Sign in or 
Share this
Google Search Hacking Contd... II
But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxy
So how bt if i tell u a different way to search
k lets do this type in the following statements n c d results
we can only provide u the guidelines, now u need to implement ur Creativity to Keep it rolling.
http://rahulhackingarticles.wetpaint.com/
Salary
Salary filetype: xls site: edu
Security social insurance number
Intitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance Number
Payroll intext: Employee intext: ssn Filetype: xlsFiletype: xls “checking account” “credit card” - intext: Application -intext:
Form (only 39 results)
Financial Information
Intitle: “Index of” finances.xls (9)
Personal Mailbox
Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)
Confidential Files
“not for distribution” confidential (1,760)
Confidential Files
“not for distribution” confidential filetype: pdf (marketing info) (456)
OS Detection
Use the keywords of the default installation page of a Web server to search.
Use the title to search
Use the footer in a directory index page
OS Detection-Windows
“Microsoft-IIS/5.0 server at”
OS Detection - Windows
Default web page?
Intitle: “Welcome to Windows 2000 Internet Services” IIS 5.0
OS Detection –Apache 1.3.11-1.3.26
Intitle: Test.Page.for.Apache seeing.this.instead
OS Detection-Apache SSL enable
Intitle: Test.page “SSL/TLS-aware” (127)
Search Passwords
Search the well known password filenames in URL
Search the database connection files or configuration files to find a password and username
Search specific username file for a specific product
Search Passwords
Inurl: etc inurl: passwd
Search Passwords
Intitle: “Index of..etc” passwd
Search Passwords
Intitle: “Index of..etc” passwd
Search Passwords
Inurl: admin.pwd filetype: pwd
Search Passwords
Filetype: inc dbconn
Search Passwords
Filetype: inc intext: mysql_connect
Search Passwords
Filetype: ini +ws_ftp +pwd (get the encrypted passwords)
Search Passwords
Filetype: log inurl: “password.log”
Search Username
+intext: "webalizer" +intext: “Total Usernames” +intext: “Usage Statistics for”
License Key
Filetype: lic lic intext: key (33) (license key)
Sensitive Directories Listing
Powerful buzz word: Index of
Search the well known vulnerable directories names
Sensitive Directories Listing
“index of cgi-bin” (3590)
Sensitive Directories Listing
Intitle: “Index of” cfide (coldfusion directory)
Sensitive Directories Listing
Intitle: index.of.winnt
Get the serial number you need ! (For Certain Things)
1) Go to Google.
2) Use Keyword as "Product name" 94FBR
3) Where, "Product Name" is the name of the item you want to find the serial number for.
4) And voila - there you go - the serial number you needed.
HOW DOES THIS WORK?
Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.
See these example searches:
| Code: |
| "Photoshop 7"+94FBR "Age of Mythology"+94FBR "Nero Burning Rom 5.5"+94FBR |
rahuldutt1 |
Latest page update: made by rahuldutt1
, Feb 2 2007, 4:09 AM EST
(about this update
About This Update
Edited by rahuldutt1
156 words added view changes - complete history) |
|
Keyword tags:
None
More Info: links to this page
|
| Started By | Thread Subject | Replies | Last Post | ||
|---|---|---|---|---|---|
| ptrmeps | Very interesting .. | 0 | Apr 6 2008, 7:54 PM EDT by ptrmeps | ||
|
Thread started: Apr 6 2008, 7:54 PM EDT
Watch
Amazing what one can do using google, it seems endless..
|
|||||
Showing 1 of 1 threads for this page
