Monday, 6 June 2011

Mencari Password Lewat Google

it's time we take advantage of "Uncle Google" is to search (nyari anything on the internet) with time and techniques that can be called "right". Again, this is also the result of a variety of hunting me on various web and blog teman2 all. Therefore ga wrong I also want to contribute any-to information.

First, you can search from:
1. Google ads on all sites, the result will be the same.
2. Google search button on the toolbar.
3. Google's main search engine: http://www.google.com

Furthermore, most approaches can search for what you want, follow these tips:

Below will be explained about the special command in Google, and described the understanding and use of each - each command to get information hidden and very important.

"Intitle:" syntax to restrict search results to titles that contain information on topics yangdimaksud. For example in search, "intitle: admin password" (without the quotes). The search will find pages that contain the word "password" as the title with the highest priority "admin". If the search there are two main search query, use allintitle syntax: for a complete search. For example the search "allintitle: admin mdb". So the search will be restricted to two main subject title is "admin" and "mdb".

"Inurl:" syntax restricts the search results to those URLs containing the keyword information that is intended. For example search in the search, "inurl: mdb database." The search will produce all URLs that only contain information about the "passwd".



The same thing applies to this syntax, if there are two main search query, use the syntax "allinurl:" to get the url list. For example search "allinurl: etc / passwd", will search for the URLs containing "etc" and "passwd". Slash slash ("/") between the two words etc and passwd will be ignored by search engine Google.



> "Site:" syntax restricts the search to query information based on a particular site or domain. For example, in search of information: "exploits site: itb.ac.id" (without the quotes). The search will find topics about the exploits that are available on all pages on the domain itb.ac.id.


"Cache:" will show a list of web that has been entered into Google's index database.

For example:

"Cache: deffcon.org", the search will show the lists that are stored on Google to page deffcon.org


"Filetype:" syntax on Google for search data on the internet with particular extensions (ie doc, pdf or ppt etc). For example the search:



"Filetype: doc site: go.id confidential" (without the quotes). The search will produce data files with the extensions ". Doc" in all domains go.id which contains the information "confidential".



"Link:" syntax in Google that will show a list of list webpages that have links on a special webpage. For example: "link: www.securityfocus.com" will menunjuukan list webpages that have links on the page SecurityFocus point.



"Related:" This syntax will list web pages that are similar to that on the web page indicated. For example: "related: www.securityfocus.com", the search will list web pages that are similar to Securityfocus homepage.



"Intext:" syntax of this command will look for specific words on the website. This command ignores links or URLs and page titles. For example: "intext: admin" (without quotation marks), the search will produce a link on a web page that has the keywords that have keyword admin.



On this occasion, described how the use of syntax "index of" to get links to the web server with a directory index browsing enabled .. This is a simple source of information can be obtained, but the content of the information is often a very important information. Such information can be a password or access an online transaction data and other very important thing. Below are some examples using "Index of" to get information on important and sensitive nature.


ex:

Index of / admin
Index of / passwd
Index of / password
Index of / mail
"Index of /" + passwd
"Index of /" + password.txt
"Index of /" +. Htaccess
"Index of / secret"
"Index of / confidential"
"Index of / root"
"Index of / cgi-bin"
"Index of / credit-card"
"Index of / logs"
"Index of / config"
"Index of / admin.asp"
"Index of / login.asp"

Syntax "inurl:" or "allinurl:" can be combined with other syntax as listed below:

inurl: / cgi-bin/cart32.exe
inurl: admin filetype: txt
inurl: admin filetype: db
inurl: admin filetype: cfg
inurl: mysql filetype: cfg
inurl: passwd filetype: txt
inurl: iisadmin
inurl: auth_user_file.txt
inurl: orders.txt
inurl: "wwwroot / *."
inurl: adpassword.txt
inurl: webeditor.php
inurl: file_upload.php
inurl: gov filetype: xls "restricted"
index of ftp +. mdb allinurl: / cgi-bin / + mailto allinurl: / scripts/cart32.exe
llinurl: / CuteNews / show_archives.php
allinurl: / phpinfo.php
allinurl: / privmsg.php
allinurl: / privmsg.php
inurl: cgi-bin/go.cgi? go =*
allinurl:. cgi? page =*. txt
allinurul: / modules / My_eGallery

Another use of syntax "intitle:" or "allintitle:" combined with other syntax, among others:

intitle: "Index of". sh_history
intitle: "Index of". bash_history
ntitle: "index of" passwd
intitle: "index of" people.lst
intitle: "index of" pwd.db
intitle: "index of" etc / shadow
intitle: "index of" spwd
intitle: "index of" master.passwd
intitle: "index of" htpasswd
intitle: "index of" members OR accounts
intitle: "index of" user_carts OR user_cart
allintitle: sensitive filetype: doc
allintitle: restricted filetype: mail
allintitle: restricted filetype: doc site: gov
allintitle: *. php? filename =*
allintitle: *. php? page =*
allintitle: *. php? logon =*

Here are some examples of cases:
(Please try ... any security risks with respect to the intended ... the website is the responsibility of each)

Basic operators

+, -, ~,., *, "", |, OR

Additional Operators

allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange: , daterange

Extension which can be searched:
HyperText Markup Language (html)
Microsoft PowerPoint (ppt)
Adobe Portable Document Format (pdf)
Microsoft Word (doc)
Adobe PostScript (ps)
Microsoft Works (wks, wps, wdb)
Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
Microsoft Excel (xls)
Microsoft Write (wri)
Lotus Wordpro ​​(LWP)
Rich Text Format (rtf)
MacWrite (mw)
Shockwave Flash (swf)
Text (ans, txt)

Search by range
7 million Rp5000000 computer ..

Salary search
Salary filetype: xls site: edu
Salary filetype: xls site: edu

Financial Information
Filetype: xls "checking account" "credit card"-intext: Application-intext: Form
Intitle: "Index of" finances.xls

Looking for e-mail inbox
Intitle: Index.of inurl: Inbox (456) (mit mailbox)
Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)

Detecting OS
"Microsoft-IIS/5.0 server at"
Intitle: "Welcome to Windows 2000 Internet Services" IIS 5.0
Intitle: Test.Page.for.Apache seeing.this.instead
Intitle: Test.page "SSL / TLS-aware"

Finding password
Inurl: etc inurl: passwd
Intitle: "Index of .. etc" passwd
"#-FrontPage-" inurl: service.pwd
Inurl: admin.pwd filetype: pwd
Filetype: inc dbconn
Filetype: inc intext: mysql_connect
Filetype: this + + pwd WS_FTP
Filetype: log inurl: "password.log"

Finding User Name
+ Intext: "Webalizer" + intext: "Total Usernames" + intext: "Usage Statistics for"

Seeking License Key
Filetype: Lic Lic intext: key

Directories Sensitve Listings
Intitle: "Index of" cfide
Intitle: index.of.winnt
Intitle: "index of" iissamples




keyword:
search, internet, google, facebook, bookstores, the latest, rapidshare, secret, user, another, because, information, today, downloads, tutorials, software, syntax, moderate, search terms, search engines, product, payment , perhaps, their category, no, intitle, Indonesia, filetype, lists, blogspot, blogger, internet business, learning, many, many, addresses