Google
hacking involves using advanced operators in the Google search engine
to locate specific strings of text within search results. Some of the more
popular examples are finding specific versions of vulnerable Web
applications. The following search query would locate all web pages
that have that particular text contained within them. It is normal for default installations of applications to
include their running version in every page they serve, for example,
"Powered by XOOPS 2.2.3 Final".
The
following search query will locate all websites that have the words
"admbook" and "version" in the title of the website. It
also checks to ensure that the web page being accessed is a PHP file.
One
can even retrieve the username and password list from Microsoft FrontPage servers by inputting the
given microscript in Google search field:
"#-Frontpage-"
inurl:administrators.pwd
Devices connected to the Internet can
be found. A search string such as
inurl:"ViewerFrame?Mode="
will find public web cameras.
Another useful
search is following intitle:index.of followed by whatever you want to search.
This can give a list of files on the servers. For example, intitle:index.of mp3 will give all the MP3
files available on various servers.
No comments:
Post a Comment