Google Hacking + Finding system / server propertied weaknesses Looking for a system or server that has a weakness with the syntax "intitle:" or "allintitle:" 1. Using allintitle: "index of / root" (without quotes) will display the list of links on the Web server that provides access to a restricted directory as root directory. 2. Using allintitle: "index of / admin" (without the quotes) will display links on the site that has an index that can be accessed browsing to the directory as a directory restricted "admin". Other uses of syntax "intitle:" or "allintitle:" combined with other syntax, among others: Code: Select all intitle: "Index of". sh_history intitle: "Index of". bash_history intitle: "index of" passwd intitle: "index of" people.lst intitle: "index of" pwd.db intitle: "index of" etc / shadow intitle: "index of" spwd intitle: "index of" master.passwd intitle: "index of" htpasswd intitle: "index of" members OR accounts intitle: "index of" user_carts OR user_cart allintitle: sensitive filetype: doc allintitle: restricted filetype: mail allintitle: restricted filetype: doc site: gov allintitle: *. php? filename =* allintitle: *. php? page =* allintitle: *. php? logon =* The use and combination of the syntax is not only limited to the example above exposure. There are many more combinations of syntax syntax with keywords that can be used. It depends on the creativity and willingness to try. There is good use of discourse that have been outlined was used for purposes that do not cause loss or damage. Weakness in a system or server that is well known to be sharing with the relevant system administrators that can benefit all parties. Due to the likely outcome of the search information may provide sensitive information, which is often related to the security aspects of a system or server. Discourse about the syntax that is very helpful in the search for such information ultimately depends on the intention and purpose in the search data. Is it really done for the needs of collecting data, gathering information from a penetration of the target machine. The ultimate goal depends on the individual intentions that the author is not responsible for the misuse of the information that has been presented. As the proverb says new taxes borne winner. ... Om Google ... this collection of tips that I got from various sources of reliable and guaranteed to make percarian in google search engine .. 1. Googling E-Book. Code: Select all + ( "Index of") + ( "/ ebooks" | "/ book") + (chm | pdf | zip | rar) + apache Is a query that produces Index ebook on Apache based servers Book Title. [/ B] Code: Select all allinurl: + (rar | chm | zip | pdf | tgz | lit) . Change the "title of the book" with a book that wants to dicari.sbgai example: If you want to search for "Harry Potter", substitute "the title of the book" with Harry is used if Potter.Cara really know the title of the book you are looking for. 2. Warez Googling. Code: Select all "Parent directory" Xvid-xxx-html-htm-php-shtml-opendivx-md5-md5sums "Parent directory" MP3-xxx-html-htm-php-shtml-opendivx-md5-md5sums "Parent directory" applications-xxx-html-htm-php-shtml-opendivx-md5-md5sums "Parent directory" Gamez-xxx-html-htm-php-shtml-opendivx-md5-md5sums "Parent directory" DVDRip-xxx-html-htm-php-shtml-opendivx-md5-md5sums Replace the bold words with the query. For example, if you want to search for LimeWire so instead of "applications" by LimeWire. if you want to search for songs from Deep Purple Child In Time, entitled, replace "MP3? with Child in Time, or if you want to search for songs Deep Purple live instead of "MP3? with Deep Purple. 3. Googling MP3 Code: Select all ? intitle: index.of? mp3 Another way to search for MP3 in google is to use this query. After MP3 pengen love what sought. Example, If you want to search for Led Zeppelin then it will query like this: Code: Select all ? intitle: index.of? mp3 led zeppelin 4. Googling the file on Megaupload To search for Video file type: Code: Select all avi | mpg | mpeg | wmv | rmvb site: megaupload.com To find music files type: Code: Select all mp3 | ogg | wma site: megaupload.com To search the archive and the program type: Code: Select all zip | rar | exe site: megaupload.com To search for ebooks type: Code: Select all pdf | rar | zip | doc | lit site: megaupload.com 5. Googling the file in rapidshare.de To search for Video file type: Code: Select all avi | mpg | mpeg | wmv | rmvb site: rapidshare.de To find music files type: Code: Select all mp3 | ogg | wma site: rapidshare.de To search the archive and the program type: Code: Select all zip | rar | exe site: rapidshare.de To search for ebooks type: Code: Select all pdf | doc | lit | rar | zip site: rapidshare.de To Googling on Megaupload and rapidshare can just put what you want in the first part. Example: If you want to search for DA VINCI CODE ebook use this query: Code: Select all da vinci code pdf | doc | lit | rar | zip site: rapidshare.de (this if we really know the title of his book.)
Minggu, 06 Desember 2009
Google Hacking+Mencari sistem/server yg memiliki kelemahan
Minggu, Desember 06, 2009
M Teguh A Suandi
No comments
0 comments:
Posting Komentar