Download as PDF, PPTX
![Hacking - The Basics
• cache:
• Syntax: cache:URL [highlight]
• The cache operator will search through google’s cache and return the
results based on those documents. You can alternatively tell cache to
highlight a word or phrase by adding it after the operator and URL.](https://image.slidesharecdn.com/4656146/85/ki-5-320.jpg)
![Hacking - The Basics
• allintitle:
• Syntax: allintitle: oper1 [oper2] [oper3] [etc..]
• Google will restrict the results to those that have all of the words entered
after the modifier within the title. NOTE: This modifier does not play well
with others.](https://image.slidesharecdn.com/4656146/85/ki-10-320.jpg)
![Hacking - The Basics
• allinurl:
• Syntax: allinurl: oper1 [oper2] [oper3] [etc...]
• This modifier is similar to allintitle: in that it will use the rest of the query and
look for all the words or phrases in the URL that was specified. NOTE: Also
like allintitle:, this modifier doesn’t play well with others.](https://image.slidesharecdn.com/4656146/85/ki-12-320.jpg)
![Hacking - The Basics
• allintext:
• Syntax: allintext: oper1 [oper2] [oper3] [etc...]
• Just like not using any operators....](https://image.slidesharecdn.com/4656146/85/ki-14-320.jpg)
![[Srijan Wednesday Webinar] Easy Performance Wins for Your Rails App](https://cdn.slidesharecdn.com/ss_thumbnails/rubyperformancewebinar-160811073147-thumbnail.jpg?width=640&height=640&fit=bounds)
ki
- 1. Google Hacking -The Basics Maniac
- 2. Hacking - TheBasics • What exactly is Google Hacking? • Google Hacking involves using the Google search engine to identify vulnerabilities in websites.
- 3. Hacking - TheBasics • Ok, so you use Google to find all of this stuff, but how do you? • Google supports a multitude of operators and modifiers that add a ton of power to google searching.
- 4. Hacking - TheBasics • Mmmmmm....operators and modifiers! I want them!
- 5. Hacking - TheBasics • cache: • Syntax: cache:URL [highlight] • The cache operator will search through google’s cache and return the results based on those documents. You can alternatively tell cache to highlight a word or phrase by adding it after the operator and URL.
- 6. Hacking - TheBasics • link: • Syntax: link:URL • Sites that have a hyperlink to the URL specified will be returned in the search results.
- 7. Hacking - TheBasics • related: • Syntax: related:URL • The related operator will return results that are “similar” to the page that was specified.
- 8. Hacking - TheBasics • info: • Syntax: info:URL • This tag will give you the information that Google has on the given URL.
- 9. Hacking - TheBasics • site: • Syntax: site:Domain • This modifier will restrict results to those sites within the domain given.
- 10. Hacking - TheBasics • allintitle: • Syntax: allintitle: oper1 [oper2] [oper3] [etc..] • Google will restrict the results to those that have all of the words entered after the modifier within the title. NOTE: This modifier does not play well with others.
- 11. Hacking - TheBasics • intitle: • Syntax: intitle:operator • Google will return only results that match the word or phrase entered after the modifier within the title of the page.
- 12. Hacking - TheBasics • allinurl: • Syntax: allinurl: oper1 [oper2] [oper3] [etc...] • This modifier is similar to allintitle: in that it will use the rest of the query and look for all the words or phrases in the URL that was specified. NOTE: Also like allintitle:, this modifier doesn’t play well with others.
- 13. Hacking - TheBasics • inurl: • Syntax: inurl:operator • Here is the single operator version of allinurl:. Will return anything that has the operator in the URL.
- 14. Hacking - TheBasics • allintext: • Syntax: allintext: oper1 [oper2] [oper3] [etc...] • Just like not using any operators....
- 15. Hacking - TheBasics • intext: • Syntax: intext:operator • Ok, ok, I’ll let you guess on this one.
- 16. Hacking - TheBasics • Are you done yet? That seemed like a lot, and what the hell was with all the apple stuff? • Almost there. Now its time to start mixing and matching these modifiers and operators. • The four most commonly used will be intitle:, intext:, inurl:, and filetype: • Also note, you can use OR and + and - signs.
- 17. Hacking - TheBasics • mixing in intext:, inurl:, and intitle: and looking for default drupal sites that haven’t been configured yet. • -inurl:drupal.org intext:"Welcome to your new Drupal-powered website." intitle:drupal
- 18. Hacking - TheBasics • "display printer status" intitle:"Home"
- 19. Hacking - TheBasics • Whoa! a Xerox printer!
- 20. Hacking - TheBasics • "#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3 21232f297a57a5a743894a0e4a801fc3 is the MD5sum for admin
- 21. Hacking - TheBasics • "Certificate Practice Statement" inurl:(PDF | DOC) CAs are the formal requests that are made to get a Digital Certificate.
- 22. Hacking - TheBasics • "Network Vulnerability Assessment Report"
- 23. Hacking - TheBasics • "Thank you for your order" +receipt filetype:pdf
- 24. Hacking - TheBasics • "robots.txt" + "Disallow:" filetype:txt
- 25. Hacking - TheBasics • "phpMyAdmin" "running on" inurl:"main.php"
- 26. Hacking - TheBasics • "phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
- 27. Hacking - TheBasics • "social security number" "phone * * *“ "address *" "e-mail *" intitle:"curriculum vitae" filetype:pdf site:.edu
- 28. Hacking - TheBasics • ext:vmx vmx
- 29. Hacking - TheBasics • filetype:QBW qbw
- 30. Hacking - TheBasics • filetype:xls inurl:"email.xls"
- 31. Hacking - TheBasics • intitle:"Index of" finances.xls
- 32. Hacking - TheBasics • WOW! That was a lot of good finds! Where can I find more info on googlehacking? • http://johnny.ihackstuff.com