Google Hacking Codes

Published by: Jimmy_Riddle, on 2008-10-07 08:28:10

Google Hacking

Application security vendor Fortify reported in 2006 that 20 percent to 30 perce

nt of the attacks it recorded as part of a six-month study came as a result of s
ome form of search engine hacking.
Google is not particularly enamored by the efforts of some of its users to use i
ts index for malicious gain.
"As part of Google's efforts to index all of the information online we find that
on occasion malicious executable files become available to users through Google
Web search," Megan Quinn, a Google spokeswoman, told internetnews.com. "We depl
ore these malicious efforts to violate our users' security.
"When possible, we endeavor to shield our users from these executable files," Qu
inn added. "However we always encourage users to keep their security software up
-to-date to ensure the safest Web surfing experience."
But what kind of Codes are available I hear you all ask;
Well here's just a few of them I've found out about. . .
Interesting Searches
* Source http://www.i-hacked.com/content/view/23/42/
* intitle:"Index of" passwords modified
* allinurl:auth_user_file.txt
* "access denied for user" "using password
* "A syntax error has occurred" filetype:ihtml
* allinurl: admin mdb
* "ORA-00921: unexpected end of SQL command
* inurl:passlist.txt
* "Index of /backup
* "Chatologica MetaSearch" "stack tracking:"
* inurl:passwd.txt
and this one is just priceless
* login: * password= * filetype:xls
Listings of what you want
* change the word after the parent directory to what you want
* "parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendi
vx -md5 -md5sums
Music (*this is already posted in another thread)
* You only need add the name of the song/artist/singer.
* Example: intitle:index.of mp3 jackson
CD Images
* inurl:microsoft filetype:iso
* You can change the string to whatever you want, ex. Microsoft to Adobe, .iso t
o .zip etc
Passwords
* "# -FrontPage-" inurl:service.pwdFrontPage passwords.. very nice clean search r
esults listing !!
* "AutoCreate=TRUE password=*" This searches the password for "Website Access Analy
zer", a Japanese software that creates webstatistics. For those who can read Jap
anese, check out the author's site at: http://www.coara.or.jp/~passy/
Passwords in the URL
* "http://*:*@www" domainnameThis is a query to get inline passwords from search
engines (not just Google), you must type in the query followed with the domain n
ame without the .com or .net
* "http://*:*@www" gamespy or http://*:*@www gamespy
* Another way is by just typing"http://bob:bob@www"
IRC Passwords
* "sets mode: +k"This search reveals channel keys (passwords) on IRC as revealed
from IRC chat logs.
* eggdrop filetype:user userThese are eggdrop config files. Avoiding a full-blown
discussion about eggdrops and IRC bots, suffice it to say that this file contai
ns usernames and passwords for IRC users.
Access Database Passwords
* allinurl: admin mdbNot all of these pages are administrator's access databases
containing usernames, passwords and other sensitive information, but many are!
DCForum Passwords
* allinurl:auth_user_file.txtDCForum's password file. This file gives a list of (
crackable) passwords, usernames and email addresses for DCForum and for DCShop (
a shopping cart program(!!!). Some lists are bigger than others, all are fun, an
d all belong to googledorks.
MySQL Passwords
* intitle:"Index of" config.php
* This search brings up sites with "config.php" files. To skip the technical dis
cussion, this configuration file contains both a username and a password for an
SQL database. Most sites with forums run a PHP message base. This file gives you
the keys to that forum, including FULL ADMIN access to the database.
The ETC Directory
* intitle:index.of.etc
* This search gets you access to the etc directory, where many, many, many types
of password files can be found. This link is not as reliable, but crawling etc
directories can be really fun!
Passwords in backup files
*filetype:bak inurl:"htaccess|passwd|shadow|htusers
* "This will search for backup files (*.bak) created by some editors or even by t
he administrator himself (before activating a new version).Every attacker knows t
hat changing the extension of a file on a web server can have ugly consequences.
Serial Numbers
* Let's pretend you need a serial number for Windows XP Pro.
* In the Google search bar type in just like this - "Windows XP Professional" 94
FBR
* the key is the 94FBR code.. it was included with many MS Office registration c
odes so this will help you dramatically reduce the amount of 'fake' sites (usual
ly pornography) that trick you.
* or if you want to find the serial for WinZip 8.1 - "WinZip 8.1" 94FBR
These are only a sample of some of the fun things you can do with the wrong kind
of Google search. Such strings return very random results, and are of very litt
le use for targeted attacks. But for random hacking of peoples Frontpage passwor
d's, it's priceless.
* inurl:(service | authors | administrators | users) ext:pwd "# -FrontPage-"