This is by far the easiest hack of all. It really is extraordinary what you can find in Google’s index. And here’s Newsflash #1: you can find a wealth of actual usernames and passwords using search strings.
Copy and paste these into Google:
inurl:passlist.txt
inurl:passwd.txt
…and this one is just priceless…
“login: *” “password= *” filetype:xls
Such strings return very random results, and are of little use for targeted attacks. Google hacking will primarily be used for finding sites with vulnerabilities. If a hacker knows that, say, SQL Server 2000 has certain exploits, and he knows a unique string pushed out by that version in results, you can hone in on vulnerable websites.
For specific targets Google can return some exceptionally useful information: full server configurations, database details (so a good hacker knows what kind of injections might work), and so forth. You can find any amount of SQL database dumps as well (fooling around with a Google hack while preparing this article, I stumbled across a dump for a top-tier CMS developer’s website). And a vast amount more besides.
Setting up your first Azure Virtual Machine can be done by following these steps: Create…
Amazon CloudFront is a content delivery network (CDN) that helps you serve static content such…
Step-By-Step Guide To Setting Up An AWS Application Load Balancer Are you looking for a…
MySQL databases often get corrupted due to issues like hardware failure, file system failure etc.…
SQL Server Replication is the process of copying databases from one node to another to…
Here are 101 System Admin tools which make System Admins' life easy.
This website uses cookies.