66
◾
Ethical Hacking and Penetration Testing Guide
Google Hacking Database
Google hacking database is set up by the offensive security guys,
the ones behind the famous
BackTrack distro. Google hacking database has a list of many Google dorks that could be used to
find usernames,
passwords, e-mail list,
password hashes, and other important information.
So let’s just ask the website to filter out all the Google dorks related to files that contain pass-
words. From the drop-down menu, select the option “Files containing passwords.” Now, you
would see a list of all the dorks that could be used to find passwords. Let’s try one of them.
Information Gathering Techniques
◾
67
Out of all other dorks, filetype:sql inurl:wp-content/backup-* seemed
to be really interesting
to me, so I gave it a try on Google. Since MySQL passwords are also backed up with other files,
due
to the incorrect permissions, it may reveal some interesting information.
What the above query is asking to SQL files with URL pattern wp-content/backup. Fortunately,
with a little bit of searching. I was able to find a “Wordpress mysql database”
of a website exposed
to the public.
Hackersforcharity.org/ghdb
Another database that contains a collection of some interesting Google dorks.
Xcode Exploit Scanner
Xcode exploit scanner is an automated tool that uses some common Google dorks to scan for
vulnerabilities such as SQLI and XSS. However, all this will make more
sense once you get to the
chapter on web hacking (Chapter 12).