GOOGLE DOMINATE

GOOGLE DOMINATE



Google

\ "Intitle: \" syntax to restrict search results to titles that contain information on topics

meant. For example in the search? Intitle:
admin password? (Without the quotes). The search will find page that contains the word? password? as the title with the main priority? admin? .
If the search there are two main search query, use allintitle syntax: for a complete search. For example in the search? Allintitle: admin mdb?. So the search will be limited to the two main subject headings that? Admin? and? mdb?.

? inurl:? syntax to restrict search results to all URLs that contain only the keyword information that is intended. For example a search in the search,? Inurl: mdb database?. The search will produce all the URLs that only contain information about? Database mdb?.

The same thing applies to this syntax, if there are two main search query, use syntax? Allinurl:? to get the url list.
For example a search? Allinurl: etc / passwd? , The search will generate a URL that contains information about? Etc? and? passwd?. Slash slash between two words (?/?) etc and passwd will be ignored by the search engine Google.

? site:? syntax to restrict Google to query information based on a particular site or domain. For example in search of information:? Waveguide site: itb.ac.id? (without the quotes). The search will find topic about Waveguide on all pages available on the domain itb.ac.id.

? cache:? will show a list of the web that have been entered into Google's index database. For example:
? cache: deffcon.org?, search will show the list stored on Google to page deffcon.org

? filetype:? syntax on Google for search data on the internet with certain extensions (ie doc, pdf or ppt etc). For example the search:? Filetype: doc site: go.id confidential? (Without the quotes). The search will produce data files with the extensions?. Doc? in all domains go.id that contains the information? confidential?.

? link:? syntax on Google that will show a list of list webpages that have links to the special webpage. For example:? Link: www.securityfocus.com? will be pointing to a list of webpages that have links on the page point SecurityFocus.

? related:? This syntax will list web pages that are similar to that on the web page indicated.
For example:? Related: www.securityfocus.com?, A search will provide a list of web pages that are similar to Securityfocus homepage.

? intext:? syntax for this command will search for specific words on the website. This command ignores links or URLs and page titles. For example:
? intext: admin? (without the quotes), the search will produce a link on a web page that has keywords that have keyword admin.

Some query syntax above will be helpful in the search data and more detailed information.
Google can be a search engine to dig up some information and confidential, information that is not expected to be able to let the weak a system. It is used by some individuals to penetrate a server or system information.

Syntax? Index of? can be used to find sites that display the directory browsing index.
Webserver by browsing the index can be accessed, meaning anyone can access the webserver directory, as can be done in the local directories in general.
On this occasion described how the use of syntax? Index of? to get a connection to the webserver by browsing the directory index that can be accessed .. This is a simple source of information can be obtained, but the content of the information is often a very important information. Such information can only be a password or access to data and online transactions are very important things others.
Below are some examples of the use of syntax? index of? to obtain important information and sensitive nature.
ex:
Index of / admin
Index of / passwd
Index of / password
Index of / mail
\ "Index of / \" + passwd
\ "Index of / \" + password.txt
\ "Index of / \" +. Htaccess
\ "Index of / secret \"
\ "Index of / confidential \"
\ "Index of / root \"
\ "Index of / cgi-bin \"
\ "Index of / credit-cards \"
\ "Index of / logs \"
\ "Index of / config \"
\ "Index of / admin.asp
\ "Index of / login.asp

Looking for a system or a vulnerable server using the syntax? Inurl:? or? allinurl:?

1. Using the syntax? Allinurl: winnt/system32 /? (with quotes) will display a list of all the links on the server which gives access to restricted directories like? system32?. Sometimes it will get access to the cmd.exe in the directory? System32? which allows one to take control of the system on the server.

2. Using? Allinurl: wwwboard / passwd.txt? (With quotes) will display a list of all the links on the server that has a weakness on? Wwwboard password?. Further discussion of the vulnerability? Wwwboard password? can be seen on sites such as network security or http://www.securityfocus.com http://www.securitytracker.com

3. Using the syntax? Inurl: bash history? (with quotes) will display a list of links on the server which gives access to the files? bash history? through the web. The file is a command history file that contains a list of commands executed by the administrator, who sometimes comes to sensitive information such as system passwords. Often the password is encrypted on the system, to get the original password encrypted form must be decrypted using the password cracker programs. Long time to get the decryption depends on the reliability of the program and the number of characters that is encrypted.

4. Using? Inurl: config.txt? (with quotes) will display a list of all the links on the server which gives access to the files? config.txt. This file contains important information including the hash value of the administrator's password and the authentication process from a database.

Syntax? Inurl:? or? allinurl:? can be combined with other syntax as in the list below:

Inurl: / cgi-bin/cart32.exe
inurl: admin filetype: txt
inurl: admin filetype: db
inurl: admin filetype: cfg
inurl: mysql filetype: cfg
inurl: passwd filetype: txt
inurl: iisadmin
inurl: auth_user_file.txt
inurl: orders.txt
inurl: \ "wwwroot / *. \"
inurl: adpassword.txt
inurl: webeditor.php
inurl: file_upload.php
inurl: gov filetype: xls \ "restricted \"
index of ftp +. mdb allinurl: / cgi-bin / + mailto allinurl: / scripts/cart32.exe allinurl: / CuteNews / show_archives.php
allinurl: / phpinfo.php
allinurl: / privmsg.php
allinurl: / privmsg.php
inurl: cgi-bin/go.cgi? go =*
allinurl:. cgi? page =*. txt
allinurul: / modules / My_eGallery
Looking for a system or server that has a weakness with the syntax? Intitle:?
or? allintitle:?

1. Using allintitle: \ "index of / root? (Without the quotes) will show
List of links on the Web server that provides access to a restricted directory as root directory.

2. Using allintitle: \ "index of / admin? (Without the quotes) will display a link to the site that has an index that can be accessed browsing to the directory as a directory forbidden? Admin?.

Other uses of the syntax? Intitle:? or? allintitle:? combined with other syntax, among others:

intitle: \ "Index of \". sh_history
intitle: \ "Index of \". bash_history
intitle: \ "index of \" passwd
intitle: \ "index of \" people.lst
intitle: \ "index of \" pwd.db
intitle: \ "index of \" etc / shadow
intitle: \ "index of \" spwd
intitle: \ "index of \" master.passwd
intitle: \ "index of \" htpasswd
intitle: \ "index of \" members OR accounts
intitle: \ "index of \" user_carts OR user_cart
allintitle: sensitive filetype: doc
allintitle: restricted filetype: mail
allintitle: restricted filetype: doc site: gov
allintitle: *. php? filename =*
allintitle: *. php? page =*
allintitle: *. php? logon =*

The use and combination of the syntax is not only limited to the example above exposure. There are many more combinations of syntax syntax with keywords that can be used. It depends on the creativity and willingness to try. There is good use of discourse that have been outlined was used for purposes that do not cause loss or damage.
Weakness in a system or server that is well known to be sharing with the relevant system administrators that can benefit all parties. Due to the likely outcome of the search information may provide sensitive information, which is often related to the security aspects of a system or server.
Discourse about the syntax that is very helpful in the search for such information ultimately depends on the intention and purpose in the search data. Is it really done for the needs of collecting data, gathering information from a penetration of the target machine. The ultimate goal depends on the individual intentions that the author is not responsible for the misuse of the information that has been presented. As the old saying? risk borne by the passengers?.