Yeah that's rite, you never thought of using Google as a hackin' tool but as your way to hackin' tools. This tutorial will prove you how your lack of knowdlege kept you in the dark and didn't show you the right way of using Google...
Before we start I would like to explain what 'Google Hacks' actually are. I searched the web for an explanation and I found a good explanation, funnily enough, from Google.
“Google Hacks is a compilation of carefully crafted Google searches that expose novel functionality from Google's search and map services. For example, you can use it to view a time line of your search results, view a map, search for music, search for books, and perform many other specific kinds of searches. You can also use this program to use Google as a proxy.
The name should not imply the way it should be used. Hacks is meant as this definition. "A Hack is a modification of a program or device to give the user access to features otherwise were unavailable to them."”
Google hacks involve typing strings into the Google search box and pressing enter, I assume you know this and I will just be posting the code needed to paste into the search box below.
Ok, I'm sure you all have heard of these hacks (I call them hacks but these are more tricks than hacks), these allow to to access security cameras and download MP3 files from FTP servers. I will post these anyway just in case you haven't heard of these.
Firstly I will show you a nice, simple way to get MP3 files from Google. Below is the code:
"intitle:index of" NAME OF SONG/ARTIST HERE mp3
Obviously, you need to change “NAME OF SONG/ARTIST HERE”. This will search FTP servers for your song. People use FTP servers to share music with their friends, normally on a College network (this was partly what sparked the idea of Facebook).
I will explain the string for you so that it is easier to remember and you understand the string. Firstly:
intitle
This tells Google that you want to search the title of a document, and not the description.
index of
On most FTP servers you will see text at the top, it will say “Index of...” so we have told Google to search for the words 'index of' inside the title of a document.
Ok, we all knew that one, we use it all the time. But did you know that you can use this string to search for any types of files, for example if I typed:
"intitle:index of" harry potter pdf
I would search for Harry Potter books in the form of a PDF file. There are a lot of possibilities with this string and although it isn't really a hack as you are not gaining anything sensitive it is a lot of fun and quite useful.
Although kind of useless, this next hack is a hack. This will give you the ability to search for vulnerable security cameras which you have full control over. These cameras give live pictures so it can be kind of fun. Here is the string:
inurl:"viewerframe?mode=refresh"
Have fun with this one, although there isn't much going on in most of them. Because this is a quite a popular string you don't get as many results as you used to but you still get a few. Heres an explanation:
inurl:
This tells Google to search the URL of a web page rather than the title or description.
"viewerframe?mode=refresh"
Tells Google to search for the text inside the quotes exactly, rather than searching for the keywords separately.
This next one is one of my favorites, I don't know why, its not really useful but it is the first real hack in this tutorial. This will let you view the stats of a vulnerable website, for example you would be able to see how much traffic the site has got in the past month and compare it to the month before. Its pretty cool. You will understand it more when you see it.
intitle:"usage statistics for" "generated by webalizer"
I have already explained the 'intitle' and quotation functions so there is no need to go over them again.
The next one could be useful if you used it correctly. Obviously websites don't want all their web pages to be searched by Google, sometimes for explainable reasons but other times it raises some questions, for example before it was changed the FBI website stopped search engines from finding a web page about 9/11, they soon changed it though and it was probably put there by mistake. But I'm going off the topic. So what if we want to see what the websites don't want us to see? Have a look at this string:
"robots.txt" "disallow:" filetype:txt
robots.txt
robots.txt is a text file that if uploaded to a websites directory, search engines read and the pages listed in that text file do not show on the search engine.
filetype:txt
This tells Google to search for a file with the .txt extension, instead of looking for the usual web filetypes (HTML, PHP, JSP ect.).
This one can be extremely effective in gaining control over a website:
intitle:index of ws_ftp.ini
This will search for a file in an FTP server called ws_ftp.ini, this file contains so much information. You will find FTP server login information and a lot more. For example when I tested this one I found this file which contained:
*
The FTP server
*
The FTP username
*
The FTP password (encrypted but could be decrypted.)
I am not saying that you should use this string to gain control of websites, this is not what this tutorial is about, it is about making people aware of the power of Google, if you manage to gain control of a website using this information it is not my responsibility. I am not going to tell you exactly how to use this string otherwise I may wake up with an email from an unhappy Google, but I will tell you this. ws_ftp.ini is a file needed to move your website from one sever to another, it is also used when making a backup of your website on your PC. The string has already been explained above, you should already know what all the commands in this string do.
Next one is old but still works with some websites:
intitle:"index of" passwd passwd.bak
This searches Google for a file called passwd.bak, if you find this and open it with WordPad (I stress to use WordPad, not Notepad.) then you will find a lot of sensitive information. I am not going to explain this anymore as you already know what all the commands do and if I were to tell you how to use that information then Google would be pretty angry, and so would the website you got the file from.
This one searches for vulnerable websites made with Microsoft Frontpage. You will get a username and a password, these will be encrypted in DES. 'Nuff said.
inurl:_vti_pvt "service.pwd"
I'm getting bored of hacking passwords, so lets do another fun one. This one will let you access peoples photo albums, view their photo's, delete their photo's, edit tags on their photo's but more importantly upload your own photo's.
inurl:"phphotoalbum/upload"
Its pretty self-explanatory.
VNC stands for Virtual Network Computing, meaning that you can remotely login to another computer and control it. This string will allow you to search for VNC servers, but it won't let you access most of them without a password. But there are plenty of tutorials on this forum on how to find a password.
"vnc desktop" inurl:5800
Note: You can change 5800 to any port you like, but the ports that VNC servers use are 5800-5806.
This next one is another fun one, it will let you access peoples Lexmark printers and potentially print a document using their printer.
intext:"UAA (MSB)" Lexmark -ext:pdf
There is a new command here it is:
-ext
This tells Google to search for all types of documents that don't have the following file extension, in this case PDF.
Note: Sometimes this doesn't work, it freezes when printing a document it is possible that the printer that you are searching no longer exist and the control panel simply hasn't been removed.
The next one searches for cookies stored on FTP servers, some of these have usernames and passwords inside them. Once you find a server using google you will need to look at a file called 'cookies.txt', inside it should have a bunch of encrypted information which could be decrypted.
intitle:"index of" cookies.txt
We have already explained all the commands in this string so I will move on, I assume that you know that you are not looking for recipes when using this string, if you get a lot of recipes for making cookies by all means look at them but most of the results you want will be on 'Page 2' of the results and futher.
Ok this next one can potentially give you access to forums using phpMyAdmin, a lot of the forums have patched this flaw now but you still might be able to find some results. This is one of the more useful hacks in this tutorial and I suggest that you note this down somewhere, it may come in handy for later use.
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "Running on * as root@*"
This string looks more complicated than the other ones that we have been using, but it is still simple.
intitle:phpMyAdmin
Tells google to search in the title of a document for the words 'phpMyAdmin'
"Welcome to phpMyAdmin ***"
Tells google to search exactly for these words, the *** is there because as you can see when you access a phpMyAdmin control panel, the stars are in the welcome message.
"Running on * as root@*"
This means: Look for the words 'Running on' and then any word (indicated by a *) and then look for the words 'as root' which is running on something else (hard to explain, for example root@localhost) and then any word (again indicated by a *).
That is hard to understand so don't worry if you don't understand it, it is hard to explain but if you look at the commands in the string and see what results you get on google you can learn yourself.
In another thread I'll post soon I'll give an almost complete list of google dorks/hacks.
Njoy!!
Before we start I would like to explain what 'Google Hacks' actually are. I searched the web for an explanation and I found a good explanation, funnily enough, from Google.
“Google Hacks is a compilation of carefully crafted Google searches that expose novel functionality from Google's search and map services. For example, you can use it to view a time line of your search results, view a map, search for music, search for books, and perform many other specific kinds of searches. You can also use this program to use Google as a proxy.
The name should not imply the way it should be used. Hacks is meant as this definition. "A Hack is a modification of a program or device to give the user access to features otherwise were unavailable to them."”
Google hacks involve typing strings into the Google search box and pressing enter, I assume you know this and I will just be posting the code needed to paste into the search box below.
Ok, I'm sure you all have heard of these hacks (I call them hacks but these are more tricks than hacks), these allow to to access security cameras and download MP3 files from FTP servers. I will post these anyway just in case you haven't heard of these.
Firstly I will show you a nice, simple way to get MP3 files from Google. Below is the code:
"intitle:index of" NAME OF SONG/ARTIST HERE mp3
Obviously, you need to change “NAME OF SONG/ARTIST HERE”. This will search FTP servers for your song. People use FTP servers to share music with their friends, normally on a College network (this was partly what sparked the idea of Facebook).
I will explain the string for you so that it is easier to remember and you understand the string. Firstly:
intitle
This tells Google that you want to search the title of a document, and not the description.
index of
On most FTP servers you will see text at the top, it will say “Index of...” so we have told Google to search for the words 'index of' inside the title of a document.
Ok, we all knew that one, we use it all the time. But did you know that you can use this string to search for any types of files, for example if I typed:
"intitle:index of" harry potter pdf
I would search for Harry Potter books in the form of a PDF file. There are a lot of possibilities with this string and although it isn't really a hack as you are not gaining anything sensitive it is a lot of fun and quite useful.
Although kind of useless, this next hack is a hack. This will give you the ability to search for vulnerable security cameras which you have full control over. These cameras give live pictures so it can be kind of fun. Here is the string:
inurl:"viewerframe?mode=refresh"
Have fun with this one, although there isn't much going on in most of them. Because this is a quite a popular string you don't get as many results as you used to but you still get a few. Heres an explanation:
inurl:
This tells Google to search the URL of a web page rather than the title or description.
"viewerframe?mode=refresh"
Tells Google to search for the text inside the quotes exactly, rather than searching for the keywords separately.
This next one is one of my favorites, I don't know why, its not really useful but it is the first real hack in this tutorial. This will let you view the stats of a vulnerable website, for example you would be able to see how much traffic the site has got in the past month and compare it to the month before. Its pretty cool. You will understand it more when you see it.
intitle:"usage statistics for" "generated by webalizer"
I have already explained the 'intitle' and quotation functions so there is no need to go over them again.
The next one could be useful if you used it correctly. Obviously websites don't want all their web pages to be searched by Google, sometimes for explainable reasons but other times it raises some questions, for example before it was changed the FBI website stopped search engines from finding a web page about 9/11, they soon changed it though and it was probably put there by mistake. But I'm going off the topic. So what if we want to see what the websites don't want us to see? Have a look at this string:
"robots.txt" "disallow:" filetype:txt
robots.txt
robots.txt is a text file that if uploaded to a websites directory, search engines read and the pages listed in that text file do not show on the search engine.
filetype:txt
This tells Google to search for a file with the .txt extension, instead of looking for the usual web filetypes (HTML, PHP, JSP ect.).
This one can be extremely effective in gaining control over a website:
intitle:index of ws_ftp.ini
This will search for a file in an FTP server called ws_ftp.ini, this file contains so much information. You will find FTP server login information and a lot more. For example when I tested this one I found this file which contained:
*
The FTP server
*
The FTP username
*
The FTP password (encrypted but could be decrypted.)
I am not saying that you should use this string to gain control of websites, this is not what this tutorial is about, it is about making people aware of the power of Google, if you manage to gain control of a website using this information it is not my responsibility. I am not going to tell you exactly how to use this string otherwise I may wake up with an email from an unhappy Google, but I will tell you this. ws_ftp.ini is a file needed to move your website from one sever to another, it is also used when making a backup of your website on your PC. The string has already been explained above, you should already know what all the commands in this string do.
Next one is old but still works with some websites:
intitle:"index of" passwd passwd.bak
This searches Google for a file called passwd.bak, if you find this and open it with WordPad (I stress to use WordPad, not Notepad.) then you will find a lot of sensitive information. I am not going to explain this anymore as you already know what all the commands do and if I were to tell you how to use that information then Google would be pretty angry, and so would the website you got the file from.
This one searches for vulnerable websites made with Microsoft Frontpage. You will get a username and a password, these will be encrypted in DES. 'Nuff said.
inurl:_vti_pvt "service.pwd"
I'm getting bored of hacking passwords, so lets do another fun one. This one will let you access peoples photo albums, view their photo's, delete their photo's, edit tags on their photo's but more importantly upload your own photo's.
inurl:"phphotoalbum/upload"
Its pretty self-explanatory.
VNC stands for Virtual Network Computing, meaning that you can remotely login to another computer and control it. This string will allow you to search for VNC servers, but it won't let you access most of them without a password. But there are plenty of tutorials on this forum on how to find a password.
"vnc desktop" inurl:5800
Note: You can change 5800 to any port you like, but the ports that VNC servers use are 5800-5806.
This next one is another fun one, it will let you access peoples Lexmark printers and potentially print a document using their printer.
intext:"UAA (MSB)" Lexmark -ext:pdf
There is a new command here it is:
-ext
This tells Google to search for all types of documents that don't have the following file extension, in this case PDF.
Note: Sometimes this doesn't work, it freezes when printing a document it is possible that the printer that you are searching no longer exist and the control panel simply hasn't been removed.
The next one searches for cookies stored on FTP servers, some of these have usernames and passwords inside them. Once you find a server using google you will need to look at a file called 'cookies.txt', inside it should have a bunch of encrypted information which could be decrypted.
intitle:"index of" cookies.txt
We have already explained all the commands in this string so I will move on, I assume that you know that you are not looking for recipes when using this string, if you get a lot of recipes for making cookies by all means look at them but most of the results you want will be on 'Page 2' of the results and futher.
Ok this next one can potentially give you access to forums using phpMyAdmin, a lot of the forums have patched this flaw now but you still might be able to find some results. This is one of the more useful hacks in this tutorial and I suggest that you note this down somewhere, it may come in handy for later use.
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "Running on * as root@*"
This string looks more complicated than the other ones that we have been using, but it is still simple.
intitle:phpMyAdmin
Tells google to search in the title of a document for the words 'phpMyAdmin'
"Welcome to phpMyAdmin ***"
Tells google to search exactly for these words, the *** is there because as you can see when you access a phpMyAdmin control panel, the stars are in the welcome message.
"Running on * as root@*"
This means: Look for the words 'Running on' and then any word (indicated by a *) and then look for the words 'as root' which is running on something else (hard to explain, for example root@localhost) and then any word (again indicated by a *).
That is hard to understand so don't worry if you don't understand it, it is hard to explain but if you look at the commands in the string and see what results you get on google you can learn yourself.
In another thread I'll post soon I'll give an almost complete list of google dorks/hacks.
Njoy!!
Post a Comment