| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: fabio_weissert at hotmail.com (Fabio Weissert) Subject: Any thoughts on War-Googling? related: http://www.securityfocus.com/columnists/224 Rgds, -F > >Hi > >Well, I think there is some filtering from the search engines maintainers, >that's why it isn't as known and successful as it could be. You can use >different search engines who support boolean logic (most search engines >will), like > >www.teoma.com www.wisenut.com www.google.com > >and search for different path's or filenames, like > >C:\winnt WinNT/2K Default-Directory >C:\inetpub IIS Default-Directory >TSWeb/default.htm Win2K Terminal Services >url:.htaccess HTA-Access-File >url:.htpasswd Password-File >url:etc AND link:passwd Password-File > >And Google supports another special trick: > >filetype:XLS/DOC searching for Documents > >And now apply this for Scripting Paths, CGIs, Executables >and all that you can find on target servers ;-) > >GreetZ from IndianZ > >mailto:indianz@...ianz.ch >http://www.indianz.ch > > > >On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote: > > Hello, > > > > Is there anybody who is common with the technique described in this > > article? > > > > http://www.ebcvg.com/articles.php?id=207 > > > > It says something about using Google to target servers by searching > > paths to vulnerabilities. > > > > Any thoughts on that? > > > > Kind regards, > > > > Aschwin Wesselius > > _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Powered by blists - more mailing lists