I am in no way, shape, or form responsible for what you do with this information, this information is soley for educational purposes only.

Introduction

Well, you look at the title and I’m sure your all like “Not another google hacking tutorial…”. You might all think that google hacking is pretty much dead, admins have gotten smart. Well, the fact of the matter is, Google hacking is very far from dead, and a lot of admins are super far from being smart. The new virus that uses google’s searching power to find vulnerable sites just proves this point.

Now I have realized that there is a good tutorial on Google Hacking on AO already, and if you have not seen it you can find it here:

http://www.antionline.com/showthread...readid=257512&

This tutorial is different then that one and many others though, I am not simply going to show you what google can be used for, that has already been covered a ton of times. I am not going to simply show you “Index of” +htpasswd either, that to has been shown tons of times. I’m not going to teach you basic google operators and commands. Those have already been covered numerous times on AO and on google itself. They can be found here:

http://www.google.com/help/refinesearch.html

and here:

http://www.google.com/help/operators.html

So What The Hell Is This Tutorial About?

In this tutorial I am going to cover an advanced side to google hacking… If that makes sense… I see a lot of google tutorials telling you to go for the “Index of” +htpasswd and other password files. Most of these are shadowed anyway. Well, I’m going to base this tutorial on combinations. That’s right, combinations.

Combinations

You can’t Google Hack like you used to these days. A couple years ago all you had to do was search for inurl:admin.asp and you would have gotten hundreds of sites that were vulnerable. But these days that just gives you a bunch of crap, like companies trying to sell you their administrator software and such… Now you have to think of a combination of search commands and keywords to craft together to get what you want.

Now lets think about this for a minute… What exactly do we want? Admin login pages? Nah… Password lists? Maybe but… nah… Ah! I know… Lets try for administration pages! You know, the pages that allow the administrator to edit, delete, and configure things on their website?
First things first, we need a base keyword, how about:

inurl:edit

Not much luck. Lets try adding something to it, but what? We obviously want something that will edit a site. How about we add +intitle:admin to the search?

inurl:edit +intitle:admin

Hmm... Doesn't look good. Looks like just a bunch of manuals and instructions. You might find something there but doubtful, there's just to much junk there. Looks like we need to add in a couple of things. Lets look for a specific file extention. We do this with the filetype command. How about we add the command filetype:asp.

inurl:edit +intitle:admin +filetype:asp

Now what we are doing is searching for only files that are asp's and have "edit" in the url and "admin" in the title. We enter this in google and we do get some administration areas, but there is still alot of demos and manuals and other junk. We also get alot of Admin login's, which aren't bad, but we want to bypass the login screen. How do we do that? Well lets add a -login -password to the search:

inurl:edit +intitle:admin +filetype:asp -login -password

BINGO! This search gives you a bunch of sites that you can get admin access to. We are happy with those results, but you should try to spice things up a bit. Like adding quotes and *'s to some things:

inurl:"*edit*" +intitle:"*admin*" +filetype:asp -login -password

This gives you some other intersting things as well. I think everyone knows what the quotes do, but I don't think alot of people know what the *'s do. Well, when they are added that means as long as "edit" is within ANYTHING google will show it. Like for instance:

inurl:"*edit*"

Might bring up a site with the url as /frontpage_edit .asp. Get the point? This could be used to find a certain software your trying to exploit. For example:

intext:"Powered by*"

The possibilities are endless!

Conclusion

Well, thats that. I wrote this tutorial to kind of be an extension of the one written before here on AO and to once again show the power of google and at the same time show that google hacking is not dead. There is so much more to explain, so many other ways to do such things and even more! Go and explore on your own using different combinations. Look at all the poorly configured sites. But don't exploit them! Just because you can copy and paste that search string and then find a vulnerable site and deface them or steal information does not make you some super l33t h4ck3r d00d. I almost didn't write this tutorial because I was afraid it would to easy for a dishonest person on this site to mess things up. We don't need any more skiddies defacing sites and yappin their gums off about their political views (dr. toker will agree ). If you want to be a true white hat contact the admin and tell him of his problem.

BTW, if you guys were interested, that worm that used google to spread did a real number! Google this:

intitle:"This site is defaced!!!" intext:"NeverEverNoSanity WebWorm generation"