Technology Advances

Google Hack :: How to search on Google

How to search Google!

Gooogle using some very interesting things we find fun or we
submit a page to allow intrusion. Thanks to johnny ihackstuff


We can find

Credit card numbers:
Passwords
Programs / MP3's
ETC ... After seeing these examples try to create their own searches for
specifically get what they want.

Pruben these searches:

intitle: "Index of" passwords modified
allinurl: auth_user_file.txt
"Access denied for user" "using password"
"A syntax error has occurred" filetype: iHTML
allinurl: admin mdb
"ORA-00921: unexpected end of SQL command"
inurl: passlist.txt
"Index of / backup"
"Chatologica metasearch" "stack tracking:"

Q are to imagine these Grin:

Amex Numbers: 300 .. 399
MC Numbers: 517800 .. 517899
visa 435600 .. 435699

Directories and passwords revealed:

"Parent directory"
/ Appz /-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

"Parent directory"
DVDRip-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

"Parent directory" Xvid-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

"Parent directory"
Gamez-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

"Parent directory" MP3-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

"Parent directory" Name of Singer or
album-xxx-html-htm-php-shtml-md5-md5sums-OpenDivX

In these searches'm just changing the name after the parent directory
", Change it to whatever you want and you will get different results.

Try these searches:

? Intitle: index.of? mp3

Q There are only put you artist name or song

Example:? Intitle: index.of? Metallica mp3

inurl: microsoft filetype: iso

Can change the search to whatever you want, example: Microsoft to Linux
rar iso ....

"#-FrontPage-" inurl: service.pwd
Cheesy Frontpage passwords

"Autocreate = TRUE password =*"
Passwords "Website Access Analyzer", a Japanese program creates q
TATISTICS web.

"Http:// *: * @ www" domain

Passwords, just replace "domain" with the domain q look without it. Com
. Net q or whatever.

Example:
"Http:// *: * @ www" micronosoft or "http:// *: * @ www" micronosoft

Another way is to write:
"Http://bob:bob @ www /";

"Sets mode: + k"
This search reveals passwords on IRC channel logs.

allinurl: admin mdb
Grin Databases

allinurl: auth_user_file.txt
File DCForum's password and DCShop (shopping cart). This
crackeable file containing many passwords, user names and
emails.

intitle: "Index of" config.php
Nomarlmente These files contain the user and password for dir
database administration datos.Tendras total DB.

eggdrop filetype: user user
Usernames and passwords on IRC channels.

intitle: index.of.etc
This search will show the main page of the folder etc / where
You can find many important files and passwords are not always
passwords, but you'll find many interesting things here.

filetype: bak inurl: "htaccess | passwd | shadow | htusers"
This will show many files backups (backups) created by programs or
by the administrator.

If you need to find some serial numbers for any program, say windows
XP Professional.

"Windows XP Professional" 94FBR

The devido aq 94FBR is this piece of code is in many
CD-keys for windows, so this will decrease the amount q of q porn pages
attempt to deceive.

Why take the trouble of attacking a website in search of
vulnerabilities that have gone unnoticed when you can enter with
comfortably through the front door?

These intrusions can be done through existing databases
Internet connection. As tools for database management
used templates (templates) for submitting standardized data
the network to enter the user certain specific phrases can often
direct access to pages using these templates. For
example, by entering the phrase "Select a database to view" (select one
database to see)-a normal stage in the database interface
FileMaker Pro "in Google, it got about 200 links, the
which led to almost all databases created with FileMaker to which
can be accessed online.

For example if you use the following:
1 - http://www.google.com/
2 - Search
"Index of / admin" + passwd
or
"Index of / wwwboard" + passwd
or
"Index of / backup" + mdb
Really great results.!

If you write down what appears in the google search you can access
database, passwords, websites with bugs, even card numbers
credit. Practice a bit and try out different commands, then create your
own lines to search. A good site with information on how to hack
google is http://johnny.ihackstuff.com/ is in English, but will not reach
nothing if not visit sites like this

filetype: htpasswd htpasswd
intitle: "Index of". "htpasswd"-intitle: "dist"-apache-htpasswd.c
index.of.private (a private)
intitle: index.of master.passwd
inurl: passlist.txt (to find lists of passwords)
intitle: "Index of .. etc" passwd
intitle: admin intitle: login
"Incorrect syntax near '(SQL script error)
intitle: "the page can not be found" inetmgr (weakness in IIS4)
intitle: index.of ws_ftp.ini
"Supplied arguments is not a valid PostgreSQL result" (possible weakness
SQL)
_vti_pvt password intitle: index.of (Frontpage)
inurl: backup intitle: index.of inurl: admin
"Index of / backup"
index.of.password
index.of.winnt

inurl: "auth_user_file.txt"
"Index of / admin"
"Index of / password"
"Index of / mail"
"Index of /" + passwd
Index of / "+. Htaccess
Index of ftp +. Mdb allinurl: / cgi-bin / + mailto
allintitle: "index of / admin"
allintitle: "index of / root"
allintitle: sensitive filetype: doc
allintitle: restricted filetype: mail
allintitle: restricted filetype: doc site: gov
administrator.pwd.index
authors.pwd.index
service.pwd.index
filetype: config web
gobal.asax index
inurl: passwd filetype: txt
inurl: admin filetype: db
inurl: iisadmin
inurl: "auth_user_file.txt"
inurl: "wwwroot / *."
allinurl: winnt/system32 / (get cmd.exe)
allinurl: / bash_history
intitle: "Index of". sh_history
intitle: "Index of". bash_history
intitle: "Index of" passwd
intitle: "Index of" people.1st
intitle: "Index of" pwd.db
intitle: "Index of" etc / shadow
intitle: "Index of" SPWD
intitle: "Index of" master.passwd
intitle: "Index of" htpasswd
intitle: "Index of" members OR accounts
intitle: "Index of" user user_carts _cart OR

_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
test-cgi
wwwboard.pl
www-sql
pwd.dat
WS_FTP.LOG

Google disclose data does not seem all that complicated, especially for all
misconfigured systems ... can display a specific search
directory indexing and accessing, password, files,
roads, etc, etc ...

The Search Tips

the common search inputs below will give you an idea ... by
example if you want to search the index of "root"

Example 1:

allintitle: "index of / root"

Result:

http://www.google.com/search?hl=en&ie=IS...llintitle% 3A +% + of 22index
% 2Froot% 22 & btnG = Google + Search

What it reveals is 2.510 pages you can see and possibly
find your will ...

Example 2:

inurl: "auth_user_file.txt"

http://www.google.com/search?num=100&hl=...1&q=inurl% 3A% 22au
th_user_file.txt% 22 & btnG = Google + Search

This gives a figure of 414 possible files to access

OUT THE ROAD

"Index of / admin"
"Index of / password"
"Index of / mail"
"Index of /" + passwd
"Index of /" + password.txt
"Index of /" +. Htaccess
index of ftp +. mdb allinurl: / cgi-bin / + mailto

administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype: config web
gobal.asax index

allintitle: "index of / admin"
allintitle: "index of / root"
allintitle: sensitive filetype: doc
allintitle: restricted filetype: mail
allintitle: restricted filetype: doc site: gov

inurl: passwd filetype: txt
inurl: admin filetype: db
inurl: iisadmin
inurl: "auth_user_file.txt"
inurl: "wwwroot / *."

top secret site: thousand
confidential site: thousand

allinurl: winnt/system32 / (get cmd.exe)
allinurl: / bash_history

intitle: "Index of". sh_history
intitle: "Index of". bash_history
intitle: "index of" passwd
intitle: "index of" people.lst
intitle: "index of" pwd.db
intitle: "index of" etc / shadow
intitle: "index of" SPWD
intitle: "index of" master.passwd
intitle: "index of" htpasswd
intitle: "index of" members OR accounts
intitle: "index of" user_carts OR user_cart

ALTERNATIVE INPUTS

_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
Showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe


To search the hacker language:

http://www.google.com/intl/xx-hacker/

To search for Linux user mode:
http://www.google.com/linux

To find pages by the proximity to a geographical point:
http://labs.google.com/location

To search how yanquee (ugh!)
http://www.google.com/unclesam

To search for pages to see the results in an animated sequence (test
to understand):
http://labs.google.com/gviewer.html

To search for MAC mode:
http://www.google.com/mac

To search with Google's voice calling over the phone (not fuck)
http://labs1.google.com/gvs.html

To search how Micro $ oft:
http://www.google.com/microsoft.html

To see the definition of a word or phrase:
http://labs.google.com/glossary

To answer any question through google human researchers:
http://answers.google.com/answers/

For google alert you by mail news appearance somewhere
the world on a topic that interests you:
http://www.google.com/newsalerts

To search how BSD
http://www.google.com/bsd

To search universities (U.S. only):
http://www.google.com/options/universities.html

To seek the opinion people have about something:
http://labs.google.com/cgi-bin/webquotes

To search without using the mouse (all from the keyboard, it handles like vi!)
http://labs.google.com/keys/index.html

To search for commercial products, according to price, quality, and other attributes:
http://froogle.google.com/

To search from a Palm, a cell phone or other wireless device:
http://www.google.com/options/wireless.html

This is just for educational mode, use it at your own risk