Evil for help Google

Alexander Antipov

Poshukov Google system(www.google.com) has a lot of opportunities to poke around. All the possibilities are an invaluable tool for a joke for a koristuvach, who first spent time on the Internet and at the same time increased the intrusion and destruction in the hands of people with evil spirits, including not only hackers, but also non-computer evil-doers in the territory.
(9475 visits in 1 day)

Denis Batrankov
denisNOSPAMixi.ru

Respect:Tsya stattya not є kerіvnitstvom to dії. This article was written for you, administrators of WEB servers, so that you have lost your sight, that you are safe, and you have come to understand the accessibility of this method of taking away information, and they took up the defense of their site.

Entry

For example, I know 1670 sides in 0.14 seconds!

2. We introduce another row, for example:

a little less, a little bit more than enough for a free download and for picking passwords (for the help of John The Ripper). Below I will bring more low butts.

Also, you need to know that Google's search machine saw more of the sites on the Internet and saved information in the cache that it should be targeted at them. This cached information allows you to remove information about the site and in the site without direct connection to the site, you don’t have to dig for that information, as it is collected in the middle of Google. Moreover, even though the information on the site is no longer available, the information in the cache, perhaps, was saved. Everything that is necessary for this method: nobility keywords Google. This technique is called Google Hacking.

Previously, information about Google Hacking appeared on Bugtruck distribution three years ago. In 2001, the topic was changed by one French student. Axis mailing to the whole sheet http://www.cotse.com/mailing-lists/bugtraq/2001/Nov/0129.html. The new one has the first examples of such requests:

1) Index of /admin
2) Index of /password
3) Index of /mail
4) Index of / +banques +filetype:xls (for france...)
5) Index of / +passwd
6) Index of/password.txt

This topic has made a lot of noise in the English-reading part of the Internet recently: after the article by Johnny Long, which was published on May 7, 2004. For more Google Hacking experience, go to the website of this author http://johnny.ihackstuff.com . At this article, I want to introduce you to the course of reference.

Kim tse can buti vikoristane:
- Journalists, shpiguns and all those people who love the phati of the nose are not in their own right, can victorious for the sake of compromising information.
- Hackery, who will tell you what you need for the evil one.

How does Google work.

For the continuation of the story, I will guess the deeds from the key words, like the victorious ones in Google searches.

Poshuk for help sign +

Google excludes from the joke unimportant words. For example, capital words, adjuncts and articles in English: for example, are, of, where. In Russian language Google, it seems, all words are important. Whenever a word is excluded for a joke, Google writes about it. If you want Google to open the sidebar with the words in front of them, you need to add a + sign without a space in front of the word. For example:

ace + of base

Search for an additional sign

If Google knows a great number of sides, from which it is necessary to turn on sides with a singing theme, you can Google just a few sides, for which there are no songs. For which you need to indicate qi words, putting a sign in front of the skin sign without a space before the word. For example:

fisherman-gorilka

Ask for help sign ~

It is possible, if you want to know, not only the word is indicated, but also its synonyms. For which, enter the symbol ~ before the word.

Search for the exact phrase for the help of the instep paws

Google searched on the skin side of all the input words, yak you wrote in a row for information, moreover, I can’t have a meaning for each other, the words are singed on the side of the word at once (the price is for the mind). To know the exact phrase - you need to take it from the paw. For example:

"book stand"

Sob bulo hoch one of the most important words is necessary to indicate logical operation obviously: OR. For example:

safety book OR zahist

In addition, in a row, for a joke, you can win the sign * for the recognition of any word i. for the recognition of a symbol.

Ask for help for help additional operators

Use search operators, which are indicated in a row of searches in the format:

operator:search_term

Progalini zaruch іz dvokrapkoy not prіbnі. If you insert a gap after the doublet, then you will tell me about the pardon, and in front of it, Google will beat them as a perfect row for a joke.
Find groups of addendum operators in a search: move - specify which mine you want to show the result, date - interleave the results for three, six or 12 months, input - indicate in which area of ​​the document you need to shuffle the row: cross, in the header, in the URL, domain - zdіysnyuvaty puk for the specified site or navpak turn off yogo z suku, safe puk - blocking sites that avenge the type of information and delete all three sides of the results in the puk.
With this action, the operators do not require an additional parameter, for example, ask " cache:www.google.com"you can call out like a regular row for a joke, but deaky key words, on the other hand, emphasize the obviousness of a word for a joke, for example" site:www.google.com help In the light of our subject, we marvel at the next operators:

Operator site: intermediary search only for the specified site, and you can specify not only domain name, to the IP address. For example, enter:

Operator filetype: Intermediate search for files of the song type. For example:

As of the release date, Google articles can search in the middle of 13 different file formats:

• Adobe Portable Document Format (pdf)
• Adobe PostScript (ps)
• Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
• Lotus Word Pro (lwp)
• MacWrite(mw)
• Microsoft Excel(xls)
• Microsoft PowerPoint (ppt)
• Microsoft Word(doc)
• Microsoft Works (wks, wps, wdb)
• Microsoft Write (wri)
• Rich Text Format (RTF)
• Shockwave Flash(swf)
• Text (ans, txt)

Operator link: Shows all sides, as if showing the right side.
Singing, start wondering, like a rich place on the Internet to know about you. Let's try:

Operator cache: show the version of the site in the Google cache, as if out of the blue, if Google rest once seeing this side. Let's take a site that is often changed, and marvel:

Operator title: Shukaє the word is indicated at the header of the page. Operator allintitle:є extensions - vin shukayє all designations kіlka slіv at the header of the page. Level:

intitle:polit to mars
intitle:polіt intitle:on intitle:mars
allintitle: flight to mars

Operator inurl: zmushu Google show all the sides that should be checked in the URL of the row. allinurl operator: looks for all the words in a URL. For example:

allinurl:acid_stat_alerts.php

This team is especially suitable for those who can't SNORT - they want to be able to marvel, like they're working on a real system.

Methodi evil for help Google

Later, we explained that, vikoristovuyuuyuchi combination of overhauled more operators and key words, whether a person can be engaged in the collection of necessary information and a joke of quirks. These techniques are often referred to as Google Hacking.

Sitemap

You can twist the site operator: to look at all the posts, like Google knows on the site. Sound the sides that are dynamically created by scripts, they are not indexed for additional parameters, so the sites have to win the ISAPI filter, so that the help was out of sight /article.asp?num=10&dst=5, but with slashes /article/abc/num/10/dst/5. This was done in order for the site to be indexed by search engine systems.

Let's try:

site:www.whitehouse.gov whitehouse

Google cares that the skin side of the site is to avenge the word whitehouse. Tsim mi koristuёmosya, schob otrimati all sides.
Є th forgiveness option:

site:whitehouse.gov

The first thing is that the comrades from whitehouse.gov didn't recognize that they marveled at the structure of their site and looked into the cached side, as if they had taken over Google. Tse mozhe buti vikoristane for vyvchennya structure of sites and revisiting together, remaining unmarked until the singing hour.

Viewing the list of files in directories

WEB servers can show lists of server directories. HTML sides. Call to be afraid so that the coristuvachi choose and zavantazhu sing files. However, in case of rich vipadkah, administrators do not bother to show the directories instead. Tse vinikaє afterward incorrect configuration server chi availability head side at the directory. As a result, the hacker has a chance to know where the cicada is in the directory and how to extract it for his purposes. To know all the same sides, enough to remember that the stench of revenge on your title of the word: index of. But if the words index of are not just such a side, then it is necessary to clarify the request and turn the key words on the side itself, then we need to ask:

intitle:index.of parent directory
intitle:index.of name size

Since the listings of the directories are mostly broken down, then it might be important for you to know the listings for the first time. Ale, please, you can win the listings for the appointment WEB versions server as described below.

The original version of the WEB-server.

Knowing the version of the WEB server is a must before the cob of a hacker attack. Well, I know that Google can take away this information without connecting to the server. It is also respectful to look at the listing of the directory, you can check that the name of the WEB server of that version is displayed there.

Apache1.3.29 - ProXad Server at trf296.free.fr Port 80

The additional administrator can confirm this information, or speak out if it is true. In this order, in order to take away the information, enough to send the request:

intitle:index.of server.at

To remove information for a specific server, specify:

intitle:index.of server.at site:ibm.com

But now, we’re wondering about the servers that work on the new version of the server:

intitle:index.of Apache/2.0.40 Server at

This technique can be used as a hacker for a victim's joke. If, for example, the new one has an exploit for the first version of the WEB server, you can know it and try out a new exploit.

You can also check the version of the server, looking at the sides, as if behind the lock, the next time the new version of the WEB server is installed. For example, to get the test side of Apache 1.2.6, enough to type

intitle:Test.Page.for.Apache it.worked!

Not only that, deaki Operating systems when installed, set it to run the WEB server. In case of this, the deacons of the coristuvachi do not suspect about it. Zvichayno yakscho vybachit, scho hto not seeing the side for the locks, then it is logical to admit that the computer is inflamed, not poddavavsya be-like settings and, imovirno, vrazlivy for attacks.

Try to know the sides of IIS 5.0

allintitle:Welcome to Windows 2000 Internet Services

What is the value of IIS can be assigned as the version of the server, and Windows version and Service Pack.

Another way to determine the version of the WEB server is to look for help (pages of instructions) and applications, which can be installed on the site for locking. Hackers knew a lot of ways to win over components to gain access privileges to a site. The axis of this is necessary on the combat website to see the components. It doesn’t seem like it’s about those that, for revealing these components, you can take information about the type of server and that version. For example, we know a helper from apache:

inurl:manual apache directives modules

Google wiki is like a CGI scanner.

CGI scanner or WEB scanner is a utility for searching for different scripts and programs on the victim's server. These utilities are responsible for knowing what to search for, for which they have a whole list of different files, for example:

/cgi-bin/cgiemail/uargg.txt
/random_banner/index.cgi
/random_banner/index.cgi
/cgi-bin/mailview.cgi
/cgi-bin/maillist.cgi
/cgi-bin/userreg.cgi

/iissamples/ISSamples/SQLQHit.asp
/SiteServer/admin/findvserver.asp
/scripts/cphost.dll
/cgi-bin/finger.cgi

We may know the skin of these files help Google, vikoristovuyuchi dodatkovo z іm'yam file in a row I will look for the word index of or inurl: we can know sites with ingenious scripts, for example:

allinurl:/random_banner/index.cgi

With additional knowledge, a hacker can hack the script's inconsistency and, for the help of this inconsistency, download the script to see if there is a file that is saved on the server. For example, a password file.

How to protect yourself from evil through Google

1. Do not post important data to the WEB server.

Navіt yakscho you viklal data timchasovo, you can forget about it, or else you could find out and pick up your data until you erased it. Don't work like that. There are a lot of other ways to transfer data that steal their kind of theft.

2. Rewrite your website.

Whip up the description of the methods for following your site. Check your site with new methods, as they appear on the site http://johnny.ihackstuff.com. Keep in mind that if you want to automate your business, you need to take a special permission from Google. Please read carefully http://www.google.com/terms_of_service.html, then you will say: You cannot automatically accept requests in Google's system without express permission in advance from Google.

3. You probably don't need Google to index your site or just part of it.

Google allows you to see the content sent to your site or some part of its database, as well as to see the side of the cache. In addition, you can search for an image on your site, display short snippets of pages in search results. http://www.google.com/remove.html. For whom you are guilty, confirm that you are effectively the master of this site or insert tags on the side

4. Link robots.txt

It seems that search engines look at the robots.txt file, which is located at the root of the site and do not index those parts, which are identified by the word Disallow. You can speed up the cim, so that part of the site is not indexed. For example, in order not to index the entire site, create a robots.txt file, which will sweep two rows:

User-agent: *
disallow: /

What else is going on

So that life didn’t give you honey, I’ll tell you for a stop, how to find sites, how to follow these people, how, vicory and vine deposit methods, how to crack holes in scripts and WEB servers. The butt of such a side

Addendum.

Trochs of licorice. Try it yourself from the following list:

1. #mysql dump filetype:sql - database dump search danih mySQL
2. Host Vulnerability Summary Report - show you what vulnerabilities other people know
3. phpMyAdmin running on inurl:main.php
4. Not for distribution confidential
5. Request Details Control Tree Server Variables
6. Running in child mode
7. This report was generated by WebLog
8. intitle:index.of cgiirc.config
9. filetype:conf inurl:firewall -intitle:cvs - who needs firewall configuration files? :)
10. intitle:index.of finances.xls - well.
11. intitle:Index of dbconvert.exe chats - icq chat logs
12. intext:Tobias Oetiker traffic analysis
13. intitle:Usage Statistics for Generated by Webalizer
14. intitle:statistics of advanced web statistics
15. intitle:index.of ws_ftp.ini - ws ftp config
16. inurl:ipsec.secrets holds shared secrets
17. inurl:main.php Welcome to phpMyAdmin
18. inurl:server-info Apache Server Information
19. site:edu admin grades
20. ORA-00921: unexpected end of SQL command
21. intitle:index.of trillian.ini
22. intitle:Index of pwd.db
23. intitle:index.of people.lst
24. intitle:index.of master.passwd
25.inurl:passlist.txt
26. intitle:Index of .mysql_history
27. intitle:index of intext:globals.inc
28. intitle:index.of administrators.pwd
29. intitle:Index.of etc shadow
30. intitle:index.of secring.pgp
31. inurl:config.php dbuname dbpass
32. inurl:perform filetype:ini

Yak correctly Shukat for help google.com

All singly vmіyut koristuvatisya such poke system, like Google =) But if you don’t know how to competently put together a search request for additional special designs, then you can reach the results of what you say is more efficient and faster =) In this article, I will try to show you what and how you need to work, in general shukati correctly

Google supports a few extension operators for searches that may have a special value for search hours on google.com. As a rule, qi operators change the search, otherwise it seems to Google to be more efficient different types just a joke. For example, construction link:є by a special operator, that link:www.google.com I won't give you a normal joke, but let's find out all the web-sites, how to make links to google.com.
alternative types of drinks

cache: If you will include other words in the request, then Google will highlight the number of included words in the boundaries of the document that is cached.
For example, cache:www.web site show cashing in with the help of the word "web".

link: Danish search request will show you the web pages, on which you can apply for the requested request.
For example: link:www.website display all sides, for which є refer to http://www.site

related: View web pages, which are "similar" (related) to the specified web side.
For example, related: www.google.com perehuє web-sides, yakі є podіbnimi home side Google.

info: Request information: provide a little bit of information that Google may have about requesting the web page.
For example, info:website show information about our forum =) (Armada - Adult Webmaster Forum).

Other information requests

define: Request define: to provide specific words, how you enter after the order, as selected from the different lace strings. It will be assigned to all entered phrases (so we include all words in the exact query).

Stocks: How do you start a request from stocks: Google process the decision of the terms as a symbol of the exchange links, and contact the third party, so that it shows the information for these symbols.
For example, Stocks: Intel Yahoo show information about Intel and Yahoo. (Determine what you are guilty of violating symbols the rest of the novelties without naming the company)

Request Modifiers

site: If you include site: in your query, Google will surround the results with those websites that you know are in that domain.
You can also search through other zones, like ru, org, com, etc ( site:com site:ru)

allintitle: If you run a request for allintitle:, Google surround the results with the most words in the title.
For example, allintitle: google search turn all sides of google to search like images, blog, etc

title: Also, you include intitle: at your request, Google will surround the results with documents to replace the word in the title.
For example, intitle:Business

allinurl: So you run a query with allinurl: Google wrap the results, query the URL with a few words.
For example, allinurl: google search Rotate the document from google and search at the title. Also, as an option, you can divide the words with a slash (/) the same words on the sides of the slash offended in the boundaries of one side: Butt allinurl: foo/bar

inurl: You can also include inurl: at your request, Google will surround the results with documents to remove the word in the URL.
For example, Animation inurl:website

intext: joking only in the text of the side a word is assigned, ignoring the name of the text suffixed, and otherwise, which is not seen before. And also the cost of that modifier - allintext: tobto. given all the words in the request will only be shuffled in the text, which is also important, ignoring the words, which are often repeated in messages
For example, intext:forum

daterange: shukaє in time frames (daterange: 2452389-2452389), dates for the hour are specified in the Julian format.

Well, and all sorts butts drinking

Apply a folding request for Google. For spammers

inurl:control.guest?a=sign

Site:books.dreambook.com “Homepage URL” “Sign my” inurl:sign

Site:www.freegb.net Homepage

Inurl:sign.asp "Character Count"

"Message:" inurl:sign.cfm "Sender:"

inurl:register.php “User Registration” “Website”

Inurl:edu/guestbook “Sign the Guestbook”

Inurl:post "Post Comment" "URL"

Inurl:/archives/ “Comments:” “Remember info?”

“Script and Guestbook Created by:” “URL:” “Comments:”

inurl:?action=add “phpBook” “URL”

Title:"Submit New Story"

Magazines

inurl:www.livejournal.com/users/mode=reply

inurl greatestjournal.com/mode=reply

Inurl:fastbb.ru/re.pl?

Inurl:fastbb.ru/re.pl? "Guest Book"

Blogs

Inurl:blogger.com/comment.g?"postID""anonymous"

Inurl:typepad.com/ “Post a comment” “Remember personal info?”

Inurl:greatestjournal.com/community/ “Post comment” “addresses of anonymous posters”

"Post comment" "addresses of anonymous posters" -

Intitle:"Post comment"

Inurl:pirillo.com “Post comment”

forumi

Inurl:gate.html?”name=Forums” “mode=reply”

inurl:”forum/posting.php?mode=reply”

inurl: "mes.php?"

inurl: "members.html"

inurl:forum/memberlist.php?”