|
||||||||||||||||||||||||
Can Google Hack?
Google Hack
Yesterday i came through this book O'Reilly publication
i was shocked to notice the capabilitied of the Google as mentioned there
i am sure one can use it to hack not only simple sites but the Popular domains even
May add the tips if Administrator allows...
Yesterday i came through this book O'Reilly publication
i was shocked to notice the capabilitied of the Google as mentioned there
i am sure one can use it to hack not only simple sites but the Popular domains even
May add the tips if Administrator allows...
Since "google hacking" has become more popular, most web masters have learned to implement the robots.txt file where they don't want google to look. Also ftp's that have illict files on them have recently added passwords to protect their files, and it has become fairly useless to hack google anymore 
. Granted the risks are very little, and the "hacks" in the O' Reilly books are more for an educational purpose, and teach how to stop this from happening to your site, as well as how to seriously refine your search using these "hacks" , it is still possible, and sometimes you may strike gold and get what you are looking for, such as coupons for online purchases or in a more mallicious manner, get passwords from an unsecure forum .
. Granted the risks are very little, and the "hacks" in the O' Reilly books are more for an educational purpose, and teach how to stop this from happening to your site, as well as how to seriously refine your search using these "hacks" , it is still possible, and sometimes you may strike gold and get what you are looking for, such as coupons for online purchases or in a more mallicious manner, get passwords from an unsecure forum .... Are you guys referring to the blackhat SEO technique known as "Google Bowling", where you setup remote pages that will "lower a site's ranking in Google"?
| Quote: |
| ... Are you guys referring to the blackhat SEO technique known as "Google Bowling", where you setup remote pages that will "lower a site's ranking in Google"? |
. l am talking about using commands such as "intitle:index.of "parent directory" *.php" to steal files, the extension can be changed to search for other things too, such as .mp3's . l feel it is alright to post this since music piracy by this is obsolete and typically yields searching through pages of google for an hour to find every FTP you look in to have a password .
PS: Forgive me if l should not have posted this code, and please edit it if this is the case.
You can't really hack into a website using Google. Only for reconnaissance (gain more information about the website), and then (maybe...) take it to a more 'higher' level. You can also search for an unsecure website with vulnerabilities, but you definately can't gain access. You do that by entering a specific Google search function (usually more than 1). This is actually legitimate, as long as you stick to Google and don't go further. 
| RiCtee wrote: |
| You can't really hack into a website using Google. Only for reconnaissance (gain more information about the website), and then (maybe...) take it to a more 'higher' level. You can also search for an unsecure website with vulnerabilities, but you definately can't gain access. You do that by entering a specific Google search function (usually more than 1). This is actually legitimate, as long as you stick to Google and don't go further. |
even just getting the file, or even looking at it has a sort of "Breaking and entering" ring about it .| KHO wrote: | ||
. l am talking about using commands such as "intitle:index.of "parent directory" *.php" to steal files, the extension can be changed to search for other things too, such as .mp3's . l feel it is alright to post this since music piracy by this is obsolete and typically yields searching through pages of google for an hour to find every FTP you look in to have a password .
PS: Forgive me if l should not have posted this code, and please edit it if this is the case. |
" emoticon?[/offtopic] Ahh, now I understand.| Quote: |
| excuse me, but when you use google to take a list of passwords to a site that requires you to pay for a membership, and then use that info to hijack an account, that is pretty illegal sounding to me...... |
What I mean is that the Google search functions are legally okay to use, that's why they are there (to search). As I said: 'as long as you stick to Google and don't go further'. If you Googled and found a whole list of password, don't go and click the link, but be a good boy (or girl) and report to the site admin. But it is very, very rare that you could actually find anything. Note: I'm not a lawyer, so find a real one if you need advice.
| Marston wrote: |
| ... Are you guys referring to the blackhat SEO technique known as "Google Bowling", where you setup remote pages that will "lower a site's ranking in Google"? |
sorry i am not refering to to the techniques "Google bowling"
it's quite different
It's basically for study purpose and help you to refine your search
this lowers your search time and give appropriate reply in seconds which unknown takes hours to get or even doesn't get it properly
| Marston wrote: | ||||
" emoticon?[/offtopic] Ahh, now I understand. |
Yes, it is quite easy to manuipulate google, and this is somewhat intentional l believe as it makes refining your search extremely easy
[offtopic reply]
it is awesome, never disrespect it, if you do, l will use far more than a minimum of one per paragraph beware . [/offtopic reply]This is not a computer problem.
Right?
-close-
Right?
-close-
 |