gosecure inc. 03/07/2007 · 2017. 6. 13. · gosecure inc. 03/07/2007 3 google search technique –...
TRANSCRIPT
![Page 1: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/1.jpg)
03/07/2007GoSecure Inc.
![Page 2: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/2.jpg)
03/07/2007GoSecure Inc.
Hacking with Google for fun and profit!
October 2004 Robert Masse & Jian Hui Wang
![Page 3: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/3.jpg)
03/07/2007GoSecure Inc.2
Agenda
Google Introduction & Features Google Search Technique Google Basic Operators Google Advanced Operators Google Hacking
Digging for “vulnerability gold” Identifying operating systems Vulnerability scanning Proxying
Protect your information from Google
![Page 4: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/4.jpg)
03/07/2007GoSecure Inc.3
Google Search Technique– Just put the word and run the search
You need to audit your Internet presence– One database, Google almost has it all!
One of the most powerful databases in the world Consolidate a lot of info Usage:
– Student …– Business … – Al’Qaeda …
One stop shop for attack, maps, addresses, photos, technical information
Google Hacking
![Page 5: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/5.jpg)
03/07/2007GoSecure Inc.4
![Page 6: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/6.jpg)
03/07/2007GoSecure Inc.5
Google Advance Search– A little more sophisticated ……
Google Hacking
![Page 7: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/7.jpg)
03/07/2007GoSecure Inc.6
![Page 8: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/8.jpg)
03/07/2007GoSecure Inc.7
Google Operators:– Operators are used to refine the results and to maximize
the search value. They are your tools as well as hackers’ weapons
Basic Operators: +, -, ~ , ., *, “”, |, OR Advanced Operators:
– allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange
Google Hacking
![Page 9: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/9.jpg)
03/07/2007GoSecure Inc.8
Basic Operators– (+) force inclusion of something common– Google ignores common words (where, how, digit, single
letters) by default: Example: StarStar Wars Episode +I– (-) exclude a search term
Example: apple –red– (“) use quotes around a search term to search exact
phrases: Example: “Robert Masse”
– Robert masse without “” has the 309,000 results, but “robert masse” only has 927 results. Reduce the 99% irrelevant results
Google Hacking
![Page 10: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/10.jpg)
03/07/2007GoSecure Inc.9
Basic Operators– (~) search synonym:
Example: ~food– Return the results about food as well as recipe, nutrition
and cooking information – ( . ) a single-character wildcard:
Example: m.trix– Return the results of M@trix, matrix, metrix…….– ( * ) any word wildcard
Google Hacking
![Page 11: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/11.jpg)
03/07/2007GoSecure Inc.10
Advanced Operators: “Site:”– Site: Domain_name– Find Web pages only on the specified domain. If we
search a specific site, usually we get the Web structure of the domain
– Examples: site:ca site:gosecure.ca site:www.gosecure.ca
Google Hacking
![Page 12: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/12.jpg)
03/07/2007GoSecure Inc.11
4. Google Hacking
![Page 13: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/13.jpg)
03/07/2007GoSecure Inc.12
Advanced Operators: “Filetype:”– Filetype: extension_type– Find documents with specified extensions– The supported extensions are:- HyperText Markup Language (html) - Microsoft PowerPoint (ppt) - Adobe Portable Document Format (pdf) - Microsoft Word (doc) - Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb) - Lotus 1-2-3 - Microsoft Excel (xls) (wk1, wk2, wk3, wk4, wk5, wki, wks, wku) - Microsoft Write (wri) - Lotus WordPro (lwp) - Rich Text Format (rtf) - MacWrite (mw) - Shockwave Flash (swf) - Text (ans, txt)
– Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible.
Example: Budget filetype: xls
Google Hacking
![Page 14: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/14.jpg)
03/07/2007GoSecure Inc.13
Advanced Operators – A budget file we found …….
Google Hacking
![Page 15: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/15.jpg)
03/07/2007GoSecure Inc.14
![Page 16: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/16.jpg)
03/07/2007GoSecure Inc.15
Advanced Operators “Intitle:”– Intitle: search_term – Find search term within the title of a Webpage– Allintitle: search_term1 search_term2 search_term3– Find multiple search terms in the Web pages with the
title that includes all these words– These operators are specifically useful to find the
directory lists– Example:
Find directory list: Intitle: Index.of “parent directory”
Google Hacking
![Page 17: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/17.jpg)
03/07/2007GoSecure Inc.16
![Page 18: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/18.jpg)
03/07/2007GoSecure Inc.17
Advanced Operators “Inurl:”– Inurl: search_term– Find search term in a Web address– Allinurl: search_term1 search_term2 search_term3– Find multiple search terms in a Web address – Examples:
Inurl: cgi-bin Allinurl: cgi-bin password
Google Hacking
![Page 19: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/19.jpg)
03/07/2007GoSecure Inc.18
![Page 20: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/20.jpg)
03/07/2007GoSecure Inc.19
Advanced Operators “Intext;”– Intext: search_term– Find search term in the text body of a document.– Allintext: search_term1 search_term2 search_term3– Find multiple search terms in the text body of a
document.– Examples:
Intext: Administrator login Allintext: Administrator login
Google Hacking
![Page 21: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/21.jpg)
03/07/2007GoSecure Inc.20
![Page 22: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/22.jpg)
03/07/2007GoSecure Inc.21
Advanced Operators: “Cache:”– Cache: URL– Find the old version of Website in Google cache– Sometimes, even the site has already been updated, the
old information might be found in cache– Examples:
Cache: www.gosecure.com
Google Hacking
![Page 23: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/23.jpg)
03/07/2007GoSecure Inc.22
![Page 24: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/24.jpg)
03/07/2007GoSecure Inc.23
Advanced Operators – <number1>..<number2>– Conduct a number range search by specifying two
numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents
– Examples: Computer $500..1000 DVD player $250..350
Google Hacking
![Page 25: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/25.jpg)
03/07/2007GoSecure Inc.24
![Page 26: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/26.jpg)
03/07/2007GoSecure Inc.25
Advanced Operators: “Daterange:”– Daterange: <start_date>-<end date> – Find the Web pages between start date and end date– Note: start_date and end date use the Julian date– The Julian date is calculated by the number of days
since January 1, 4713 BC. For example, the Julian date for August 1, 2001 is 2452122
– Examples: 2004.07.10=2453196
2004.08.10=2453258– Vulnerabilities date range: 2453196-2453258
Google Hacking
![Page 27: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/27.jpg)
03/07/2007GoSecure Inc.26
![Page 28: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/28.jpg)
03/07/2007GoSecure Inc.27
Advanced Operators “Link:”– Link: URL– Find the Web pages having a link to the specified URL– Related: URL– Find the Web pages that are “similar” to the specified Web page– info: URL – Present some information that Google has about that Web page– Define: search_term– Provide a definition of the words gathered from various online
sources– Examples:
Link: gosecure.ca Related: gosecure.ca Info: gosecure.ca
Google Hacking
![Page 29: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/29.jpg)
03/07/2007GoSecure Inc.28
![Page 30: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/30.jpg)
03/07/2007GoSecure Inc.29
![Page 31: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/31.jpg)
03/07/2007GoSecure Inc.30
![Page 32: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/32.jpg)
03/07/2007GoSecure Inc.31
![Page 33: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/33.jpg)
03/07/2007GoSecure Inc.32
Advanced Operators “phonebook:”– Phonebook – Search the entire Google phonebook – rphonebook – Search residential listings only – bphonebook – Search business listings only – Examples:
Phonebook: robert las vegas (robert in Las Vegas) Phonebook: (702) 944-2001 (reverse search, not always work) The phonebook is quite limited to U.S.A
Google Hacking
![Page 34: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/34.jpg)
03/07/2007GoSecure Inc.33
![Page 35: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/35.jpg)
03/07/2007GoSecure Inc.34
![Page 36: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/36.jpg)
03/07/2007GoSecure Inc.35
Google, Friend or Enemy?– Google is everyone’s best friend (yours or hackers)– Information gathering and vulnerability identification
are the tasks in the first phase of a typical hacking scenario
– Passitive, stealth and huge data collection– Google can do more than search– Have you used Google to audit your organization
today?
Google Hacking
![Page 37: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/37.jpg)
03/07/2007GoSecure Inc.36
What can Google can do for a hacker?– Search sensitive information like payroll, SIN, even
the personal email box– Vulnerabilities scanner– Transparent proxy
Google Hacking
![Page 38: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/38.jpg)
03/07/2007GoSecure Inc.37
Salary – Salary filetype: xls site: edu
Google Hacking
![Page 39: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/39.jpg)
03/07/2007GoSecure Inc.38
![Page 40: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/40.jpg)
03/07/2007GoSecure Inc.39
Security social insurance number– Intitle: Payroll intext: ssn filetype: xls site: edu
Google Hacking
![Page 41: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/41.jpg)
03/07/2007GoSecure Inc.40
![Page 42: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/42.jpg)
03/07/2007GoSecure Inc.41
Security Social Insurance Number– Payroll intext: Employee intext: ssn iletype: xls
Google Hacking
![Page 43: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/43.jpg)
03/07/2007GoSecure Inc.42
![Page 44: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/44.jpg)
03/07/2007GoSecure Inc.43
Financial Information– Filetype: xls “checking account” “credit card” -
intext: Application -intext: Form (only 39 results)
Google Hacking
![Page 45: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/45.jpg)
03/07/2007GoSecure Inc.44
![Page 46: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/46.jpg)
03/07/2007GoSecure Inc.45
Financial Information– Intitle: “Index of” finances.xls (9)
Google Hacking
![Page 47: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/47.jpg)
03/07/2007GoSecure Inc.46
![Page 48: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/48.jpg)
03/07/2007GoSecure Inc.47
Personal Mailbox– Intitle: Index.of inurl: Inbox (456) (mit mailbox)
Google Hacking
![Page 49: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/49.jpg)
03/07/2007GoSecure Inc.48
![Page 50: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/50.jpg)
03/07/2007GoSecure Inc.49
Personal Mailbox– After several clicks , got the private email
messages
Google Hacking
![Page 51: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/51.jpg)
03/07/2007GoSecure Inc.50
![Page 52: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/52.jpg)
03/07/2007GoSecure Inc.51
Personal Mailbox– Intitle: Index.of inurl: Inbox (inurl: User OR
inurl: Mail) (220)
Google Hacking
![Page 53: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/53.jpg)
03/07/2007GoSecure Inc.52
![Page 54: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/54.jpg)
03/07/2007GoSecure Inc.53
Confidential Files– “not for distribution” confidential (1,760)
Google Hacking
![Page 55: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/55.jpg)
03/07/2007GoSecure Inc.54
![Page 56: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/56.jpg)
03/07/2007GoSecure Inc.55
Confidential Files– “not for distribution” confidential filetype: pdf
(marketing info) (456)
Google Hacking
![Page 57: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/57.jpg)
03/07/2007GoSecure Inc.56
![Page 58: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/58.jpg)
03/07/2007GoSecure Inc.57
OS Detection Use the keywords of the default installation page
of a Web server to search. Use the title to search Use the footer in a directory index page
Google Hacking
![Page 59: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/59.jpg)
03/07/2007GoSecure Inc.58
OS Detection-Windows– “Microsoft-IIS/5.0 server at”
Google Hacking
![Page 60: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/60.jpg)
03/07/2007GoSecure Inc.59
![Page 61: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/61.jpg)
03/07/2007GoSecure Inc.60
OS Detection - Windows– Default web page?– Intitle: “Welcome to Windows 2000 Internet Services”
Google Hacking
![Page 62: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/62.jpg)
03/07/2007GoSecure Inc.61
![Page 63: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/63.jpg)
03/07/2007GoSecure Inc.62
OS Detection –Apache 1.3.11-1.3.26– Intitle: Test.Page.for.Apache seeing.this.instead
Google Hacking
![Page 64: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/64.jpg)
03/07/2007GoSecure Inc.63
![Page 65: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/65.jpg)
03/07/2007GoSecure Inc.64
OS Detection-Apache SSL enable– Intitle: Test.page “SSL/TLS-aware” (127)
Google Hacking
![Page 66: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/66.jpg)
03/07/2007GoSecure Inc.65
![Page 67: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/67.jpg)
03/07/2007GoSecure Inc.66
Search Passwords– Search the well known password filenames in URL– Search the database connection files or
configuration files to find a password and username– Search specific username file for a specific product
Google Hacking
![Page 68: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/68.jpg)
03/07/2007GoSecure Inc.67
Search Passwords– Inurl: etc inurl: passwd
![Page 69: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/69.jpg)
03/07/2007GoSecure Inc.68
![Page 70: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/70.jpg)
03/07/2007GoSecure Inc.69
![Page 71: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/71.jpg)
03/07/2007GoSecure Inc.70
Search Passwords– Intitle: “Index of..etc” passwd
Google Hacking
![Page 72: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/72.jpg)
03/07/2007GoSecure Inc.71
![Page 73: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/73.jpg)
03/07/2007GoSecure Inc.72
Search Passwords – "# -FrontPage-" inurl: service.pwd (then crack it)
Google Hacking
![Page 74: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/74.jpg)
03/07/2007GoSecure Inc.73
![Page 75: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/75.jpg)
03/07/2007GoSecure Inc.74
Search Passwords– Inurl: admin.pwd filetype: pwd
Google Hacking
![Page 76: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/76.jpg)
03/07/2007GoSecure Inc.75
![Page 77: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/77.jpg)
03/07/2007GoSecure Inc.76
Search Passwords– Filetype: inc dbconn
Google Hacking
![Page 78: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/78.jpg)
03/07/2007GoSecure Inc.77
![Page 79: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/79.jpg)
03/07/2007GoSecure Inc.78
Search Passwords– Filetype: inc intext: mysql_connect
Google Hacking
![Page 80: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/80.jpg)
03/07/2007GoSecure Inc.79
![Page 81: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/81.jpg)
03/07/2007GoSecure Inc.80
Search Passwords– Filetype: ini +ws_ftp +pwd (get the encrypted
passwords)
Google Hacking
![Page 82: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/82.jpg)
03/07/2007GoSecure Inc.81
![Page 83: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/83.jpg)
03/07/2007GoSecure Inc.82
Search Passwords– Filetype: log inurl: “password.log”
Google Hacking
![Page 84: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/84.jpg)
03/07/2007GoSecure Inc.83
![Page 85: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/85.jpg)
03/07/2007GoSecure Inc.84
Search Username– +intext: "webalizer" +intext: “Total Usernames” +intext:
“Usage Statistics for”
Google Hacking
![Page 86: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/86.jpg)
03/07/2007GoSecure Inc.85
![Page 87: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/87.jpg)
03/07/2007GoSecure Inc.86
License Key– Filetype: lic lic intext: key (33) (license key)
Google Hacking
![Page 88: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/88.jpg)
03/07/2007GoSecure Inc.87
![Page 89: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/89.jpg)
03/07/2007GoSecure Inc.88
Cookies Syntax– Filetype: inc inc intext: setcookie -cvs -examples -
sourceforge -site: php.net (120) (cookie schema)
Google Hacking
![Page 90: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/90.jpg)
03/07/2007GoSecure Inc.89
![Page 91: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/91.jpg)
03/07/2007GoSecure Inc.90
Sensitive Directories Listing– Powerful buzz word: Index of – Search the well known vulnerable directories names
Google Hacking
![Page 92: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/92.jpg)
03/07/2007GoSecure Inc.91
Sensitive Directories Listing– “index of cgi-bin” (3590)
Google Hacking
![Page 93: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/93.jpg)
03/07/2007GoSecure Inc.92
![Page 94: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/94.jpg)
03/07/2007GoSecure Inc.93
Sensitive Directories Listing– Intitle: “Index of” cfide (coldfusion directory)
Google Hacking
![Page 95: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/95.jpg)
03/07/2007GoSecure Inc.94
![Page 96: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/96.jpg)
03/07/2007GoSecure Inc.95
Sensitive Directories Listing– Intitle: index.of.winnt
Google Hacking
![Page 97: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/97.jpg)
03/07/2007GoSecure Inc.96
![Page 98: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/98.jpg)
03/07/2007GoSecure Inc.97
Sensitive Directories Listing– Intitle: “index of” iissamples (dangeous iissamples)
(32)
Google Hacking
![Page 99: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/99.jpg)
03/07/2007GoSecure Inc.98
![Page 100: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/100.jpg)
03/07/2007GoSecure Inc.99
Sensitive Directories Listing– Inurl: iissamples (1080)
Google Hacking
![Page 101: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/101.jpg)
03/07/2007GoSecure Inc.100
![Page 102: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/102.jpg)
03/07/2007GoSecure Inc.101
Database Manipulation– Different database applications leave different signatures
on the database files
Google Hacking
![Page 103: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/103.jpg)
03/07/2007GoSecure Inc.102
Database Manipulation– “Welcome to phpMyAdmin” AND “Create new
database” -intext: “No Priviledge” (find a page that might have privilege to update mysql)
Google Hacking
![Page 104: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/104.jpg)
03/07/2007GoSecure Inc.103
![Page 105: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/105.jpg)
03/07/2007GoSecure Inc.104
Database Manipulation– “Welcome to phpMyAdmin” AND “Create new
database” (after several hits, we got this)
Google Hacking
![Page 106: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/106.jpg)
03/07/2007GoSecure Inc.105
![Page 107: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/107.jpg)
03/07/2007GoSecure Inc.106
Database Manipulation– “Select a database to view” intitle: “filemaker
pro” (94) Filemaker
Google Hacking
![Page 108: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/108.jpg)
03/07/2007GoSecure Inc.107
![Page 109: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/109.jpg)
03/07/2007GoSecure Inc.108
Database Manipulation– After several clicks and you can query the table
Google Hacking
![Page 110: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/110.jpg)
03/07/2007GoSecure Inc.109
![Page 111: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/111.jpg)
03/07/2007GoSecure Inc.110
Database Manipulation– “# Dumping data for table (username|user|users|
password)” -site: mysql.com –cvs (289) (backup data of mysqldump)
Google Hacking
![Page 112: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/112.jpg)
03/07/2007GoSecure Inc.111
![Page 113: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/113.jpg)
03/07/2007GoSecure Inc.112
Database Manipulation– “# Dumping data for table (username|user|users|
password)” –site: mysql.com -cvs
Google Hacking
![Page 114: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/114.jpg)
03/07/2007GoSecure Inc.113
![Page 115: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/115.jpg)
03/07/2007GoSecure Inc.114
Database Manipulation– “# Dumping data for table (username|user|users|
password)” -site: mysql.com –cvs
Google Hacking
![Page 116: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/116.jpg)
03/07/2007GoSecure Inc.115
![Page 117: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/117.jpg)
03/07/2007GoSecure Inc.116
Sensitive System Information– Network security reports have lists of vulnerabilities for
your system– Configuration files often contain the application
parameters inventory
Google Hacking
![Page 118: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/118.jpg)
03/07/2007GoSecure Inc.117
Network Security Report (ISS)– “Network Host Assessment Report” “Internet
Scanner” (iss report) (13)
Google Hacking
![Page 119: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/119.jpg)
03/07/2007GoSecure Inc.118
![Page 120: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/120.jpg)
03/07/2007GoSecure Inc.119
Network Security Report (ISS)– “Host Vulnerability Summary Report” (ISS report) (25)
Google Hacking
![Page 121: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/121.jpg)
03/07/2007GoSecure Inc.120
![Page 122: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/122.jpg)
03/07/2007GoSecure Inc.121
Network Security Report (nessus)– “This file was generated by Nessus” || intitle:”Nessus
Scan Report” -site:nessus.org (185)
Google Hacking
![Page 123: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/123.jpg)
03/07/2007GoSecure Inc.122
![Page 124: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/124.jpg)
03/07/2007GoSecure Inc.123
Network Scanner Report (Snort)– “SnortSnarf alert page” (15,500)
Google Hacking
![Page 125: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/125.jpg)
03/07/2007GoSecure Inc.124
![Page 126: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/126.jpg)
03/07/2007GoSecure Inc.125
Network Security Report (Snort)– Intitle: “Analysis Console for Intrusion Databases”
+intext:”by Roman Danyliw” inurl:acid/acid_main.php (13 results, acid alert database)
Google Hacking
![Page 127: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/127.jpg)
03/07/2007GoSecure Inc.126
![Page 128: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/128.jpg)
03/07/2007GoSecure Inc.127
Configuration Files (robots.txt)– (inurl: “robot.txt” | inurl: “robots.txt”) intext:disallow
filetype:txt– Robots.txt means to protect you privacy from crawlers– But allows you to determine the file system architecture
Google Hacking
![Page 129: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/129.jpg)
03/07/2007GoSecure Inc.128
![Page 130: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/130.jpg)
03/07/2007GoSecure Inc.129
A vulnerable targets scanning example– Get the new vulnerabilities from advisory– Find the signature from vendor Website– Google search to find the targets– Perform further malicious actions
Google Hacking
![Page 131: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/131.jpg)
03/07/2007GoSecure Inc.130
An advisory looks like……
Google Hacking
![Page 132: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/132.jpg)
03/07/2007GoSecure Inc.131
![Page 133: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/133.jpg)
03/07/2007GoSecure Inc.132
Vendor Website Information
Google Hacking
![Page 134: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/134.jpg)
03/07/2007GoSecure Inc.133
![Page 135: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/135.jpg)
03/07/2007GoSecure Inc.134
Google search……– Inurl: smartguestbook.asp
Google Hacking
![Page 136: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/136.jpg)
03/07/2007GoSecure Inc.135
![Page 137: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/137.jpg)
03/07/2007GoSecure Inc.136
The victim’s Website
Google Hacking
![Page 138: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/138.jpg)
03/07/2007GoSecure Inc.137
![Page 139: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/139.jpg)
03/07/2007GoSecure Inc.138
Download the database…… Game over
Google Hacking
![Page 140: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/140.jpg)
03/07/2007GoSecure Inc.139
![Page 141: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/141.jpg)
03/07/2007GoSecure Inc.140
Transparent Proxy– Normal surfing on www.myip.nu
Google Hacking
![Page 142: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/142.jpg)
03/07/2007GoSecure Inc.141
![Page 143: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/143.jpg)
03/07/2007GoSecure Inc.142
Transparent Proxy– When we use Google translation tool to surf
www.myip.nu
Google Hacking
![Page 144: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/144.jpg)
03/07/2007GoSecure Inc.143
![Page 145: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/145.jpg)
03/07/2007GoSecure Inc.144
Google Automated Scanning– Google doesn’t like the idea about automating Google
scan. They issue a free licence limited to 1000 queries/day to Google
– Gooscan– Gooscan is a UNIX (Linux/BSD/Mac OS X) tool that
automates queries against Google search appliances, which helps to do the external vulnerability assessment. For more information about this tool, including the ethical implications of its use. See: http://johnny.ihackstuff.com
Google Hacking
![Page 146: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/146.jpg)
03/07/2007GoSecure Inc.145
Google Automated Tools– SiteDigger – SiteDigger searches Google’s cache to look for
vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on Web sites. See: http://www.foundstone.com
Google Hacking
![Page 147: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/147.jpg)
03/07/2007GoSecure Inc.146
![Page 148: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/148.jpg)
03/07/2007GoSecure Inc.147
Google Automated Tools– Athena– Another Google query tool. It supports an open XML
configuration format to support multiple search engines (not just Google)
Google Hacking
![Page 149: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/149.jpg)
03/07/2007GoSecure Inc.148
![Page 150: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/150.jpg)
03/07/2007GoSecure Inc.149
Google Materials– Googledorks– The famous Google Hack Website, it has many different
examples of unbelievable things: http://johnny.ihackstuff.com.
Google Hacking
![Page 151: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/151.jpg)
03/07/2007GoSecure Inc.150
![Page 152: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/152.jpg)
03/07/2007GoSecure Inc.151
Google Hacking
![Page 153: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/153.jpg)
03/07/2007GoSecure Inc.152
Google Materials– Freshgoo– Search Google for the page published on today, yesterday,
within the last seven days or last 30 days: http://www.freshgoo.com/index.php
Google Hacking
![Page 154: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/154.jpg)
03/07/2007GoSecure Inc.153
![Page 155: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/155.jpg)
03/07/2007GoSecure Inc.154
Protect Your Data– Keep patching your systems and applications– Keep your sensitive data off the Web apply authentication
– (RSA, Clienless VPN)– Disable directory browsing– Google hack your Website– Consider removing your site from Google's index: http://www.google.com/remove.html.– Use a robots.txt file to against Web crawlers: http://www.robotstxt.org.
Google Hacking
![Page 156: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/156.jpg)
03/07/2007GoSecure Inc.155
Google APIS:www.google.com/apisRemove:http://www.google.com/remove.htmlGoogledorks:http://johnny.ihackstuff.com/O’reilly Google Hack:http://www.oreilly.com/catalog/googlehks/Google Hack Presentation, Jonhnny Long:http://johnny.ihackstuff.com/modules.php?op=modload&name= ownloads&file=index&req=viewdownload&cid=1“Autism: Using google to hack:www.smart-dev.com/texts/google.txt“Google: Net Hacker Tool du Jour: http://www.wired.com/news/infostructure/0,1377,57897,00.html
Google Hacking References
![Page 157: GoSecure Inc. 03/07/2007 · 2017. 6. 13. · GoSecure Inc. 03/07/2007 3 Google Search Technique – Just put the word and run the search You need to audit your Internet presence –](https://reader034.vdocuments.us/reader034/viewer/2022052520/6092681ed8cbff27883ae695/html5/thumbnails/157.jpg)
03/07/2007GoSecure Inc.156
Contact Information:
Robert [email protected]
407 McGill, suite 900Montréal, Québec, CanadaH2Y 2G2
514-287-7427