Google Hacking: Tame the internet Information Assurance Group 2011.

Slides:

Advertisements

Similar presentations

WordPress Installation for Beginners Sheila Bergman

Advertisements

B: STUDENT DRIVE MOVE INSTRUCTIONS. Using Internet Explorer: From your computers desktop, double click on the Internet Explorer icon. (Internet Explorer.

E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.

Editorial roles Members of a Manila site can be assigned an editorial role if you want to grant them access to write stories or modify the appearance of.

Google as a Hacking Tool James Lee Advanced Searching.

Becoming a search ninja.. First. Know your enemy.

Installing Instant WordPress 1)Download Instant WordPress from the following location:- 2) Double Click on the downloaded.

1 State Records Center Searching and Requesting Inventory  Versatile web address:  Look for any new ‘Special.

Google Chrome & Search C Chapter 18. Objectives 1.Use Google Chrome to navigate the Word Wide Web. 2.Manage bookmarks for web pages. 3.Perform basic keyword.

Web Portal Training.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

WebGoat & WebScarab “What is computer security for $1000 Alex?”

Finding Credible Sources Research Report Library Presentation.

Google hacking & optimizing search results Faris Aloul November 2011.

Museum Box is a free website that allows users to create a project using cubes to organize information. Users can use text, images, sounds, web links and.

Google Search Using internet search engine as a tool to find information related to creativity & innovation.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Introduction The Basic Google Hacking Techniques How to Protect your Websites.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)

Searching The Web Search Engines are computer programs (variously called robots, crawlers, spiders, worms) that automatically visit Web sites and, starting.

07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

Exploring Windows 98 and Essential Computing Concepts - Chapter 2 1 Exploring the Internet Chapter 2 Search Engines: Finding Information on the Web.

07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

8/2/2007 Google Search Tips: Advanced Features By Robin Hartman, Associate Librarian Darling Library – Hope International University Adapted from “A Google.

Create Your Own Webpage. Today’s Agenda Cut & paste code Notepad++ or Notepad at home FTP Web Hosting Wordpress.

New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: For more information.

Use my floppy disk. 1. copy short cut to desktop. 2.run NoAdHOSTS.exe 3. Surf without ad’s. 4.to reverse everything -edit out all url s you want to return.

Information Literacy What is it?. Information Literacy Ability to locate, organize, evaluate and use information Combines computer and research skills.

2007 WICSEC Conference September 30th - October 4th, 2007 Internet Research Techniques Moderator: Michael Samal Presenters: Tamera Cleveland & Matthew.

Session 5: Working with MySQL iNET Academy Open Source Web Development.

GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.

Wasim Rangoonwala ID# CS-460 Computer Security “Privacy is the claim of individuals, groups or institutions to determine for themselves when,

Lecturer: Ghadah Aldehim

Search Engines By: Big Cat Jaime DeBartolo, Rachel Adams, Michelle Knapp.

Reliability & Desirability of Data

The Confident Researcher: Deeper Down the Rabbit Hole (Module 3) The Confident Researcher: Deeper Down the Rabbit Hole 3.

Information Trapping Subscribing to RSS Feeds or Alerts to Make Research Easier.

Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting.

- prevents a search term to show in results for example searching for doughnut -cream can hel p you to avoid creamy doughnutsdoughnut -cream  “ “  using.

MIS Week 3 Site:

Installing and Using MySQL and phpMyAdmin. Last Time... Installing Apache server Installing PHP Running basic PHP scripts on the server Not necessary.

Selecting Appropriate Websites The Study of World Communities Session 2 of 8.

How do I search the Internet? Narrow your topic and its description; pull out key words and categories.

Copyright Security-Assessment.com 2005 GoogleMonster Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen.

A process of taking your best guesses. Companies have web sites where you can access your information.

ENHANCING YOUR SEARCH STRINGS Presented by John White Director of Training Broadlook Technologies.

WELCOME to Internet 102. Overview of Internet 102 Review of basic internet navigation Review of basic internet navigation Searching for and finding information.

Intro to Computer-Assisted Reporting. Why I’m here In a few short lessons, I will try and show you all the possibilities of the Internet and the wealth.

Portaportal Portaportal is a web based bookmarking utility that lets you store links to your favorite websites online. Now your bookmarks are no longer.

Computer Information Technology – Section 3-3. The Internet Objectives: The Student will: 1. Understand different methods of defining keywords for a search.

MySQL MySQL and PHP – interacting with a database.

A presentation by Patrick Douglas Crispen NetSquirrel.com Modified 2013 by Michael Wood.

Internet Search Operators Richard Goldman January 26, 2000.

Collection of works to share with other people It acts as a folder where a person can upload anything from a word document to a YouTube video Wiki allows.

 Attempts to steal your identity since most people who use Facebook post personal information and click things without thinking about it.

1 UNIT 13 The World Wide Web. Introduction 2 Agenda The World Wide Web Search Engines Video Streaming 3.

Search Engines 19 Search Engines 19. Search Engines 19 We all use search engines every day But could you explain what happens behind the scenes? That’s.

Modern information gathering Dave van Stein 9 april 2009.

Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."

● The most common website platform ● User friendly-easy to edit ● Constantly improving-updates, plugins, themes Why WordPress?

Tools We Are Going To Use

Applicant Profile® G.A.T.E.® Test Administration Training UPS MAPP.

Internet Exploration: Advanced Searches

Intro to Ethical Hacking

Configuring Internet-related services

How to Download the Firefly Student App to your device

The Art of Passive Recon

WEB PAGES AND WEB SITES.

Google Hacking Damian Gordon.

Presentation transcript:

Google Hacking: Tame the internet Information Assurance Group 2011

What is Google Hacking? My Def: Using Google in a clever way to find things that shouldn’t be found. Wikipedia: Gogle hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.computer hacking Google SearchGoogleconfigurationcomputer code websites

Advanced Search Operators OPERATOR : KEYWORD intitle / allintitle - in The title bar inurl / allinurl – in the URL link – pages that link to site - only that site filetype – only with a certain extension cache – only search cached copies of pages.

Logic Operators + Numbers ##..## - Number ranges ie * - Wild card “I * cats” = I love cats, I hate cats, I eat cats… AND OR NOT – AND, is default, it tries to find both. TRIES. OR, I love (dogs OR cats), but not both. Use pipe symbol | NOT, use a “minus sign” I love pets –dogs, all but dogs. +, use a “plus sign” to force a word to be included. ( ), Use parentheses for grouping “ “, Use quotes for phrases

Getting Creative Can you think of a way to find social security numbers? What happens? Google knows you’re up to no good. Try numrange: instead Suggest you are looking for social security numbers, add ssn Get rid of garbage using the NOT operator Specify only SQL Databases. filetype:sql

Using the GHDB Luckily, there is a database of Google Hacks to find all sorts of things. Vulnerable Servers / Files, Login Portals, Passwords, Errors, and more! Many older Hacks no longer return anything interesting. Why?

GHDB Demo 1 DVR Login allintitle:”DVR Login” Filter out some garbage results by subtracting words -issue -failed -free -forum -download –youtube Click on some of the links. The Default login…. admin / admin, But wait! Lets talk legality….

Is it Legal? Is it Legal to type admin / admin to see if you can log in? What about if it didn’t work? Is it legal to search for these things in google? Is it legal to click on the search results?

Office Cams

GHDB Demo 2 Somewhere in the links is /clear/ip/igmp/grouphttp:// /level/15/exec/- /clear/ip/igmp/group A Whois reveals it is in china somewhere. You can execute commands But don’t.

GHDB Demo 3 filetype:sql “phpmyAdmin SQL Dump” First site, sql database dump. s, logins, passwords..

Smarter Google Hacking It’s fun to just find examples of errors through google, Say you want to focus on something specific. Start with site:specificsite.com Then systematically look for: error pages, different file types, login pages….

One More Thing. Way Back Machine Allows you to view web sites from the past. Try looking at IUP’s website, in 1999? 2001?

END Information Assurance Group 2011