lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Law10-F51N8mPB47GRR0003613d@hotmail.com>
From: fabio_weissert at hotmail.com (Fabio Weissert)
Subject: Any thoughts on War-Googling?

related: http://www.securityfocus.com/columnists/224


Rgds,


-F



>
>Hi
>
>Well, I think there is some filtering from the search engines maintainers,
>that's why it isn't as known and successful as it could be. You can use
>different search engines who support boolean logic (most search engines
>will), like
>
>www.teoma.com	www.wisenut.com	www.google.com
>
>and search for different path's or filenames, like
>
>C:\winnt				WinNT/2K Default-Directory
>C:\inetpub			IIS Default-Directory
>TSWeb/default.htm		Win2K Terminal Services
>url:.htaccess			HTA-Access-File
>url:.htpasswd			Password-File
>url:etc AND link:passwd	Password-File
>
>And Google supports another special trick:
>
>filetype:XLS/DOC		searching for Documents
>
>And now apply this for Scripting Paths, CGIs, Executables
>and all that you can find on target servers ;-)
>
>GreetZ from IndianZ
>
>mailto:indianz@...ianz.ch
>http://www.indianz.ch
>
>
>
>On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote:
> > Hello,
> >
> > Is there anybody who is common with the technique described in this
> > article?
> >
> > http://www.ebcvg.com/articles.php?id=207
> >
> > It says something about using Google to target servers by searching
> > paths to vulnerabilities.
> >
> > Any thoughts on that?
> >
> > Kind regards,
> >
> > Aschwin Wesselius
> >

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ