TIP regarding Filetype
Lots of Webmasters of websites that sell e-books and other products forget to block the URL from
being indexed. Using filetype, you can search for these files, and if you are lucky, you may be able
to download products for free.
Here is the table that summarizes the Google dorks along with their functions:
66
◾
Ethical Hacking and Penetration Testing Guide
Google Hacking Database
Google hacking database is set up by the offensive security guys, the ones behind the famous
BackTrack distro. Google hacking database has a list of many Google dorks that could be used to
find usernames, passwords, e-mail list, password hashes, and other important information.
So let’s just ask the website to filter out all the Google dorks related to files that contain pass-
words. From the drop-down menu, select the option “Files containing passwords.” Now, you
would see a list of all the dorks that could be used to find passwords. Let’s try one of them.
Information Gathering Techniques
◾
67
Out of all other dorks, filetype:sql inurl:wp-content/backup-* seemed to be really interesting
to me, so I gave it a try on Google. Since MySQL passwords are also backed up with other files,
due to the incorrect permissions, it may reveal some interesting information.
What the above query is asking to SQL files with URL pattern wp-content/backup. Fortunately,
with a little bit of searching. I was able to find a “Wordpress mysql database” of a website exposed
to the public.
Hackersforcharity.org/ghdb
Another database that contains a collection of some interesting Google dorks.
Xcode Exploit Scanner
Xcode exploit scanner is an automated tool that uses some common Google dorks to scan for
vulnerabilities such as SQLI and XSS. However, all this will make more sense once you get to the
chapter on web hacking (Chapter 12).
|
