Google Hacking Basic


Published on

Published in: Technology, News & Politics
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Google Hacking Basic

  1. 1. Google Hacking - The BasicsManiac
  2. 2. Hacking - The Basics• What exactly is Google Hacking? • Google Hacking involves using the Google search engine to identify vulnerabilities in websites.
  3. 3. Hacking - The Basics• Ok, so you use Google to find all of this stuff, but how do you? • Google supports a multitude of operators and modifiers that add a ton of power to google searching.
  4. 4. Hacking - The Basics• Mmmmmm....operators and modifiers! I want them!
  5. 5. Hacking - The Basics• cache: • Syntax: cache:URL [highlight] • The cache operator will search through google’s cache and return the results based on those documents. You can alternatively tell cache to highlight a word or phrase by adding it after the operator and URL.
  6. 6. Hacking - The Basics• link: • Syntax: link:URL • Sites that have a hyperlink to the URL specified will be returned in the search results.
  7. 7. Hacking - The Basics• related: • Syntax: related:URL • The related operator will return results that are “similar” to the page that was specified.
  8. 8. Hacking - The Basics• info: • Syntax: info:URL • This tag will give you the information that Google has on the given URL.
  9. 9. Hacking - The Basics• site: • Syntax: site:Domain • This modifier will restrict results to those sites within the domain given.
  10. 10. Hacking - The Basics• allintitle: • Syntax: allintitle: oper1 [oper2] [oper3] [etc..] • Google will restrict the results to those that have all of the words entered after the modifier within the title. NOTE: This modifier does not play well with others.
  11. 11. Hacking - The Basics• intitle: • Syntax: intitle:operator • Google will return only results that match the word or phrase entered after the modifier within the title of the page.
  12. 12. Hacking - The Basics• allinurl: • Syntax: allinurl: oper1 [oper2] [oper3] [etc...] • This modifier is similar to allintitle: in that it will use the rest of the query and look for all the words or phrases in the URL that was specified. NOTE: Also like allintitle:, this modifier doesn’t play well with others.
  13. 13. Hacking - The Basics• inurl: • Syntax: inurl:operator • Here is the single operator version of allinurl:. Will return anything that has the operator in the URL.
  14. 14. Hacking - The Basics• allintext: • Syntax: allintext: oper1 [oper2] [oper3] [etc...] • Just like not using any operators....
  15. 15. Hacking - The Basics• intext: • Syntax: intext:operator • Ok, ok, I’ll let you guess on this one.
  16. 16. Hacking - The Basics• Are you done yet? That seemed like a lot, and what the hell was with all the apple stuff? • Almost there. Now its time to start mixing and matching these modifiers and operators. • The four most commonly used will be intitle:, intext:, inurl:, and filetype: • Also note, you can use OR and + and - signs.
  17. 17. Hacking - The Basics• mixing in intext:, inurl:, and intitle: and looking for default drupal sites that haven’t been configured yet.• intext:"Welcome to your new Drupal-powered website." intitle:drupal
  18. 18. Hacking - The Basics• "display printer status" intitle:"Home"
  19. 19. Hacking - The Basics• Whoa! a Xerox printer!
  20. 20. Hacking - The Basics • "#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc321232f297a57a5a743894a0e4a801fc3 is the MD5sum foradmin
  21. 21. Hacking - The Basics • "Certificate Practice Statement" inurl:(PDF | DOC)CAs are the formal requests that are made to get a Digital Certificate.
  22. 22. Hacking - The Basics• "Network Vulnerability Assessment Report"
  23. 23. Hacking - The Basics• "Thank you for your order" +receipt filetype:pdf
  24. 24. Hacking - The Basics• "robots.txt" + "Disallow:" filetype:txt
  25. 25. Hacking - The Basics• "phpMyAdmin" "running on" inurl:"main.php"
  26. 26. Hacking - The Basics• "phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
  27. 27. Hacking - The Basics• "social security number" "phone * * *“ "address *" "e-mail *" intitle:"curriculum vitae" filetype:pdf
  28. 28. Hacking - The Basics• ext:vmx vmx
  29. 29. Hacking - The Basics• filetype:QBW qbw
  30. 30. Hacking - The Basics• filetype:xls inurl:"email.xls"
  31. 31. Hacking - The Basics• intitle:"Index of" finances.xls
  32. 32. Hacking - The Basics• WOW! That was a lot of good finds! Where can I find more info on googlehacking?•
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.