Google hacking is a term that refers to creating complex search engine queries, to retrieve information related to computer security. In its malicious form, it can be used to detect websites that are vulnerable to numerous exploits and vulnerabilities as well as locate private, sensitive information.
Google hacking involves the use advanced and less well known features of the Google search engine to reveal sensitive data about a particular target. Google Hacking, essentially makes use of advanced search operators to locate specific strings of text within search results.
While Google hacking is the general term used, many of the tactics and search operators can be used on any search engine.
So, you ready for some hacking? Here goes...
One can retrieve the Username & Password list from Microsoft FrontPage Servers by inputing the microscript below, in Google search field: -
"#-Frontpage-" inurl:administrators.pwd
What do you see? :)
Note the search operators such as ‘inurl:’, double quotes etc, used in the search string.
This is just a simple example. You might be able to get just about anything if you know what to look for, and how to look for it!
No comments:
Post a Comment