Wednesday, January 12, 2005

Google Hacking: Essential Skill

Search engines are extremely useful tools. How much time do you spend each day searching on the internet? It is worth knowing how to use your favorite search engine well, and to know how to get the data you want. If you spend some time learning how to use your favorite search engine, you will save yourself time in the long haul. For all of those who use Google to search, there is a great site devoted to finding useful and revealing information here. If you register, you can download the "Google hacking guide", which outlines many tips and tricks to aid in your search of valuable information.

With the following search, you will return sites that probably contain sensitive or private information:

allinurl: admin mdb

One option that I consider invaluable at this point is the site: option, it allows the user to search only the specified domain during the search. If I wanted to search my blog, I could use the following string:

site:itsecureadmin.blogspot.com admin

Although the above string does not return anything, play with that option while searching a site that you are familiar with. You can also specify the extension of the file you are searching for, or the filetype.

There are many, many options to choose from and there is a Google Hacking Database that is maintained on johnny's web site.



Disclaimer: All information contained in this post is for educational purposes and should serve as a guide to protecting your own server or software, in addition to aiding those who search for knowledge without the intent to cause harm or damage to others.

No comments: