Hacking With Google

August 6, 2017 | Author: Michael Kwatelai Quartey | Category: Websites, Search Engine Optimization, Database Index, Hyperlink, Password
Share Embed Donate

Short Description

Download Hacking With Google...


Hacking With Google --{============}-:)♥♥♥♥♥♥♥♥♥♥♥♥♥:-P 1. Hacking Security Cameras

There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter inurl:”viewerframe?mode=motion” Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query. intitle:”Live View / – AXIS” Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google. 2. Hacking Personal and Confidential Documents

Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, work experience etc. can be found just in seconds. intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter. filetype:xls inurl:”email.xls” Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query intitle:index.of finances.xls 3. Hacking Google to gain access to Free Stuffs

Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter. “?intitle:index.of?mp3 eminem“ Now you’ll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3? with “pdf” or “zip” or “rar”. I hope you enjoy this post. Pass your comments. Cheers! ……………………………………………………………………………………………………………………………… Hacking With DDOS --{============}-:)♥♥♥♥♥♥♥♥♥♥♥♥♥:-P First open your CMD from run ( window + r ) Now the important thing what we want is the ip address of the site that we are going to attack.

To get the ip of any site just type nslookup in cmd followed by the address of website for eg: if you want the ip address of google just type nslookup http://www.google.com/ this command will give you the ip address Ok , now you got the ip address of the site you are going to attack, then type the following command in your CMD and hit enter ping website-IP -l 65500 -n 10000000 -w 0.00001 -n 10000000= the number of DoS attemps.. u can change the value "10000000" with ur desiredvalue u want to attempt attack. website-IP= Replace the text with the ip address of the site u want to be attacked.. -w 0.00001 = It is the waiting time after one ping attack. for eg: if the ip address is just type ping -l 65500 -n 10000000 -w 0.00001 And thats it you are done . Dont Change or Remove -l, -n and -w in this command.. otherwise it wont work …………………………………………………………………………………………………………………………….. How To Deface A website --{============}-:)♥♥♥♥♥♥♥♥♥♥♥♥♥:-P DEFACING WEBSITES Through this technique,the user will enter the URL but would be directed to

another WEB ADDRESS,popularly known as URL spoofing 1.) open the file:-%systemroot%/windows/system32/drivers/etc./hosts in victims computer , read it carefully at the end you will see something like this:- localhost 2.) just add The address you want to spoof Ex:- if you want your victim to open a porn site when he types the address of his institute ip of the porn site URL of the UNIVERSITY 3.) You might be thinking how to get the ip of a site.No probs just open cmd.exe and type ping web-address of the site(you will get the ip) This trick doesn't work if the browser is configured to use proxy server, if it works then also an intelligent user can catch you, i m posting a javascript this will solve your problem url spoofing I am also giving an HTML example

G00GLE HACKS WARNING:-Practising this may lead you in serious problem,Gathering information from a webserver is supposed as a Cybercrime and may lead to imprisonment,I would not be held responsible. The keywords reveal crucail information that can crack into any website Search engines like google contains some keywords that are used to explore there hidden doccument. The information reveled by these searches are very crucial as they impart knowledge about various sites,protected data,secret web cams and so on....................,a lame user cannot acces these keywords but as a hacker you must know how to surf the hidden data on net Some of these keywords are listed here:-

1.) For secret webcams :inurl:/view.shtml intitle:snc-z20 inurl:home/ intitle:snc-cs3 inurl:home/ intitle:snc-rz30 inurl:home/ 2.) These are index pages of "My Shared Folder". Sometimes they contain juicy stuff like mp3's or avi files intitle:"Index of *" inurl:"my shared folder" size modified 3.) Some of you pay some sites to download your favorite song,but why if google themselves provide free music:-(above keyword may also be used) intitle:"index of" -inurl:htm -inurl:html mp3 4.) Backup directories are often very interesting places to explore. Some of the sites in this search meant to reveal the contents of their backup directories, others did not. "Index of /backup" 5.) Accessing secret,personal and private data :intitle:"index.of.personal" index.of.secret intitle:index.of.private index.of.protected index.of.secure 6.) Hacking through exploiting various scripts provided by google,the search engine provides how the sites passes there dat through different scripts,an attacker can read these scripts and can exploit the loopholes inurl:ojspdemos jsp scripts inurl:j2ee/examples/jsp intitle:index.of WEB-INF java powered webservers

7.) Now the most intresting thing,password files user ID,Email passowrds anything related to security,type following keywords:index.of.password (some of the files contain name like horny.htm or brittany.html these are links for porn sites) ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn enable password | secret "current configuration" -intext:the ext:passwd -intext:the -sample -example intitle:"Index of" pwd.db intitle:"Index of" ".htpasswd" htpasswd.bak intitle:"Index of" ".htpasswd" "htgroup" -intitle:"dist" -apache -htpasswd.c intitle:"Index of" spwd.db passwd -pam.conf index.of passlist(CLEAR TEXT PASSWORD) index.of.etc inurl:config.php dbuname dbpass inurl:passwd.txt(CLEAR TEXT PASSWORD) intitle:index.of trillian.ini inurl:secring ext:skr | ext:pgp | ext:bak intitle:index.of administrators.pwd intitle:"index of" intext:globals.inc intitle:"index of" intext:globals.inc (CLEAR TEXT PASSWORD) signin filetype:url inurl:"Sites.dat"+"PASS=" inurl:/yabb/Members/Admin.dat intitle:index.of people.lst intitle:"Index of" passwd passwd.bak inurl:backup intitle:index.of inurl:admin (this contains information about sql tables) filetype:reg reg +intext:�WINVNC3†decode the files using can and abel filetype:cfg ks intext:rootpw -sample -test -howto its linux configuration tool named Anaconda,the root passords or ssuid are often encrypted This returns xls files containing login names and passwords. it works by showing all the xls files with password "login: *" "password= *" filetype:xls This search shows Microsoft Excel spreadsheets containing the words username, password and email filetype:xls username password email

The .netrc file is used for automatic login to servers. The passwords are stored in cleartext. filetype:netrc password It reveals the configuration of a web server,it contains password but 90% of them are encrypted intitle:index.of.config "master.passwd" files which contain encrypted passwords intitle:index.of master.passwd passwords can be decoded using L0phtcrack. SQL(Structured query language) this language helps to prepare the database,and d00dz almost all websevers maintain there logs,USER ID's,Email-passwords through this language,those who might have taken Computers in 12th(indian standards) might know about this language,an attacker can inject an SQL session to know the passwords and some of the webservers contain cleartext passwords,use following key words:Sql history files:intitle:index.ofntext:"secring.skr"|"secring.pgp"|"secring.bak" look for dump SQL passwords filetype:sql "insert into" (pass|passwd|password) 8.) CGI directories contain scripts which can often be exploited by attackers,Common gateway interface(CGI) "index of cgi-bin" 9.) Rapidshare free accounts,in case of rapidshare,you can use other accounts as well who have login passwords intitle:rapidshare intext:login(RAPID SHARE) 10.) Index of /admin Index of /passwd Index of /password Index of /mail "Index of /" +passwd "Index of /" +password.txt

"Index of /" +.htaccess "Index of /secret" "Index of /confidential" "Index of /root" "Index of /cgi-bin" "Index of /credit-card" "Index of /logs" "Index of /config" allinurl:winnt/system32/ (reveals crucial information about the type of platform ) allinurl:wwwboard/passwd.txt (reveals password files) 11.) Hacking through PHP:"Welcome to phpMyAdmin" " Create new database" Note:-More keywords can be revealed if you try some of them on other search engine like yahoo Other major keywords:inurl:ftproot intitle:"Folder Listing" "Folder Listing" Name Size Date/Time File Folder "index of" inurl:recycler allintitle:"FirstClass Login" inurl:install.pl intext:"Reading path paramaters" -edu log inurl:linklint filetype:txt -"checking" "Index Of /network" intitle:"Index of /etc" intitle:"Index of /var/spool/mail"(for mails)

HACKING WEBSITES This requires intellect 1.) In order to hack a website,just search for the material which don't have any link 2.) When you get it just try to enter through it ex:-i saw on a website igi's signature it didn't shiow any hyperlink

I just typed www.url.com/igi.jpeg/ (not a link) and i was in now search for following strings whole url/cgi-bin/ or wholeurl....../cgi-bin/ CGI(common gateway interface) 3.) Type following on google search intitle:"Index of /var/spool/mail",but you would be greeted by nothing just parent directory,You are wrong it contains hidden data surf further you will see mail box 4.) Change the permissions on someone's account in /var/spool/mail/ so the email becomes word readable.Some guz can also make a symbolic link to a page of the email server's web site (if it runs a web server and is a Unix or Linux type system). 5.) Here's how you can check to see whether anyone can snoop on your email by using their browser. Then type that location into your browser, for example url/var/spool/mail That "../" means "go up one directory. Download system programs Unix or Linux type PAM stands for Pluggable Authentication Modules. Basically PAM is a way to change on the fly the way applications or services are authenticated. When you use PAM, you can define at run time how an application or service is authenticated, rather than having to recompile it.... Effectively, program simply asks PAM "Is this user allowed to access the service I'm offering", and PAM takes care of the background details of searching /etc/shadow, /etc/passwd, checking times, etc... The "pluggable" means that as your authentication needs change, your software can be adjusted to fit without having to recompile (often a great number of) applications. You simply change the PAM configuration file to reflect the changes in your authentication. Let's try to download it. In the browser window change http to ftp and we get this:

WARNING:-Some Internet servers are protected by an Intrusion Detection System (IDS) that detects attempts to look in sensitive directories such as cgi-bin, /etc or /bin. An IDS will record the Internet address from which you accessed this directory. If the systems administrator using the IDS is paranoid, he or she might ask your online service to kick you off /etc/group FOLDER LOCK You require a software to lock your folders,oh! but i don't use any software then too i can lock them, use following code and you can also lock your folder folder lock rename the file as user.bat "user"-any name double click it a folder will be created (at the same place where the batch file is present)

View more...


Copyright ©2017 KUPDF Inc.