28558036-The-Google-Hackers-Guide-v1-0

28558036-The-Google-Hackers-Guide-v1-0 - The Google Hackers...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
The Google Hacker’s Guide johnny@ihackstuff.com http://johnny.ihackstuff.com - Page 1 - The Google Hacker’s Guide Understanding and Defending Against the Google Hacker by Johnny Long johnny@ihackstuff.com http://johnny.ihackstuff.com
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The Google Hacker’s Guide johnny@ihackstuff.com http://johnny.ihackstuff.com - Page 2 - GOOGLE SEARCH TECHNIQUES. ............................................................................................................... 3 GOOGLE WEB INTERFACE. .................................................................................................................................. 3 BASIC SEARCH TECHNIQUES. ............................................................................................................................. 7 GOOGLE ADVANCED OPERATORS. .......................................................................................................... 9 ABOUT GOOGLE’S URL SYNTAX. ................................................................................................................... 12 GOOGLE HACKING TECHNIQUES. .......................................................................................................... 13 DOMAIN SEARCHES USING THE ‘SITE’ OPERATOR. .......................................................................................... 13 FINDING ‘GOOGLETURDS’ USING THE ‘SITE’ OPERATOR. ................................................................................ 14 SITE MAPPING: MORE ABOUT THE ‘SITE’ OPERATOR. ..................................................................................... 15 FINDING DIRECTORY LISTINGS. ....................................................................................................................... 16 VERSIONING: OBTAINING THE WEB SERVER SOFTWARE / VERSION. ............................................................ 17 via directory listings . .................................................................................................................................. 17 via default pages . ........................................................................................................................................ 19 via manuals, help pages and sample programs. ........................................................................................ 21 USING GOOGLE AS A CGI SCANNER. ............................................................................................................... 23 USING GOOGLE TO FIND INTERESTING FILES AND DIRECTORIES. ................................................................... 25 ABOUT GOOGLE AUTOMATED SCANNING. ......................................................................................... 26 OTHER GOOGLE STUFF . ............................................................................................................................. 27 GOOGLE APPLIANCES. ..................................................................................................................................... 27 GOOGLEDORKS. ................................................................................................................................................ 27 GOOSCAN . ........................................................................................................................................................ 28 GOOPOT . .......................................................................................................................................................... 28 A WORD ABOUT HOW GOOGLE FINDS PAGES (OPERA). ................................................................ 30 PROTECTING YOURSELF FROM GOOGLE HACKERS. ..................................................................... 30 THANKS AND SHOUTS. ................................................................................................................................. 31
Background image of page 2
The Google Hacker’s Guide johnny@ihackstuff.com http://johnny.ihackstuff.com - Page 3 - The Google search engine found at www.google.com offers many different features including language and document translation, web, image, newsgroups, catalog and news searches and more. These features offer obvious benefits to even the most uninitiated web surfer, but these same features allow for far more nefarious possibilities to the most malicious Internet users including hackers, computer criminals, identity thieves and even terrorists. This paper outlines the more nefarious applications of the Google search engine, techniques that have collectively been termed “Google hacking.” The intent of this paper is to educate web administrators and the security community in the hopes of eventually securing this form of information leakage. Google search techniques Google web interface The Google search engine is fantastically easy to use. Despite the simplicity, it is very important to have a firm grasp of these basic techniques in order to fully comprehend the more advanced uses. The most basic Google search can involve a single word entered into the search page found at www.google.com . Figure 1: The main Google search page As shown in Figure 1, I have entered the word “sardine” into the search screen. Figure 1 shows many of the options available from the www.google.com front page. The Google toolbar The Internet Explorer browser I am using has a Google “toolbar” (a free download from toolbar.google.com) installed and presented under the address bar. Although the toolbar offers many different features, it is not a required element for performing advanced searches. Even the most advanced search functionality is available to any user able to access the www.google.com web page with any type of browser, including
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The Google Hacker’s Guide johnny@ihackstuff.com http://johnny.ihackstuff.com - Page 4 - text-based and mobile browsers.
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/12/2010 for the course ACC 452 taught by Professor Mr.cula during the Spring '10 term at Abraham Baldwin Agricultural College.

Page1 / 32

28558036-The-Google-Hackers-Guide-v1-0 - The Google Hackers...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online