[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Law10-F51N8mPB47GRR0003613d@hotmail.com>
From: fabio_weissert at hotmail.com (Fabio Weissert)
Subject: Any thoughts on War-Googling?
related: http://www.securityfocus.com/columnists/224
Rgds,
-F
>
>Hi
>
>Well, I think there is some filtering from the search engines maintainers,
>that's why it isn't as known and successful as it could be. You can use
>different search engines who support boolean logic (most search engines
>will), like
>
>www.teoma.com www.wisenut.com www.google.com
>
>and search for different path's or filenames, like
>
>C:\winnt WinNT/2K Default-Directory
>C:\inetpub IIS Default-Directory
>TSWeb/default.htm Win2K Terminal Services
>url:.htaccess HTA-Access-File
>url:.htpasswd Password-File
>url:etc AND link:passwd Password-File
>
>And Google supports another special trick:
>
>filetype:XLS/DOC searching for Documents
>
>And now apply this for Scripting Paths, CGIs, Executables
>and all that you can find on target servers ;-)
>
>GreetZ from IndianZ
>
>mailto:indianz@...ianz.ch
>http://www.indianz.ch
>
>
>
>On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote:
> > Hello,
> >
> > Is there anybody who is common with the technique described in this
> > article?
> >
> > http://www.ebcvg.com/articles.php?id=207
> >
> > It says something about using Google to target servers by searching
> > paths to vulnerabilities.
> >
> > Any thoughts on that?
> >
> > Kind regards,
> >
> > Aschwin Wesselius
> >
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
Powered by blists - more mailing lists