This document discusses how Google can be used to find confidential information and vulnerable systems on the internet. It provides examples of Google search queries that can locate specific software versions, default website pages, and personal details. The document warns that many systems have outdated or unpatched software exposing sensitive data publicly online through search engines like Google. It encourages administrators to regularly update software and remove version details from webpages to prevent discovery by attackers searching for vulnerabilities.
This document discusses how Google can be used to find confidential information and vulnerabilities on the internet. It provides examples of Google search queries that can locate sensitive data like personal details, system configurations, and error messages containing passwords. The author advises administrators to regularly patch systems and remove unnecessary details from public pages to prevent exposing vulnerabilities.
The Google Hacking Database: A Key Resource to Exposing VulnerabilitiesTechWell
We all know the power of Google—or do we? Two types of people use Google: normal users like you and me, and the not-so-normal users—the hackers. What types of information can hackers collect from Google? How severe is the damage they can cause? Is there a way to circumvent this hacking? As a security tester, Kiran Karnad uses the GHDB (Google Hacking Database) to ensure their product will not be the next target for hackers. Kiran describes how to effectively use Google the way hackers do, using advanced operators, locating exploits and finding targets, network mapping, finding user names and passwords, and other secret stuff. Kiran provides a recipe of five simple security searches that work. Learn how to automate the Google Hacking Database using Python so security tests can be incorporated as a part of the SDLC for the next product you develop.
The document provides instructions for collecting Twitter data using Python by having users set up Twitter API keys, prepare a list of Twitter handles in a CSV file, create a SQLite database to store the Twitter data, install necessary Python libraries, modify a Python script to retrieve tweets from the Twitter handles list, and run the script to collect and save the Twitter data in the SQLite database. The results obtained will include various metadata for each tweet such as the language, retweets, user details, hashtags, URLs, and more.
The document provides instructions for collecting Twitter data using Python. It outlines 5 steps: 1) Set up Twitter API keys, 2) Prepare a list of Twitter handles in a CSV file, 3) Create a SQLite database and import the Twitter handle list, 4) Install required Python libraries, and 5) Modify and run a Python script to retrieve tweets and store results in the SQLite database. The document also discusses Twitter API rate limits and provides a similar process for searching and storing tweets by keywords.
This document discusses Internet Explorer and Outlook Express. It provides an introduction to Internet Explorer as a web browser developed by Microsoft, and outlines some other popular browsers. It also discusses Outlook Express, an email client included with Internet Explorer versions. The document then provides step-by-step instructions on how to create a new email account and send emails using Outlook Express, including composing, attaching files, and spell checking emails. It concludes with tips on avoiding spam, configuring security settings, downloading files safely, and effective web searching.
Email is Here to Stay (Baydin Defrag 2009)Alex Moore
Email allows for rich content, conversations, and controls compared to newer communication methods like Twitter. While technologies like Twitter have advantages in lowering barriers to entry and creating publicly searchable data, email is still widely used and will continue to be used in the future, though it may incorporate more aspects of social media platforms. The document examines usage statistics from email and Twitter datasets and considers how email could adopt features like public acknowledgement of useful messages as social media does to remain a relevant communication method.
This document provides an overview of searching the web effectively. It discusses formulating specific and exploratory research questions and developing search strategies. It covers using search engines, directories, metasearch engines and other tools. Advanced search techniques like Boolean operators, filters and evaluating results are explained. Future developments in web search like indexing dynamic pages and using people to enhance directories are also mentioned.
The document discusses various information resources available on the web, including ways to find current news, weather, maps, businesses and people. It also covers online library and text resources as well as multimedia like images, audio and video. Guidelines are provided for citing web sources and issues around copyright and fair use are explained.
This document discusses how Google can be used to find confidential information and vulnerabilities on the internet. It provides examples of Google search queries that can locate sensitive data like personal details, system configurations, and error messages containing passwords. The author advises administrators to regularly patch systems and remove unnecessary details from public pages to prevent exposing vulnerabilities.
The Google Hacking Database: A Key Resource to Exposing VulnerabilitiesTechWell
We all know the power of Google—or do we? Two types of people use Google: normal users like you and me, and the not-so-normal users—the hackers. What types of information can hackers collect from Google? How severe is the damage they can cause? Is there a way to circumvent this hacking? As a security tester, Kiran Karnad uses the GHDB (Google Hacking Database) to ensure their product will not be the next target for hackers. Kiran describes how to effectively use Google the way hackers do, using advanced operators, locating exploits and finding targets, network mapping, finding user names and passwords, and other secret stuff. Kiran provides a recipe of five simple security searches that work. Learn how to automate the Google Hacking Database using Python so security tests can be incorporated as a part of the SDLC for the next product you develop.
The document provides instructions for collecting Twitter data using Python by having users set up Twitter API keys, prepare a list of Twitter handles in a CSV file, create a SQLite database to store the Twitter data, install necessary Python libraries, modify a Python script to retrieve tweets from the Twitter handles list, and run the script to collect and save the Twitter data in the SQLite database. The results obtained will include various metadata for each tweet such as the language, retweets, user details, hashtags, URLs, and more.
The document provides instructions for collecting Twitter data using Python. It outlines 5 steps: 1) Set up Twitter API keys, 2) Prepare a list of Twitter handles in a CSV file, 3) Create a SQLite database and import the Twitter handle list, 4) Install required Python libraries, and 5) Modify and run a Python script to retrieve tweets and store results in the SQLite database. The document also discusses Twitter API rate limits and provides a similar process for searching and storing tweets by keywords.
This document discusses Internet Explorer and Outlook Express. It provides an introduction to Internet Explorer as a web browser developed by Microsoft, and outlines some other popular browsers. It also discusses Outlook Express, an email client included with Internet Explorer versions. The document then provides step-by-step instructions on how to create a new email account and send emails using Outlook Express, including composing, attaching files, and spell checking emails. It concludes with tips on avoiding spam, configuring security settings, downloading files safely, and effective web searching.
Email is Here to Stay (Baydin Defrag 2009)Alex Moore
Email allows for rich content, conversations, and controls compared to newer communication methods like Twitter. While technologies like Twitter have advantages in lowering barriers to entry and creating publicly searchable data, email is still widely used and will continue to be used in the future, though it may incorporate more aspects of social media platforms. The document examines usage statistics from email and Twitter datasets and considers how email could adopt features like public acknowledgement of useful messages as social media does to remain a relevant communication method.
This document provides an overview of searching the web effectively. It discusses formulating specific and exploratory research questions and developing search strategies. It covers using search engines, directories, metasearch engines and other tools. Advanced search techniques like Boolean operators, filters and evaluating results are explained. Future developments in web search like indexing dynamic pages and using people to enhance directories are also mentioned.
The document discusses various information resources available on the web, including ways to find current news, weather, maps, businesses and people. It also covers online library and text resources as well as multimedia like images, audio and video. Guidelines are provided for citing web sources and issues around copyright and fair use are explained.
BMO acquired Marshall & Ilsley Bank in 2011, bringing Jud Snyder into BMO and entering the equipment finance industry. In 2015, BMO acquired GE Capital Transportation Finance, bringing in Dan Clark and further expanding its equipment finance business. Snyder and Clark emphasize developing strong customer relationships and integrating acquisitions smoothly. They see continued growth opportunities for BMO's equipment finance business in both the US and Canada.
This document provides information about a student's daily routine and activities throughout the day. It includes reciting poems about the days of the week, phonetic exercises, discussing times of day, morning and afternoon duties like getting ready for school, helping around the house, and evening activities. The document ends with discussing what was learned in the lesson and assigning homework.
This describes the two-speed delivery issue of enterprise mobility. It explains the flow of delivery stages for IBM MobileFirst, to implement the DevOps.
This is part 1 (of 3 series). The coming part 2 & 3 will explain the DevOps for differnt mobile app patterns.
The document discusses the organizational structure of the University of Cambridge in the United Kingdom. It is divided into six schools - Arts and Humanities, Biological Sciences, Clinical Medicine, Humanities and Social Sciences, Physical Sciences, and Technology - which group related faculties and units together. Some famous historical figures who studied at Cambridge include Isaac Newton, Lord Byron, and Charles Darwin, and the great Russian scientist Ivan Pavlov received a toy dog as a gift from students during his time working there.
This document summarizes a presentation by Sarita E. Brown from Excelencia in Education at an AAC&U conference on using data to support student success. The presentation outlines why focusing on Latino student success is important given population trends, and describes Excelencia's initiatives to identify evidence-based practices that increase Latino student success in higher education. These include engaging underserved students, integrating support services, facilitating transfers, and involving students in learning. The initiatives aim to increase Latino participation and completion rates through institutional commitment and using data to inform improvements.
The document discusses several key trends in the U.S. healthcare system: 1) Healthcare spending in the U.S. is the highest in the world at 16.4% of GDP but results in low quality of care rankings; 2) In response, the system is focusing on controlling costs and improving quality which has led to consolidation of hospitals and physician practices; 3) This has shifted medical equipment purchasing decisions from doctors to healthcare executives focused on total cost of ownership. Equipment financiers must address both clinical and financial concerns to help vendors navigate this changing landscape.
The document discusses site investigation methods for determining soil properties below a construction site. It defines site investigation, explains its purposes such as evaluating load capacity and settlement, and describes exploration program steps from initial information gathering to detailed borings. Common boring types like auger and core borings are outlined. In-situ tests for soil strength measurement are also summarized, including standard penetration, vane shear, plate load, cone penetration, and pressure-meter tests.
James Rachels’s Defense of Active Euthanasia: A Critical & Normative StudyMohammad Manzoor Malik
This document is a thesis submitted by Mohammad Manzoor Malik for the degree of Doctor of Philosophy in Philosophy from Assumption University in Thailand in 2008. The thesis examines James Rachels's defense of active euthanasia through a critical and normative analysis. The thesis has four chapters. Chapter one introduces the topic, outlines Rachels's position on euthanasia, and explains the significance and scope of the research. Chapter two provides an exposition of Rachels's conceptual framework and arguments regarding euthanasia. Chapter three constitutes a critique of Rachels's conceptual framework, arguments against the traditional view of euthanasia, and arguments in favor of active euthanasia. Chapter
This document discusses strategies for protecting trade secrets and confidential data when using cloud computing services. It begins with definitions of cloud computing and trade secrets. It then outlines some of the benefits of cloud computing for businesses. However, it also notes concerns about storing trade secrets on third-party shared systems. The rest of the document provides recommendations for how inside counsel can help companies address these concerns, including paying attention to cloud service terms of service, encrypting and compartmentalizing data, monitoring data transfers, training employees, and forming an internal response team to handle any security incidents.
Motorcraft is an electromechanical service company located in Muncie, Indiana that has been in business since the 1930s. Throughout its history, the company has been passed down through generations of families who follow the tradition of the husband running the shop while the wife does the bookkeeping. This tradition has helped provide continuity for the business as it has weathered the decline of manufacturing in Muncie. While many other similar shops have closed, Motorcraft has remained open by diversifying its customer base and sticking to the philosophies and practices that have served it well for decades.
P. Chandrashekar Reddy is seeking a challenging career opportunity with opportunities for growth. He has over 8 years of experience in customer service and operations management roles in the BPO industry. Currently he is an Assistant Manager at C3I where he manages staff, conducts performance reviews, and ensures service level requirements are met. Previously he held roles with increasing responsibility at HSBC and received numerous awards for his performance and leadership. He has a B.Sc from Osmania University and his interests include music and movies.
This short document promotes the creation of Haiku Deck presentations on SlideShare by stating it provides inspiration and allows users to get started making their own Haiku Deck presentations.
Java is an object-oriented language that requires creating a class to run a program. To execute Java code, developers must install the Java Development Kit (JDK) and an integrated development environment like Eclipse. With those tools configured, users can generate a new Java project in Eclipse by clicking File, New, Java Project, typing a name, and clicking Finish to set up the initial project structure for developing Java applications.
The message contains no text or details to summarize. There is no information provided in the given document to create a meaningful 3 sentence summary. The single word "MESSAGE" does not provide any essential high-level information that could be summarized.
The document provides information about the Danube River Basin, including that it is the second largest river in Europe, draining an area of over 320,000 square miles across 18 countries. It describes the river's physical geography, climate, discharge, channel pattern, and geologic history. Additionally, it discusses land use and human impacts such as agriculture, municipal waste, and industry that have contributed to water quality issues. The document also briefly mentions biodiversity in the river basin and a 2010 industrial accident that released toxic sludge.
This document contains Reginald Baloloy Tuanado's curriculum for a Bachelor of Arts in Mass Communication at Far Eastern University. It lists all the courses taken each semester over four years of study, including the course code, description, units, prerequisites and grades for each course. The curriculum shows coursework in areas such as communication, journalism, advertising, film, theater, and speech, as well as general education courses in subjects like history, literature, math, and science.
how to create a project in java language Hareem Naz
Java is an object-oriented language that requires creating a class to run a program. To execute Java code, developers must install the Java Development Kit (JDK) and an integrated development environment like Eclipse. With those tools configured, developers can then create a new Java project in Eclipse by clicking file, new, Java project, typing a name, and clicking finish to set up their project structure for writing Java code.
Dangerous google searching for secretsMathivanan M
This document discusses how Google can be used to find confidential information and vulnerable systems on the internet. It provides examples of Google search queries that can locate specific versions of web servers, as well as queries to find unsecured installations of common web applications with known vulnerabilities like WebJeff Filemanager and Advanced Guestbook. The document encourages readers to think carefully about the type of sensitive data that users carelessly make public and how it could aid attackers.
Lab-4 Reconnaissance and Information Gathering A hacker.docxLaticiaGrissomzz
Lab-4: Reconnaissance and Information Gathering
A hacker uses many tools and methods to gather information about the target. There are two broad categories of information gathering methods: passive and active. These methods are detailed in the table below. In this lab, you will perform passive information gathering (gray-shaded column). In Lab 5, you will be performing active information gathering. Please review the table before starting this lab.
Information Gathering
Passive (Reconnaissance and Information Gathering) – This Week
Active (Scanning and Enumeration) – Next Week
Is the hacker contact with the target directly?
No direct contact with the target
Direct contact with the target
Are the activities logged?
No audit records on the target
Audit record might be created
What kind of tools has been used?
Web archives, Whois service, DNS servers, Search Engines
Port scanners, network scanners, vulnerability scanners (Nessus, Nmap)
What information can a hacker collect?
IP addresses, network range, telephone numbers, E-mail addresses, active machines, operating system version, network topology
Live hosts on a network, network topology, OS version, open ports on hosts, services running on hosts, running applications and their versions, patching level, vulnerabilities.
In passive information gathering, the hacker does not directly contact the target; therefore, no audit logs have been created. Both non-technical (such as employee names, birth dates, e-mail addresses) and technical information (IP addresses, domain names) can be gathered. This information can be used in many ways in the subsequent steps of the attack. For example, the phone numbers or e-mail addresses you discovered can be used in social engineering attacks. DNS records or subdomain names can be used to leverage specific attacks against hosts or URLs.
More notes on Reconnaissance and Information Gathering :
1) In this phase, an attacker may collect a lot of information without being noticed.
2) In some cases, an attacker may even discover vulnerabilities.
3) The information collected in this phase can be quite valuable when evaluated together with the information collected in the scanning and enumeration phase. For example, you might find the phone number and name of an employee in this phase, and you may find the computer IP address in the active scanning phase. You can use these two pieces of information together to leverage a social engineering attack. An attacker will increase the chance of gaining trust when s/he calls the victim's name and talk some specific about the victim's computer.
4) Companies should also perform reconnaissance and information gathering against themselves so that they can discover -before hackers- what kind of information the company and company employees disclose.
In this lab, you will practice 6 passive methods of Reconnaissance and Information Gathering. You have to use Kali VM in Sections 3, 5, and 6 of the lab. You may use Kali.
This document summarizes a presentation on search engine optimization (SEO) for Flash content. It discusses how search engines index Flash, including breakthroughs that allow indexing of text, links, and interactions. It emphasizes the importance of dynamic page ranking and getting links over initial page rank. Testing over long periods is recommended to understand how content is indexed. Tips provided include using descriptive text, metadata, and linking to optimize Flash content for search engines.
BMO acquired Marshall & Ilsley Bank in 2011, bringing Jud Snyder into BMO and entering the equipment finance industry. In 2015, BMO acquired GE Capital Transportation Finance, bringing in Dan Clark and further expanding its equipment finance business. Snyder and Clark emphasize developing strong customer relationships and integrating acquisitions smoothly. They see continued growth opportunities for BMO's equipment finance business in both the US and Canada.
This document provides information about a student's daily routine and activities throughout the day. It includes reciting poems about the days of the week, phonetic exercises, discussing times of day, morning and afternoon duties like getting ready for school, helping around the house, and evening activities. The document ends with discussing what was learned in the lesson and assigning homework.
This describes the two-speed delivery issue of enterprise mobility. It explains the flow of delivery stages for IBM MobileFirst, to implement the DevOps.
This is part 1 (of 3 series). The coming part 2 & 3 will explain the DevOps for differnt mobile app patterns.
The document discusses the organizational structure of the University of Cambridge in the United Kingdom. It is divided into six schools - Arts and Humanities, Biological Sciences, Clinical Medicine, Humanities and Social Sciences, Physical Sciences, and Technology - which group related faculties and units together. Some famous historical figures who studied at Cambridge include Isaac Newton, Lord Byron, and Charles Darwin, and the great Russian scientist Ivan Pavlov received a toy dog as a gift from students during his time working there.
This document summarizes a presentation by Sarita E. Brown from Excelencia in Education at an AAC&U conference on using data to support student success. The presentation outlines why focusing on Latino student success is important given population trends, and describes Excelencia's initiatives to identify evidence-based practices that increase Latino student success in higher education. These include engaging underserved students, integrating support services, facilitating transfers, and involving students in learning. The initiatives aim to increase Latino participation and completion rates through institutional commitment and using data to inform improvements.
The document discusses several key trends in the U.S. healthcare system: 1) Healthcare spending in the U.S. is the highest in the world at 16.4% of GDP but results in low quality of care rankings; 2) In response, the system is focusing on controlling costs and improving quality which has led to consolidation of hospitals and physician practices; 3) This has shifted medical equipment purchasing decisions from doctors to healthcare executives focused on total cost of ownership. Equipment financiers must address both clinical and financial concerns to help vendors navigate this changing landscape.
The document discusses site investigation methods for determining soil properties below a construction site. It defines site investigation, explains its purposes such as evaluating load capacity and settlement, and describes exploration program steps from initial information gathering to detailed borings. Common boring types like auger and core borings are outlined. In-situ tests for soil strength measurement are also summarized, including standard penetration, vane shear, plate load, cone penetration, and pressure-meter tests.
James Rachels’s Defense of Active Euthanasia: A Critical & Normative StudyMohammad Manzoor Malik
This document is a thesis submitted by Mohammad Manzoor Malik for the degree of Doctor of Philosophy in Philosophy from Assumption University in Thailand in 2008. The thesis examines James Rachels's defense of active euthanasia through a critical and normative analysis. The thesis has four chapters. Chapter one introduces the topic, outlines Rachels's position on euthanasia, and explains the significance and scope of the research. Chapter two provides an exposition of Rachels's conceptual framework and arguments regarding euthanasia. Chapter three constitutes a critique of Rachels's conceptual framework, arguments against the traditional view of euthanasia, and arguments in favor of active euthanasia. Chapter
This document discusses strategies for protecting trade secrets and confidential data when using cloud computing services. It begins with definitions of cloud computing and trade secrets. It then outlines some of the benefits of cloud computing for businesses. However, it also notes concerns about storing trade secrets on third-party shared systems. The rest of the document provides recommendations for how inside counsel can help companies address these concerns, including paying attention to cloud service terms of service, encrypting and compartmentalizing data, monitoring data transfers, training employees, and forming an internal response team to handle any security incidents.
Motorcraft is an electromechanical service company located in Muncie, Indiana that has been in business since the 1930s. Throughout its history, the company has been passed down through generations of families who follow the tradition of the husband running the shop while the wife does the bookkeeping. This tradition has helped provide continuity for the business as it has weathered the decline of manufacturing in Muncie. While many other similar shops have closed, Motorcraft has remained open by diversifying its customer base and sticking to the philosophies and practices that have served it well for decades.
P. Chandrashekar Reddy is seeking a challenging career opportunity with opportunities for growth. He has over 8 years of experience in customer service and operations management roles in the BPO industry. Currently he is an Assistant Manager at C3I where he manages staff, conducts performance reviews, and ensures service level requirements are met. Previously he held roles with increasing responsibility at HSBC and received numerous awards for his performance and leadership. He has a B.Sc from Osmania University and his interests include music and movies.
This short document promotes the creation of Haiku Deck presentations on SlideShare by stating it provides inspiration and allows users to get started making their own Haiku Deck presentations.
Java is an object-oriented language that requires creating a class to run a program. To execute Java code, developers must install the Java Development Kit (JDK) and an integrated development environment like Eclipse. With those tools configured, users can generate a new Java project in Eclipse by clicking File, New, Java Project, typing a name, and clicking Finish to set up the initial project structure for developing Java applications.
The message contains no text or details to summarize. There is no information provided in the given document to create a meaningful 3 sentence summary. The single word "MESSAGE" does not provide any essential high-level information that could be summarized.
The document provides information about the Danube River Basin, including that it is the second largest river in Europe, draining an area of over 320,000 square miles across 18 countries. It describes the river's physical geography, climate, discharge, channel pattern, and geologic history. Additionally, it discusses land use and human impacts such as agriculture, municipal waste, and industry that have contributed to water quality issues. The document also briefly mentions biodiversity in the river basin and a 2010 industrial accident that released toxic sludge.
This document contains Reginald Baloloy Tuanado's curriculum for a Bachelor of Arts in Mass Communication at Far Eastern University. It lists all the courses taken each semester over four years of study, including the course code, description, units, prerequisites and grades for each course. The curriculum shows coursework in areas such as communication, journalism, advertising, film, theater, and speech, as well as general education courses in subjects like history, literature, math, and science.
how to create a project in java language Hareem Naz
Java is an object-oriented language that requires creating a class to run a program. To execute Java code, developers must install the Java Development Kit (JDK) and an integrated development environment like Eclipse. With those tools configured, developers can then create a new Java project in Eclipse by clicking file, new, Java project, typing a name, and clicking finish to set up their project structure for writing Java code.
Dangerous google searching for secretsMathivanan M
This document discusses how Google can be used to find confidential information and vulnerable systems on the internet. It provides examples of Google search queries that can locate specific versions of web servers, as well as queries to find unsecured installations of common web applications with known vulnerabilities like WebJeff Filemanager and Advanced Guestbook. The document encourages readers to think carefully about the type of sensitive data that users carelessly make public and how it could aid attackers.
Lab-4 Reconnaissance and Information Gathering A hacker.docxLaticiaGrissomzz
Lab-4: Reconnaissance and Information Gathering
A hacker uses many tools and methods to gather information about the target. There are two broad categories of information gathering methods: passive and active. These methods are detailed in the table below. In this lab, you will perform passive information gathering (gray-shaded column). In Lab 5, you will be performing active information gathering. Please review the table before starting this lab.
Information Gathering
Passive (Reconnaissance and Information Gathering) – This Week
Active (Scanning and Enumeration) – Next Week
Is the hacker contact with the target directly?
No direct contact with the target
Direct contact with the target
Are the activities logged?
No audit records on the target
Audit record might be created
What kind of tools has been used?
Web archives, Whois service, DNS servers, Search Engines
Port scanners, network scanners, vulnerability scanners (Nessus, Nmap)
What information can a hacker collect?
IP addresses, network range, telephone numbers, E-mail addresses, active machines, operating system version, network topology
Live hosts on a network, network topology, OS version, open ports on hosts, services running on hosts, running applications and their versions, patching level, vulnerabilities.
In passive information gathering, the hacker does not directly contact the target; therefore, no audit logs have been created. Both non-technical (such as employee names, birth dates, e-mail addresses) and technical information (IP addresses, domain names) can be gathered. This information can be used in many ways in the subsequent steps of the attack. For example, the phone numbers or e-mail addresses you discovered can be used in social engineering attacks. DNS records or subdomain names can be used to leverage specific attacks against hosts or URLs.
More notes on Reconnaissance and Information Gathering :
1) In this phase, an attacker may collect a lot of information without being noticed.
2) In some cases, an attacker may even discover vulnerabilities.
3) The information collected in this phase can be quite valuable when evaluated together with the information collected in the scanning and enumeration phase. For example, you might find the phone number and name of an employee in this phase, and you may find the computer IP address in the active scanning phase. You can use these two pieces of information together to leverage a social engineering attack. An attacker will increase the chance of gaining trust when s/he calls the victim's name and talk some specific about the victim's computer.
4) Companies should also perform reconnaissance and information gathering against themselves so that they can discover -before hackers- what kind of information the company and company employees disclose.
In this lab, you will practice 6 passive methods of Reconnaissance and Information Gathering. You have to use Kali VM in Sections 3, 5, and 6 of the lab. You may use Kali.
This document summarizes a presentation on search engine optimization (SEO) for Flash content. It discusses how search engines index Flash, including breakthroughs that allow indexing of text, links, and interactions. It emphasizes the importance of dynamic page ranking and getting links over initial page rank. Testing over long periods is recommended to understand how content is indexed. Tips provided include using descriptive text, metadata, and linking to optimize Flash content for search engines.
This document provides a tutorial on using the Simple Object Access Protocol (SOAP) for communication between components. It introduces an example component, an HTML calendar widget, that can receive event listings and display a calendar of events. The tutorial defines an interface for the calendar widget using CORBA IDL and then demonstrates making a request to add an event listing using a SOAP HTTP request with an XML payload wrapped in a SOAP envelope and body. The SOAP request follows the defined interface by specifying the date and event description in the payload to add a new listing to the calendar widget.
Internet Explorer is a web browser developed by Microsoft that was the most widely used from 1999 to the early 2000s, though its market share has declined due to competition from other browsers like Google Chrome, Mozilla Firefox, Opera, Safari, and others. Internet Explorer security is important but can still be improved. These other browsers were designed with a focus on security, speed, and stability compared to existing browsers at the time of their development. They use various techniques like sandboxing and encryption to enhance security.
SearchLove San Diego 2019 - Britney Muller - Machine Learning: Know Enough To...Distilled
What is Machine Learning and how can we apply it to digital marketing? After this session, you'll understand machine learning basics, what ML can be used for, examples of ML solving SEO tasks and executable programs you start using immediately.
The document discusses mashups and various technologies used to create them such as Flex, E4X, HTTPService, crossdomain.xml, and AMF. It provides examples of using APIs from Amazon, Flickr, Yahoo, and Google to retrieve and combine data from multiple sources into new applications. It also discusses platforms like Yahoo Pipes that allow creating mashups visually without programming.
The document discusses a security vulnerability in Microsoft Outlook called "BadWinmail" that allows remote code execution. When an email is sent in TNEF or MSG format containing an OLE object like Flash, the embedded object will execute automatically when the user previews the email. This poses a serious risk as it bypasses Outlook's security protections and can give attackers full control over a user's system. A demonstration video shows how an old Flash exploit can exploit this to execute code simply by previewing the malicious email. Microsoft has since released a patch in December 2015 to address the issue.
This document discusses HTML (Hypertext Markup Language) and how it is used to create websites. It defines HTML and explains how it uses tags to structure and markup web pages. It also defines browsers and lists some major browsers like Internet Explorer, Firefox, Chrome, and Safari, providing their advantages and disadvantages. Finally, it discusses how to open and edit web pages using an HTML editor like Netscape Navigator.
This document provides a tutorial for using Apache Solr to index and search plain text files, HTML files, and remote HTML files. It introduces Solr Cell, a new module in Solr 1.4 that can access many file formats. The tutorial walks through installing the example files, indexing text files with cURL and Solr Cell, indexing all files in a directory with a shell script, indexing HTML files and extracting metadata, and indexing remote files by downloading them. The goal is to demonstrate indexing common file types that users are likely to have access to.
Apache Solr is the popular, blazing fast open source enterprise search platform; it uses
Lucene as its core search engine. Solr’s major features include powerful full-text search, hit
highlighting, faceted search, dynamic clustering, database integration, and complex queries.
Solr is highly scalable, providing distributed search and index replication, and it powers the
search and navigation features of many of the world's largest internet sites.
Apache Solr is the popular, blazing fast open source enterprise search platform; it uses
Lucene as its core search engine. Solr’s major features include powerful full-text search, hit
highlighting, faceted search, dynamic clustering, database integration, and complex queries.
Solr is highly scalable, providing distributed search and index replication, and it powers the
search and navigation features of many of the world's largest internet sites.
INFO-6053 Fall 2017 Project 3 Page 1 of 6 .docxjaggernaoma
INFO-6053 Fall 2017
Project 3
Page 1 of 6
Title INFO-6053 Project 3 – Automated Testing with Selenium
Due Date Monday, January 8th
2018 by 11:59 PM
Submission
To
Project 3 drop box on FOL
Project
Structure
This is a group project. Each group may consist of 3 to 6
members. Each member of a group will receive the same
mark for the project
Marking Scheme
Available
Marks
Item Score
5 Selenium IDE test of add contact form
5 Selenium IDE test of edit contact form
5 Selenium IDE test of error form
10 Selenium Web Driver test of either the edit contact
OR error form (only one of these forms needs to be
tested using Web Driver)
5 Project report
5 Grammar, spelling, following instructions.
35 Total
Background Information
Your testing team is part of a new company that is developing a set of web-
based applications for home and business use. While none of the
applications are anywhere near ready for release, the development team
has completed its first prototype of the contacts module that will be part of
the core of all of the new applications.
INFO-6053 Fall 2017
Project 3
Page 2 of 6
The company’s management have decided, after investigating a number of
options, that a large portion of the testing of its applications will be done
using the Selenium tool suite. Management have left the decision about
which Selenium tools to the testing team. They have also decided that the
testing team will perform some tests on the contacts prototype for two
purposes:
To assess the current state of the contacts module.
To help the testing team to determine which Selenium tools to
use by performing some automated tests on the prototype.
The prototype of the contacts module consists of the functionality to add,
edit and view contact information via a web interface. While the basic form
structures and page layouts are correct, no CSS has yet been applied to
the pages, although some simple formatting has been put in the HTML tags
to make the pages easier to read. There is no JavaScript on any of the
pages and none is planned for the finished version of this module.
The application consists of 3 main forms, one to add new contacts, one to
edit and existing contact and one to allow the user to correct any data input
errors made while using the other two. The basic layout of all 3 is the same
although the underlying functionality is different. There is also a simple
HTML page that lists all of the data for a selected contact. Another page
displays a list of all contacts and includes buttons for viewing or editing the
details of each contact. A fourth form is used to display the results of
saving/updating the database.
The data gathered and displayed by this module is stored in a single
MariaDB (MySQL equivalent) database table with the following structure
(shown as an SQL table create command):
CREATE TABLE `addresses` ( .
This document summarizes several web browsers:
- Internet Explorer is a series of graphical web browsers developed by Microsoft and included in Windows operating systems starting in 1995. Major versions include Internet Explorer 1-9.
- Firefox is a free and open-source web browser descended from Mozilla Application Suite and managed by Mozilla Corporation. Major versions include Firefox 2-4.
- Google Chrome is a web browser developed by Google that uses the WebKit layout engine. It was first released as a beta in 2008 and surpassed 10% worldwide usage in 2011.
- Opera is a web browser and Internet suite developed by Opera Software that is offered free for personal computers and mobile phones. It supports smartphones, mobile phones, tablets, Nintendo
This document discusses how Firefox add-ons can be exploited for malicious purposes. It describes how the author created proof-of-concept add-ons like a keylogger, password stealer, and reverse shell. The add-ons abuse features like JavaScript, XPCOM, and CORS to bypass security and remain undetectable to antivirus software. They exploit Firefox's lack of privilege restrictions and access controls to perform attacks like stealing sensitive data, running executables, and launching DDoS attacks.
1) Hackers are exploiting vulnerabilities in Windows XP since Microsoft discontinued support, putting the estimated 1 million continued XP users at risk.
2) Businesses that have not upgraded from XP face security risks and need to upgrade their operating systems, but upgrading can endanger the compatibility of existing files and documents.
3) The company Reach for the Clouds offers a toolset including software that can scan for problematic files, generate reports on upgrade needs, and automatically convert files at risk of losing functionality, in order to help businesses upgrade from XP and legacy Microsoft Office software safely and efficiently.
1) Hackers are exploiting vulnerabilities in Windows XP since Microsoft discontinued support, putting the estimated 1 million continued XP users at risk.
2) Businesses that have not upgraded from XP face security risks and need to upgrade their OS, but upgrading can endanger compatibility of existing files and documents.
3) The RFTC Toolset, including the RFTC O365 Detective, RFTC FileReporter, and RFTC OfficeMigrator, helps businesses upgrade from legacy Windows and Office in a risk-free manner by identifying problematic files, reporting on them, and automating their conversion to maintain functionality.
GTU MCA PHP Interview Questions And Answers for freshersTOPS Technologies
MCA GTU Student can refer PHP Interview Questions and Answers, This Php Q & A will helpful for Live GTU Projects as well as for Interview.. Visit us at TOPS Technologies http://www.tops-int.com
The document discusses the capabilities of Adobe AIR, including what is possible in versions 1.x and the new features in 2.0. It provides examples of tasks that can be done like accessing files, using SQLite databases, drag and drop, the clipboard, launching native processes, detecting USB devices, and creating server sockets. The document is meant to address common client questions and demonstrate that more complex applications beyond just Twitter clients can be created with AIR. It also invites the reader to provide any other questions or feedback.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
National Security Agency - NSA mobile device best practices
D google searching tactics
1. Dangerous Google
– Searching for Secrets
Michał Piotrowski
This article has been published in issue 4/2005 of the hakin9 magazine.
All rights reserved. This file may be distributed for free pending no changes are made to its contents or form.
hakin9 magazine, Wydawnictwo Software, ul. Lewartowskiego 6, 00-190 Warszawa, en@hakin9.org
2. www.hakin9.org2 hakin9 4/2005
Basics
G
oogle serves some 80 percent of all
search queries on the Internet, mak-
ing it by far the most popular search
engine. Its popularity is due not only to excel-
lent search effectiveness, but also extensive
querying capabilities. However, we should
also remember that the Internet is a highly
dynamic medium, so the results presented
by Google are not always up-to-date – some
search results might be stale, while other
relevant resources might not yet have been
visited by Googlebot (the automatic script
that browses and indexes Web resources for
Google).
Table 1 presents a summary of the most
important and most useful query operators
along with their descriptions, while Figure 1
shows document locations referred to by the
operators when applied to Web searches. Of
course, this is just a handful of examples – skil-
ful Google querying can lead to much more
interesting results.
Hunting for Prey
Google makes it possible to reach not just
publicly available Internet resources, but also
some that should never have been revealed.
Dangerous Google
– Searching for Secrets
Michał Piotrowski
Information which should be
protected is very often publicly
available, revealed by careless
or ignorant users. The result is
that lots of confidential data is
freely available on the Internet
– just Google for it.
About the Author
Michał Piotrowski holds an MA in IT and has
many years' experience in network and system
administration. For over three years he has
been a security inspector and is currently work-
ing as computer network security expert at one
of the largest Polish financial institutions. His
free time is occupied by programming, cryp-
tography and contributing to the open source
community.
What You Will Learn...
• how to use Google to find sources of personal
information and other confidential data,
• how to find information about vulnerable sys-
tems and Web services,
• how to locate publicly available network de-
vices using Google.
What You Should Know...
• how to use a Web browser,
• basic rules of operation of the HTTP protocol.
3. www.hakin9.org 3hakin9 4/2005
Google hacking
Table 1. Google query operators
Operator Description Sample query
site restricts results to sites within the
specified domain
site:google.com fox will find all sites containing the
word fox, located within the *.google.com domain
intitle restricts results to documents whose
title contains the specified phrase
intitle:fox fire will find all sites with the word fox in the
title and fire in the text
allintitle restricts results to documents
whose title contains all the specified
phrases
allintitle:fox fire will find all sites with the words fox
and fire in the title, so it's equivalent to intitle:fox
intitle:fire
inurl restricts results to sites whose URL
contains the specified phrase
inurl:fox fire will find all sites containing the word fire
in the text and fox in the URL
allinurl restricts results to sites whose URL
contains all the specified phrases
allinurl:fox fire will find all sites with the words fox
and fire in the URL, so it's equivalent to inurl:fox
inurl:fire
filetype, ext restricts results to documents of the
specified type
filetype:pdf fire will return PDFs containing the word
fire, while filetype:xls fox will return Excel spreadsheets
with the word fox
numrange restricts results to documents con-
taining a number from the specified
range
numrange:1-100 fire will return sites containing a number
from 1 to 100 and the word fire. The same result can be
achieved with 1..100 fire
link restricts results to sites containing
links to the specified location
link:www.google.com will return documents containing
one or more links to www.google.com
inanchor restricts results to sites containing
links with the specified phrase in
their descriptions
inanchor:fire will return documents with links whose
description contains the word fire (that's the actual link
text, not the URL indicated by the link)
allintext restricts results to documents con-
taining the specified phrase in the
text, but not in the title, link descrip-
tions or URLs
allintext:"fire fox" will return documents which con-
tain the phrase fire fox in their text only
+ specifies that a phrase should occur
frequently in results
+fire will order results by the number of occurrences of
the word fire
- specifies that a phrase must not oc-
cur in results
-fire will return documents that don't contain the word
fire
"" delimiters for entire search phrases
(not single words)
"fire fox" will return documents containing the phrase
fire fox
. wildcard for a single character fire.fox will return documents containing the phrases
fire fox, fireAfox, fire1fox, fire-fox etc.
* wildcard for a single word fire * fox will return documents containing the phrases
fire the fox, fire in fox, fire or fox etc.
| logical OR "fire fox" | firefox will return documents containing the
phrase fire fox or the word firefox
4. www.hakin9.org4 hakin9 4/2005
Basics
The right query can yield some quite
remarkable results. Let's start with
something simple.
Suppose that a vulnerability is
discovered in a popular application
– let's say it's the Microsoft IIS server
version 5.0 – and a hypothetical at-
tacker decides to find a few comput-
ers running this software in order to
attack them. He could of course use
a scanner of some description, but
he prefers Google, so he just enters
the query "Microsoft-IIS/5.0 Server
at" intitle:index.of and obtains
links to the servers he needs (or,
more specifically, links to autogen-
erated directory listings for those
servers). This works because in its
standard configuration, IIS (just like
many other server applications) adds
banners containing its name and ver-
sion to some dynamically generated
pages (Figure 2 shows this query in
action).
It's a typical example of infor-
mation which seems quite harm-
less, so is frequently ignored
and remains in the standard con-
figuration. Unfortunately, it is also
information which in certain circum-
stances can be most valuable to
a potential attacker. Table 2 shows
more sample Google queries for
typical Web servers.
Another way of locating specific
versions of Web servers is to search
for the standard pages displayed
after successful server installation.
Strange though it may seem, there
are plenty of Web servers out there,
the default configuration of which
hasn't been touched since installa-
tion. They are frequently forgotten,
ill-secured machines which are
easy prey for attackers. They can
be located using the queries shown
in Table 3.
This method is both very simple
and extremely useful, as it provides
access to a huge number of various
websites and operating systems
which run applications with known
vulnerabilities that lazy or ignorant
administrators have not patched. We
will see how this works for two fairly
popular programs: WebJeff Fileman-
ager and Advanced Guestbook.
The first is a web-based file
manager for uploading, browsing,
managing and modifying files on
a server. Unfortunately, WebJeff
Filemanager version 1.6 contains
a bug which makes it possible
to download any file on the server,
as long as it's accessible to the user
running the HTTP daemon. In other
words, specifying a page such as
/index.php3?action=telecharger&f
ichier=/etc/passwd in a vulnerable
system will let any intruder download
the /etc/passwd file (see Figure 3).
The aggressor will of course locate
vulnerable installations by querying
Google for "WebJeff-Filemanager
1.6" Login.
Our other target – Advanced
Guestbook – is a PHP application
Figure 1. The use of search query operators illustrated using the hakin9
website
Figure 2. Locating IIS 5.0 servers using the intitle operator
5. www.hakin9.org 5hakin9 4/2005
Google hacking
with SQL database support, used
for adding guestbooks to web-
sites. In April 2004, information
was published about a vulnerabil-
ity in the application's 2.2 version,
making it possible to access the
administration panel using an SQL
injection attack (see SQL Injection
Attacks with PHP/MySQL in hakin9
3/2005). It's enough to navigate
to the panel login screen (see
Figure 4) and log in leaving the
username blank and entering ') OR
('a' = 'a as password or the other
way around – leaving password
blank and entering ? or 1=1 -- for
username. The potential aggres-
sor can locate vulnerable websites
by querying Google for intitle:
Guestbook "Advanced Guestbook 2.2
Powered" or "Advanced Guestbook
2.2" Username inurl:admin.
To prevent such security leaks,
administrators should track current
information on all the applications
used by their systems and imme-
diately patch any vulnerabilities.
Another thing to bear in mind is that
it's well worth removing application
banners, names and versions from
any pages or files that might contain
them.
Information about
Networks and Systems
Practically all attacks on IT sys-
tems require preparatory target
reconnaissance, usually involving
scanning computers in an attempt
Table 2. Google queries for locating various Web servers
Query Server
"Apache/1.3.28 Server at" intitle:index.of Apache 1.3.28
"Apache/2.0 Server at" intitle:index.of Apache 2.0
"Apache/* Server at" intitle:index.of any version of Apache
"Microsoft-IIS/4.0 Server at" intitle:index.of Microsoft Internet Information Services 4.0
"Microsoft-IIS/5.0 Server at" intitle:index.of Microsoft Internet Information Services 5.0
"Microsoft-IIS/6.0 Server at" intitle:index.of Microsoft Internet Information Services 6.0
"Microsoft-IIS/* Server at" intitle:index.of any version of Microsoft Internet Information Services
"Oracle HTTP Server/* Server at" intitle:index.of any version of Oracle HTTP Server
"IBM _ HTTP _ Server/* * Server at" intitle:index.of any version of IBM HTTP Server
"Netscape/* Server at" intitle:index.of any version of Netscape Server
"Red Hat Secure/*" intitle:index.of any version of the Red Hat Secure server
"HP Apache-based Web Server/*" intitle:index.of any version of the HP server
Table 3. Queries for discovering standard post-installation Web server pages
Query Server
intitle:"Test Page for Apache Installation" "You are free" Apache 1.2.6
intitle:"Test Page for Apache Installation" "It worked!"
"this Web site!"
Apache 1.3.0 – 1.3.9
intitle:"Test Page for Apache Installation" "Seeing this
instead"
Apache 1.3.11 – 1.3.33, 2.0
intitle:"Test Page for the SSL/TLS-aware Apache
Installation" "Hey, it worked!"
Apache SSL/TLS
intitle:"Test Page for the Apache Web Server on Red Hat
Linux"
Apache on Red Hat
intitle:"Test Page for the Apache Http Server on Fedora
Core"
Apache on Fedora
intitle:"Welcome to Your New Home Page!" Debian Apache on Debian
intitle:"Welcome to IIS 4.0!" IIS 4.0
intitle:"Welcome to Windows 2000 Internet Services" IIS 5.0
intitle:"Welcome to Windows XP Server Internet Services" IIS 6.0
6. www.hakin9.org6 hakin9 4/2005
Basics
to recognise running services, op-
erating systems and specific service
software. Network scanners such as
Nmap or amap are typically used for
this purpose, but another possibility
also exists. Many system administra-
tors install Web-based applications
which generate system load statis-
tics, show disk space usage or even
display system logs.
All this can be valuable informa-
tion to an intruder. Simply querying
Google for statistics generated and
signed by the phpSystem applica-
tion using the query "Generated by
phpSystem" will result in a whole list
of pages similar to the one shown
in Figure 5. The intruder can also
query for pages generated by the
Sysinfo script using intitle:"Sysinfo
* " intext:"Generated by Sysinfo *
written by The Gamblers." – these
pages contain much more system
information (Figure 6).
This method offers numerous
possibilities – Table 4 shows sam-
ple queries for finding statistics and
other information generated by sev-
eral popular applications. Obtaining
such information may encourage the
intruder to attack a given system and
will help him find the right tools and
exploits for the job. So if you decide
to use Web applications to monitor
computer resources, make sure ac-
cess to them is password-protected.
Looking for Errors
HTTP error messages can be ex-
tremely valuable to an attacker, as
they can provide a wealth of infor-
mation about the system, database
structure and configuration. For
example, finding errors generated
by an Informix database merely re-
quires querying for "A syntax error
has occurred" filetype:ihtml. The re-
sult will provide the intruder with er-
ror messages containing information
on database configuration, a sys-
tem's file structure and sometimes
even passwords (see Figure 7). The
results can be narrowed down to
only those containing passwords by
altering the query slightly: "A syntax
error has occurred" filetype:ihtml
intext:LOGIN.
Figure 3. A vulnerable version of WebJeff Filemanager
Figure 4. Advanced Guestbook login page
Figure 5. Statistics generated by phpSystem
7. www.hakin9.org 7hakin9 4/2005
Google hacking
Equally useful information can
be obtained from MySQL database
errors simply by querying Google
for "Access denied for user" "Using
password" – Figure 8 shows a typical
website located in this manner. Ta-
ble 5 contains more sample queries
using the same method.
The only way of preventing our
systems from publicly revealing error
information is removing all bugs as
soon as we can and (if possible) con-
figuring applications to log any errors
to files instead of displaying them for
the users to see.
Remember that even if you
react quickly (and thus make the
error pages indicated by Google
out-of-date), a potential intruder
will still be able to examine the ver-
sion of the page cached by Google
by simply clicking the link to the
page copy. Fortunately, the sheer
volume of Web resources means
Figure 6. Statistics generated by Sysinfo
Table 4. Querying for application-generated system reports
Query Type of information
"Generated by phpSystem" operating system type and version, hardware configura-
tion, logged users, open connections, free memory and
disk space, mount points
"This summary was generated by wwwstat" web server statistics, system file structure
"These statistics were produced by getstats" web server statistics, system file structure
"This report was generated by WebLog" web server statistics, system file structure
intext:"Tobias Oetiker" "traffic analysis" system performance statistics as MRTG charts, network
configuration
intitle:"Apache::Status" (inurl:server-status | inurl:
status.html | inurl:apache.html)
server version, operating system type, child process list,
current connections
intitle:"ASP Stats Generator *.*" "ASP Stats
Generator" "2003-2004 weppos"
web server activity, lots of visitor information
intitle:"Multimon UPS status page" UPS device performance statistics
intitle:"statistics of" "advanced web statistics" web server statistics, visitor information
intitle:"System Statistics" +"System and Network
Information Center"
system performance statistics as MRTG charts, hard-
ware configuration, running services
intitle:"Usage Statistics for" "Generated by
Webalizer"
web server statistics, visitor information, system file
structure
intitle:"Web Server Statistics for ****" web server statistics, visitor information
inurl:"/axs/ax-admin.pl" -script web server statistics, visitor information
inurl:"/cricket/grapher.cgi" MRTG charts of network interface performance
inurl:server-info "Apache Server Information" web server version and configuration, operating system
type, system file structure
"Output produced by SysWatch *" operating system type and version, logged users, free
memory and disk space, mount points, running proc-
esses, system logs
8. www.hakin9.org8 hakin9 4/2005
Basics
that pages can only be cached for
a relatively short time.
Prowling
for Passwords
Web pages contain a great many
passwords to all manner of resourc-
es – e-mail accounts, FTP servers or
even shell accounts. This is mostly
due to the ignorance of users who
unwittingly store their passwords
in publicly accessible locations,
but also due to the carelessness of
software manufacturers who either
provide insufficient measures of
protecting user data or supply no
information about the necessity of
modifying their products' standard
configuration.
Take the example of WS_FTP,
a well-known and widely-used FTP
client which (like many utilities) of-
fers the option of storing account
passwords. WS_FTP stores its
configuration and user account
information in the WS_FTP.ini file.
Unfortunately, not everyone real-
ises that gaining access to an FTP
client's configuration is synonymous
with gaining access to a user's FTP
resources. Passwords stored in the
WS_FTP.ini file are encrypted, but
this provides little protection – once
an intruder obtains the configuration
Figure 7. Querying for Informix database errors
Figure 8. MySQL database error
Table 5. Error message queries
Query Result
"A syntax error has occurred"
filetype:ihtml
Informix database errors, potentially containing function names, filenames, file
structure information, pieces of SQL code and passwords
"Access denied for user" "Using
password"
authorisation errors, potentially containing user names, function names, file
structure information and pieces of SQL code
"The script whose uid is " "is
not allowed to access"
access-related PHP errors, potentially containing filenames, function names
and file structure information
"ORA-00921: unexpected end of SQL
command"
Oracle database errors, potentially containing filenames, function names and
file structure information
"error found handling the
request" cocoon filetype:xml
Cocoon errors, potentially containing Cocoon version information, filenames,
function names and file structure information
"Invision Power Board Database
Error"
Invision Power Board bulletin board errors, potentially containing function
names, filenames, file structure information and piece of SQL code
"Warning: mysql _ query()"
"invalid query"
MySQL database errors, potentially containing user names, function names,
filenames and file structure information
"Error Message : Error loading
required libraries."
CGI script errors, potentially containing information about operating system
and program versions, user names, filenames and file structure information
"#mysql dump" filetype:sql MySQL database errors, potentially containing information about database
structure and contents
9. www.hakin9.org 9hakin9 4/2005
Google hacking
file, he can either decipher the pass-
word using suitable tools or simply
install WS_FTP and run it with the
stolen configuration. And how can
the intruder obtain thousands of
WS_FTP configuration files? Using
Google, of course. Simply querying
for "Index of/" "Parent Directory"
"WS _ FTP.ini" or filetype:ini WS _ FTP
PWD will return lots of links to the data
he requires, placed at his evil dispos-
al by the users themselves in their
blissful ignorance (see Figure 9).
Another example is a Web ap-
plication called DUclassified, used
for managing website advertising
materials. In its standard configura-
tion, the application stores all the
user names, passwords and other
data in the duclassified.mdb file,
located in the read-accessible
_private subdirectory. It is therefore
enough to find a site that uses DU-
classified, take the base URL http://
<host>/duClassified/ and change
it to http://<host>/duClassified/
_private/duclassified.mdb to ob-
tain the password file and thus
obtain unlimited access to the ap-
plication (as seen in Figure 10).
Websites which use the vulner-
able application can be located
by querying Google for "Powered
by DUclassified" -site:duware.com
(the additional operator will filter
out results from the manufacturer's
website). Interestingly enough, the
makers of DUclassified – a com-
pany called DUware – have also
created several other applications
with similar vulnerabilities.
In theory, everyone knows that
passwords should not reside on
post-its stuck to the monitor or
under the keyboard. In practice,
however, surprisingly many people
store passwords in text files and
put them in their home directories,
which (funnily enough) are acces-
sible through the Internet. What's
more, many such individuals work
as network administrators or simi-
lar, so the files can get pretty big.
It's hard to define a single method
of locating such data, but googling
for such keywords as account, us-
ers, admin, administrators, passwd,
password and so on can be pretty
effective, especially coupled with
such filetypes as .xls, .txt, .doc,
.mdb and .pdf. It's also worth noting
directories whose names contain
the words admin, backup and so
forth – a query like inurl:admin
intitle:index.of will do the trick.
Figure 9. WS_FTP configuration file
Figure 10. DUclassified in its standard configuration
10. www.hakin9.org10 hakin9 4/2005
Basics
Table 6 presents some sample
queries for password-related data.
To make our passwords less
accessible to intruders, we must
carefully consider where and why
we enter them, how they are stored
and what happens to them. If we're in
charge of a website, we should ana-
lyse the configuration of the applica-
tions we use, locate poorly protected
or particularly sensitive data and
take appropriate steps to secure it.
Personal Information
and Confidential
Documents
Both in European countries and the
U.S., legal regulations are in place
to protect our privacy. Unfortunately,
it is frequently the case that all sorts
of confidential documents contain-
ing our personal information are
placed in publicly accessible loca-
tions or transmitted over the Web
without proper protection. To get our
complete information, an intruder
need only gain access to an e-mail
repository containing the CV we
sent out while looking for work. Ad-
Table 6. Google queries for locating passwords
Query Result
"http://*:*@www" site passwords for site, stored as the string "http://username:
password@www..."
filetype:bak inurl:"htaccess|passwd|shadow|ht
users"
file backups, potentially containing user names and passwords
filetype:mdb inurl:"account|users|admin|admin
istrators|passwd|password"
mdb files, potentially containing password information
intitle:"Index of" pwd.db pwd.db files, potentially containing user names and encrypted
passwords
inurl:admin inurl:backup intitle:index.of directories whose names contain the words admin and backup
"Index of/" "Parent Directory" "WS _ FTP.ini"
filetype:ini WS _ FTP PWD
WS_FTP configuration files, potentially containing FTP server
access passwords
ext:pwd inurl:(service|authors|administrators
|users) "# -FrontPage-"
files containing Microsoft FrontPage passwords
filetype:sql ("passwd values ****" |
"password values ****" | "pass values ****" )
files containing SQL code and passwords inserted into a database
intitle:index.of trillian.ini configuration files for the Trillian IM
eggdrop filetype:user user configuration files for the Eggdrop ircbot
filetype:conf slapd.conf configuration files for OpenLDAP
inurl:"wvdial.conf" intext:"password" configuration files for WV Dial
ext:ini eudora.ini configuration files for the Eudora mail client
filetype:mdb inurl:users.mdb Microsoft Access files, potentially containing user account infor-
mation
intext:"powered by Web Wiz Journal" websites using Web Wiz Journal, which in its standard con-
figuration allows access to the passwords file – just enter http:
//<host>/journal/journal.mdb instead of the default http://<host>/
journal/
"Powered by DUclassified" -site:duware.com
"Powered by DUcalendar" -site:duware.com
"Powered by DUdirectory" -site:duware.com
"Powered by DUclassmate" -site:duware.com
"Powered by DUdownload" -site:duware.com
"Powered by DUpaypal" -site:duware.com
"Powered by DUforum" -site:duware.com
intitle:dupics inurl:(add.asp | default.asp |
view.asp | voting.asp) -site:duware.com
websites using the DUclassified, DUcalendar, DUdirectory, DU-
classmate, DUdownload, DUpaypal, DUforum or DUpics applica-
tions, which by default make it possible to obtain the passwords
file – for DUclassified, just enter http://<host>/duClassified/ _
private/duclassified.mdb instead of http://<host>/duClassified/
intext:"BiTBOARD v2.0" "BiTSHiFTERS Bulletin
Board"
websites using the Bitboard2 bulletin board application, which on
default settings allows the passwords file to be obtained – enter
http://<host>/forum/admin/data _ passwd.dat instead of the default
http://<host>/forum/forum.php
11. www.hakin9.org 11hakin9 4/2005
Google hacking
dress, phone number, date of birth,
education, skills, work experience
– it's all there.
Thousands of such documents
can be found on the Internet
– just query Google for intitle:
"curriculum vitae" "phone * *
*" "address *" "e-mail". Finding
contact information in the form
of names, phone number and e-
mail addresses is equally easy
(Figure 11). This is because most
Internet users create electronic ad-
dress books of some description.
While these may be of little interest
to your typical intruder, they can
be dangerous tools in the hands of
a skilled sociotechnician, especially
if the contacts are restricted to one
company. A simple query such as
filetype:xls inurl:"email.xls" can
be surprisingly effective, finding
Excel spreadsheet called email.xls.
All the above also applies to
instant messaging applications and
their contact lists – if an intruder
obtains such a list, he may be able to
pose as our IM friends. Interestingly
enough, a fair amount of personal
data can also be obtained from of-
ficial documents, such as police
reports, legal documents or even
medical history cards.
The Web also contains docu-
ments that have been marked as
confidential and therefore contain
sensitive information. These may
include project plans, technical doc-
umentation, surveys, reports, pres-
entations and a whole host of other
company-internal materials. They
are easily located as they frequently
contain the word confidential, the
phrase Not for distribution or simi-
lar clauses (see Figure 12). Table 7
presents several sample queries
that reveal documents potentially
containing personal information and
confidential data.
As with passwords, all we can
do to avoid revealing private infor-
mation is to be cautious and retain
maximum control over published
data. Companies and organisations
should (and many are obliged to)
specify and enforce rules, proce-
dures and standard practices for
Figure 11. Electronic address book obtained through Google
Figure 12. Confidential document found through Google
Figure 13. An HP printer's configuration page found by Google
12. www.hakin9.org12 hakin9 4/2005
Basics
handling documents within the
organisation, complete with clearly
defined responsibilities and penal-
ties for infringements.
Network Devices
Many administrator downplay
the importance of securing such
devices as network printers or
webcams. However, an insecure
printer can provide an intruder with
a foothold that can later be used as
a basis for attacking other systems
in the same network or even other
networks. Webcams are, of course,
much less dangerous, so hacking
them can only be seen as entertain-
ment, although it's not hard to im-
agine situations where data from a
webcam could be useful (industrial
espionage, robberies etc.). Table 8
contains sample queries revealing
printers and webcams, while Fig-
ure 12 shows a printer configuration
page found on the Web. n
Table 8. Queries for locating network devices
Query Device
"Copyright (c) Tektronix, Inc." "printer status" PhaserLink printers
inurl:"printer/main.html" intext:"settings" Brother HL printers
intitle:"Dell Laser Printer" ews Dell printers with EWS technology
intext:centreware inurl:status Xerox Phaser 4500/6250/8200/8400 printers
inurl:hp/device/this.LCDispatcher HP printers
intitle:liveapplet inurl:LvAppl Canon Webview webcams
intitle:"EvoCam" inurl:"webcam.html" Evocam webcams
inurl:"ViewerFrame?Mode=" Panasonic Network Camera webcams
(intext:"MOBOTIX M1" | intext:"MOBOTIX M10") intext:"Open
Menu" Shift-Reload
Mobotix webcams
inurl:indexFrame.shtml Axis Axis webcams
SNC-RZ30 HOME Sony SNC-RZ30 webcams
intitle:"my webcamXP server!" inurl:":8080" webcams accessible via WebcamXP Server
allintitle:Brains, Corp. camera webcams accessible via mmEye
intitle:"active webcam page" USB webcams
Table 7. Searching for personal data and confidential documents
Query Result
filetype:xls inurl:"email.xls" email.xls files, potentially containing contact information
"phone * * *" "address *" "e-mail" intitle:
"curriculum vitae"
CVs
"not for distribution" confidential documents containing the confidential clause
buddylist.blt AIM contacts list
intitle:index.of mystuff.xml Trillian IM contacts list
filetype:ctt "msn" MSN contacts list
filetype:QDF QDF database files for the Quicken financial application
intitle:index.of finances.xls finances.xls files, potentially containing information on bank ac-
counts, financial summaries and credit card numbers
intitle:"Index Of" -inurl:maillog maillog size maillog files, potentially containing e-mail
"Network Vulnerability Assessment Report"
"Host Vulnerability Summary Report"
filetype:pdf "Assessment Report"
"This file was generated by Nessus"
reports for network security scans, penetration tests etc.
On the Net
• http://johnny.ihackstuff.com – largest repository of data on Google hacking,
• http://insecure.org/nmap/ – Nmap network scanner,
• http://thc.org/thc-amap/ – amap network scanner.