Thursday, July 24, 2008

Google search hacking

well if u ask me this is the best Part " how to Search ",Anyone anywhere needs something out of the great "www", now if u know how to grab hold to "something" in one click that is the skill, this article henceforth is one of my best my best, n especially crafted to meet all your needs !!

Google Operators:
Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers’ weaponsBasic Operators:+, -, ~ , ., *, “”, ,OR
Advanced Operators:allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange

Basic Operators !!
(+) force inclusion of something commonGoogle ignores common words (where, how, digit, single letters) by default:Example: StarStar Wars Episode +I(-) exclude a search termExample: apple –red(“) use quotes around a search term to search exact phrases:Example: “Robert Masse”Robert masse without “” has the 309,000 results, but “robert masse” only has 927 results. Reduce the 99% irrelevant results
Basic Operators(~) search synonym:Example: ~foodReturn the results about food as well as recipe, nutrition and cooking information( . ) a single-character wildcard:Example: m.trixReturn the results of M@trix, matrix, metrix…….( * ) any word wildcardAdvanced Operators:

Site:”Site:
Domain_nameFind Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domainExamples:site:http://shaswat.bravehost.com
Advanced Operators:

“Filetype:”
Filetype: extension_typeFind documents with specified extensionsThe supported extensions are:- HyperText Markup Language (html) - Microsoft PowerPoint (ppt)- Adobe Portable Document Format (pdf) - Microsoft Word (doc)- Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb)- Lotus 1-2-3 - Microsoft Excel (xls)(wk1, wk2, wk3, wk4, wk5, wki, wks, wku) - Microsoft Write (wri)- Lotus WordPro (lwp) - Rich Text Format (rtf)- MacWrite (mw) - Shockwave Flash (swf)- Text (ans, txt)Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible.Example: Budget filetype: xls


Advanced Operators
“Intitle:”Intitle: search_termFind search term within the title of a WebpageAllintitle: search_term1 search_term2 search_term3Find multiple search terms in the Web pages with the title that includes all these wordsThese operators are specifically useful to find the directory listsExample:Find directory list:Intitle: Index.of “parent directory”

Advanced Operators
“Inurl:”Inurl: search_termFind search term in a Web addressAllinurl: search_term1 search_term2 search_term3Find multiple search terms in a Web addressExamples:Inurl: cgi-binAllinurl: cgi-bin password
Advanced Operators
“Intext;”Intext: search_termFind search term in the text body of a document.Allintext: search_term1 search_term2 search_term3Find multiple search terms in the text body of a document.Examples:Intext: Administrator loginAllintext: Administrator login

Advanced Operators: “Cache:”
Cache: URLFind the old version of Website in Google cacheSometimes, even the site has already been updated, the old information might be found in cacheExamples:Cache: http://shaswat.bravehost.com
Advanced Operators
..Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range representsExamples:Computer $500..1000DVD player $250..350
Advanced Operators:
“Daterange:”Daterange: -Find the Web pages between start date and end dateNote: start_date and end date use the Julian dateThe Julian date is calculated by the number of days since January 1, 4713 BC. For example, the Julian date for August 1, 2001 is 2452122Examples:2004.07.10=24531962004.08.10=2453258Vulnerabilities date range: 2453196-2453258

Advanced Operators “Link:”Link: URLFind the Web pages having a link to the specified URLRelated: URLFind the Web pages that are “similar” to the specified Web pageinfo: URLPresent some information that Google has about that Web pageDefine: search_termProvide a definition of the words gathered from various online sourcesExamples:Link: shaswat.bravehost.comRelated: shaswat.bravehost.comInfo: shaswat.bravehost.comDefine:

Network security
Advanced Operators
“phonebook:”PhonebookSearch the entire Google phonebookrphonebookSearch residential listings onlybphonebookSearch business listings onlyExamples:Phonebook: robert las vegas (robert in Las Vegas)Phonebook: (702) 944-2001 (reverse search, not always work)The phonebook is quite limited to U.S.A
But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxySo how but if i tell u a different way to searchk lets do this type in the following statements n c d resultswe can only provide u the guidelines, now u need to implement your Creativity to Keep it rolling.
http://shaswat.bravehost.com

SalarySalary filetype: xls site: edu
Security social insurance numberIntitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance NumberPayroll intext: Employee intext: ssn Filetype: xlsFiletype: xls “checking account” “credit card” - intext: Application -intext:Form (only 39 results)
Financial InformationIntitle: “Index of” finances.xls (9)
Personal MailboxIntitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)

Confidential Files“not for distribution” confidential (1,760)Confidential Files“not for distribution” confidential filetype: pdf (marketing info) (456)

OS Detection
Use the keywords of the default installation page of a Web server to search.
Use the title to search
Use the footer in a directory index page OS Detection-Windows“Microsoft-IIS/5.0 server at”OS Detection - WindowsDefault web page?Intitle: “Welcome to Windows 2000 Internet Services” IIS 5.0OS Detection –Apache 1.3.11-1.3.26Intitle: Test.Page.for.Apache seeing.this.insteadOS Detection-Apache SSL enableIntitle: Test.page “SSL/TLS-aware” (127)
Search Passwords
Search the well known password filenames in URLSearch the database connection files or configuration files to find a password and usernameSearch specific username file for a specific product
Search PasswordsInurl: etc inurl: passwd
Search PasswordsIntitle: “Index of..etc” passwd
Search PasswordsIntitle: “Index of..etc” passwd
Search PasswordsInurl: admin.pwd filetype: pwd
Search PasswordsFiletype: inc dbconn
Search PasswordsFiletype: inc intext: mysql_connect
Search PasswordsFiletype: ini +ws_ftp +pwd (get the encrypted passwords)
Search PasswordsFiletype: log inurl: “password.log”Search Username+intext: "webalizer" +intext: “Total Usernames” +intext: “Usage Statistics for”License KeyFiletype: lic lic intext: key (33) (license key)Sensitive Directories ListingPowerful buzz word: Index ofSearch the well known vulnerable directories namesSensitive Directories Listing“index of cgi-bin” (3590)Sensitive Directories ListingIntitle: “Index of” cfide (coldfusion directory)Sensitive Directories ListingIntitle:
index.of.winnt
Get the serial number you need ! (For Certain Things)
1) Go to Google.2) Use Keyword as "Product name" 94FBR3) Where, "Product Name" is the name of the item you want to find the serial number for.4) And voila - there you go - the serial number you needed.HOW DOES THIS WORK?Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.See these example searches:
Code:
"Photoshop 7"+94FBR"Age of Mythology"+94FBR"Nero Burning Rom 5.5"+94FBR

5 comments:

online games said...

online games

Wildnet Technologies said...

Hello,
This is a really good post. Must admit that you are amongst the best bloggers I have read. Thanks for posting this informative article.
Article Submission UK

Anonymous said...

Visit bollywood Database for hot sizzling Katrina Kaif Pictures.

Trask Digital said...

Took me time to read all the comments, but I really enjoyed the article. It proved to be Very helpful to me and I am sure to all the commenters here! It's always nice when you can not only be informed, but also entertained! I'm sure you had fun writing this article. . seo white label reseller

Anonymous said...

Hello,
This is a really good post. Must admit that you are amongst the best bloggers I have read. Thanks for posting this informative article.