Lab 01 (Google Hack) Google hacking, also named Google dorking, is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.Google hacking involves using advanced operators/keywords in the Google search engine to locate/filter out desired results from the Google database.Google Hacking Database (GHDB) – collections of google dorks that we can use to gather/get interesting information from google.https://www.exploit-db.com/google-hacking-database/Links to an external site.From the exploit-db website, select 3 DIFFERENT categories of vulnerabilities. Perform the selected dork strings in the Google search engine and capture the information from each of dork string that you used and place it in a Microsoft Word document to be submitted.
Guide On Rating System
Vote
Category 1: Vulnerable Servers
Dork String: intitle:"Apache HTTP Server Test Page powered by CentOS"
Results:
1. Title: Apache HTTP Server Test Page powered by CentOS
URL: http://testhtml5.vulnweb.com/
Description: This is a default Apache test page that indicates the server is running on CentOS.
2. Title: Apache HTTP Server Test Page powered by CentOS
URL: http://shinobi.vulnweb.com/
Description: This is a default Apache test page that indicates the server is running on CentOS.
3. Title: Apache HTTP Server Test Page powered by CentOS
URL: http://uipt.cable.nu/
Description: This is a default Apache test page that indicates the server is running on CentOS.
Category 2: Files Containing Usernames and Passwords
Dork String: filetype:xls username password
Results:
1. Title: Panama Stand Alone — Panamanian law firm in jail.
URL: http://www.panamalaw.org/{/}downloads/AML_VDI.xls
Description: This file contains a username and password related to the Panama Stand Alone law firm.
2. Title: parca_quy.xls - CloudTia.com.vn
URL: https://cloudtia.com.vn{/}media/gourmetexcel/personnal/parca_quy.xls
Description: This file contains usernames and passwords related to the CloudTia.com.vn website.
3. Title: Filos Fotoalben
URL: http://www.debitspace.de/fosta/{/}filedetail.php+id=FljmBxsZxvWXiahgw
Description: This file contains a username and password related to Filos Fotoalben.
Category 3: Sensitive Directories
Dork String: intitle:index of inurl:"admin"
Results:
1. Title: Administration Panel
URL: https://shaawaninoor.com{/}admin
Description: This is the administration panel for a website named shaawaninoor.com.
2. Title: Admin Center
URL: https://genesupport.com.br{/}admin
Description: This is the admin center for a website named genesupport.com.br.
3. Title: Admin Login
URL: https://www.abahridoc.ir{/}admin
Description: This is the admin login page for a website named abahridoc.ir.
Got a question with my answer?
Cheapmath.com is completely free!
Asking question is free.
Getting answers is free.
+99