intitle:index.of? mp3 Tupac

File Types:

Put this string in google search:

inurl:microsoft filetype:iso

Note: You can change the filetype to what ever you want example: inurl:microsoft filetype:adobe,inurl:microsoft filetype:zip,inurl:microsoft filetype:jpg

Misc Commands: google hacking for penetration testers

Google Hacking for penetration testers

“# -FrontPage-” inurl:service.pwd : Frontpage passwords…very nice clean search result listing.

“AutoCreate=TRUE password=*” : This searches the password for “Website Access Analyzer”, a Japanese software that creates webstatistics. For those who can read Japanese, check out the author’s site at: http://www.coara.or.jp/~passy/

“http://*:*@www” domainname : This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

http://*:*@www” bangbus or “http://*:*@www”bangbus : Simple commands to find username and passwords for specific sites, Another way is by just typing “http://bob:[email protected]

“sets mode: +k”: This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

allinurl: admin mdb : Not all of these pages are administrator’s access databases containing usernames, passwords and other sensitive information, but many are!

allinurl:auth_user_file.txt : DCForum’s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)

Hacking and stealing information.

By combining these options, we can get lots of infos and to steal files etc. Lets see some examples and howto.

inurl:gov filetype:xls “restricted” (will return all goverment sites with excel files with the name “restricted”)

inurl:admin.cfg (admin.cfg, most of times is an admin configuration file. It may be as admin.cfg or config.cfg or setup.cfg . These files contain sensitive informations).

Content Manager Systems: Are softwares that allows the webmaster to edit, alter and control the content of his site. Those kind uses online control panels usually named cms.html, panel.html or control.cfg. Just use the inurl option.

Webadmin: This is a small software that many admins use for editing their sites and uploading files remotely. The main page for the webadmin control centre is called webeditor.php (more infos and to download at http://wacker-welt.de/webadmin/ ). So, we search for webeditor.php example. inurl:webeditor.php (if the admin failed to protect these pages, we can gain full access). The upload file usally is file_upload.php, so we can directly search for this file example. inurl:file_upload.php).

General Notes:

  • Try searching for strings in different languages
  • Learn more about different softwares that webmasters use, find important files and search for
  • You can find different vulnerabilities (example. by taking the list of a vulnerabilitie scanner or by checking the net) and combine them with your strings or to get new ideas for strings to search for.

google hacking for penetration testers.

LEAVE A REPLY

Please enter your comment!
Please enter your name here