#1
|
||||
|
||||
Google fun
Text: google fun and "fundamental flaws
Author: Caffeine Overlord ================================================== ======== section 1: tools ================================================== ======== #1: calculator, google added this tool fairly rescently example 9*.09 LINK= http://www.google.com/search?source...F-8&q=9%2A%2E09 or http://www.google.com/search?source...+in+tablespoons and even http://www.google.com/search?hl=en&...arth+% 5E+2%29 #2: language tool translates/domains for other countrys http://www.google.com/language_tools #3: The powerful google API, create your own key today and start making your own advanced search options using googles extremely powerful API http://www.google.com/apis/ #4: google cacheing, they cache listed sites so if the site is down try viewing the cache example cache:hackers.com a nice tool to view old cached sites is http://archive.org (thanks fish for the link) #5:http://www.buzztoolbox.com/google/ this site contains numerous different interesting tools defenitely check them out #6:google viewer a great tool that allows you to view a slide show that reloads next page in results every few seconds till you find what you want-- http://labs.google.com/gviewer.html ================================================== ======== Section 2: google services ================================================== ======== #1: froogle --> http://froogle.google.com/ #2: answers--> http://answers.google.com/answers/main #3: catalogues--> http://catalogs.google.com/ #4: groups--> http://groups.google.com/ #5: images--> http://images.google.com/ #6: labs--> http://labs.google.com/ #7: news--> http://news.google.com/ #8: specific search--> http://www.google.com/options/specialsearches.html #9: university search--> http://www.google.com/options/universities.html #10: wireless--> http://www.google.com/options/wireless.html ================================================== ======== section 3: search options ================================================== ======== #1 advanced filetype search's http://www.google.com/help/faq_filetypes.html example: "filetype:pdf hacking" enter that into search and it will find all coresponding pdf files listed in the search hacking. other file types of interest are: Adobe Portable Document Format (pdf) Adobe PostScript (ps) Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku) Lotus WordPro (lwp) MacWrite (mw) Microsoft Excel (xls) Microsoft PowerPoint (ppt) Microsoft Word (doc) Microsoft Works (wks, wps, wdb) Microsoft Write (wri) Rich Text Format (rtf) Text (ans, txt) microsoft db (mdb) database (db) #2:listing specific sites ------------------------- ie gov, edu etc... say you wanted to search military sites for specific pdf documents containing the words top secret, to do this we well mix a few different options to get the best results. syntax: "site:mil top secret" this outputs this search: http://www.google.com/search?source...Apdf+top+secret #3:Synonym Search ------------------ Another powerful search option would be to use the ~ (tildy) symbol to search for synonyms of a word(for those of you whom never passed english a synonym is basicly just words that have the same meaning). example: ~hacker #4:similar pages ----------------- once you have made a search and are viewing the results under each one there is a text link titled "similar pages" it will odviously take you to other like pages. "related:www.hackers.com" #5:stocks ---------- if you input a stock ticker google recognizes, just enter either NYSE, NASDAQ, AMEX, or the corresponding ticker symbols, or even the name of a corporation traded on one of the stock indices. #6:street maps/phone numbers -------------- to find a map to an adress simply enter the adress into the search bar google's example: "165 University Ave Palo Alto CA" replace this with a name or a buisness to get a phone# at the very top of returned results will be link to mapquest. you can even enter two points and it will tell you how to get from point a to point b. google provides a full listing with an address, phone number and a link to a map. google will also do reverse lookups on numbers, just enter a number and search. #7:linked sites --------------- if your interesting in finding out who has linked to your site this comes in handy example: this search "link:hackers.com" will output sites linked to hackers.com. #8:recipe search ---------------- to search google for recipes use this search "recipe: chicken" that searches google for chicken recipes. #9:extra operators: ------------------- there are numerous operators view them here: http://www.google.com/help/refinesearch.html 10#:Search All the Sites on a Subject ------------------------------------- "allinURL:hackers" this would find all the sites with hackers in there url ================================================== ======== section 4: cool google tricks ================================================== ======== #1:Google Zeitgeist - Search patterns, trends, and surprises according to Google http://www.google.com/press/zeitgeist.html #2:search google like th 31337 do http://www.google.com/intl/xx-hacker/ #3: ================================================== === section 5: google hacking fundamental flaws in google's indexing ================================================== === rescently i came across an article that gave some interesting examples of what you can do with google here are some examples: #1: i mentioned earlier that google allows you to search for certain filetypes this can be quite beneficial. an example might be db files or cfg files. mix those with interesting words like passwords, pwd, account, userid, uid, login, secret, top secret, private, etc.. you get the idea. example: "inurl:FBI.gov filetype:xls "top secret" this would search for excel spread sheets containing the words top secret in the url fbi.gov, im sure you can understand why this type of search might benefit a blackhat but since were white hats, if we were to find something wede report it immediately *cough* try mixxing this basic query with some different options like "index of" or site: example "site:theurl.com filetype:db "passwords" ---dont forget mdb #2: using google it isnt hard to search for exploitable web services example: an older phpbb v2.x.x that you know exploits exist for, google makes it easy as pie finding these sites. this goes for many different things like CMS tools like php nuke etc... #3:"index of" can be a dangerous search query for dumb webmasters that forget to protect there dir/ structure via .htaccess or some other method. example: "site:edu “index of” /admin" lol thats for all you disgruntled kids lol #4: interesting files to look for: find tons here: https://internetbankingaudits.com/l...erabilities.htm here are some more great query's: Footprinting: 1. "#mysql dump" filetype:sql <-this search will show you DB dumps from mySQL 2. "Host Vulnerability Summary Report" this will show you other peoples scans for vulnerabilities on there server. 3. "phpMyAdmin" "running on" inurl:"main.php" this should give more incentive for them to lock down there phpmyadmin panels. 4. "not for distribution" confidential <-- this one gets you a lot of different stuff, but thered a few gems in there. 5. "Request Details" "Control Tree" "Server Variables" <-- haha this one will get you a lot of great info, which will make auditing the target much easier. 6. "Running in Child mode" <--- this one is great if you want to target someone using the gnutell network. 7. "This report was generated by WebLog" <-- you have to love how much info weblog generates in its reports. 8. intitle:index.of cgiirc.config <-- as far as i know its a cgi based irc prog. this will give you everything from settings to passwords. 9. filetype:conf inurl:firewall -intitle:cvs <-- firewall config files 10. intitle:index.of finances.xls <--what makes people think of putting this stuff online? lol 11. intitle:"Index of" dbconvert.exe chats <-- icq chat logs statistics: 12. intext:"Tobias Oetiker" "traffic analysis" 13. intitle:"Usage Statistics for" "Generated by Webalizer" 14. intitle:"statistics of" "advanced web statistics" 15. intitle:index.of ws_ftp.ini <-- ws ftp config file, has pass's etc.. 16. inurl:ipsec.secrets "holds shared secrets" <-- its plain scary to see these not guarded. 17. inurl:main.php Welcome to phpMyAdmin <--another great 18. inurl:server-info "Apache Server Information" <-- gee let me think 19. site:edu admin grades <--- ROFL 20. "ORA-00921: unexpected end of SQL command" <--this error, gives you some great stuff like paths ok lets get to the meat and potatoes again, lol .:PASSWORDS:. 21. intitle:index.of trillian.ini 22. intitle:"Index of" pwd.db 23. intitle:index.of people.lst 24. intitle:index.of master.passwd 25. inurl:passlist.txt 26. intitle:"Index of" .mysql_history 27. intitle:"index of" intext:globals.inc 28. intitle:index.of administrators.pwd 29. intitle:Index.of etc shadow 30. intitle:index.of secring.pgp 31. inurl:config.php dbuname dbpass 32. inurl:perform filetype:ini 33. intitle:"index of" intext:connect.inc 34. intitle:"Index of" ".htpasswd" htpasswd.bak 35. intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c 36. filetype:htpasswd htpasswd 37. filetype:xls username password email 38. filetype:properties inurl:db intext:password 39. filetype:inc intext:mysql_connect 40. filetype:cfm "cfapplication name" password 41. intitle:index.of.etc 42. eggdrop filetype:user user 43. intitle:"Index of" config.php 44. allinurl:auth_user_file.txt Other sensative data: 45. "Network Host Assessment Report" "Internet Scanner" 46. "SnortSnarf alert page" 47. "This file was generated by Nessus" 48. "This report lists" "identified by Internet Scanner" 49. filetype:pdf "Assessment Report" nessus 50. inurl:phpSysInfo/ "created by phpsysinfo" 51. "Welcome to phpMyAdmin" AND " Create new database" 52. inurl:index.of.password 53. inurl:backup intitle:index.of inurl:admin 54. intitle:"Index of" cfide 55. "Welcome to Intranet" all of these can be used by simply copying them and pasting them into google. |
Onderwerp Opties | Zoek in onderwerp |
Weergave Modus | Stem op dit onderwerp: |
|
|
Soortgelijke onderwerpen | ||||
Onderwerp | Auteur | Forum | Reacties | Laatste Post |
Een must voor leerkrachten: Google Scholar | Wouter | RZL-Sprokkels | 0 | 19th November 2004 20:19 |