So we showed you how powerful a good Google search could be this week. Time to turn to the dark side and give you some examples of how hackers can use these skills to get to some pretty scary things. To create a dangerous situation where the wrong information can fall into the wrong hands, you need 2 ingredients. Somebody who is stupid enough to put it online, and somebody who is clever enough to find it. Below are some pretty creepy examples of how some Google dorks spill some information that was supposed to be private.
Some juicy searches.
Some people write down their domain registration information in a .doc file .. and then put it on the internet. Whoever can put two and two together .. can steal their domain.
How about finding product licence files for the Avast antivirus program ? Some of them are just up for grabs.
How about we go searching for a randomly published list of phonenumbers.
- allinurl:phonenumbers filetype:xls
Search for random resume’s that candidates (or their employees) put online.
- inurl:Curriculum Vitae filetype:pdf
How about some “Confidential Salary” documents that people put online. (we stood in awe at the first hit )
- ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidential
Or take a peek at people’s random downloaded hotmail emails.
- inurl:getmsg.html intitle:hotmail
Its a little bit of history .. but how about a random netscape browser history file. (we giggled at THIS one)
And when combining this generic search query for root directories of certain FTP servers with a certain domain .. you can find out a lot. If you use it as listed below .. its just an interesting way to browse random file directories.
Msn messenger does not exist anymore, but there are plenty of contact lists well stocked with juicy email addresses up for grabs.
And the list goes on and on and on. Now, standing by themselves the Google searches above are quite harmless. They are too generic to do any harm and are only good for a chuckle. The dangerous part begins when these queries are targeted at a certain person, site our domain. Armed with ONLY their browser and an internet connection, the wrong people can find out all the right things they need to know to make you / your company / your website have a really bad day. Knowledge is power and it is also ambivalent. It can be used for good and for evil… So are you SURE that there is not digital flotsam with your username/passwords floating around on the internet ? Because once Google indexes it .. anybody with the right skills can find it.
Today on our Google Hacking week, we continue to use the Google search engine as a source for interesting information. In our previous posts we talked about finding and downloading certain kinds of files but today we are on the lookout for “juicy devices”.
The theory is quite simple : Most appliances like webcams, routers, copiers and more have web interfaces. A lot of different applications and services can also be controlled by a web interface. It’s easy and convenient when you can use the browser on your computer to configure and watch your webcam or change settings on your router while on your local lan. But what if those devices are hooked up directly to the internet ?
Any device that gets connected directly to the internet is at some point scanned and indexed by Google and if you enter the right search term you will be able to find it. The way we are looking for those devices and services today is by using the INURL option. Some web interfaces (to your router or webcam) have a very specific way their URL looks. By searching for those specific url types with the INURL option.. you can find some very cool stuff. If people have done their homework most of these services will be blocked by a unique login or password. But some people just use the default password … or even none at all.
Let us take you an a walk through the net with some very specific INURL Google Dorks.
- This one will get you some interesting webcams (some you can even control with your mouse). Look around and see if you can find the Giraffe Cam.
- More network camera’s here. This one is in some dorm/college. You can control the zoom and the direction of the camera.
- inurl:”:10000″ intext:”webmin”
- Remember we talked about WEBMIN ? This will give you a list of all webmin servers connected directly to the internet. most of them are protected by a password (we hope) .. but common usernames like ROOT and some generic passwords might get you in.
- This will get you a list of PLEX media servers where people can store music and movies to watch on any device (even across the internet). Most of them are locked down with a login/password. Some of them … are not. Happy streaming.
So you see : there are quite a few webservices out there that are inadvertently open to the indexing power of Google. Some clever searching and you can find them.
We close off by going by to our camera in the student dorm. Where is this ? A simple ping of the url gives us the following IP : 18.104.22.168 and by going to Whereisthisip.net we find out that its Sydney Australia. Its THAT simple.
Puzzling information together.
This might all look like fun and games, but badly secured devices are dangerous. Whether you have weirdo’s peeking through your accidentally-publicly-connected Ip camera, or random people printing out documents on your www-connected printer.. its never good. Using the Domain name, the IP and the registration information of the domain people can quickly find out where and even WHO you are. If you skip good security and don’t use passwords (or default passwords) .. it does not bode well for you. Hackers even use the INURL search to find specific webservers/services with vulnerabilities. All they then need to do is run some code to take advantage of the exploit .. and they are in. Hackers don’t NEED to search for your open Webmin server with the buggy (and vulnerable) version of the http code .. Google did it for them.
In day two of our Google Hacking Week we are going to combine an interesting Google search query (or Google Dork) with a command line command to find AND download any file type you want.
Find the storage room in the back of the store.
Websites on the net consist of more then just webpages with information. They also links to files and folders containting interesting information like PDF’s MP3’s and more. Most of the time these files aren’t ‘visible’ when you visit a specific site but our little friends, the Google Search Bots, DO index them. All you need is the right string to find them.
- intitle: “index of” <filetypehere> <title/genre/artist>
This search query will tell Google to go look for pages with the title “index of”. These pages usually don’t contain a lot of text, but instead contain links to folders and files. Since you are looking for a specific type of file (like for example mp3’s, Pdf’s or something else) you also can add this to the query. Finally you might be looking for mp3’s of Hanna Montana or Tango’s (I don’t know what you like) : That can also be added to the search string. In the end it will look something like this.
- intitle: “index of” mp3 acdc
- intitle: “index of” pdf bookkeeping
- intitle: “index of” epub scott sigler
So using these queries you might find a real treasure-trove of files and info to download. Some of them might even be behind a login/password page (or even a pay wall) but when the web masters don’t do their homework right .. you can find the ‘good stuff’ this way.
So download them one by one ?
If you are just looking for one specific file you can use your browser to find and download it. If you want to download the ENTIRE collection of files on that page .. you need the power of a command line tool called WGET.
Wget can be found on the command line of both Linux, Mac and even Windows machines. Not all the advanced ‘switches’ we give you in this command below might work on Windows, but you can give it a try. The command is
- wget -r -l1 -H -t1 -nd -N -np -A.<.filetype> -erobots=off <url of website>
Replace <filetype> with the type of file you want to download ( .mp3, .pdf, .epub) and <url of website> with the website’s url you found using the Google search. Completed the command might look something like this.
- wget -r -l1 -H -t1 -nd -N -np -A.<.mp3> -erobots=off http://tiobiloute59.free.fr/tiesto/
The download is RECURSIVE, so it “deep dives” into all the folders. Beware : This can get you a LOT of data. So make sure you have the bandwidth and the storage capacity before you start sucking down the internet. Good Luck !
This week it’s ‘Google hacking week’ on Knightwise.com where we are going to show you some fun and interesting things you can do with Google. We sometimes forget that Google’s main mission is to “index the information of the world” and this means that the Google “bots” (little search and index programs) constantly crawl the internet in their never ending quest to gather information and index it in the massive Google database.
The end result is that if you type stuff into Google’s search bar like ” My Little Pownie ” it will cross reference your search with its massive database and bring back some results you can click on. Although searches like these make up 99% of what Google needs to do all day long .. its only the tip of the iceberg of what Google can REALLY do.
If you play your cards right and ask Google the right questions you can find out a whole lot more. And sometimes you will even find stuff that was not meant to be found. You would be amazed at what people throw online (and forget about). Google quietly indexes it all and you have just one thing to do … ask the right questions.
This weeks articles have nothing to do with “Hacking Google” (good luck with that if you want to try) It’s more about realising the power of the biggest search engine in the world … and the blatant disregard for security that people can have when they put stuff online that was never supposed to be found. Stand by as we teach you some interesting Google Search ‘operators’ as they are called.
We are going to kick you off with a nice examples of how you can use a modified Google search string to find some interesting stuff. Later on in the week we will explain the different google “operators” and how you can combine them to find cool stuff.
Here is a very simple one to get you started : Copy and past the search query below into the google search box … and browse random peoples lives by peeking at their iPhone backups. This is not a hack. This is an indexation of information put online BY USERS, indexed by Google .. and found by you.
intitle:”index of” inurl:”iphone”
Voice technology is pretty darn awesome. Although still considered dorky and awkward to use in a public place, talking to your technology can save you a lot of time and hassle.. and in some cases save your life !
We humans seem to stick to our guns when it comes to the way we “enter” information on a machine. Keyboards and mice have been around for ages (there are also people who track their balls) and we continue to hold on to them as our favorite input devices. When tablets came along we started looking for covers with built in keyboards and complained ‘where the mouse was’ on our brand new iPad. And when it comes to our mobile devices we insist on using our stubby fingers on those teeny weeny touchscreens. This has lead to many people bumping into lampposts or parking their car vertically in a ditch (or worse) . Time to let tech work for you and start talking to your devices.
Google has introduced voice-search for quite some time now, but the perks on using a Nexus device (like in my case the Nexus 7) is that this voice recognition software is available “offline” (so the phone can understand you even you have a flaky or even NO data connection). Aside for searching for the next “One Direction” t-shirt sale, you can also use the Google voice commands to do plenty of other things.
Some of our favorites
- Show me ( restaurants – hotels – etc) nearby.
- Is it going to rain today.
- Browse to (website)
- Send and email to (person) subject (Subject) Message (Message)
There are plenty more where these came from and it is a great way to use your technology in a safe and productive manner. And its also quite good for a giggle when Google gets it completely wrong.
Find out ALL the voice commands supported by Google Now in this great info-graphic. (Click to expand)
Google ! For it is the beginning and the end of the internet for most of us. The ultimate search tool for most of us, the homepage for even more. But what do we type into that little search box. Aside from “Alyson Hannigan Bikini pictures” (a simple but essential search query, there is so much more then you can get out of this little box. We give you some tips.
Let Google hold your hand.
The painfully simple start of search. Obvious for many but obscure for even more. Ever seen auntie Joe type in “www.facebook.com” in the Google search box and click on the first (sponsored) link ? Aaarg ! ! ! Send her THIS LINK and get her started.
Let go of the mouse !
Ninja’s don’t use mice ! Even the Ninja Turtles didn’t have a mouse .. (Wait , they had a Rat .. never mind, bad example). Speed up your Google skills with some awesome keyboard shortcuts.
Talk to da Google !
If you are the proud owner of a Google Nexus tablet or phone, you might want to try out Google Now. The concept of ‘The information you need, just when you need it” might be interesting. What is way more cooler is that you can talk to it … and you don’t have to call her Baby .. erm .. Siri. Get started with Google Now here.
The Google Cheat sheet.
We love our little cheat sheets so much , we cannot help ourselves then to say the words “Cheat Sheet” 10 times in rapid succession and give you a download link to Ultralinx “How To Google”.
So we hope you find what you are looking for .. if not .. there is still good old Altavista.
Share your favorite Google tips with us in the comments section.
Google Sync : Your house is my house.
Just got up and running this morning and only 5 seconds into my morning surf-wave when already found my little snippet of news that kind of makes my day. Google has just released a firefox extension called 'browsersync' that lets you synchronies your bookmarks between several different browsers (at work, at home etc). This is not such big news , cause services like this existed before ( you had the bookmarks in your google toolbar , you had del.icio.us ).. Plenty of places to store your bookmarks… but not very convenient. What if you already HAD an extensive list of bookmarks, you had to order them , categorize them and so on. Not a very easy thing to do. And I don’t really like third party places where you have to manage your bookmarks. All in the comfort of my own home please. Now Google has come up with a cool FIREFOX extension that lets you sync UP your websites tot the Google servers, and Sync them down again as you logon to a different computer. Meanwhile the bookmarks are stored localy on both computers… And a copy is stored on the Google servers.
Whats your flavor .. tell me whats your flavor.
What a great marketing trick. Google now exactly knows what your ‘favorites’ are and can use this to send you targeted adds and searches. Their motto is “ Do no Evil” and so far , Google has been a pretty good boy .. But what if all that information that Google has ( favourites, Gmail, search information) is ever put to “not so good use”. Google is sure as hell gaining a lot of information this way , and for convenience sake we are quite willing to give up some privacy. But on the other hand : What if this leeds to targeted adding ? It would be a bad thing , but also a good thing. What if the spam you get in your inbox anyway .. is more directed at your interests. Instead of college diploma”s and .. lets call them “ego-enlargements” … you would get spam about tech stuff, Barbie dolls, or when your favorite rerun of Family Ties is on TV. It just shows that information can be used in different ways and that good and bad … depends on where you stand. Before I start sounding like Obi One Kenoby .. I better sign off !