Search Sensitives Datas On Google
|
Administrator
GOOGLE TRICKS
(Please don't misuse this knowledge.This article is only for educational purpose)
• Pick your keywords carefully & be specific
• Do NOT exceed 10 keywords
• Use Boolean modifiers
• Use advanced operators
• Google ignores some words:
{a, about, an, and, are, as, at, be, by, from, how, i, in, is, it,
of, on, or, that, the, this, to, we, what, when, where, which, with }
Google's Boolean Modifiers
• AND is always implied. (Such as searching Virus code AND sockets seach both the virus code & sockets.)
• OR: Escobar (Such as searching Cracks OR Patches search either crack or patch.)
• "-" = NOT (Use to avoide some specific thing such as "Serials-cracks" give you the sites for only serials but not cracks)
• "+" = MUST(Force to search some specific thing like Windows programming+codes.)
• "." This wildcard for a single character (fire.fox will return documents containing the phrases fire fox, fireAfox, fire1fox, fire-fox etc.)
• Use quotes for exact phrase matching:"Network Security" etc.
Advanced Operators
• allintitle:
• allinurl:
• allintext:
• author:
• cache:
• define:
• info:
• intext:
• intitle:
• inurl:
• link:
• inanchor:
• insite:
• related:
• stocks:
• filetype:
• numrange 1973..2005
• site:
• phonebook:
Allintitle:It restricts results to documents whose title contains all the specified phrases.
Example: allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
Allinurl: It restricts results to sites whose URL contains all the specified phrases.
Example: allinurl:winnt system32
allinurl:bbs data
allinurl:admin filetype:mdb
Allintext:It restricts results to documents containing the specified phrase in the text, but not in the title, link descriptions or URLs .
Example: allintext:Internet Protocol
Author: This Searches for the author of a newsgroup post.
Example: author:Rick (Find all newsgroup postings with "Rick" in the
author name or email address.Must be used with a Google Group search)
Cache: This operator displays the version of a web page as it appeared when Google crawled the site. The URL of the site must be supplied after the colon.(Turn off images and you can look at pages without
being logged on the server! Google as a mirror.)
Example: cache:www.sans.org (Show the cached version of the page without performing the search)
Define: It gives the definitions of the word.
Example: define:Data packet (This gives the definition of the data packet system of network)
Info:This gives the information of a page given by the user.
Example:info:www.yahoo.com (Find informaton about yahoo site)
Intext:
Example: intext:ZeroBoard filetype:php
Intitle: This operator instructs Google to search for a term within the title of a document.
Example: intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:phpmyadmin
intitle:"index of" data
intitle:"index of"/admin
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
_vti_pvt password intitle:index.of
"# -FrontPage-" inurl:service.pwd
Inurl:This operator instructs Google to search only within the URL (web address) of a document.
Example: inurl:data filetype:mdb
inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl"password.log
inurl:iisadmin
inurl:/etc/passwd
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php
inurl:gov filetype:xls "restricted"
Inanchor:It restricts results to sites containing links with the specified phrase in their descriptions
Example: "inanchor:fire" will return documents with links whose description contains the word fire (that's the actual link text, not the URL indicated by the link)
Insite: Restricts the search to a specific domain. This is a particularly useful for focusing on vulnerabilities in specific domain names or top level domain such as ".mil".
Example: insite:gov
insite:securitycompany.net
Link:This operator instructs Google to search within hyperlinks for a search term.
Example: link:www.google.com will return documents containing one or
more links to www.google.com
link:www.foo.com
Releted: The syntax related: lists web pages that are "similar" to a specific web page.
Example: related:www.thenetworkadministrator.com will list web pages
that are similar to that of TheNetworkAdministrator's homepage.
releted:www.foo.com/bar.html
Filetype:This operator instructs Google to search only within the text of a particular type of file. The file type to search must be supplied after the colon. Don't include a period before the file extension.
Google can search this type of file
• Adobe Portable Document Format (pdf)
• Adobe PostScript (ps)
• Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
• MacWrite (mw)
• Microsoft Excel (xls)
• Microsoft PowerPoint (ppt)
• Microsoft Word (doc)
• Microsoft Works (wks, wps, wdb)
• Microsoft Write (wri)
• Rich Text Format (rtf)
• Shockwave Flash (swf)
• Text (ans, txt)
• And many more….
Example: filetype:pdf TCP/IP (This will return the pdf files which
contaning the word TCP/IP)
filetype:exe Keylogger (This will return the exe files
of Keylogger)
filetype:mdb inurl:database
filetype:inc conn
filetype:doc htpasswd
password filetype:xls
Numrange:This restricts results to documents containing a number from the specified range.
Example: numrange:4000-7500 Rs Nokia (This will find the price of the set of the Nokia mobiles in between renge Rs 4000 to Rs 7500)
{ You can get same resule by typing that Nokia Rs 4000..7500 }
Site: The syntax site: instructs Google to search for keywords in a particular site or domain.
Example: exchange site:microsoft.com will search for the keywords "exchange" in those web pages in all the links of the domain
microsoft.com.
site:foo.com
Phonebook: The Google syntax "phonebook" searches for U.S. street addresses and phone number information.
Example: phonebook:James+FL will list down all names of person having
"James" in their names and located in "Florida (FL)".
SOME OTHER EXAMPLE
Query Server
"Apache/1.3.28 Server at" intitle:index.of Apache 1.3.28
"Apache/2.0 Server at" intitle:index.of Apache 2.0
"Apache/* Server at" intitle:index.of any version of Apache
"Microsoft-IIS/4.0 Server at" intitle:index.of Microsoft Internet
Information Services 4.0
"Microsoft-IIS/5.0 Server at" intitle:index.of Microsoft Internet
Information Services 5.0
"Microsoft-IIS/6.0 Server at" intitle:index.of Microsoft Internet
Information Services 6.0
"Microsoft-IIS/* Server at" intitle:index.of any version of Microsoft
Internet Information Services
"Oracle HTTP Server/* Server at" intitle:index.of any version of
Oracle HTTP Server
"IBM _ HTTP _ Server/* * Server at" intitle:index.of any version of
IBM HTTP Server
"Netscape/* Server at" intitle:index.of any version of Netscape Server
"Red Hat Secure/*" intitle:index.of any version of the Red Hat Secure
server
"HP Apache-based Web Server/*" intitle:index.of any version of the HP
server
Table 3. Queries for discovering standard post-installation Web server pages
Query Server
intitle:"Test Page for Apache Installation" "You are free" Apache 1.2.6
intitle:"Test Page for Apache Installation" "It worked!" "this Web
site!"
Apache 1.3.0 – 1.3.9
intitle:"Test Page for Apache Installation" "Seeing this instead"
Apache 1.3.11 – 1.3.33, 2.0
intitle:"Test Page for the SSL/TLS-aware Apache
Installation" "Hey, it worked!"
Apache SSL/TLS
intitle:"Test Page for the Apache Web Server on Red Hat Linux"
Apache on Red Hat
intitle:"Test Page for the Apache Http Server on Fedora Core"
Apache on Fedora
intitle:"Welcome to Your New Home Page!" Debian Apache on Debian
intitle:"Welcome to IIS 4.0!" IIS 4.0
intitle:"Welcome to Windows 2000 Internet Services" IIS 5.0
intitle:"Welcome to Windows XP Server Internet Services" IIS 6.0
Query Type of information
"Generated by phpSystem" operating system type and version, hardware configuration,
logged users, open connections, free memory and disk space, mount points
"This summary was generated by wwwstat"
web server statistics, system file structure
"These statistics were produced by getstats"
web server statistics, system file structure
"This report was generated by WebLog"
web server statistics, system file structure
intext:"Tobias Oetiker" "traffic analysis"
system performance statistics as MRTG charts, network configuration
intitle:"Apache::Status" (inurl:server-status | inurl:
status.html | inurl:apache.html)
server version, operating system type, child process list,current
connections
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004
weppos"
web server activity, lots of visitor information
intitle:"Multimon UPS status page"
UPS device performance statistics
intitle:"statistics of" "advanced web statistics"
web server statistics, visitor information
intitle:"System Statistics" +"System and Network Information Center"
system performance statistics as MRTG charts, hardware
configuration, running services
intitle:"Usage Statistics for" "Generated by Webalizer"
web server statistics, visitor information, system file structure
intitle:"Web Server Statistics for ****"
web server statistics, visitor information
inurl:"/axs/ax-admin.pl"
script web server statistics, visitor information
inurl:"/cricket/grapher.cgi"
MRTG charts of network interface performance
inurl:server-info "Apache Server Information"
web server version and configuration, operating system type, system
file structure
"Output produced by SysWatch *"
operating system type and version, logged users, free memory and disk
space, mount points, running processes,system logs.
Query Result
"A syntax error has occurred" filetype:ihtml Informix database errors, potentially containing function names,
filenames, file
structure information, pieces of SQL code and passwords
"Access denied for user" "Using password"
authorisation errors, potentially containing user names, function
names, file structure information and pieces of SQL code
"The script whose uid is " "is not allowed to access"
access-related PHP errors, potentially containing filenames, function
names and file structure information
"ORA-00921: unexpected end of SQL command"
Oracle database errors, potentially containing filenames, function
names and file structure information
"error found handling the request" cocoon filetype:xml
Cocoon errors, potentially containing Cocoon version information,
filenames,function names and file structure information
"Invision Power Board Database Error"
Invision Power Board bulletin board errors, potentially containing
function names, filenames, file structure information and piece of SQL
code
"Warning: mysql _ query()" "invalid query"
MySQL database errors, potentially containing user names, function
names,filenames and file structure information
"Error Message : Error loading required libraries."
CGI script errors, potentially containing information about operating
system and program versions, user names, filenames and file structure
information
"#mysql dump" filetype:sql
MySQL database errors, potentially containing information about
database structure and contents
Query Result
"http://*:*@www" site passwords for site, stored as the string "http:/
/username: password@www..."
filetype:bak inurl:"htaccess|passwd|shadow|ht users"
file backups, potentially containing user names and passwords
filetype:mdb inurl:"account|users|admin|administrators|passwd|
password"
mdb files, potentially containing password information
intitle:"Index of" pwd.db pwd.db files,
potentially containing user names and encrypted passwords
inurl:admin inurl:backup intitle:index.of directories whose names
contain the words admin and backup
"Index of/" "Parent Directory" "WS _ FTP.ini"
filetype:ini WS _ FTP PWD
WS_FTP configuration files, potentially containing FTP server access
passwords
ext:pwd inurl:(service|authors|administrators|users) "# -FrontPage-"
files containing Microsoft FrontPage passwords
filetype:sql ("passwd values ****" |
"password values ****" | "pass values ****" )
files containing SQL code and passwords inserted into a database
intitle:index.of trillian.ini
configuration files for the Trillian IM eggdrop filetype:user user
configuration files for the Eggdrop ircbot
filetype:conf slapd.conf configuration files for OpenLDAP
inurl:"wvdial.conf" intext:"password" configuration files for WV Dial
ext:ini eudora.ini configuration files for the Eudora mail client
filetype:mdb inurl:users.mdb Microsoft Access files, potentially
containing user account information
intext:"powered by Web Wiz Journal" websites using Web Wiz Journal,
which in its standard configuration
Allows access to the passwords file – just enter http:
//
journal/
"Powered by DUclassified" -site:duware.com
"Powered by DUcalendar" -site:duware.com
"Powered by DUdirectory" -site:duware.com
"Powered by DUclassmate" -site:duware.com
"Powered by DUdownload" -site:duware.com
"Powered by DUpaypal" -site:duware.com
"Powered by DUforum" -site:duware.com
intitle:dupics inurl:(add.asp | default.asp |view.asp | voting.asp) -
site:duware.com
websites using the DUclassified, DUcalendar, DUdirectory, DUclassmate, DUdownload, DUpaypal, DUforum or DUpics applications,which by default make it possible to obtain the passwords file – for DUclassified, just
enter http://
http://
intext:"BiTBOARD v2.0" "BiTSHiFTERS Bulletin Board"
websites using the Bitboard2 bulletin board application, which on
default settings allows the passwords file to be obtained – enter
http://
http://
KEEP SAFE FROM GOOGLE SEARCHING
Control Google content
• Information about your company
• Information about your users and
employees
• Links pointing to your Web sites
• Organize a regular watch
Ask Google to delete some search
results from its cache
• http://www.google.com/remove.html
Google
• Google APIs: http://www.google.com/apis/
• Remove results: http://www.google.com/remove.html
Posted in
Google Hacking
0 comments for this post
Leave a reply
Write your message here.
Please leave your Email Id so that I can contact you.
Thanks for your Valuable Suggestion,
