Wednesday, October 17, 2007

googlw sech-2

Google Search Hacking Contd... II



But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxy


So how bt if i tell u a different way to search
k lets do this type in the following statements n c d results
we can only provide u the guidelines, now u need to implement ur Creativity to Keep it rolling.

http://rahulhackingarticles.wetpaint.com/




Salary

Salary filetype: xls site: edu



Security social insurance number

Intitle: Payroll intext: ssn filetype: xls site: edu


Security Social Insurance Number
Payroll intext: Employee intext: ssn Filetype: xls


Filetype: xls “checking account” “credit card” - intext: Application -intext:
Form (only 39 results)



Financial Information

Intitle: “Index of” finances.xls (9)



Personal Mailbox

Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)



Confidential Files

“not for distribution” confidential (1,760)
Confidential Files
“not for distribution” confidential filetype: pdf (marketing info) (456)


OS Detection
Use the keywords of the default installation page of a Web server to search.
Use the title to search
Use the footer in a directory index page


OS Detection-Windows
“Microsoft-IIS/5.0 server at”


OS Detection - Windows
Default web page?
Intitle: “Welcome to Windows 2000 Internet Services” IIS 5.0



OS Detection –Apache 1.3.11-1.3.26
Intitle: Test.Page.for.Apache seeing.this.instead


OS Detection-Apache SSL enable
Intitle: Test.page “SSL/TLS-aware” (127)



Search Passwords

Search the well known password filenames in URL
Search the database connection files or configuration files to find a password and username
Search specific username file for a specific product


Search Passwords

Inurl: etc inurl: passwd



Search Passwords

Intitle: “Index of..etc” passwd


Search Passwords

Intitle: “Index of..etc” passwd


Search Passwords

Inurl: admin.pwd filetype: pwd


Search Passwords

Filetype: inc dbconn





Search Passwords

Filetype: inc intext: mysql_connect




Search Passwords

Filetype: ini +ws_ftp +pwd (get the encrypted passwords)





Search Passwords

Filetype: log inurl: “password.log”




Search Username
+intext: "webalizer" +intext: “Total Usernames” +intext: “Usage Statistics for”


License Key
Filetype: lic lic intext: key (33) (license key)


Sensitive Directories Listing
Powerful buzz word: Index of
Search the well known vulnerable directories names



Sensitive Directories Listing
“index of cgi-bin” (3590)



Sensitive Directories Listing
Intitle: “Index of” cfide (coldfusion directory)


Sensitive Directories Listing
Intitle: index.of.winnt


Get the serial number you need ! (For Certain Things)

1) Go to Google.

2) Use Keyword as "Product name" 94FBR

3) Where, "Product Name" is the name of the item you want to find the serial number for.

4) And voila - there you go - the serial number you needed.

HOW DOES THIS WORK?

Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.

See these example searches:

Code:


"Photoshop 7"+94FBR
"Age of Mythology"+94FBR
"Nero Burning Rom 5.5"+94FBR