Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Any thoughts on War-Googling?

From: IndianZ <indianz () indianz ch>
Date: Sun, 18 Apr 2004 19:23:11 +0200
Hi 

Well, I think there is some filtering from the search engines maintainers, 
that's why it isn't as known and successful as it could be. You can use 
different search engines who support boolean logic (most search engines 
will), like

www.teoma.com   www.wisenut.com www.google.com

and search for different path's or filenames, like

C:\winnt                                WinNT/2K Default-Directory
C:\inetpub                      IIS Default-Directory
TSWeb/default.htm               Win2K Terminal Services
url:.htaccess                   HTA-Access-File
url:.htpasswd                   Password-File
url:etc AND link:passwd Password-File

And Google supports another special trick:

filetype:XLS/DOC                searching for Documents

And now apply this for Scripting Paths, CGIs, Executables
and all that you can find on target servers ;-)

GreetZ from IndianZ

mailto:indianz () indianz ch
http://www.indianz.ch



On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote:

Hello,

Is there anybody who is common with the technique described in this
article?

http://www.ebcvg.com/articles.php?id=207

It says something about using Google to target servers by searching
paths to vulnerabilities.

Any thoughts on that?

Kind regards,

Aschwin Wesselius

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: