HOW TO USE GOOGLE FOR HACKING

Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this thread I will show u how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google.

1. Hacking Security Cameras

There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter

inurl:”viewerframe?mode=motion”

Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows
there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.

intitle:”Live View / – AXIS”

Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.

2. Hacking Google to gain access to Free Stuffs

Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.

“?intitle:index.of?mp3 50 cent“

Now you’ll gain access to the whole index of 50 cent album where in you can download the songs of your choice. Instead of 50 cent you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “50 cent” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”. 

 

. Hacking Personal and Confidential Documents

Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.

intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.

filetype:xls inurl:”email.xls”

Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query

intitle:index.of finances.xls

Google hacking involves using advance operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, e.g., "Powered by XOOPS 2.2.3 Final".

The following search query will locate all websites that have the words "admbook" and "version" in the title of the website. It also checks to ensure that the web page being accessed is a PHP file.
intitle:admbook intitle:version filetype hp

Another technique is searching for insecure coding practices in the public code indexed by Google Code Search or other source code search engines.

One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:

"#-Frontpage-" inurl:administrators.pwd

Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras.

Basic Search Techniques

Since the Google web interface is so easy to use, I won't describe the basic functionality of the http://www.google.com web page. Instead, I'll focus on the various operators available:

*

Use the plus sign ( ) to force a search for an overly common word. Use the minus sign (-) to exclude a term from a search. No space follows these signs.
*

To search for a phrase, supply the phrase surrounded by double quotes (" ").
*

A period (.) serves as a single-character wildcard.
*

An asterisk (*) represents any word—not the completion of a word, as is traditionally used.

Google advanced operators help refine searches. Advanced operators use a syntax such as the following:

operator:search_term

Notice that there's no space between the operator, the colon, and the search term.

*

The site: operator instructs Google to restrict a search to a specific web site or domain. The web site to search must be supplied after the colon.
*

The filetype: operator instructs Google to search only within the text of a particular type of file. The file type to search must be supplied after the colon. Don't include a period before the file extension.
*

The link: operator instructs Google to search within hyperlinks for a search term.
*

The cache: operator displays the version of a web page as it appeared when Google crawled the site. The URL of the site must be supplied after the colon.
*

The intitle: operator instructs Google to search for a term within the title of a document.
*

The inurl: operator instructs Google to search only within the URL (web address) of a document. The search term must follow the colon.
error has occurred" filetype:ihtml
"access denied for user" "using password"
"Chatologica MetaSearch" "stack tracking:"
"Index of /backup"
"ORA-00921: unexpected end of SQL command"
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
?intitle:index.of? mp3 name
allintitle:"Network Camera NetworkCamera"
allinurl: admin mdb
allinurl:auth_user_file.txt
intitle:"live view" intitle:axis
intitle:axis intitle:"video server"
intitle:liveapplet
inurl:"ViewerFrame?Mode="
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl asslist.txt
inurl:view/index.shtml
inurl:view/indexFrame.shtml
inurl:view/view.shtml
inurl:ViewerFrame?Mode=Refresh
liveapplet
!Host=*.* intext:enc_UserPassword=* ext cf
" -FrontPage-" ext wd inurl service | authors | administrators | users)
"A syntax error has occurred" filetype:ihtml
"About Mac OS Personal Web Sharing"
"access denied for user" "using password"
"allow_call_time_pass_reference" "PATH_INFO"
"An illegal character has been found in the statement" -"previous message"
"ASP.NET_SessionId" "data source="
"AutoCreate=TRUE password=*"
"Can't connect to local" intitle:warning
"Certificate Practice Statement" inurl PDF | DOC)
"Chatologica MetaSearch" "stack tracking


Top 15 Security/Hacking Tools & Utilities

http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/