Google hacking for penetration tester - part 3 pot

... written in this language. ie UTF-8 The input encoding of Web searches. Google suggests UTF-8. oe UTF-8 The output encoding of Web searches. Google suggests UTF-8. as_epq a search phrase The value ... query! Underground Googling… Bad Form on Purpose In some cases, there’s nothing wrong with using poor Google syntax in a search. If Google safely ignores part of a human-friendly query,...

Ngày tải lên: 04/07/2014, 17:20

... via the simple, straight- forward Google search interface. Google refers to USENET groups as Google Groups. Today, Internet users around the globe turn to Google Groups for general discussion ... the powerful Web-based interface that has made Google a household word. Even the most advanced Google users still rely on the Web-based interface for the majority of their day-to- day...

Ngày tải lên: 04/07/2014, 17:20

... front-end application; rather, Google hackers troll the Internet looking for bits and pieces of database information leaked from potentially vulnerable servers.These bits and pieces of information ... Digging • Chapter 4 139 Continued 452 _Google_ 2e_04.qxd 10/5/07 12:42 PM Page 139 contains the words username password and e-mail, there’s a good chance the spreadsheet con- tains sensiti...

Ngày tải lên: 04/07/2014, 17:20

... /,$to_parse); foreach my $word (@words){ if ($word =~ /[a-z 0-9 ._% +-] +@[a-z 0-9 ]+\.[a-z]{2,4}/) { 186 Chapter 5 • Google s Part in an Information Collection Framework 452 _Google_ 2e_05.qxd 10/5/07 12:46 PM Page ... 5.10 The PERL Scraper in Action Google s Part in an Information Collection Framework • Chapter 5 1 83 452 _Google_ 2e_05.qxd 10/5/07 12:46 PM Page 1 83 Penetrat...

Ngày tải lên: 04/07/2014, 17:20

... Andrew on Google. Before hitting the submit button it looks like Figure 5. 13: Figure 5. 13 Evolution Ready to Go 196 Chapter 5 • Google s Part in an Information Collection Framework 452 _Google_ 2e_05.qxd ... { $tester= $test; $beingtest=$org; } #loop for every 3 letters for (my $index=0; $index<=length( $tester) -3 ; $index++){ my $threeletters=substr( $tester, $index ,3)...

Ngày tải lên: 04/07/2014, 17:20

... stats: http://monkey.org/~jose/blog/viewpage.php?page =google_ code_search_stats  Static Code Analysis with Google by Aaron Campbell: http://asert.arbornetworks.com/2006/10/static-code-analysis-using -google- code- search/  HD Moore’s Malware Search http://metasploit.com/research/misc/mwsearch Q: ... most cases it’s just down- right impractical. Important information can be gained from a...

Ngày tải lên: 04/07/2014, 17:20

... Hardware 452 _Google_ 2e_08.qxd 10/5/07 1: 03 PM Page 282 error document; “Internet Information Services,” These are “golden terms” to use to search for IIS HTTP/1.1 error pages that Google has crawled. ... located by focusing on server-generated error messages. Some generic searches such as “Apache/1 .3. 27 Server at”“-intitle:index.of intitle:inf” or “Apache/1 .3. 27 Server at” -intitl...

Ngày tải lên: 04/07/2014, 17:20

... 8 34 3 452 _Google_ 2e_08.qxd 10/5/07 1: 03 PM Page 34 3 Figure 9.1 Help Documents Can Reveal Username Creation Processes An attacker could use this information to postulate a username based on information gleaned ... be acces- sible from a compromised host on your LAN. Posting information about it on usenet or tech forums is a risk. For an example, try searching for intext:“enable sec...

Ngày tải lên: 04/07/2014, 17:20

... “Powered By Elite Forum Version *.*” Elite forums database contains authentica- tion information Usernames, Passwords, and Secret Stuff, Oh My! • Chapter 9 35 3 Continued 452 _Google_ 2e_09.qxd 10/5/07 ... authentication data inurl:cgi-bin inurl:calendar.cfg CGI Calendar (Perl) configuration file reveals information including passwords for the program. inurl:chap-secrets -cvs chap-secrets fi...

Ngày tải lên: 04/07/2014, 17:20

... Buttonage Figure 11. 13 Ricoh Print Server Mixes Religion and Aphrodisiacs Google Hacking Showcase • Chapter 11 429 452 _Google_ 2e_11.qxd 10/5/07 1:19 PM Page 429 Figure 11 .3 PHPPort Scanner- A Nifty Web-Based ... Lets An Attacker Do Just About Anything Google Hacking Showcase • Chapter 11 4 23 452 _Google_ 2e_11.qxd 10/5/07 1:19 PM Page 4 23 CP has a way of finding Google hack...

Ngày tải lên: 04/07/2014, 17:20