| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200404181923.11881.indianz@indianz.ch> From: indianz at indianz.ch (IndianZ) Subject: Any thoughts on War-Googling? Hi Well, I think there is some filtering from the search engines maintainers, that's why it isn't as known and successful as it could be. You can use different search engines who support boolean logic (most search engines will), like www.teoma.com www.wisenut.com www.google.com and search for different path's or filenames, like C:\winnt WinNT/2K Default-Directory C:\inetpub IIS Default-Directory TSWeb/default.htm Win2K Terminal Services url:.htaccess HTA-Access-File url:.htpasswd Password-File url:etc AND link:passwd Password-File And Google supports another special trick: filetype:XLS/DOC searching for Documents And now apply this for Scripting Paths, CGIs, Executables and all that you can find on target servers ;-) GreetZ from IndianZ mailto:indianz@...ianz.ch http://www.indianz.ch On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote: > Hello, > > Is there anybody who is common with the technique described in this > article? > > http://www.ebcvg.com/articles.php?id=207 > > It says something about using Google to target servers by searching > paths to vulnerabilities. > > Any thoughts on that? > > Kind regards, > > Aschwin Wesselius > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists