Using Google to hack 2014
++++Using google to hack, crack, and just plain find what you need!++++
++++This tutorial was written by bee0101100++++
++++You can freely distribute this tutorial to anyone you know.++++
#Before we begin, I strongly recommend reading through http://www-db.stanford.edu/~backrub/google.html
#This article will help you understand the inner workings of a search engine (if you're not already ereet)
What is this tutorial about?
-It's about using google to get the information you need, fast
Why should I read it?
-Because at the end of this tutorial, you'll be able to use google to find WHATEVER you need!
Why are you writing it?
-Because all of the greet programmers at irc.smart-dev.com/irc.zoite.net are tired of people asking us questions,
when they could just ask lord google
Do I need to gather any tools for this tutorial?
-A web browser (i.e. lynx, mozilla), and confidence in the fact that you aren't inept
Now the 'tutorial'
Google is the S***. You can find virtually ANYTHING you want with it. "©2003 Google - Searching 3,083,324,652 web
pages" as of Sunday, February 16, 2003! I use google for pretty much anything. Any question you have can be answered
90% of the time in the first 20 results, if you search properly. In the next few sections I will be going over some
basic/advanced/UBER COOL techniques for searching.
I.Getting started
-Open your web browser, and goto http://www.google.com (if it isn't your homepage, which it should be!)
-Now, click on preferences- Most of this should be fine preset, but make sure you fill in the "do not filter my
search results," and select 100 results per page from the drop down menu, then fill in the last bubble (if thats
your thing). Click save preferences (note: they will only be saved if you have cookies enabled).
-Now that you have everything set up, let's see everything google has to offer (because google has a slew of useful
tools). First theres the web search, which is the topic of this article. After that theres the image search, which
is pretty useful if you want to find a picture of someone you know (I will go into detail later on), or if you just
wannt to find some free porn! Sicko. Next up: Groups. I LOVE this feature! You can search year, and years, and years,
of posts on USENET discussion boards. I have gotten SO much valuable information (mostly stuff to help me crack my
target) just by using this feature. I will also go indepth on this feature as well. Next to last: Directory searching.
This is pretty useful if you want to find information on a TOPIC. For instance if you wanted to do a biology project
on genetic disorders you would use this. Last up: News. This is a fairly new feature, added a few months ago. It
tells you how recent articles are (by the hour, pretty cool!). You can look at world news on World, U.S., buisness,
Science/Tech, Sports, Entertainment, and Health.
II.Google for Web searches
(BASIC)
-Well, you've got a broad sense of what google does, so lets get right into the specifics! I can hardly wait!
A. Deciding on keywords
-Try specific keywords first (i.e. search for elephant as opposed to animals)
-Make searches as specific as you can.
-Keep searches as specific as you can!
+Note: The more specific you want your search to be, the more words you need, and you'll get less results
(this can be a bad or good thing)
B. How it works
-When you search for hacker tutorials, google interprets it as hacker AND tutorials, so it returns only pages
with all of the keywords you entered by default
-When you search for tutorials for hackers, the word for is omitted, as are all other words like if, a, who,
what, when, where, and how. If you need to include a common word in your search phrase use a '+' before the
common word. Your search is now tutorials +for hackers.
+note: google is not case sensitive
+note: google does not use wildcards (searching for googl* will not return google)
(ADVANCED)
A. ""'s
-Using quotations is probably the most important part of an advanced search. You can really control the
results of your search using quotes. When you use quotes, all of your results will contain the exact phrase.
So if you were to search "Tutorial for hacking" Google would search 3,083,324,652 web sites for that exact
phrase.
-You can put part of your search in quotes, and the other a regular search. For instance, if I wanted to find
out what pages my friend that just happens to be a girl is on the internet, I would search "Firstname
Lastname" Thomas Dale. This would search for the exact phrase "her name" and then it would search for any
pages that contained the words Thomas Dale(Thomas Dale is my highschool).
+Find me! My name is alejandro(alex), and i'm part of the smart-dev community Wink
B. "-"'s
-Using '-' to omit results. Perhaps you're searching for a new type of password file, for a new webserver.
The password file is called passwerd.db, but when you do a simple in title search(just keep reading, you'll
understand later) all you get is a bunch of results that turn out to be a config file that has syntax
referring to passwerd.db. Lets say this config file is named config(go figure). Omit this from your search
simply by searching searchstring -config and viola you get a list of sites that display passwerd.db to the
public! You can also use the boolean term NOT.
(HACKING/CRACKING)
Yay! This is why I wrote this article!
INTRO TO HACKING/CRACKIGN WITH GOOGLE
-Many of you probably already know this, but you can hack/crack with google. I use it in 100% of the
hacks/cracks I perform. You can use google to help you hack/crack in a few different ways. I will discuss
these in the sections below ("no S***!")
A. intitle:
-This is a built in function in google that searches for your phrase in the title of a web page. The
title of a webpage is in the upper left of your current window. (you should see google.txt if someone
hasnt changed the name). This is useful if you want to find something VERY specific.
-examples: intitle:"billing" intitle:"payments" intitle:"passwd"
B. Directory Indexing
-One GREAT trick is to find sites that allow directory indexing. This can be done by searching
intitle:"index of" phrase. Your mind should now be about to explode with the possibilities this could
hold. If it doesn't, that's ok, because if you look at the end of this article you'll see i've
provided you with an uber cool list! Here are some basic phrases you can use: intitle:"index of"
"passwd" OR "passwd.txt" OR "AutismIsSoCool!". This searches for files named passwd or if that isnt
found, searches for passwd.txt or if that isnt found searches for AutismIsCool! Think original, and
you can come up with the coolest stuff! I'm not just talking about passwords... I'm talking about
warez, passwords, and even credit card numbers!!! (although to be honest it's not easy Wink)
C. allinurl:
-Guess what this does! Basically I use this when I want to find a piece of software. When i'm at school we
have some stupid web site filter, that doesn't allow me to download AIM (AOL instant messenger uhhh tm) so
basically I just do a search for allinurl:"aim.exe" and I get to take my pick! This can also be used for
passwd, passwd.txt, and so on
D. Cache
-Perhaps you have been searching for intitle:"index of" etc/shadow, and you see what looks like a valid
shadow file in your results list, but you cant access it, because you arent root, or whatever. Well thanks to
google cache, it may be possible for you to view this file. Just click the little chached link under the
result!
+note: this doesnt work 100% of the time
E. Collecting info on your target
-You can use google to find all sorts of juicy information about your target. For instance, if you wanted to
know what @target.com addresses were on the site, just search "@target.com" site:www.target.com. You should
get a nice list of email addresses. (these can double as usernames for other things besides emails)
-GOOGLE GROUPS is a great way to get info on a target. Just click the groups tab and search for @target.com,
and you will see everything anyone from your target has EVER posted on a usenet board! This is a real good
one!
THATS IT! THAT'S THE WHOLE TUTORIAL!
Summary: Well I hope you learned something from this article. Wether you were a complete noob, an advanced internet user,
or an ereet hacker, I tried to teach you all something. Remember- don't ever give up after only a few minutes of
searching... You'll get the right combination of keywords sooner or later. Just try to imagine what words you would use
for the item you are trying to find Wink. Now GO! I officialy deem you "Google lord!"
(APPENDIX A)
-This is a list of all the cool searches I've found over the years
-PLEASE add to it! add your searches, and put the date you added it next to the search, then upload it somewhere
allinurl: winnt/system32/ (get cmd.exe)
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart **GOOD ONE!
-and hey! wouldnt you know it! someone has already taken care of the rest of this appendix for me! Thanks Bawa!
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
shtml.dll
index.cfm
page.cfm
shtml.exe
web_store.cgi
shop.cgi
upload.asp
default.asp
pbserver.dll
phf
test-cgi
finger
Count.cgi
jj
php.cgi
php
nph-test-cgi
handler
webdist.cgi
webgais
websendmail
faxsurvey
htmlscript
perl.exe
wwwboard.pl
www-sql
view-source
campas
aglimpse
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
filemail.pl
maillist.pl
info2www
files.pl
bnbform.cgi
survey.cgi
classifieds.cgi
wrap
cgiwrap
edit.pl
perl
names.nsf
webgais
dumpenv.pl
test.cgi
submit.cgi
guestbook.cgi
guestbook.pl
cachemgr.cgi
responder.cgi
perlshop.cgi
query
w3-msql
plusmail
htsearch
infosrch.cgi
publisher
ultraboard.cgi
db.cgi
formmail.cgi
allmanage.pl
ssi
adpassword.txt
redirect.cgi
cvsweb.cgi
login.jsp
dbconnect.inc
admin
htgrep
wais.pl
amadmin.pl
subscribe.pl
news.cgi
auctionweaver.pl
.htpasswd
acid_main.php
access.log
log.htm
log.html
log.txt
logfile
logfile.htm
logfile.html
logfile.txt
logger.html
stat.htm
stats.htm
stats.html
stats.txt
webaccess.htm
wwwstats.html
source.asp
perl
mailto.cgi
YaBB.pl
mailform.pl
cached_feed.cgi
global.cgi
Search.pl
build.cgi
common.php
show
global.inc
ad.cgi
WSFTP.LOG
index.html~
index.php~
index.html.bak
index.php.bak
print.cgi
register.cgi
webdriver
bbs_forum.cgi
mysql.class
sendmail.inc
CrazyWWWBoard.cgi
search.pl
way-board.cgi
webpage.cgi
pwd.dat
adcycle
post-query
help.cgi
