As the title states, I found this article last night while surfing
the net. Posted on January 14, 2006 so fairly new. Full story can be found
here
http://castlecops.com/article-6466-nested-0-0.html
A lot of 'Free' webspace providers and ISP's with their 'free' 10mbOne of the most common remote web authoring tools is
Microsoft's Front Page. Front page extensions and WebDav, the
services on the web server that allow you to remotely connect and
author web pages, can be configured with a certain degree of
security. However, in certain configurations, the userID and password
are stored in local files on the server. Using a Google query, you
can easily locate thousands of these files and dump the contents.
The query form is quite simple: "inurlfilename).pwd", where
(filename) is the name of the .pwd file. This query can be expanded
to be very specific and target a specific site by using a command to
search for a specific site or domain. The results of a specific
search like this would list hundreds if not thousands of these files
that would contain something like "# -FrontPage-
dmiller:I1KEaH1TZqxEw". Basically dumping the userID and password.
This type of basic query can be used to find all kinds of interesting
information such as using the "intitle:"index of" (name of directory
you want to locate)" which not only reveals many web directory
structures of "index of/", it also reveals how many web servers on
the Internet do not have even the most basic forms of permissions and
directory security. You will find that once you access a particular
directory, that you can then move up the directory tree and you never
know what you may find.
of webspace doesn't support front page extensions, for security
reasons.
Interesting stuff indeed.The Google Search Engine supports very complex query types.
For instance, if you were to construct a query like ""parent
directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5
-md5sums", the query would result in lists upon list of systems that
have a /Gamez directory off the root of the "parent directory" of the
web server. Or, to locate music files of type mp3 you could issue a
query like "intitle:index.of mp3 (name of band/song)".
The bottom line here is that it is possible to locate very specific
types of files. It is also possible to perform queries for inline
passwords from various search engines by performing a query similar
to "http://*:*@www".
How safe and smart would it be to do this? I personally wouldn't. OneThe Google Search Engine is a powerful tool that can be used
by people with ill intentions just as it can be used for basic
web searching.
I'm not that type of person to try to obtain password files and such
and second, google 'records'/'logs' what you type. For instance, the
dude that killed his wife, he went to google and typed broken neck,
snap neck, 1001 ways to break a neck etc... remember what happened to
him right? Anyways whats your take on the subject?
Reply With Quote