Subject Index
A
Abuse database systems,
61
Active server page (ASP) error messages,
147
Actual database files,
71
Advanced operators,
21–45
colliding operators and bad search-FU,
40–42
daterange operator,
36–37
google’s advanced operators,
24
“intitle” and “allintitle” operator,
24–26
inurl and allinurl operator,
27–29
troubleshooting your syntax,
23–24
Allintext:moo goo gai filetype:pdf,
40
Allintext:Sum Dum Goy intitle:Dragon,
40
Allintitle:”index of”“backup files”,
25
“Allintitle” operator,
24–26
Allinurl:pdf allintitle:pdf,
42
AOL Instant Messenger (AIM),
168
Apache 2.0 source code,
144
Application programming interface (API),
88,
215
Application software version and revision,
150
Authentication mechanisms,
129,
162
Authentication systems,
161
Automated grinding,
71–76
Automated scanning process,
216
Automated scanning software,
172
Automating searches
Automation, principles of,
108
Axis network print server,
183
B
Bing hacking for penetration testers,
102
C
Carriage return line feed (CRLF),
91
Colliding operators
Common file extension,
134
Content-language string,
146
Conventional security assessments,
79
Correlation function,
111
Custom search engines,
174
Cut-and-dried approach,
11
D
“Dark side” exercises,
119
Database
Daterange operator,
36–37
Default documentation,
149
Default username/password combination,
189
DejaNews,
Difficult-to-read machine code,
120
Directory traversal,
55–56
Document grinding,
76,
132
Domain name server (DNS) queries,
151
Dropdown box,
E
Everfocus EDSR applets,
194,
196
Exit administrative access button,
190
locating exploit code,
119
locating exploits via common code strings,
121
locating public exploit sites,
120
F
Favorite programming language,
94
Filetype:conf inurl:firewall,
62
Filetype:ini inurl:ws_ftp,
62
Filetype:log inurl:log,
66
Filetype:xls inurl:password.xls,
67
FireBug extension,
94,
95
G
Gain sensitive information,
135
Golden rules, of google searching,
7–8
google queries are not case sensitive,
google reserves the right to ignore you,
google wildcards,
32-word limit,
custom search engine,
174
navigation items,
processes,
searches,
17,
27,
56,
119,
125,
138,
158,
177,
193,
202
button,
interface,
translation features of,
trolls camera phone picture sites,
191
URLs, working with,
14–15
video,
web interface,
web pages,
effective search reduction,
63
directory listings and missing index files,
210–211
good solid security policy,
209–210
NOARCHIVE, cache “killer”,
213
NOSNIPPET, getting rid of snippets,
213–214
password-protected mechanisms,
213–214
Robots.txt: preventing caching,
211–212
software default settings and programs,
214
web server safeguards,
210
actual database files,
71
anonymity with caches,
48–51
automated grinding,
71–75
configuration files,
61–65
directory listings,
51–52
going out on limb, traversal techniques,
55–58
directory traversal,
55–56
incremental substitutions,
56–57
locating directory listings,
52
specific directories, finding of,
52–53
specific files, finding of,
53
Google hacking license test,
41
Google Images,
Google Maps,
Google News,
Google search basics,
1–20
exploring google’s web-based interface,
1–17
basic searching,
building google queries,
Google Groups,
putting the pieces together,
16–17
special characters,
15–16
using Boolean operators and special characters,
9–11
working with google URLs,
14–15
fast track solutions,
18–20
building google queries,
19
exploring google’s web-based interface,
18
working with google URLs,
19
introduction,
H
google’s custom search engine,
174
HomeSeer control panel,
206
Hosting C source code,
120
Hypertext Markup Language (HTML),
24,
31,
90,
99
Hypertext preprocessor (PHP)
Nuke administrator account,
187
Hypertext Transfer Protocol (HTTP),
92
I
Inanchor:click –click,
42
Incremental substitutions,
56–57
Inevitable syntax errors,
23
Information collection framework
automating searches
expanding search terms,
82–87
email addresses, verifying,
83–84
getting lots of results,
86–87
getting data from source,
88
sorting results by relevance,
109–112
scraping it yourself, requesting and receiving responses,
88–94
scraping it yourself, the butcher shop,
94–101
using other search engines,
102
using “special” operators,
87–88
Information-gathering phase,
79,
125
users,
Internet-connected network,
137
Internet Information Server (IIS),
139
HTTP/1.1 error pages,
141
Internet Information Services,
141
Internet Protocol (IP),
151
based routing protocols,
11
index of backup files,
23
“index of”“backup files”,
25
index.of inurl:“admin”,
55
Intranet#help.desk query,
135
Inurl:Computers inurl:Operating_Systems,
35
ISP’s Internet gateway,
114
J
Juicy info
L
Libssl32.dll download,
93
Libwhisker Perl library,
56
Linux/Mac OS X command,
153
Load google hacks database,
216
Local international dialing method,
108
Lynx text-based browser,
94
M
Internet Information Server (IIS),
139
web-based mail portal,
162
web data administrator software package,
68
Microsoft Access documents,
67
Microsoft FrontPage support files,
164
Microsoft-IIS/7.0 server at,
139
Microsoft Office documents,
30
Microsoft outlook web access portal,
162
Moderate SafeSearch,
MRTG configuration file,
63
Multimillion-dollar security system,
161
mysql_connect function,
68
N
Nessus security scanner,
168
Network-connected device,
157
Network hardware, location,
157–158
Network query tool (NQT),
151
Network reports, location,
156
Numrange operator,
36,
84
O
Outlook web access portal,
150
P
Page-scraping techniques,
120
Paranoid system administrator,
177
Penetration (pen) testers,
137
Personal finance programs,
167
Personal financial data,
167
Phone card (calling card) numbers,
165
phpMyAdmin installation,
187
Point-and-click script novice,
186
Portable document format (PDF),
30
sorting results by relevance,
109–112
Preferences screen,
Professional hackers,
137
Public web application exploit announcement,
123
R
Rain Forest Puppy (RFP),
56
Ranking technology,
Recent religion work,
183
Results window setting,
S
SafeSearch filtering,
Sample database files,
68
Search reduction techniques,
11
Search techniques,
Search _
term operator,
22
Secure sockets layer (SSL),
93
Secure Sockets Layer (SSL)-enabled connection,
156
–EXT:HTML–EXT:HTM–EXT:SHTML–EXT:ASP–EXT:PHP,
132–134
INURL:TEMP# INURL:TMP#INURL: BACKUP#INURL.BAK,
134
PASSWORD#PASSCODE“your password is”,
129–130
USERNAME#USERID#EMPLOYEE.ID“your username is”,
129
“Self-help” documentation,
128
Self-respecting hacker,
176
Sensitive information,
47
Sensitive security-related information,
168
Server administrator,
149
Server-generated file extension,
132
Server versioning technique,
53–55
Simple Mail Transfer Protocol (SMTP),
84
Simple reduction techniques,
126
Smoothwall personal firewalls,
180
Snort intrusion detection system,
185
Social-engineering attack,
168
Social security numbers (SSNs),
161,
167,
168
Sound security policy,
209
“Special” operators,
87–88
Specific directories, finding of,
52–53
Specific files, finding of,
53
SPI Dynamic’s WebInspect excel,
147
Stop words,
Straight-up site search,
125
Structured Query Language (SQL),
61,
127
“Student enrollment” systems,
178
Subscription-based news service,
213
Syngress publishing security,
25,
85
Syntax, troubleshooting,
23–24
T
locating targets via source code,
122
locating vulnerable targets,
122
via vulnerability disclosures,
122
Telephone conferences,
171
Top level domains (TLD),
85,
107
Traditional network fixture,
185
Transmission Control Protocol (TCP),
11,
88
TCP/Internet Protocol (IP),
91
network configuration,
115
Traversal techniques,
121
directory traversal,
55–56
incremental substitutions,
56–57
U
structure,
Uninterruptible power system (UPS),
203
UNIX
based operating system,
54
program’s configuration file,
64
users,
USENET community,
USENET newsgroups,
V
Valid queries
Voice over IP (VOIP) service,
198
Vulnerability assessment,
150
W
Web assessment tools,
147
Web-based administrative interfaces,
179
Web-based discussion forums,
Web-based interface, ,
158,
183
Web-based networking tools,
159
Web-based network statistics package,
156
Web-based statistical programs,
162
Web-enabled network devices, targeting,
156
Web pages, ,
17,
25,
30,
51,
57,
82,
121,
149,
177,
185
Web search,
engines,
Web servers,
27,
29,
48,
52,
53,
57,
139,
147,
159,
162,
166,
169,
176,
211
application software error messages,
147–148
Web utilities, using and locating,
151–155
Wildcards,
character,
Worm-based spam campaign,
162
Y
Z