O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Google Hacking for Penetration Testers

Book Description

This book helps people find sensitive information on the Web.

Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police” their own organizations.

Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

• Learn Google Searching Basics
Explore Google’s Web-based Interface, build Google queries, and work with Google URLs.
• Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
• Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
• Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
• Understand Google’s Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
• Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
• See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
• Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
• See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
• Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Acknowledgments
  5. Lead Author
  6. Contributing Authors
  7. Table of Contents
  8. Chapter 1: Google Searching Basics
    1. Introduction
    2. Exploring Google’s Web-based Interface
    3. Language Tools
    4. Building Google Queries
    5. Working With Google URLs
    6. URL Syntax
    7. Summary
    8. Solutions Fast Track
    9. Links to Sites
    10. Frequently Asked Questions
  9. Chapter 2: Advanced Operators
    1. Introduction
    2. Operator Syntax
    3. Troubleshooting Your Syntax
    4. Introducing Google’s Advanced Operators
    5. Allintext: Locate a String Within the Text of a Page
    6. Inurl and Allinurl: Finding Text in a URL
    7. Site: Narrow Search to Specific Sites
    8. Filetype: Search for Files of a Specific Type
    9. Link: Search for Links to a Page
    10. Inanchor: Locate Text Within Link Text
    11. Cache: Show the Cached Version of a Page
    12. Numrange: Search for a Number
    13. Daterange: Search for Pages Published Within a Certain Date Range
    14. Info: Show Google’s Summary Information
    15. Related: Show Related Sites
    16. Author: Search Groups for an Author of a Newsgroup Post
    17. Group: Search Group Titles
    18. Insubject: Search Google Groups Subject Lines
    19. Msgid: Locate a Group Post by Message ID
    20. Stocks: Search for Stock Information
    21. Define: Show the Definition of a Term
    22. Phonebook: Search Phone Listings
    23. Colliding Operators and Bad Search-Fu
    24. Summary
    25. Solutions Fast Track
    26. Links to Sites
    27. Frequently Asked Questions
  10. Chapter 3: Google Hacking Basics
    1. Introduction
    2. Anonymity with Caches
    3. Directory Listings
    4. Locating Directory Listings
    5. Finding Specific Directories
    6. Finding Specific Files
    7. Server Versioning
    8. Going Out on a Limb: Traversal Techniques
    9. Incremental Substitution
    10. Extension Walking
    11. Summary
    12. Solutions Fast Track
    13. Links to Sites
    14. Frequently Asked Questions
  11. Chapter 4: Document Grinding and Database Digging
    1. Introduction
    2. Configuration Files
    3. Log Files
    4. Office Documents
    5. Database Digging
    6. Login Portals
    7. Support Files
    8. Error Messages
    9. Database Dumps
    10. Actual Database Files
    11. Automated Grinding
    12. Google Desktop Search
    13. Summary
    14. Solutions Fast Track
    15. Links to Sites
    16. Frequently Asked Questions
  12. Chapter 5: Google's Part in an Information Collection Framework
    1. Introduction
    2. The Principles of Automating Searches
    3. The Original Search Term
    4. Expanding Search Terms
    5. Getting the Data From the Source
    6. Parsing the Data
    7. Post Processing
    8. Applications of Data Mining
    9. Most Interesting
    10. Collecting Search Terms
    11. On the Web
    12. Spying on Your Own
    13. Honey Words
    14. Referrals
    15. Summary
  13. Chapter 6: Locating Exploits and Finding Targets
    1. Introduction
    2. Locating Exploit Code
    3. Locating Public Exploit Sites
    4. Locating Exploits Via Common Code Strings
    5. Locating Code with Google Code Search
    6. Locating Malware and Executables
    7. Locating Vulnerable Targets
    8. Locating Targets Via Demonstration Pages
    9. Locating Targets Via Source Code
    10. Locating Targets Via CGI Scanning
    11. Summary
    12. Solutions Fast Track
    13. Frequently Asked Questions
  14. Chapter 7: Ten Simple Security Searches That Work
    1. Introduction
    2. Summary
    3. Solutions Fast Track
    4. Frequently Asked Questions
  15. Chapter 8: Tracking Down Web Servers, Login Portals, and Network Hardware
    1. Introduction
    2. Locating and Profiling Web Servers
    3. Default Pages
    4. Default Documentation
    5. Sample Programs
    6. Locating Login Portals
    7. Using and Locating Various Web Utilities
    8. Targeting Web-Enabled Network Devices
    9. Locating Various Network Reports
    10. Locating Network Hardware
    11. Summary
    12. Solutions Fast Track
    13. Frequently Asked Questions
  16. Chapter 9: Usernames, Passwords, and Secret Stuff, Oh My!
    1. Introduction
    2. Searching for Usernames
    3. Searching for Passwords
    4. Searching for Credit Card Numbers, Social Security Numbers, and More
    5. Social Security Numbers
    6. Personal Financial Data
    7. Searching for Other Juicy Info
    8. Summary
    9. Solutions Fast Track
    10. Frequently Asked Questions
  17. Chapter 10: Hacking Google Services
    1. AJAX Search API
    2. Calendar
    3. Blogger and Google’s Blog Search
    4. Signaling Alerts
    5. Google Co-op
    6. Google Code
  18. Chapter 11: Google Hacking Showcase
    1. Introduction
    2. Geek Stuff
    3. Cameras
    4. Telco Gear
    5. Power
    6. Sensitive Info
    7. Social Security Numbers
    8. Beyond Google
    9. Summary
  19. Chapter 12: Protecting Yourself from Google Hackers
    1. Introduction
    2. A Good, Solid Security Policy
    3. Web Server Safeguards
    4. Hacking Your Own Site
    5. Getting Help from Google
    6. Summary
    7. Solutions Fast Track
    8. Links to Sites
    9. Frequently Asked Questions
  20. Index
  21. Instructions for online access