Re: [Full-Disclosure] Any thoughts on War-Googling?

related: http://www.securityfocus.com/columnists/224

Rgds,

-F

>
>Hi
>
>Well, I think there is some filtering from the search engines maintainers,
>that's why it isn't as known and successful as it could be. You can use
>different search engines who support boolean logic (most search engines
>will), like
>
>www.teoma.com www.wisenut.com www.google.com
>
>and search for different path's or filenames, like
>
>C:\winnt WinNT/2K Default-Directory
>C:\inetpub IIS Default-Directory
>TSWeb/default.htm Win2K Terminal Services
>url:.htaccess HTA-Access-File
>url:.htpasswd Password-File
>url:etc AND link:passwd Password-File
>
>And Google supports another special trick:
>
>filetype:XLS/DOC searching for Documents
>
>And now apply this for Scripting Paths, CGIs, Executables
>and all that you can find on target servers ;-)
>
>GreetZ from IndianZ
>
>mailto:indianz@indianz.ch
>http://www.indianz.ch
>
>
>
>On Sunday 18 April 2004 21.42, Aschwin Wesselius wrote:
> > Hello,
> >
> > Is there anybody who is common with the technique described in this
> > article?
> >
> > http://www.ebcvg.com/articles.php?id=207
> >
> > It says something about using Google to target servers by searching
> > paths to vulnerabilities.
> >
> > Any thoughts on that?
> >
> > Kind regards,
> >
> > Aschwin Wesselius
> >

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Sun Apr 18 15:01:45 2004