There’s a sport called “Google Hacking” which is all about searching
for seemingly private websites using Google. In fact, you can only find
public websites using Google, because private (password-protected)
pages can’t be found by Google – so it’s no real hacking (let alone
“cracking,” which would consist of deleting, changing or abusing the
found data). But it’s fun nevertheless, and often enables people to
discover pages someone was hoping for to stay private. This happens
when the site is misconfigured, i.e. when the webmaster doesn’t know
enough about how to set up a website.
Here are some of the most popular and powerful “Google hack” search
queries. Enter them at your own risk, and know that every once in a
while you step onto a so-called honeypot (a fake website set up to lure
hackers into it, with the goal of finding out more about them and their
tactics).
Finding Error Messages
Search for: “A syntax error has occurred” filetype:ihtml
You’ll find: Pages which caused errors the last time Google checked
them. This may hint at vulnerabilities or other unwanted side-effects.
How this works: The first phrase simply looks for an error the target
server itself did once output. The “filetype” operator on the other hand
restricts the result pages to only those which have the “ihtml” extension
(which are sites using Informix). A related search is “Warning:
mysql_query()”.
Finding Seemingly Private Files
Search for: (password | passcode) (username | userid | user) filetype:csv
You’ll find: Files containing user names and similar.
How this works: The “filetype” operator makes sure only “Comma
Separated Values” files will be returned. Those are not typical web
pages, but data files. “(password | passcode)” tells Google the file must
contain either the text “password” or “passcode,” or both (the “|”
character means “or”). Also, result pages are restricted to those
containing either of the words “username,” “userid” or “user.”
Finding File Listings
Search for: intitle:index-of last-modified private
You’ll find: Pages which list files found on the server.
How this works: The “intitle” operator used above will ensure that the
target page contains the words “Index of” in the title. This is typical for
those open directories which list files (they will have a title like “Index of
/private/foo/bar”). “Last modified” on the other hand is a column
header often used on those pages. And the word “private” makes sure
we’ll find something of interest. A related search query which finds FTP
(File Transfer Protocol) information is intitle:index.of ws_ftp.ini
Finding Webcams
Search for: “powered by webcamXP” “Pro|Broadcast”
You’ll find: Public webcams set up by people to film a location, or
themselves.
How this works: “Powered by WebcamXP” is a text found on specific
kinds of webcam pages. A related search query to find cameras is
inurl:“ViewerFrame?Mode=”.
Finding Weak Servers
Search for: intitle:“the page cannot be found” inetmgr
You’ll find: Potentially weak (IIS4) servers.
How this works: An old Microsoft Internet Information server may
hint at security issues. This is one of many approaches that can be used
to find such a weak server.
Finding Chat Logs
Search for: something “has quit” “has joined” filetype:txt
You’ll find: Chat log files showing what people talked about in a chat
room.
How this works: Though the files found are all public, not everyone
chatting on IRC (the Internet Relay Chat) is aware of potential logging
mechanisms. The “filetype” operator makes sure only text files are
found, and “has quit”/ “has joined” are automated messages appearing
in chat rooms. This search is your chance to tune into people’s chatter.
Note you should replace “something” with the thing you are looking
for.
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন