How To: Hacking With Google

17 08 2006

All Credit Goes To – johnny.ihackstuff.com

With advanced search options like inurl:, intitle: etc etc. and a smidge of patience you can find some interesting information. It takes a minute or two to learn the basics of being a google dork, but from there you can find ALOT of things to h@ck.

For now, follow the links. Play around. Its that simple. You will learn by doing.

Advisories and Vulnerabilities (200)
These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.
Error Messages (68)
Really retarded error messages that say WAY too much!
Files containing juicy info (229)
No usernames or passwords, but interesting stuff none the less.
Files containing passwords (133)
PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!
Files containing usernames (14)
These files contain usernames, but no passwords… Still, google finding usernames on a web site..
Footholds (21)
Examples of queries that can help a hacker gain a foothold into a web server
Pages containing login portals (222)
These are login pages for various services. Consider them the front door of a website’s more sensitive functions.
Pages containing network or vulnerability data (58)
These pages contain such things as firewall logs, honeypot logs, network information, IDS logs… all sorts of fun stuff!
Sensitive Directories (60)
Google’s collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!
Sensitive Online Shopping Info (9)
Examples of queries that can reveal online shopping info like customer data, suppliers, orders, creditcard numbers, credit card info, etc
Various Online Devices (179)
This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.
Vulnerable Files (56)
HUNDREDS of vulnerable files that Google can find on websites…
Vulnerable Servers (48)
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the “Vulnerable Files” section.
Web Server Detection (71)
These links demonstrate Google’s awesome ability to profile web servers..

It takes some time to find what you’re looking for but it pays off eventually. Patience is a virtue of a great hacker.

BTW – This is for the n00bs who need a leg up, old skool hackers need not apply.


Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: