Hacking Borhan Kazimi pour. Agenda How to hack How to hack using How to prevent hack using.

Slides:



Advertisements
Similar presentations
Getting Your Web Site Found. Meta Tags Description Tag This allows you to influence the description of your page with the web crawlers.
Advertisements

IMS & Web IEP IMS Web IEP. Security Issues User Names and Passwords “Permissions” allow users different levels of accessibility 2 hour Time-Out The system.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
For Removal Info: visit
CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.
Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.
Introduction The Basic Google Hacking Techniques How to Protect your Websites.
DT211/3 Internet Application Development Active Server Pages & IIS Web server.
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
SLAC Vulnerability Scanning Cyber Security Working Group - LBL December 5, 2005 Teresa Downey - SLAC.
Its easy to be an information provider Tutorial: Web Publishing.
Best Practices for Website Design & Web Content Management.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Securing Windows Internet Servers 23.org / Covert Systems Jon Miller Senior Security Engineer Covert Systems, Inc.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008
SEEM4570: XAMPP, Eclipse, Summary of Html Kangfei Zhao Room 711,ERB
By Raza / Faisal By: Raza Usmani Faisal Khan. What is SEO? It is the process of affecting the visibility of a website or a web page in a search engine's.
1 Google Hacking 101 Edited by Matt Payne, CISSP 15 June 2005 Updated 10 August 2006
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Wasim Rangoonwala ID# CS-460 Computer Security “Privacy is the claim of individuals, groups or institutions to determine for themselves when,
The SAU Website Workshop. Using the site Website Management The Campus Directory Form Manager Other available resources.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Websites 101 Technology Committee UPSOM. Web Class – Goals  Make a simple web page (or series of pages)  Upload that page to the internet  Feel comfortable.
IMS & Web IEP IMS Web IEP. Security Issues User Names and Passwords “Permissions” allow users different levels of accessibility 2 hour Time-Out The system.
1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Using Internet Explorer 7.0 to Access Cisco Unity 5.0(1) Web Interfaces Unity 5.0(1)
IIS Security Sridurga Mavram. Contents -Introduction -Security Consideration -Creating a web page -Drawbacks -Security Tools -Conclusion -References.
Edited by Matt Payne, CISSP 15 June 2005
Copyright ©2004 Foundstone, Inc. All Rights Reserved »Google Hacking Searching For Ways To Stop Hackers Copyright ©2004 Foundstone, Inc. All Rights Reserved.
Tutorial 10 Programming with JavaScript
ISP-Hooking Up and Checkout Assignment-II The purpose of these assignments is to verify that you can use , browsers, and effectively search the internet.
Google Sitemaps Case Study Eric Papczun SES Chicago Bulk Submit 2.0 December 5 th, 2006.
Phone: Mega AS Consulting Ltd © 2007  CAT – the problem & the solution  Using the CAT - Administrator  Mega.
ColdFusion Security Michael Smith President TeraTech, Inc ColdFusion, Database & VB custom development
FTP for Windows How to get ftp to work in Windows -Navigate to control panel -> programs and features -On the left side click on Turn Windows features.
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
Application.cfm tips and Tricks Michael Smith President TeraTech, Inc ColdFusion, database & VB custom development and training.
Copyright Security-Assessment.com 2005 GoogleMonster Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen.
Building Secure Web Applications With ASP.Net MVC.
GOAL User Interactive Web Interface Update Pages by Club Officers Two Level of Authentication.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
]  Computer News  OneNote  Tip  Your Computer Problems  November meeting 16 th  Anyone Try SkyDrive ??
1 Computer Forensics Dr. Randy M. Kaplan. 2 Browser Forensics.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
By Creighton Linza for IT IS Introduction  Search Engine  an information retrieval system that searches its database for matches based on a query.
PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.
Google Hacking University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD.
INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Internet Information Server 6.0 & new management features.
Windows Administration How to protect your computer.
Internet Explorer 7 Updated Advice for the NHS 04 February 2008 Version 1.3.
Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Rick Mason, MSU Advancement.  Find the file C:\ColdFusion9\Solr\Solr.lax  Up memory from 256 to 1024  Lax.nl.current.vm point to \bin\javaw.exe under.
Company LOGO Search Engine Hacking Steve at SnakeOilLabs dot com.
Chapter 6 Application Hardening
Common Methods Used to Commit Computer Crimes
Homework 4.
Unit 12 Using the Internet & Browsing the Web
Kennesaw State University
TECHjOSH.COM TechJosh.com.
Watching the Watchers Target Exploitation via Public Search Engines
جستجوی موثر در اینترنت و وب
Getting Started With Solr
Designing IIS Security (IIS – Internet Information Service)
Google Hacking Damian Gordon.
Presentation transcript:

Hacking Borhan Kazimi pour

Agenda How to hack How to hack using How to prevent hack using

How to hack

Huge White

How works?

How find us? Crawlers Add URL (site submission) Opera !

What give us?

. calculator

Math operators

Math constants

Units:

Physical constants

limitations Query length limit to 32. Noise word almost ignored. –A, an, or, the, for, me, any, to … Logic operators must be in uppercase. –OR, AND, NOT

Search result

…Search result

Special notation

…Special notation

Key words

… Key words

How to hack using

Directory listing

…Directory listing intitle:index.of "parent directory“ intitle:index.of name size intitle:index.of.etc Intitle:index.of "parent directory "Xvid -html -htm -php -shtml

Versioning

…Versioning intitle:index.of server.at intitle:index.of server.at site:aol.com …then Search for exploit and …

Server test page

…Server test page intitle:welcome.to intitle:internet IIS Intitle:test.page "Hey, it worked !" "SSL/TLS- aware" allintitle:Welcome to Windows 2000 Internet Services allintitle:Welcome to Windows XP Server Internet Services …

Finding ID/Pass "# -FrontPage-" inurl:service.pwd inurl:admin inurl:userlist "AutoCreate=TRUE password=*" allinurl: admin mdb allinurl:auth_user_file.txt intitle:"Index of" config.php filetype:bak inurl:"htaccess|passwd|shadow|htusers"

CGI Scanning allinurl:/random_banner/index.cgi Visit and see tons of golden queryhttp://johnny.ihackstuff.com

Auto tools Gooscan Googledorks GooPot Write yourself using API

How to prevent hack using

Protect yourself Don’t use Opera ! Keep your sensitive data off the web! –SSH/SFTP/SSL… –Encrypted (PPG,…) Removing your site from Use a robots.txt file

… Protect yourself Googledork –Try hack yourself ! Change error and test pages Disable directory listing Update and patch Setup Honey Pot

Thanks to And You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.