Hacking is an art. Its a fascinating mind game unless you are harming someone. Its since long been an attractive field for computer lovers.
Simplest kind of attack to a webserver could be done in a very simple way. its so simple that u won't like to call it a hacking. but the result is all the same, u break into a remote web server and get the access to EVERYTHING. Its all at ur will!
GOOGLE! its a very deadly weapon if u know how to use it. Yeah man, i'm talking about that web search. It can reach everywhere n sees everything, If u can talk correctly with the engine it will show you the data that u won't believe.
ofcourse this method won't work for sites having high security, but those with lower can be easily exploited.
there are some specific commands in google meant to generate most appropriate result for the query. in this post i'll discuss some of these and how they can be exploited.
1. "Index of /" +password.txt (don't remove the quotes)---> root directory with plain text file containing passwords!
2. Index of /password ---> password folder
3. Index of /admin ---> administrator folder
4. Index of /mail --->displays folder with the archive of email communication
5. Index of / ---> displays root directory of the site
there are a hell of more, and u'll get a big list of sites where u have sensitive data ALL AT UR WILL! u can browse every data on site like any local folder on ur system.
all of these could be magnified with the use of additional
"allintitle:"
ex.- allintitle: "index of/root"
in search result u'll get a no of things some being important while other useless. try to read the URL of that result... suppose my search result showed a page with url
www.something.com/index/YR622545727HP432.pdf
if ur intelligent enough u can understand that this url don't points to ant specific directory of the website, it just has the word "index of /root" written somewhere on the page.
another url:-
abcdef.ghi.com/root
is pointing towars the root directory, so this is the one useful for us.!
SOME EXAMPLES:-
i tried googling with following keywords --->
allintitle: "index of/root" (with the quotes)
and the result was a enormous 404 sites waiting to be exploited.
again i tried my luck with the keyword---->
inurl:"auth_user_file.txt"
this time i got the list of some sites with very critical infos
in the result i got something like
txUKhXYi4xeFs|master|admin|ram|delhi|xxx@xxx|on
(ofcourse i've changed the data here [;)] )
here is the user name contact details, mail id, password, which is in hashes (a minor job to decript using software like "John The Ripper")
Reply for any kind of clarification, if needed.
and one more thing, try going to that site through "cached" option rather than directly clicking the link. it will get u there through googles cache memory(its kinda safe).
try using proxies while doing these kind of artistry works ... they will keep ur IP hidden.
Darker Side Of Google!
Saturday
|
email this
|
digg it
Troubleshooting
Mobile Arena
Subscribe Tech-Hut
Administrative Login
Linux/Unix Zone
Categories
- Tricks
- Windows
- Hacking
- Tips
- HelpDesk
- Troubleshooting
- Cracking
- Speed Up PC
- Mobile
- Boot Speed Optimization
- Linux
- News
- Privacy
- Registry Tweaks
- Reviews
- Unix
- About Us
- Answered Question List
- Battery Not Charging
- CLSID
- Crash
- Customization
- Desktop
- Faster Internet
- Fun
- HP
- Home Page
- Laptop
- Linus Torvalds
- Phishing
- WMP11
Save Page As PDF
News & Reviews
Downloads
Network Security
- Tracking what Other Users Are doing
- Hacking Windows System Account
- Hacking Windows Administrator Account
- Darker Side Of Google
- How n00b Learnt To Spoof Email Addresses
- Breaking BIOS / CMOS Password Of Desktop PC
- Popular Ways Of Hacking E-MAil Accounts -(l)
- Popular Ways Of Hacking E-Mail Accounts -(ll)
- Safari For Windows: Vulnerability And Exploits
- How Were The French Forums On free.fr Hacked
- Breaking BIOS / CMOS Password Of Laptop Computers
General Computing
- Tricks For Faster Internet Connection Speed - (l)
- Creating Folder Named CON : Why You Cant Create And How To Create
- What To Do When the Computer Gets Infected By Virus : Re enabling Folder Options, Registry Editor Disabled , Missing Internet Option
- Creating Time Restictions For User Account On the Computer
- How To Disable / Uninstall Windows Live Messenger
- Proxy Server: What They Are Abd How To Use Them In Bypassing Blocked Sites
- Working Tips To Boost Your Computer's Speed : How To Increase The Virual Memory
- Disabling Unnecessary Windows Services For Faster Booting
- Cool Prank Tricks
- Hard Disk Fixes To Speed Up PC : Defragmentation
- Registry Twaeks To Inhance Your Computer's Performance
- Optimizing Boot Speed For Faster Booting : Using Bootvis Utility And Other Other Tricks
- Special Folder Icons On Desktop : How To Delete Recycle Bin And How To Get It Back
- Some Advanced Shutdown Options : How To Create Shutdown/Restart/Hibernate Timers
- Add A Website As A desktop Wallpaper
- How To Change Drive Icon Of Any Drive
- How To Display Company Logo Image On Start Up Screen / Boot Screen
- Breaking Internet Explorer's Content Supervisor Password
- Manually Initiate A System Crash : How To Debug Crash Log
- Multiple Mail Addresses..... Single Gmail ID
- Simplest Way To Crack WMP11 : Installing Windows Media Player 11 On Pirated Copies Of Windows
- Clipboard? What They Are?
- Hiding Folders Without 3rd Party Software
- Fun With Notepad
3 Responded To This Post
Great!!! Thanks for the info man!! That was a nice article.
I know this don't belongs to the topic of this post but can you tell me how can i hack administrator account on my collage lappy?
thanks in advance
thanks for appreciation.
I've posted the Topic to answer your question.
Post a Comment