Google search tips for hacking

Google search engine can be used to hack into remote servers or gather confidential or sensitive information which are not visible through common searches.

Google is the world’s most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results.

Google’s Advanced Search Query Syntax


[ intitle: ]

The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title.

intitle: login password


will return links to those pages that has the word "login" in their title, and the word "password" anywhere in the page.

Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title.

intitle: login intitle: password


is same as

allintitle: login password


[ inurl: ]

The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have "passwd" in the URL.

Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it.

allinurl: etc/passwd


will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.

[ site: ]

The “site:” syntax restricts Google to query for certain keywords in a particular site or domain.

exploits site:hackingspirits.com


will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.

[ filetype: ]

This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).

filetype:doc site:gov confidential


will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.


[ link: ]

“link:” syntax will list down webpages that have links to the specified webpage.

link:www.expertsforge.com


will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the "link:" and the web page url.


[ related: ]

The “related:” will list web pages that are "similar" to a specified
web page.

related:www.expertsforge.com


will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the "related:" and the web page url.


[ cache: ]

The query “cache:” will show the version of the web page that Google
has in its cache.

cache:www.hackingspirits.com


will show Google's cache of the Google homepage. Note there can be no space between the "cache:" and the web page url.

If you include other words in the query, Google will highlight those words within the cached document.

cache:www.hackingspirits.com guest


will show the cached content with the word "guest" highlighted.

[ intext: ]

The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles.

intext:exploits


will return only links to those web pages that has the search keyword "exploits" in its webpage.


[ phonebook: ]

“phonebook” searches for U.S. street address and phone number information.

phonebook:Lisa+CA


will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering.

Google Hacks

Well, the Google’s query syntaxes discussed above can really help people to precise their search and get what they are exactly looking for.

Now Google being so intelligent search engine, hackers don’t mind exploiting its ability to dig much confidential and secret information from the net which they are not supposed to know. Now I shall discuss those techniques in details how hackers dig information from the net using Google and how that information can be used to break into remote servers.

Index Of

Using “Index of ” syntax to find sites enabled with Index browsing

A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. The use of “index of” syntax to get a list links to webserver which has got directory browsing enabled will be discussd below. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily.

Index of /admin
Index of /passwd
Index of /password
Index of /mail

"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess

"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"


Looking for vulnerable sites or servers using “inurl:” or “allinurl:”

a. Using “allinurl:winnt/system32/” (without quotes) will list down all the links to the server which gives access to restricted directories like “system32” through web. If you are lucky enough then you might get access to the cmd.exe in the “system32” directory. Once you have the access to “cmd.exe” and is able to execute it.


b. Using “allinurl:wwwboard/passwd.txt”(without quotes) in the Google search will list down all the links to the server which are vulnerable to “WWWBoard Password vulnerability”. To know more about this vulnerability you can have a look at the following link:

http://www.securiteam.com/exploits/2BUQ4S0SAW.html

c. Using “inurl:.bash_history” (without quotes) will list down all the links to the server which gives access to “.bash_history” file through web. This is a command history file. This file includes the list of command executed by the administrator, and sometimes includes sensitive information such as password typed in by the administrator. If this file is compromised and if contains the encrypted unix (or *nix) password then it can be easily cracked using “John The Ripper”.

d. Using “inurl:config.txt” (without quotes) will list down all the links to the servers which gives access to “config.txt” file through web. This file contains sensitive information, including the hash value of the administrative password and database authentication credentials.

For Example: Ingenium Learning Management System is a Web-based application for Windows based systems developed by Click2learn, Inc. Ingenium Learning Management System versions 5.1 and 6.1 stores sensitive information insecurely in the config.txt file. For more information refer the following
links: http://www.securiteam.com/securitynews/6M00H2K5PG.html

Other similar search using “inurl:” or “allinurl:” combined with other syntax


inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php

inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/ +mailto


Looking for vulnerable sites or servers using “intitle:” or “allintitle:”

a. Using [allintitle: "index of /root”] (without brackets) will list down the links to the web server which gives access to restricted directories like “root” through web. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

b. Using [allintitle: "index of /admin”] (without brackets) will list down the links to the websites which has got index browsing enabled for restricted directories like “admin” through web. Most of the web application sometimes uses names like “admin” to store admin credentials in it. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

Other similar search using “intitle:” or “allintitle:” combined with other syntax

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov



Other interesting Search Queries

· To search for sites vulnerable to Cross-Sites Scripting (XSS) attacks:

allinurl:/scripts/cart32.exe
allinurl:/CuteNews/show_archives.php
allinurl:/phpinfo.php



· To search for sites vulnerable to SQL Injection attacks:

allinurl:/privmsg.php
allinurl:/privmsg.php

Read More

How to chat on java mobile ?

hi,,,, today i will write about how to chat on mobile like instant messenger !

by using this applications you can send or receive files and photographs , you can send buzz etc. on the mob.
you can live chat on face book ! 
here are two best application according to mine.
you may love that application
1.ebuddy.
if you wanted to use this application you have to first install this application on mob. and register on this site . it's very simple after doing this job, now you have to sing in to your social networking web site or any other account means to say you have to link other account to this ebuddy account . i love this application ! here are some screen shots :

Download

2. Nimbuzz :
Now this app. is also an  interesting  app because you may now that yahoo messenger has many room chat
like Gujarat global chat, India global chat , Australia global chat etc...
as same as nimbuzz is having privet and global chat rooms .
as same as ebuddy you can also chat with facebook friends on nimbuzz and if two friends has a nimbuzz account you can call each other ! for free ! but limited minutes . here are some snaps of it :

Download

3. Migg33 : 
 this app is also good . in migg33 you can not just call migg33 member but you can call also out side friends in this case migg33 server calls you and connects to your requested mobile number !   
mig33 is the largest global community that brings you the power of the internet right to your mobile phone.Chat with millions of mig33 users .Keep friends in the loop with new status updates.Make cheap calls to any phone, anywhere, anytime!.SMS friends instantly with a cheap flat-rate.Personalize with cool themes, wallpapers and ringtones.Express yourself with tons of different emoticon packs.Share photos directly with all your friends and save them online.Free credits for inviting friends to join. here are some snaps of it :

Download 

4. Skype:
yaah..... skype we all now about it . it's a free voip site which is providing totally free call to skype 2 skype and providing very cheap price call to mobile number's  it also providing video call.
this software has a little limitation on java based mobile . after installing this app. you can directly call mobile to pc ! skype to skype call ! chat is working most of nokia mobile so enjoy this all apps... here are some snaps of it :

  Download
 
 if you like my posts suggests to you friends . or became a fan on face book !     

Read More

Turn Your Mobile into A wireless webcam !!

,now you can use your mobile phone as a web cam !!  it can now serve streaming video on pc !!


so, to set your java mobile as web cam you will need a  Bluetooth device buy it if you don't have,Price is around 100 Rs so buy it if you are a Desktop user .okay so now after installing Bluetooth hardware and Software . download this software from Here 
now you will need another software for your s60 or java Enabled mobile . get it from here 
download that .jar file .and install it on your cell phone . now open that software on mobile and connect it with your pc Bluetooth device . don't forget to run smart cam first . n you will see streaming  video from your mobile cam !! 

but unfortunately it's works only on S60 series phone :( not on s40. Google it if you don't know what is s60 or S40 .
So Enjoy...... N Stay Connected. :)

Read More

12 Tips to Maintain a Virus Free Computer

There are many viruses and worms out there that could infect your computer. Some are harmless, but, they do have the capacity to do any number of nasty things, up to and including, erasing all data from your computer. However there are ways to keep viruses away from your PC. Here are the 12 tips to maintain a virus free computer.

 

1. Email is one of the common ways by which your computer can catch a virus. So it is always recommended to stay away from SPAM. Open only those emails that has it’s origin from a trusted source such as those which comes from your contact list. If you are using your own private email host (other than gmail, yahoo, hotmail etc.) then it is highly recommended that you use a good anti-spam software. And finally NEVER click on any links in the emails that comes from untrusted sources.

 

2. USB thumb/pen drives is another common way by which viruses spread rapidly. So it is always a good habit to perform a virus scan before copying any data onto your computer. NEVER double-click the pen drive to open it. Instead right-click on it and select the option “open”. This is a safe way to open a pen drive. 

 

3. Be careful about using MS Outlook. Outlook is more susceptible to worms than other e-mail programs, unless you have efficient Anti-Virus programs running. Use Pegasus or Thunderbird (by Mozilla), or a web-based program such as Hotmail or Yahoo (In Firefox).

 

4. As we all know, Internet is the main source of all the malicious programs including viruses, worms, trojans etc. In fact Internet contributes to virus infection by up to 80%. So here are the tips for safe surfing habits so that you can ward off virus infection up to the maximum extent.

• Don’t click on pop-up windows that announce a sudden disaster in your city or announce that you’ve won an hourly prize. They are the ways to mislead Internet users and you should never trust them.
• You can also use a pop-up blocker to automatically block those pop-ups.

 

5. Most of us use search engines like Google to find what we are looking for. It is quite obvious for a malicious website to get listed in the search results. So to avoid visiting those untrusted malicious websites, you can download and install the AVG LinkScanner which is a freeware. This tool can become very handy and will help you to stay away from malicious websites.

 

6. Install a good antivirus software and keep it updated. Also perform full system scan periodically. It is highly recommended that you turn on the automatic update feature. This is the most essential task to protect your PC from virues. If PC security is your first option then it is recommended that you go for a shareware antivirus software over the free ones. Most of the antivirus supports the Auto-Protect feature that provides realtime security for your PC. Make sure that this feature is turned on.

 

7. Install a good Antispyware program, that operates against Internet malware and spyware.

 

8. Never open any email attachments that come from untrusted sources. If it is a picture, text or sound file (these attachments end in the extensions .txt, .jpeg, .gif, .bmp, .tif, .mp3, .htm, .html, and .avi), you are probably safe, but still do a scan before opening.

 

9. Do not use disks that other people gave you, even from work. The disk could be infected with a virus. Of course, you can run a virus scan on it first to check it out.

 

10. Set up your Windows Update to automatically download patches and upgrades. This will allow your computer to automatically download any updates to both the operating system and Internet Explorer. These updates fix security holes in both pieces of software.

 

11. While you download files from untrusted websites/sources such as torrents, warez etc. make sure that you run a virus scan before executing them.

 

12. And finally it is recommended not to visit the websites that feature illegal/unwanted stuffs such as cracks, serials, warez etc. since they contribute much in spreading of viruses and other malicious programs.

Read More

Protect yourself from fake login pages

Using fake login pages is the easiest way to hack passwords. Identifying a fake login page is very easy but many people neglect to do some small checks before entering the login details and fall in the trap.  there are many fake websites of banks, yahoomail, gmail,orkut,myspace etc …
This post is an attempt to show what a hacker does to hack your password using fake login pages and how to protect yourself from those fake logins.I will try to keep this post as simple as possible, there may be some technical details which you can safely skip.
Warning: I strongly advice you not to try this on anyone it may spoil your relation with the person on whom you are trying it and you may even end up behind the bars.

What goes on behind when you enter your login details in login form??

When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database if you entered the correct username and passowrd, if yes then you will be taken to your account else you will get an error page. What an hacker does??
h hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file.At this stage the hacker has two options, He can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter you login details for the first time your details are submitted to the hacker and you will be directed to a error page ( this is the original error page). When you enter ur login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page.

How to identify fake login page traps ??

Never enter you login details in unknown sites.
Always type the address directly in to the browser.
Do not follows the links you get in mails and chatting even if they are from your friends
Always have a keen look in the address bar and verify if the address is correct. Check the screen shot below. Some people buy doamins which look simliar to the original site example: 0rkut for orkut, pay-pal for paypal,yahooo for yahoo. Some times you may over look these small differences and fall in trap.
Please do report to the hosting site or the original site owner when you find a fake login page.
If you feel like you entered your details in a fake login page change your password immediatley.


Now let’s go on with the trick..

You have to upload the fake login page on some server with php support. There are many free web hosting services available on the net, first sign up for anyone of them.Google for some free webhosting services,you will find many. Upload the files in the zipped folder on to your server and give the link of the fake login page to the person whose password you want to know. When the person enters his email id and password in to the fake login page they will be stored in a HTML or text file  file named “passwd.htm” or "anything.txt" on your server in the same directory where you uploaded the login page. Check that text file to get the passwords you wanted.


read my previous post about hack facebook accounts using fake login pages for more technical details

Read More

Cookie Stealing: How to hack Email Accounts

If you are a newbie and don't know about cookie, then for your information, Cookie is a piece of text stored on user computer by websites visited by the user. This stored cookie is used by webserver to identify and authenticate the user. So, if you steal this cookie (which is stored in victim browser) and inject this stealed cookie in your browser, you can imitate victim identity to webserver and enter his Email account easily. This is called Session Hijacking. Thus, you can easily hack Email account using such Cookie stealing hacks.

Tools needed for Cookie stealing attack: -

Cookie stealing attack requires two types of tools: -

1.   Cookie capturing tool

2.   Cookie injecting/editing tool

1.   Cookie capturing tool: -

Suppose, you are running your computer on a LAN. The victim too runs on same LAN. Then, you can use Cookie capturing tool to sniff all the packets to and from victim computer. Some of the packets contain cookie information. These packets can be decoded using Cookie capturing tool and you can easily obtain cookie information necessary to hack Email account. Wireshark and HTTP Debugger Pro softwares can be used to capture cookies.

2.   Cookie injecting/editing tool: -

Now, once you have successfully captured your victim cookies, you have inject those cookies in your browser. This job is done using Cookie injecting tool. Also, in certain cases after injection, you need to edit cookies which can be done by Cookie editing tool. This cookie injection/editing can be done using simple Firefox addons Add N Edit Cookies and Greasemonkey scripts

Drawbacks of Cookie Stealing: -

Cookie Stealing is neglected because it has some serious drawbacks:

·        Cookie has an expiry time i.e. after certain trigger cookie expires and you cannot use it to hijack victim session. Cookie expiry is implemented in two ways: -

                     i.        By assigning specific times tamp(helpful for us).

                    ii.        By checking for triggers like user exiting from webbrowser. So, in such cases, whenever user exits from his browser, his cookie expires and our captured cookie becomes useless.

·        Cookie stealing becomes useless in SSL encrypted environment i.e. for https (Secure HTTP) links. But, most Email accounts and social networking sites rarely use https unless vicitm has manually set https as mandatory connection type.

·        Also, most cookies expire once victim hits on LogOut button. So, you have to implement this Cookie stealing hack while user is logged in. But, I think this is not such a serious drawback because most of us have the habit of checking "Remember Me". So, very few people actually log out of their accounts on their PCs.

So friends, this was a short tutorial on basics of how to hack Email account using Cookie Stealing. As I have stated, Cookie stealing has some disadvantages. But, I think Cookie stealing is a handy way to hack an Email account.

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

Read More

What is Brute Force Attack?

Brute force attack is one of the password cracking method. In this method we are trying every possible code, combination, or password by comparing different combination of characters (all possible keys) until you find the right one.

Let us assume the password length is 3. We have characters set (abcdefghijklmnopqrstuvwxyz0123456789) excluding the special characters.

The Number of Permutation takes to crack the password: -

For first character: -

Upper case letters(26 )+Lower Case Letters(26)+10 Numbers =62

Likewise for second and third character we have 62 different ways.
So the total permutation to produce different keys is =62*62*62=238328 ways.

If you include the special characters in character set, then the permutation to crack the password will increase.

If the password length is small, then it will be cracked in small amount of time. This method will take too longer time to crack lengthy passwords. It can take several hours, days, months, years.

The time depending upon the two factors: -

• Password Length
• Upper case and lower case letter combinations.

The difficulty of a brute force attack depends on several factors, such as: -

• How long can the key be?
• How many possible values can each component of the key have?
• How long will it take to attempt each key?
• Is there a mechanism which will lock the attacker out after a number of failed attempts?

Increasing Security Against a Brute Force Attack: -

• Increasing the length of the PIN
• Allowing the PIN to contain characters other than numbers, such as * or #
• Imposing a 30 second delay between failed authentication attempts
• Locking the account after 5 failed authentication attempts

Conclusion: -

For Hackers: -

Hope you understand about brute force attack, also the drawback of this method. You can take advantage if the password is simple and small in length.

For Security needers: -

If you really want to secure your account from hackers, then use the Strong password.

Read More