Ever wondered GOOGLE the world's most popular and powerful search engine can be used for malicious purposes. Google has the ability to accept pre-defined commands as input and produce unbeliviable results which enables hackers,crackers, and script kiddies etc to use Google search engine to gather confidential or sensitive information which are not visible through common searches. You can find websites vulnerable to SQL Injection, XSS attacks etc.
Google’s Advance Search Query Syntaxes-
Below disscused are various google special commands which can be used to dig some critical juicy information.
[inurl:]
The [inurl:] syntax restricts the search result to those URLs containing the search keyword.“inurl: admin” (without quotes) will return only links to those pages that have "admin" in the URL.
[intitle:]
the [intitle:] syntax restricts the search result to the pages containing the word inside.for example "intitle: administrator password" (without quotes)will give the link to all the pages which are having Administrator as their title and the word "password" anywhere in the page.
[Link:]
Link syntax will give the pages that have the link to a specified webpage.For example,"link:www.google.com" (without quotes) will list web pages that have link pointing to Google's homepage.
[releated:]
The releated syntax will give you the webpages which are similar to a specified webpage.for example,"releated:www.google.com" will list the webpages that are similar to Google's homepage.
[phonebook:]
"phonebook"searches for US phone number information.for exampe "phonebook:jack+LA will list down all the name which are having JACK in their name and lives in Los Angeles(LA).
[ filetype: ]
Using "filetype:" syntax google searches for a particlur file type(i.e .doc, .exe etc.)for example, “filetype:txt site:gov top secret”(without quotes) will look for the file type ".txt" extension in all the government domains with .gov extension and containing the word top secret either in the page or in the .txt file.
Looking for vulnerable sites or servers using “intitle:” or “allintitle:”
a.)Using [allintitle: "index of /root”] (without brackets) will give you the links to the web servers which give you the access to the restricted directories like "root" through web.
b.)Using [allintitle: "index of /admin”] (without brackets) will give you the links to the websites which have indexed browsing enabled for restricted directories like "admin".
Other interesting Search Queries
To search for sites vulnerable to Cross-Sites Scripting (XSS) attacks:
allinurl:/scripts/cart32.exe
allinurl:/CuteNews/show_archives.php
allinurl:/phpinfo.php
To search for sites vulnerable to SQL Injection attacks:
allinurl:/privmsg.php
inurl:trainers.php?id=
inurl:play_old.php?id=
No comments:
Post a Comment