Nimbuzzmasters forum
nwlve HI   GUEST nwlve
WELCOME TO NIMBUZZ MASTERS FORUM
PLEASE   REGISTER

TO
Dzs HAVE FULL ACCESS TO THE FORUM AND BE ABLE TO DOWNLOAD STUFF Dzs
Grp
STAY WITH US THANK YOU
Forum management ©️
Mzs

Web Pen Test- information gathering with Google

View previous topic View next topic Go down

r00t d3str0y3r
Member
Member
Join date : 2014-10-25
Posts : 30
Thanks gained - : 130
Gender : Male
Age : 23
View user profile http://securitymafia.com

Postr00t d3str0y3r on Sun Nov 02, 2014 11:08 pm

Information Gathering with Google

Welcome to my second tutorial on Information Gathering Very Happy

In this tutorial we ll be using Google to gather more sensitive information about our target.

So first let us start with some basic usage of advanced google searching. Then i will show you how to use them to gather information about your target.

inurl
InUrl is used to search for any text inside the uri. Many times used by hackers to search for vulnerable scripts and plugins or sensitive information in the website.

intext
InText is used to search for any text in the body or the source code of the website. It is many times used by hackers to search for particular version of application which is exploitable.

filetype
FileType is used to search for any type of file which you want to locate in a particualr website or on any particular subject or you can search for any type of file freely. Used by hackers to search for files containing Sensitive information for exploit the websites.

intitle
InTitle is used to search for titles of the webpages. Hackers use to to search for vulnerable pages or the indexing on a website.

site
Site using this dork you can minimize the area of search to a particular website. Hackers use it to target and search sentive information in a website.

link
Link checks other websites containing links to a website. Hackers use to search any other information related to thier target.

-(subtract)
Many times you want to remove some junk results and get more pointed results.

Now we ll use all the above dorks in a manner to get some more information about our target.

Very Happy Very Happy Very Happy Very Happy

Getting Open Index or Insecure Information

intitle:"index of /" Parent Directory site:yoursitehere.com

You can search for admin directories

intitle:"Index of /admin" site:yoursitehere.com

You can search for password directories

intitle:"Index of /password" site:yoursitehere.com

You can search for mail directories

intitle:"Index of /mail" site:yoursitehere.com

You can search for files like passwd

intitle:"Index of /" passwd site:yoursitehere.com

You can search for password.txt files

intitle:"Index of /" password.txt site:yoursitehere.com

You can search for htaccess file

intitle:"Index of /" .htaccess site:yoursitehere.com

You can also search for diffrent extensions.

intitle:"index of ftp" .mdb site:yoursitehere.com

You can also try and look for admin pages or the login functionalities

Intitle: "login" "admin" site:yoursitehere.com

Using InURL we can search for diffrent functionalities within the website.
Search for Admin Login Functionality on target domain

inurl:admin site:yoursitehere.com

Searching for db files containing admin in URL on target domain

inurl:admin filetype:db site:yoursitehere.com

You can also use Google Translater as a proxy to access the website

http://translate.google.com/translate?hl=en&sl=ar&tl=en&u=http://www.yoursitehere.com/urlhere

Thanks for reading, see in the next part on Information Gathering. Very Happy Very Happy

Author- r00t d3str0y3r

~Trichur~$ulthan~
Member
Member
Join date : 2013-10-18
Posts : 35
Thanks gained - : 45
Gender : Male
View user profile

Post~Trichur~$ulthan~ on Mon Nov 03, 2014 8:37 pm

You

View previous topic View next topic Back to top

Create an account or log in to leave a reply

You need to be a member in order to leave a reply.

Create an account

Join our community by creating a new account. It's easy!


Create a new account

Log in

Already have an account? No problem, log in here.


Log in

 
Permissions in this forum:
You cannot reply to topics in this forum