Google hacking

[catchyanow]

The things google can do. This is just a quick guide that I will give.

Reference:

Google Hackers

How to cyberstalk employees (IronGeek)

First go to google and type in: inurl:service.pwd

And choose you target site. You can find out the site administration or even users passwords here!

Now look at the address

You should see something like http://www.SiteNameHere.com/something(I got _vti_pvt - that's basically where the index of is)/service.pwd

Now look at the / after the domain name. Get rid of the /service.pwd and hit enter. If you are lucky you should get one of those Index of /_vti_pvt things. Now feel free to look at the files. I chose WS_FTP.LOG and found the persons real name!

Some file worth looking at are:

service.pwd (of course)

The access.cnf file (gives you the login page for the password from the service.pwd)

service.cnf (some useful information)

service.grp (the list of site administrators)

WS_FTP.LOG (the directory of all the saved files on their actual computer)

svcacl.cnf (this can give you the options the person has chosen for their site)

Most of the other files are just random garble and some that can not be opened in your browser (eg .btr files)

I hope this helps you with you google hacking ;)

[L1qu1D]

Johnny was pretty much the one who exposed Google hacking, and has been around for years. As for all the cool stuff you can search for visit the GHDB-Google Hacking Database. A lot of people contribute often to the GHDB and post their search keyword finds. A cool one back in the day was the Axis "Unsecured" cameras lol.

[operat0r_001]

http://shodan.surtri.com/?q=Www-authentica...2000&page=5

http://rmccurdy.com/scripts/myipneighbors.bash.txt

wikto

http://rmccurdy.com/scripts/videos/rmccurd..._Wikto_Aura.swf