Google Hacking
Locate security vulnerabilities on the
internet using search engines, such as Google can called as Google hacking. We
can identify Google Hacking as a passive information gathering techniques.
Generally, there are two types of vulnerabilities we can found on the web:
Software vulnerabilities and misconfigurations.
For the example, imagine we need to gather
information about hotels in United State. Most of the people that didn’t aware
of Google Footprint Techniques do it like following,
As you can see, it is less information we get
here. Instead of doing normal search we can use Google Hacking Scenario to
gather more information about Hotels in US.
- SITE: .us INFO:Hotels
Search by file filter
For the
example, imagine you want to find 3ds max
tutorials in PDF format. Unlikely
typing lengthy search words in google search box you can simply use following
command to find a pdf file.
·
filetype:pdf 3ds max tutorial
Set A timer using
google
Type “set timer for” in google search bar and
google timer will appear in first search result. Only you have to do is enter your time and
start timer. After time ends google will start beeping at you.
Find a GIF images using google
Go to google
images, then tools, under the tool, there is a category name “any typed” change
it as “animated”.
Google Cache Command
If the site
has taken down or it has too much traffic, you can use google cache command to
enter the site easily. When you do this, it will appear like the last time that
google crawled.
EX : cache: https://www.doenets.lk
Search Tools
Search tool
is another passive information gathering method available in internet.
Shodan Search Engine
Shodan is a search engine that
lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. [wikipedia]
First you have to create account, after
successfully creating account Log In to shodan network and go to Home page.
Type any web site name and click search. All the details of entered site will
be display.
Camping Web
cams using shodan.
Search : Webcam 7 ( this 7 is a
model of a webcam )
Accessing
Rougher interfaces using shodan
Search : Tp Link (router
model/brand)
Getting site
report from netcraft.com
Go
to https://www.netcraft.com ,In site
menu bar go to Anti-Phishing -> Anti-Phishing extension -> site report.
Type site name in search box and press enter.
FlightRadar24
FlightRadar24
is internet base service. It will show real-time aircraft flight information on
Map.
No comments:
Post a Comment