1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google...

Discussion in 'Ethical hacking' started by vishal sharma, May 23, 2006.

  1. vishal sharma

    vishal sharma New Member

    Joined:
    Jul 23, 2004
    Messages:
    106
    Likes Received:
    6
    Trophy Points:
    0
    INTRO=========

    a week or so back i had an e-mail from a friend (FLW) asking me if i had any info on google search tips

    he was surprised on the amount of info available and open via google...this got me thinking , well i have seen many various search strings in several

    papers....so i thought i would put them all together on the one page...and up-date as new one are discovered...



    *********************************************************************************************************************************************
    WARNING:::i hold no responsibility for what you do via the information supplied here...this is for educational purpose only , use at your own risk you have

    been warned
    *********************************************************************************************************************************************

    thanks

    ComSec aka ZSL


    SUMMERY=======

    Everyone knows google in the security sector...and what a powerful tool it is , just by entering certain search strings you can gain a vast amount of

    knowledge and information of your chosen target...often revealing sensitive data...this is all down to badly configured systems...brought on by sloppy

    administration allowing directory indexing and accessing , password files , log entrys , files , paths ,etc , etc


    Search Tips

    so how do we start ?

    the common search inputs below will give you an idea...for instance if you want to search for the an index of "root"

    in the search box put in exactly as you see it below

    ==================

    example 1:


    allintitle: "index of/root"


    result:

    http://www.google.com/search?hl=en&ie=ISO-8859-1&q=allintitle:+"index+of/root"&btnG=Google+Search

    what it reveals is 2,510 pages that you can possible browse at your will...

    ====================

    example 2


    inurl:"auth_user_file.txt"

    http://www.google.com/search?num=10...inurl:"auth_user_file.txt"&btnG=Google+Search

    this result spawned 414 possible files to access

    here is an actual file retrieved from a site and edited , we know who the admin is and we have the hashes thats a job for JTR (john the ripper)

    txUKhXYi4xeFs|master|admin|Worasit|Junsawang|xxx@xxx|on
    qk6GaDj9iBfNg|tomjang||Bug|Tom|xxx@xxx|on

    with the many variations below it should keep you busy for a long time mixing them reveals many different permutations

    *************************************

    SEARCH PATHS....... more to be added

    *************************************

    "Index of /admin"
    "Index of /password"
    "Index of /mail"
    "Index of /" +passwd
    "Index of /" +password.txt
    "Index of /" +.htaccess
    index of ftp +.mdb allinurl:/cgi-bin/ +mailto

    administrators.pwd.index
    authors.pwd.index
    service.pwd.index
    filetype:config web
    gobal.asax index

    allintitle: "index of/admin"
    allintitle: "index of/root"
    allintitle: sensitive filetype:doc
    allintitle: restricted filetype :mail
    allintitle: restricted filetype:doc site:gov

    inurl:passwd filetype:txt
    inurl:admin filetype:db
    inurl:iisadmin
    inurl:"auth_user_file.txt"
    inurl:"wwwroot/*."


    top secret site:mil
    confidential site:mil

    allinurl: winnt/system32/ (get cmd.exe)
    allinurl:/bash_history

    intitle:"Index of" .sh_history
    intitle:"Index of" .bash_history
    intitle:"index of" passwd
    intitle:"index of" people.lst
    intitle:"index of" pwd.db
    intitle:"index of" etc/shadow
    intitle:"index of" spwd
    intitle:"index of" master.passwd
    intitle:"index of" htpasswd
    intitle:"index of" members OR accounts
    intitle:"index of" user_carts OR user_cart

    ALTERNATIVE INPUTS====================

    _vti_inf.html
    service.pwd
    users.pwd
    authors.pwd
    administrators.pwd
    shtml.dll
    shtml.exe
    fpcount.exe
    default.asp
    showcode.asp
    sendmail.cfm
    getFile.cfm
    imagemap.exe
    test.bat
    msadcs.dll
    htimage.exe
    counter.exe
    browser.inc
    hello.bat
    default.asp\
    dvwssr.dll
    cart32.exe
    add.exe
    index.jsp
    SessionServlet
    shtml.dll
    index.cfm
    page.cfm
    shtml.exe
    web_store.cgi
    shop.cgi
    upload.asp
    default.asp
    pbserver.dll
    phf
    test-cgi
    finger
    Count.cgi
    jj
    php.cgi
    php
    nph-test-cgi
    handler
    webdist.cgi
    webgais
    websendmail
    faxsurvey
    htmlscript
    perl.exe
    wwwboard.pl
    www-sql
    view-source
    campas
    aglimpse
    glimpse
    man.sh
    AT-admin.cgi
    AT-generate.cgi
    filemail.pl
    maillist.pl
    info2www
    files.pl
    bnbform.cgi
    survey.cgi
    classifieds.cgi
    wrap
    cgiwrap
    edit.pl
    perl
    names.nsf
    webgais
    dumpenv.pl
    test.cgi
    submit.cgi
    guestbook.cgi
    guestbook.pl
    cachemgr.cgi
    responder.cgi
    perlshop.cgi
    query
    w3-msql
    plusmail
    htsearch
    infosrch.cgi
    publisher
    ultraboard.cgi
    db.cgi
    formmail.cgi
    allmanage.pl
    ssi
    adpassword.txt
    redirect.cgi
    cvsweb.cgi
    login.jsp
    dbconnect.inc
    admin
    htgrep
    wais.pl
    amadmin.pl
    subscribe.pl
    news.cgi
    auctionweaver.pl
    .htpasswd
    acid_main.php
    access.log
    log.htm
    log.html
    log.txt
    logfile
    logfile.htm
    logfile.html
    logfile.txt
    logger.html
    stat.htm
    stats.htm
    stats.html
    stats.txt
    webaccess.htm
    wwwstats.html
    source.asp
    perl
    mailto.cgi
    YaBB.pl
    mailform.pl
    cached_feed.cgi
    global.cgi
    Search.pl
    build.cgi
    common.php
    show
    global.inc
    ad.cgi
    WSFTP.LOG
    index.html~
    index.php~
    index.html.bak
    index.php.bak
    print.cgi
    register.cgi
    webdriver
    bbs_forum.cgi
    mysql.class
    sendmail.inc
    CrazyWWWBoard.cgi
    search.pl
    way-board.cgi
    webpage.cgi
    pwd.dat
    adcycle
    post-query
    help.cgi


    there are to many people to thank for the bits of information cut and pasted and added to form this paper
    most have been collected from various forums , txt , doc's etc...like to thank you all, its not intended to rip anyone
    its just a combo of various search inputs...put on the one Paper to use as a reference.
     

Share This Page