|
Full Disclosure
mailing list archives
Re: Any thoughts on War-Googling?
From: "Fabio Weissert" <fabio_weissert () hotmail com>
Date: Sun, 18 Apr 2004 18:10:48 +0000
related: http://www.securityfocus.com/columnists/224
Rgds,
-F
Hi
Well, I think there is some filtering from the search engines maintainers,
that's why it isn't as known and successful as it could be. You can use
different search engines who support boolean logic (most search engines
will), like
www.teoma.com www.wisenut.com www.google.com
and search for different path's or filenames, like
C:\winnt WinNT/2K Default-Directory
C:\inetpub IIS Default-Directory
TSWeb/default.htm Win2K Terminal Services
url:.htaccess HTA-Access-File
url:.htpasswd Password-File
url:etc AND link:passwd Password-File
And Google supports another special trick:
filetype:XLS/DOC searching for Documents
And now apply this for Scripting Paths, CGIs, Executables
and all that you can find on target servers ;-)
GreetZ from IndianZ
mailto:indianz () indianz ch
http://www.indianz.ch
On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote:
> Hello,
>
> Is there anybody who is common with the technique described in this
> article?
>
> http://www.ebcvg.com/articles.php?id=207
>
> It says something about using Google to target servers by searching
> paths to vulnerabilities.
>
> Any thoughts on that?
>
> Kind regards,
>
> Aschwin Wesselius
>
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- Re: Any thoughts on War-Googling?, (continued)
|
Intro
