Google Hacking : How to find vulnerabilities and data leaks on the web to protect yourself Discover (again ?) how to Google hack not to go to the wrong side of the force, to better protect your customers, or just doing some Google searches in the most optimal way ! Because when you master the Google's user manual, Google is the best weapon for the ebst... and the worst. This first part provides keys to use the Google search engine in the best way, by building advanced queries. Thus you'll discover (again ?) wildcards and Google's advanced operators.

1. Gathering data with
15 March 2017 Thibaut BATAL 1
16
_

2. Agenda
●Why ?
●Examples
●How to use Google
●How to perform a vulnerability search/collect sensitive
data
●How to protect our customers
15 March 2017 Thibaut BATAL 2
16
_

3. Why ?
●Attacking someone
●Penetration Testing Execution Standard framework
●1 - Pre-engagement Interactions
●2 - Intelligence Gathering
●3 - Threat Modeling
●4 - Vulnerability Analysis
●5 - Exploitation
●6 - Post Exploitation
●7 - Reporting
_15 March 2017 Thibaut BATAL 3
16

4. Why ?
●Staying in the deep web
_15 March 2017 Thibaut BATAL 4
16

5. Examples – Access to printers
_
Printer's tasks list
Printer's home page
15 March 2017 Thibaut BATAL 6
16

6. 7
Examples – Private cameras
_15 March 2017 Thibaut BATAL
16

7. 8
Examples – Private cameras
_15 March 2017 Thibaut BATAL
16

8. Examples – City's water fountain
_15 March 2017 Thibaut BATAL 9
16

9. How to use Google
_
Google's advanced search page
15 March 2017 Thibaut BATAL 10
16

10. How to - Basics
●32 words, case insensitive
the fox and the crow
●Wildcards : dot . and asterisk *
*fox.*.crow
●Double quotes
"this is a sentence"
●AND (redundant)
fox AND crow == fox crow
●OR/|
fox OR crow == fox|crow
15 March 2017 Thibaut BATAL 11_
16

11. How to - Basics
●Not : - -
-sheep fox crow
●Force : +
+the fox +and +the crow
●No order of operations
●No parenthesis but for advanced keywords
15 March 2017 Thibaut BATAL 12_
16

12. How to - Advanced
●advanced_operator:keyword
●ALL operators must be once and cannot be mixed with others (AND
doesn't work)
15 March 2017 Thibaut BATAL 13_
16

13. How to - Advanced
●Site : read domain from right to left ! (starting .com, .fr,...)
site:cvut.cz
●Filetype/ext
filetype:pdf == ext:pdf
●Numrange/.. : need 2 numbers separated by a dash –
numrange:10-20 == 10..20
●Daterange : 2 dates separated by a dash -
●Must be in Julian date : number of days that have passed since January
1, 4713 B.C.
●Must be used with other operators
●If Google crawls an obscure page once, it could never do it again
15 March 2017 Thibaut BATAL 14_
16

14. How to – Advanced - Others
●Cache : needs an url or hostname
●Related : needs an url or hostname ; cannot be used with others
operators
●Info : needs an url or hostname ; cannot be used with others operators
15 March 2017 Thibaut BATAL 15_
16

15. How to – Advanced – Others – Life's tools
●Define, location, movie, source, stocks, weather...
15 March 2017 Thibaut BATAL 16_
16

16. Thanks !
_
References
Google Hacking for Penetration Testers, by Johnny LONG, Bill
GARDNER and Justin BROWN
The Hacker Playbook, by Peter KIM
www.exploit-db.com/google-hacking-database
www.google.com
www.googleguide.com
www.pentest-standard.org
www.robotstxt.org
http://www.talktohacker.com/2014/08/how-to-use-google-for-advanced-
hacking.html
15 March 2017 Thibaut BATAL 17
16