BEWARE OF GOOGLE (what every sysadmin NEEDS to know about search engines)
Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: BEWARE OF GOOGLE (what every sysadmin NEEDS to know about search engines)

  1. #1
    Member
    Join Date
    Aug 2003
    Posts
    98

    BEWARE OF GOOGLE (what every sysadmin NEEDS to know about search engines)

    Alrighty then, let me start out by telling you that I did not write this tutorial, or reference, or whatever you want to call it, so I can't take credit for the information compiled here.But .... I use all the time and have learned a great deal, and so will you if you have the time to put into it.
    OK then, that being said, I am not putting this here for malicious content, rather it is a warning to any system admins out there about what information can be found out about your network by a simple google search. So, take a look at this info, try it out, most of all be RESPONSIBLE, and remember it's YOUR IP being logged and NOT MINE. So use that thing called common sense when experimenting with these search techniques.


    Google a Dream come true


    ****************************** ComSec ***********************************

    article by: ComSec

    date: 25.5.2003

    Simplified



    INTRO=========

    a week or so back i had an e-mail from a friend (FLW) asking me if i had any
    info on google search tips

    he was surprised on the amount of info available and open via google...this
    got me thinking , well i have seen many various search strings in several
    papers....so i thought i would put them all together on the one page...and
    up-date as new one are discovered...so if i missed any to be added to the
    list please let me know and i shall add some more....


    ****************************************************************************
    WARNING:::i hold no responsibility for what you do via the information
    supplied here...this is for educational purpose only , use at your own risk
    you have been warned
    ****************************************************************************

    thanks

    ComSec aka ZSL


    SUMMERY=======

    Everyone knows google in the security sector...and what a powerful tool it is,
    just by entering certain search strings you can gain a vast amount of knowledge
    and information of your chosen target...often revealing sensitive data...this
    is all down to badly configured systems...brought on by sloppy administration
    allowing directory indexing and accessing , password files , log entrys ,
    files , paths ,etc , etc


    Search Tips

    so how do we start ?

    the common search inputs below will give you an idea...for instance if you
    want to search for the an index of "root"

    in the search box put in exactly as you see it below

    ==================

    example 1:


    allintitle: "index of/root"


    result:

    http://www.google.com/search?hl=en&i...=Google+Search

    what it reveals is 2,510 pages that you can possible browse at your will...

    ====================

    example 2


    inurl:"auth_user_file.txt"

    http://www.google.com/search?num=100...=Google+Search

    this result spawned 414 possible files to access

    here is an actual file retrieved from a site and edited , we know who the
    admin is and we have the hashes thats a job for JTR (john the ripper)

    txUKhXYi4xeFs|master|admin|Worasit|Junsawang|xxx@xxx|on
    qk6GaDj9iBfNg|tomjang||Bug|Tom|xxx@xxx|on

    with the many variations below it should keep you busy for a long time mixing
    them reveals many different permutations

    *************************************

    SEARCH PATHS....... more to be added

    *************************************

    "Index of /admin"
    "Index of /password"
    "Index of /mail"
    "Index of /" +passwd
    "Index of /" +password.txt
    "Index of /" +.htaccess
    index of ftp +.mdb allinurl:/cgi-bin/ +mailto

    administrators.pwd.index
    authors.pwd.index
    service.pwd.index
    filetype:config web
    gobal.asax index

    allintitle: "index of/admin"
    allintitle: "index of/root"
    allintitle: sensitive filetype:doc
    allintitle: restricted filetype :mail
    allintitle: restricted filetype:doc site:gov

    inurlasswd filetype:txt
    inurl:admin filetype:db
    inurl:iisadmin
    inurl:"auth_user_file.txt"
    inurl:"wwwroot/*."


    top secret site:mil
    confidential site:mil

    allinurl: winnt/system32/ (get cmd.exe)
    allinurl:/bash_history

    intitle:"Index of" .sh_history
    intitle:"Index of" .bash_history
    intitle:"index of" passwd
    intitle:"index of" people.lst
    intitle:"index of" pwd.db
    intitle:"index of" etc/shadow
    intitle:"index of" spwd
    intitle:"index of" master.passwd
    intitle:"index of" htpasswd
    intitle:"index of" members OR accounts
    intitle:"index of" user_carts OR user_cart

    ALTERNATIVE INPUTS====================

    _vti_inf.html
    service.pwd
    users.pwd
    authors.pwd
    administrators.pwd
    shtml.dll
    shtml.exe
    fpcount.exe
    default.asp
    showcode.asp
    sendmail.cfm
    getFile.cfm
    imagemap.exe
    test.bat
    msadcs.dll
    htimage.exe
    counter.exe
    browser.inc
    hello.bat
    default.asp\
    dvwssr.dll
    cart32.exe
    add.exe
    index.jsp
    SessionServlet
    shtml.dll
    index.cfm
    page.cfm
    shtml.exe
    web_store.cgi
    shop.cgi
    upload.asp
    default.asp
    pbserver.dll
    phf
    test-cgi
    finger
    Count.cgi
    jj
    php.cgi
    php
    nph-test-cgi
    handler
    webdist.cgi
    webgais
    websendmail
    faxsurvey
    htmlscript
    perl.exe
    wwwboard.pl
    www-sql
    view-source
    campas
    aglimpse
    glimpse
    man.sh
    AT-admin.cgi
    AT-generate.cgi
    filemail.pl
    maillist.pl
    info2www
    files.pl
    bnbform.cgi
    survey.cgi
    classifieds.cgi
    wrap
    cgiwrap
    edit.pl
    perl
    names.nsf
    webgais
    dumpenv.pl
    test.cgi
    submit.cgi
    guestbook.cgi
    guestbook.pl
    cachemgr.cgi
    responder.cgi
    perlshop.cgi
    query
    w3-msql
    plusmail
    htsearch
    infosrch.cgi
    publisher
    ultraboard.cgi
    db.cgi
    formmail.cgi
    allmanage.pl
    ssi
    adpassword.txt
    redirect.cgi
    cvsweb.cgi
    login.jsp
    dbconnect.inc
    admin
    htgrep
    wais.pl
    amadmin.pl
    subscribe.pl
    news.cgi
    auctionweaver.pl
    .htpasswd
    acid_main.php
    access.log
    log.htm
    log.html
    log.txt
    logfile
    logfile.htm
    logfile.html
    logfile.txt
    logger.html
    stat.htm
    stats.htm
    stats.html
    stats.txt
    webaccess.htm
    wwwstats.html
    source.asp
    perl
    mailto.cgi
    YaBB.pl
    mailform.pl
    cached_feed.cgi
    global.cgi
    Search.pl
    build.cgi
    common.php
    show
    global.inc
    ad.cgi
    WSFTP.LOG
    index.html~
    index.php~
    index.html.bak
    index.php.bak
    print.cgi
    register.cgi
    webdriver
    bbs_forum.cgi
    mysql.class
    sendmail.inc
    CrazyWWWBoard.cgi
    search.pl
    way-board.cgi
    webpage.cgi
    pwd.dat
    adcycle
    post-query
    help.cgi


    there are to many people to thank for the bits of information cut and pasted
    and added to form this paper
    most have been collected from various forums , txt , doc's etc...like to thank
    you all, its not intended to rip anyone
    its just a combo of various search inputs...put on the one Paper to use as
    a reference.


    EOF

    ====================================

    http://comsec.governmentsecurity.org

    http://governmentsecurity.org/forum

    ******* new members welcome ********

    ====================================
    I hate this place, nothing works here, I\'ve been here for 7 years, the medication does\'nt work...

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    239
    Good post.

    A second facet of this concept, although vaguely related, would be of pertinence to home users. Too many p2p users share their whole hard drive, giving access to sensitive data to data prowlers.

    Thanks
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  3. #3
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Thats a very comprehensive and helpful list, thank you!

    http://comsec.governmentsecurity.org/googletut1.txt
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  4. #4
    Member
    Join Date
    Feb 2003
    Posts
    95
    I found your post both informative and stimulating!
    I read other articles like this somewhere.. Except your post was better because it brought all the info into one place.. much more conveniant if ya ask me

    GOOD JOB!

  5. #5

  6. #6
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    *Moved from Tutorials*

  7. #7
    Senior Member
    Join Date
    Oct 2003
    Posts
    107

    Lightbulb

    Well well I c google is getting preatty usefull

  8. #8
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    352
    Excellent Tutorial ! , my only question is this.. Lets say if i own a web server and someone decides to try to data prawl my site.. How would you go about protecting this ? How would i hide the directories from google ?
    "Serenity is not the absence of conflict, but the ability to cope with it."

  9. #9
    Senior Member
    Join Date
    Aug 2003
    Posts
    300
    It is odd, because about a year ago I noticed this. I realized this when I was searching for some basic graphics on the internet. I did a google search of root/index too see if anyone was lazy enough to let their graphic folder out in the open for all to use. So I was able to get to the root of about 20 webpages if I so desired. I couldn't believe it, but here is the explanation.

    Thanks...Good Thread

  10. #10
    Member LarrySmith's Avatar
    Join Date
    Aug 2002
    Posts
    69
    Good post......I think this is the kind of info people come here for. I don't want to be a one line post whore but I want to send kudos publicly. My antipoints are still grey weither or not I give green or red. You'll have to settle for a pat on the back.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •