1 00:00:00,650 --> 00:00:05,810 While the search engines are the most typical examples of crawlers and they let us run queries on the 2 00:00:05,810 --> 00:00:11,480 websites, search engines are very useful to collect information about the target in depth. 3 00:00:12,610 --> 00:00:17,950 Using search engines, you can find enormous pieces of useful information about the target company, 4 00:00:18,460 --> 00:00:24,790 names of the employees, accessible services of the systems, files or folders which contain sensitive 5 00:00:24,790 --> 00:00:28,760 data login pages beyond the known weaknesses. 6 00:00:28,780 --> 00:00:32,530 These leave traces on the website, on headers titles. 7 00:00:32,740 --> 00:00:33,580 You are URLs. 8 00:00:33,910 --> 00:00:37,450 You can easily find these traces using search engines. 9 00:00:39,070 --> 00:00:44,980 Google Hacking, also named Google Dorking, is a computer hacking technique that uses Google search 10 00:00:44,980 --> 00:00:51,040 and other Google applications to find security holes in the configuration and computer code that websites 11 00:00:51,040 --> 00:00:51,550 use. 12 00:00:52,000 --> 00:00:57,340 Google hacking involves using advanced operators in the Google search engine to locate specific strings 13 00:00:57,340 --> 00:00:58,850 of text within search results. 14 00:00:59,260 --> 00:01:04,540 Some of the more popular examples are finding specific versions of vulnerable Web applications. 15 00:01:05,110 --> 00:01:09,270 Some of the advanced operators of Google's search engines are shown in the slide. 16 00:01:09,760 --> 00:01:16,570 You can see the details of advanced search in Google at Google dot com slash advanced underscore search. 17 00:01:18,070 --> 00:01:22,720 You can find a lot of specific queries on Exploit Dash SDB dotcoms. 18 00:01:23,170 --> 00:01:24,760 Google hyphen dorks. 19 00:01:25,790 --> 00:01:32,210 Using these queries, you can discover Web application of vulnerabilities, files containing username 20 00:01:32,210 --> 00:01:40,070 and or passwords, sensitive folders, Web services, error messages that disclose sensitive information, 21 00:01:40,490 --> 00:01:48,050 log or backup files, devices such as printers or CCTV cameras that are accessible over the net and 22 00:01:48,050 --> 00:01:48,410 more. 23 00:01:50,630 --> 00:01:56,630 For example, you can find a username and password list from front page servers by writing the keyword 24 00:01:56,650 --> 00:01:58,970 shown on the slide in the Google search field. 25 00:02:00,650 --> 00:02:06,490 Here, there are a few examples to show how we can use Google advanced search to find valuable information. 26 00:02:07,070 --> 00:02:16,700 For example, if we do a search with the words in Utero SEO geoduck and in utero colon admen, we can 27 00:02:16,700 --> 00:02:24,290 find administrative panels of the websites which have kode UK Super Domain, originally created by Johnny 28 00:02:24,290 --> 00:02:26,060 Long of Hackers for Charity. 29 00:02:26,360 --> 00:02:33,380 The Google Hacking Database SDB is an authoritative source for querying the ever widening reach of the 30 00:02:33,380 --> 00:02:34,490 Google search engine. 31 00:02:35,030 --> 00:02:42,590 In the HDB, you'll find search terms for files containing usernames, vulnerable servers and even files 32 00:02:42,590 --> 00:02:44,080 containing passwords. 33 00:02:44,720 --> 00:02:50,360 When the Google hacking database was integrated in the exploit database of offensive security, the 34 00:02:50,360 --> 00:02:56,510 various Google Docs contained in the thousands of exploit entries were entered into the SDB. 35 00:02:57,080 --> 00:03:03,410 The direct mapping allows penetration testers to more rapidly determine if a particular Web application 36 00:03:03,590 --> 00:03:05,690 has a publicly available exploit.