HACK THIS WAY

Your Guide to successful Hacking

  • Meta

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

  • Archives

«
»

Hack With Google

Posted by hackthisway on December 18, 2009

Reference: Google Hacking for Penetration Testers

Google as a hacking tool is generally used by hackers to locate random vulnerable targets and then they hack it for fun etc.  There are a lot of webservers  that have old unpatched  Operating Systems running. Many websites are defaced using very simple techniques. So, it is of utmost importance for the administrators to have their servers properly patched. I am presuming that you know advanced google searching techniques. Even if you don’t know, do a google search.

Search expressions in google can yield a plethora of information. We will now see Google helping us to locate Microsoft IIS  ( Internet Information Services ) servers.                                                                                                                                                                                                              Query Google for  :

intitle:”welcome to IIS 4.0”

Dissecting the search expression :

intitle:”welcome to IIS 4.0”

intitle means that Google will search for whatever words you tell it to in the title of a website. In this case you search for                     “welcome to IIS 4.0”.


IIS Server Version                             Query

Many                                                   intitle:”welcome to” intitle:internet IIS

Unknown                                             intitle:”Under construction” “does not currently have”

IIS 4.0                                                  intitle:”welcome to IIS 4.0”

IIS 4.0                                                  allintitle:Welcome to Windows NT 4.0 Option Pack

IIS 4.0                                                  allintitle:Welcome to Internet Information Server

IIS 5.0                                                  allintitle:Welcome to Windows 2000 Internet Services

IIS 6.0                                                  allintitle:Welcome to Windows XP Server Internet Services

What  attackers do after getting this info :

After locating the web server the attackers search for working exploits for the found version of the webserver and execute the exploits.

This is no rocket engineering.

You can locate different kind of web servers, default programs, network hardware, printers etc. using Google.

Search for Open Webcams:

Query:

inurl:/view.shtml
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210″
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1″ intext:”Open Menu”
intext:”MOBOTIX M10″ intext:”Open Menu”
intext:”MOBOTIX D10″ intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1″
intitle:”sony network camera snc-m1″
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console – Web Monitor”

Queries that Locate password Info:


filetype:netrc password netrc file may contain cleartext passwords

intitle:”Index of” passwords modified “Password” directories

inurl:/db/main.mdb

ASP-Nuke database files often contain passwords

filetype:bak inurl:”htaccess|passwd| shadow|htusers” usernames

BAK files referring to passwords

filetype:log “See `ipsec —copyright”

BARF log files reveal ipsec data

inurl:”calendarscript/users.txt”

CalenderScript passwords

inurl:ccbill filetype:log

CCBill log files may contain authentication Data

inurl:cgi-bin inurl:calendar.cfg

CGI Calendar (Perl) configuration file reveals information including passwords for the program.

inurl:chap-secrets -cvs chap-secrets

file may list usernames and passwords

[WFClient] Password= filetype:ica

Citrix WinFrame-Client may contain login Information

inurl:passlist.txt

Cleartext passwords. No decryption required!

intitle:index.of config.php

Config.php files

inurl:config.php dbuname dbpass

config.php files

inurl:server.cfg rcon password

Counter strike rcon passwords

This entry was posted on December 18, 2009 at 8:04 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Hack With Google”

  1. Emil Poythress said

    March 15, 2010 at 5:31 am

    Can I get a email with more info about this please!

    Reply

  2. hackthisway said

    March 15, 2010 at 6:01 am

    of course, but what info do u want ?

    Reply

  3. Abel said

    March 27, 2010 at 9:26 pm

    Hi this is abel from east africa. I really wanna become a hacker
    but I couldn’t get enought info about it so if you can please send me email about hacking in general and specially using google.Thank you.

    Reply

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»