lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4314BA61.9060609@gnucitizen.org>
Date: Tue Aug 30 20:58:45 2005
From: ppetkov at gnucitizen.org (Petko Petkov)
Subject: Massive Enumeration Toolset

You should be able to find the script under c:\Python24\scripts

c:
cd c:\Python24\scripts
python google

I know it is different under windows.

CrittendenIV wrote:

>Very cool. However, I am having issues getting it to run on Windows. I have
>python installed. Is there a quickstart?
>
>Thanks
>CrittendenIV
>
>-----Original Message-----
>From: full-disclosure-bounces@...ts.grok.org.uk
>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Petko Petkov
>Sent: Tuesday, August 30, 2005 8:24 AM
>To: Josh perrymon; pen-test@...urityfocus.com;
>full-disclosure@...ts.grok.org.uk
>Subject: Re: [Full-disclosure] Massive Enumeration Toolset
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
> 
>Massive Enumeration Toolset is a collection of python based scripts.
>However, you can use it
>as a library if you want to code your own tools. I hope it is easy to use.
>
>The main Google tool is called google. After installation this tool
>should be in /usr/bin/ ...
>You can use the tool in many different ways:
>
>* Download all VPN configuration files from the net and hack into them
>google web --tool=mobile -r100 -d5 -l:10 'main filetype:pcf'
>- --exec='wget -x %(URL)'
>
>* Test via GHDB
>google ghdb --database=ghdb.xml --tool=mobile
>- --filter='querystring.find("asp")>=0' 'site:microsoft.com'
>
>* Download cache via Google API
>google cache http://www.microsoft.com --key=your_key
>google cahce http://www.microsoft.com --ouput=index.html --key=you_key
>
>* Download cache via Google Mobile (you don't need license key)
>google cache http://www.micorosft.com --tool=mobile
>
>* Get Google Sets
>google sets microsoft linux
>
>* Get Google Spell
>google spell 'icorosft indows'
>
>* Google Images (similar to WEB) - get all images from microsoft.com
>sleeping every one second, getting 100 results per query, running on 6
>levels (0 - 5)
>google images --tool=mobile 'site:microsoft.com' -d1 -r100 -l:5
>
>* Google Web
>google web --key=your_key 'pentesting'
>
>* Google Web - get snips
>google web --tool=mobile 'pentesting' -S -T -U -s
>
>* Google Web - download pages
>google web --tool=mobile 'site:microsoft.com' --exec='wget -x %(URL)'
>
>There are many more options that I cannot discuss here. I should write
>a tutorial. :)
>
>Josh perrymon wrote:
>
>  
>
>>I think this is of great use to pen-testers. How do you use the
>>software? If is a separate pgm or script based?
>>
>>JP
>>
>>-----Original Message----- From:
>>full-disclosure-bounces@...ts.grok.org.uk
>>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
>>Petko Petkov Sent: Tuesday, August 30, 2005 9:34 AM To:
>>pen-test@...urityfocus.com; full-disclosure@...ts.grok.org.uk
>>Subject: [Full-disclosure] Massive Enumeration Toolset
>>
>>    
>>
>
>  
>
>>Hello everybody,
>>
>>I've been playing around with Google and Googles' API in the last
>>two months. I found out that Google is extremely powerful when it
>>comes to passive enumeration. This is the reason why I put myself
>>into coding a small tool, or library if you like, that can perform
>>various information-gathering techniques. So far, I have
>>implemented Google. I have other interesting ideas that I will put
>>into code latter.
>>
>>
>>The tool can be downloaded from:
>>http://www.gnucitizen.org/met/download/
>>
>>
>>You need python in order to execute it. I want to make it clear
>>that this is POC. Do not use it for hacking, and pleas read
>>Google's Terms of Service first from the following address:
>>http://www.google.co.uk/intl/en/terms_of_service.html
>>
>>On the other hand I am very interesting to know how do you find the
>>tool. I am open to any suggestions and contributions as long as
>>they match my initial idea.
>>
>>Thanks and have fun.
>>
>>
>>
>>
>>
>>    
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.1 (MingW32)
> 
>iD8DBQFDFHn7Ff/6vxAyUpgRApc8AJ9tvyKEOE3+CQvKo9Gg00CxS6vZuACgpGbA
>OtYGMRBi/TelxpOp7tFm1w8=
>=GqxR
>-----END PGP SIGNATURE-----
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>  
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ