Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers’ weapons
Basic Operators: +, -, ~ , ., *, “”, |,
OR
Advanced Operators: allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange
Learn cool trick to view hidden passwords
Basic Operators !!
(+) force inclusion of something common Google ignores common words (where, how, digit, single letters) by default: Example: StarStar Wars Episode +I
(-) exclude a search term Example: apple –red
(“) use quotes around a search term to search exact phrases: Example: “Robert Masse” Robert masse without “” has the 309,000 results, but “robert masse” only has 927 results. Reduce the 99% irrelevant results
Basic Operators (~) search synonym: Example: ~food Return the results about food as well as recipe, nutrition and cooking information
( . ) a single-character wildcard: Example: m.trix Return the results of M@trix, matrix, metrix…….
( * ) any word wildcard
Advanced Operators:
“Site:” Site: Domain_name Find Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domain Examples: site:http://coolhackingtricks.blogspot.com
Advanced Operators: “Filetype:” Filetype: extension_type Find documents with specified extensions The supported extensions are: - HyperText Markup Language (html) - Microsoft PowerPoint (ppt) - Adobe Portable Document Format (pdf) - Microsoft Word (doc) - Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb) - Lotus 1-2-3 - Microsoft Excel (xls) (wk1, wk2, wk3, wk4, wk5, wki, wks, wku) - Microsoft Write (wri) - Lotus WordPro (lwp) - Rich Text Format (rtf) - MacWrite (mw) - Shockwave Flash (swf) - Text (ans, txt) Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible. Example: Budget filetype: xls
Advanced Operators “Intitle:”
Intitle: search_term Find search term within the title of a Webpage
Allintitle: search_term1 search_term2 search_term3 Find multiple search terms in the Web pages with the title that includes all these words
These operators are specifically useful to find the directory lists Example: Find directory list: Intitle: Index.of “parent directory”
Advanced Operators “Inurl:”
Inurl: search_term Find search term in a Web address Allinurl: search_term1 search_term2 search_term3 Find multiple search terms in a Web address Examples: Inurl: cgi-bin Allinurl: cgi-bin password
Advanced Operators “Intext;”
Intext: search_term Find search term in the text body of a document. Allintext: search_term1 search_term2 search_term3 Find multiple search terms in the text body of a document. Examples: Intext: Administrator login Allintext: Administrator login
Advanced Operators: “Cache:”
Cache: URL Find the old version of Website in Google cache Sometimes, even the site has already been updated, the old information might be found in cache Examples: Cache: http://coolhackingtricks.blogspot.com
Advanced Operators .. Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents Examples: Computer $500..1000 DVD player $250..350
Advanced Operators: “Daterange:”
Daterange: - Find the Web pages between start date and end date Note: start_date and end date use the Julian date The Julian date is calculated by the number of days since January 1, 4713 BC. For example, the Julian date for August 1, 2001 is 2452122 Examples: 2004.07.10=2453196 2004.08.10=2453258 Vulnerabilities date range: 2453196-2453258
Advanced Operators “Link:”
Link: URL Find the Web pages having a link to the specified URL Related: URL Find the Web pages that are “similar” to the specified Web page info: URL Present some information that Google has about that Web page Define: search_term Provide a definition of the words gathered from various online sources Examples: Link: coolhackingtricks.blogspot.com Related:coolhackingtricks.blogspot.com Info:coolhackingtricks.blogspot.com Define: Network security
Advanced Operators “phonebook:”
Phonebook Search the entire Google phonebook rphonebook Search residential listings only bphonebook Search business listings only Examples: Phonebook: robert las vegas (robert in Las Vegas) Phonebook: (702) 944-2001 (reverse search, not always work) The phonebook is quite limited to U.S.A
But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxy So how but if i tell u a different way to search k lets do this type in the following statements n c d results we can only provide u the guidelines, now u need to implement your Creativity to Keep it rolling.
http://coolhackingtricks.blogspot.com
Salary
Salary filetype: xls site: edu
Security social insurance number
Intitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance Number
Payroll intext: Employee intext: ssn Filetype: xls Filetype: xls “checking account” “credit card” - intext: Application -intext: Form (only 39 results)
Financial Information
Intitle: “Index of” finances.xls (9)
Personal Mailbox
Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)
Confidential Files
“not for distribution” confidential (1,760) Confidential Files “not for distribution” confidential filetype: pdf (marketing info) (456)
OS Detection
Use the keywords of the default installation page of a Web server to search.
Use the title to search
Use the footer in a directory index page
OS Detection-Windows “Microsoft-IIS/5.0 server at” OS Detection - Windows Default web page? Intitle: “Welcome to Windows 2000 Internet Services” IIS 5.0 OS Detection –Apache 1.3.11-1.3.26 Intitle: Test.Page.for.Apache seeing.this.instead OS Detection-Apache SSL enable Intitle: Test.page “SSL/TLS-aware” (127)
Search Passwords
Search the well known password filenames in URL Search the database connection files or configuration files to find a password and username Search specific username file for a specific product
Search Passwords
Inurl: etc inurl: passwd
Search Passwords
Intitle: “Index of..etc” passwd
Search Passwords
Intitle: “Index of..etc” passwd
Search Passwords
Inurl: admin.pwd filetype: pwd
Search Passwords Filetype: inc dbconn
Search Passwords
Filetype: inc intext: mysql_connect
Search Passwords
Filetype: ini +ws_ftp +pwd (get the encrypted passwords)
Search Passwords
Filetype: log inurl: “password.log” Search Username +intext: "webalizer" +intext: “Total Usernames” +intext: “Usage Statistics for” License Key Filetype: lic lic intext: key (33) (license key) Sensitive Directories Listing Powerful buzz word: Index of Search the well known vulnerable directories names Sensitive Directories Listing “index of cgi-bin” (3590) Sensitive Directories Listing Intitle: “Index of” cfide (coldfusion directory) Sensitive Directories Listing Intitle: index.of.winnt
Get the serial number you need ! (For Certain Things)
1) Go to Google. 2) Use Keyword as "Product name" 94FBR 3) Where, "Product Name" is the name of the item you want to find the serial number for. 4) And voila - there you go - the serial number you needed.
HOW DOES THIS WORK? Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page. See these example searches:
Code:
"Photoshop 7"+94FBR "Age of Mythology"+94FBR "Nero Burning Rom 5.5"+94FBR
Learn browser tips and tricks
THATS ALL FOR THE POST...KEEP FINDING YOURSELF ON THIS EXCLISIVE SEARCH ENGINE....
