Professional Documents
Culture Documents
profit!
October 2004
3
GoSecure Inc. 02/12/2004
4
GoSecure Inc. 02/12/2004
Google Hacking
5
GoSecure Inc. 02/12/2004
6
GoSecure Inc. 02/12/2004
Google Hacking
z Google Operators:
– Operators are used to refine the results and to maximize
the search value. They are your tools as well as hackers’
weapons
z Basic Operators:
+, -, ~ , ., *, “”, |, OR
z Advanced Operators:
– allintext:, allintitle:, allinurl:, bphonebook:, cache:,
define:, filetype:, info:, intext:, intitle:, inurl:, link:,
phonebook:, related:, rphonebook:, site:, numrange:,
daterange
7
GoSecure Inc. 02/12/2004
Google Hacking
z Basic Operators
– (+) force inclusion of something common
– Google ignores common words (where, how, digit, single
letters) by default:
Example: StarStar Wars Episode +I
– (-) exclude a search term
Example: apple –red
– (“) use quotes around a search term to search exact
phrases:
Example: “Robert Masse”
– Robert masse without “” has the 309,000 results, but
“robert masse” only has 927 results. Reduce the 99%
irrelevant results
8
GoSecure Inc. 02/12/2004
Google Hacking
z Basic Operators
– (~) search synonym:
Example: ~food
– Return the results about food as well as recipe, nutrition
and cooking information
– ( . ) a single-character wildcard:
Example: m.trix
– Return the results of M@trix, matrix, metrix…….
– ( * ) any word wildcard
9
GoSecure Inc. 02/12/2004
Google Hacking
10
GoSecure Inc. 02/12/2004
4. Google Hacking
11
GoSecure Inc. 02/12/2004
Google Hacking
12
GoSecure Inc. 02/12/2004
Google Hacking
z Advanced Operators
– A budget file we found …….
13
GoSecure Inc. 02/12/2004
14
GoSecure Inc. 02/12/2004
Google Hacking
15
GoSecure Inc. 02/12/2004
16
GoSecure Inc. 02/12/2004
Google Hacking
17
GoSecure Inc. 02/12/2004
18
GoSecure Inc. 02/12/2004
Google Hacking
19
GoSecure Inc. 02/12/2004
20
GoSecure Inc. 02/12/2004
Google Hacking
21
GoSecure Inc. 02/12/2004
22
GoSecure Inc. 02/12/2004
Google Hacking
z Advanced Operators
– <number1>..<number2>
– Conduct a number range search by specifying two
numbers, separated by two periods, with no spaces. Be
sure to specify a unit of measure or some other indicator
of what the number range represents
– Examples:
Computer $500..1000
DVD player $250..350
23
GoSecure Inc. 02/12/2004
24
GoSecure Inc. 02/12/2004
Google Hacking
25
GoSecure Inc. 02/12/2004
26
GoSecure Inc. 02/12/2004
Google Hacking
32
GoSecure Inc. 02/12/2004
33
GoSecure Inc. 02/12/2004
34
GoSecure Inc. 02/12/2004
Google Hacking
35
GoSecure Inc. 02/12/2004
Google Hacking
36
GoSecure Inc. 02/12/2004
Google Hacking
z Salary
– Salary filetype: xls site: edu
37
GoSecure Inc. 02/12/2004
38
GoSecure Inc. 02/12/2004
Google Hacking
39
GoSecure Inc. 02/12/2004
40
GoSecure Inc. 02/12/2004
Google Hacking
41
GoSecure Inc. 02/12/2004
42
GoSecure Inc. 02/12/2004
Google Hacking
z Financial Information
– Filetype: xls “checking account” “credit card” -
intext: Application -intext: Form (only 39 results)
43
GoSecure Inc. 02/12/2004
44
GoSecure Inc. 02/12/2004
Google Hacking
z Financial Information
– Intitle: “Index of” finances.xls (9)
45
GoSecure Inc. 02/12/2004
46
GoSecure Inc. 02/12/2004
Google Hacking
z Personal Mailbox
– Intitle: Index.of inurl: Inbox (456) (mit mailbox)
47
GoSecure Inc. 02/12/2004
48
GoSecure Inc. 02/12/2004
Google Hacking
z Personal Mailbox
– After several clicks , got the private email
messages
49
GoSecure Inc. 02/12/2004
50
GoSecure Inc. 02/12/2004
Google Hacking
z Personal Mailbox
– Intitle: Index.of inurl: Inbox (inurl: User OR
inurl: Mail) (220)
51
GoSecure Inc. 02/12/2004
52
GoSecure Inc. 02/12/2004
Google Hacking
z Confidential Files
– “not for distribution” confidential (1,760)
53
GoSecure Inc. 02/12/2004
54
GoSecure Inc. 02/12/2004
Google Hacking
z Confidential Files
– “not for distribution” confidential filetype: pdf
(marketing info) (456)
55
GoSecure Inc. 02/12/2004
56
GoSecure Inc. 02/12/2004
Google Hacking
z OS Detection
z Use the keywords of the default installation page
of a Web server to search.
z Use the title to search
z Use the footer in a directory index page
57
GoSecure Inc. 02/12/2004
Google Hacking
z OS Detection-Windows
– “Microsoft-IIS/5.0 server at”
58
GoSecure Inc. 02/12/2004
59
GoSecure Inc. 02/12/2004
Google Hacking
z OS Detection - Windows
– Default web page?
– Intitle: “Welcome to Windows 2000 Internet Services”
IIS 5.0
60
GoSecure Inc. 02/12/2004
61
GoSecure Inc. 02/12/2004
Google Hacking
62
GoSecure Inc. 02/12/2004
63
GoSecure Inc. 02/12/2004
Google Hacking
64
GoSecure Inc. 02/12/2004
65
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Search the well known password filenames in URL
– Search the database connection files or
configuration files to find a password and username
– Search specific username file for a specific product
66
GoSecure Inc. 02/12/2004
z Search Passwords
– Inurl: etc inurl: passwd
67
GoSecure Inc. 02/12/2004
68
GoSecure Inc. 02/12/2004
69
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Intitle: “Index of..etc” passwd
70
GoSecure Inc. 02/12/2004
71
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– "# -FrontPage-" inurl: service.pwd (then crack it)
72
GoSecure Inc. 02/12/2004
73
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Inurl: admin.pwd filetype: pwd
74
GoSecure Inc. 02/12/2004
75
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Filetype: inc dbconn
76
GoSecure Inc. 02/12/2004
77
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Filetype: inc intext: mysql_connect
78
GoSecure Inc. 02/12/2004
79
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Filetype: ini +ws_ftp +pwd (get the encrypted
passwords)
80
GoSecure Inc. 02/12/2004
81
GoSecure Inc. 02/12/2004
Google Hacking
z Search Passwords
– Filetype: log inurl: “password.log”
82
GoSecure Inc. 02/12/2004
83
GoSecure Inc. 02/12/2004
Google Hacking
z Search Username
– +intext: "webalizer" +intext: “Total Usernames” +intext:
“Usage Statistics for”
84
GoSecure Inc. 02/12/2004
85
GoSecure Inc. 02/12/2004
Google Hacking
z License Key
– Filetype: lic lic intext: key (33) (license key)
86
GoSecure Inc. 02/12/2004
87
GoSecure Inc. 02/12/2004
Google Hacking
z Cookies Syntax
– Filetype: inc inc intext: setcookie -cvs -examples -
sourceforge -site: php.net (120) (cookie schema)
88
GoSecure Inc. 02/12/2004
89
GoSecure Inc. 02/12/2004
Google Hacking
90
GoSecure Inc. 02/12/2004
Google Hacking
91
GoSecure Inc. 02/12/2004
92
GoSecure Inc. 02/12/2004
Google Hacking
93
GoSecure Inc. 02/12/2004
94
GoSecure Inc. 02/12/2004
Google Hacking
95
GoSecure Inc. 02/12/2004
96
GoSecure Inc. 02/12/2004
Google Hacking
97
GoSecure Inc. 02/12/2004
98
GoSecure Inc. 02/12/2004
Google Hacking
99
GoSecure Inc. 02/12/2004
100
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– Different database applications leave different signatures
on the database files
101
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “Welcome to phpMyAdmin” AND “Create new
database” -intext: “No Priviledge” (find a page that
might have privilege to update mysql)
102
GoSecure Inc. 02/12/2004
103
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “Welcome to phpMyAdmin” AND “Create new
database” (after several hits, we got this)
104
GoSecure Inc. 02/12/2004
105
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “Select a database to view” intitle: “filemaker pro”
(94) Filemaker
106
GoSecure Inc. 02/12/2004
107
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– After several clicks and you can query the table
108
GoSecure Inc. 02/12/2004
109
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “# Dumping data for table
(username|user|users|password)” -site: mysql.com –cvs
(289) (backup data of mysqldump)
110
GoSecure Inc. 02/12/2004
111
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “# Dumping data for table
(username|user|users|password)” –site: mysql.com -
cvs
112
GoSecure Inc. 02/12/2004
113
GoSecure Inc. 02/12/2004
Google Hacking
z Database Manipulation
– “# Dumping data for table
(username|user|users|password)” -site: mysql.com –cvs
114
GoSecure Inc. 02/12/2004
115
GoSecure Inc. 02/12/2004
Google Hacking
116
GoSecure Inc. 02/12/2004
Google Hacking
117
GoSecure Inc. 02/12/2004
118
GoSecure Inc. 02/12/2004
Google Hacking
119
GoSecure Inc. 02/12/2004
120
GoSecure Inc. 02/12/2004
Google Hacking
121
GoSecure Inc. 02/12/2004
122
GoSecure Inc. 02/12/2004
Google Hacking
123
GoSecure Inc. 02/12/2004
124
GoSecure Inc. 02/12/2004
Google Hacking
125
GoSecure Inc. 02/12/2004
126
GoSecure Inc. 02/12/2004
Google Hacking
127
GoSecure Inc. 02/12/2004
128
GoSecure Inc. 02/12/2004
Google Hacking
129
GoSecure Inc. 02/12/2004
Google Hacking
130
GoSecure Inc. 02/12/2004
131
GoSecure Inc. 02/12/2004
Google Hacking
132
GoSecure Inc. 02/12/2004
133
GoSecure Inc. 02/12/2004
Google Hacking
z Google search……
– Inurl: smartguestbook.asp
134
GoSecure Inc. 02/12/2004
135
GoSecure Inc. 02/12/2004
Google Hacking
136
GoSecure Inc. 02/12/2004
137
GoSecure Inc. 02/12/2004
Google Hacking
138
GoSecure Inc. 02/12/2004
139
GoSecure Inc. 02/12/2004
Google Hacking
z Transparent Proxy
– Normal surfing on www.myip.nu
140
GoSecure Inc. 02/12/2004
141
GoSecure Inc. 02/12/2004
Google Hacking
z Transparent Proxy
– When we use Google translation tool to surf
www.myip.nu
142
GoSecure Inc. 02/12/2004
143
GoSecure Inc. 02/12/2004
Google Hacking
144
GoSecure Inc. 02/12/2004
Google Hacking
145
GoSecure Inc. 02/12/2004
146
GoSecure Inc. 02/12/2004
Google Hacking
147
GoSecure Inc. 02/12/2004
148
GoSecure Inc. 02/12/2004
Google Hacking
z Google Materials
– Googledorks
– The famous Google Hack Website, it has many different
examples of unbelievable things:
http://johnny.ihackstuff.com.
149
GoSecure Inc. 02/12/2004
150
GoSecure Inc. 02/12/2004
Google Hacking
151
GoSecure Inc. 02/12/2004
Google Hacking
z Google Materials
– Freshgoo
– Search Google for the page published on today,
yesterday, within the last seven days or last 30 days:
http://www.freshgoo.com/index.php
152
GoSecure Inc. 02/12/2004
153
GoSecure Inc. 02/12/2004
Google Hacking
154
GoSecure Inc. 02/12/2004
Google Hacking References
Google APIS:
www.google.com/apis
Remove:
http://www.google.com/remove.html
Googledorks:
http://johnny.ihackstuff.com/
O’reilly Google Hack:
http://www.oreilly.com/catalog/googlehks/
Google Hack Presentation, Jonhnny Long:
http://johnny.ihackstuff.com/modules.php?op=modload&name=
ownloads&file=index&req=viewdownload&cid=1
“Autism: Using google to hack:
www.smart-dev.com/texts/google.txt
“Google: Net Hacker Tool du Jour:
http://www.wired.com/news/infostructure/0,1377,57897,00.html
155
GoSecure Inc. 02/12/2004
Contact Information:
Robert Masse
rmasse@gosecure.ca
www.GoSecure.ca
514-287-7427
888-287-7427 24h Emergency Hotline
156
GoSecure Inc. 02/12/2004