hosted by liquidweb

Go Back   Web Hosting Talk : Web Hosting Main Forums : Web Hosting : Hacking with Google

Forum Jump

Hacking with Google

Reply Post New Thread In Web Hosting Subscription
Send news tip View All Posts Thread Tools Search this Thread Display Modes
Old 07-25-2004, 02:05 AM
dftchris dftchris is offline
Aspiring Evangelist
Join Date: Jun 2003
Location: Indy
Posts: 379

Hacking with Google

Hi. I just read this document that was about different ways people hack using Google. After reading this document I really see how powerful Google is. It is actually kind of scary how powerful it is. I don't think I can use much of the tips in it since I am on a shared server, but I was wondering how many of you who run servers know of the different vulnerabilities that could be accessed with Google? Most of them seem like common sense things that people shouldn't have access to, but I searched for some of the examples it gives and was amazed by how many sites actually are vulnerable. I am not comfortable giving a link to the document here because I think it is geared more toward the actual hacker than to people trying to prevent hackers, I don't want to help any hackers out.

I just want to know how many people are aware of these hacking methods by using Google, and are they really a big threat or am I just being paranoid?

Sponsored Links
Old 07-25-2004, 02:08 AM
cywkevin cywkevin is offline
Predatory Poster
Join Date: Jul 2003
Location: Goleta, CA
Posts: 5,550
Technology is a blessing and a curse. We just have to learn to live and adjust to the problems it causes while still enjoying the many benefits it provides.

Patron: I'd like my free lunch please.
Cafe Manager: Free lunch? Did you read the fine print stating it was an April Fool's joke.
Patron: I read the same way I listen, I ignore the parts I don't agree with. I'm suing you for false advertising.
Cafe Owner: Is our lawyer still working pro bono?

Old 07-25-2004, 02:17 AM
mp3sattack mp3sattack is offline
Web Hosting Evangelist
Join Date: Feb 2004
Posts: 465
would like to know more to what you refer

Sponsored Links
Old 07-25-2004, 02:33 AM
dftchris dftchris is offline
Aspiring Evangelist
Join Date: Jun 2003
Location: Indy
Posts: 379
Well, I'll try to give some examples without being too specific.

Basically the document explains Google's various advanced syntaxes and ways you can use them to get access to thing you really shouldn't have access to. These are all things that are just unsecured and are accessible anyway, it just helps you find them. It surprised me how many people had these types of things exposed with no type of security.

A few examples:

There is a certain syntax and query you can use to find exposed bash_history files, which, according to the article sometimes have encrypted unix passwords hashes in them and also tells you how to crack them.

Most of them are just ways to search for open indexes and certain files in them. There is also certain syntaxes to use to find vulnerable windows servers that have, for example, the system32 open to the public. I tried this syntax and the first result actually had that folder unsecured and also the cmd.exe unsecured.

I could send this document to a moderator and have them check it over to see if it is postable, or maybe takes some parts out of it. I really don't think it would be approved though because it is VERY specific about these hacking methods.

Edit: I tried clicking on the cmd.exe because I know that I couldn't really do any damage just clciking it in IE, it would just try to download it. Well I got a 403 error so maybe it's not as unsecure as I thought. It is still alarming to find that directory has index enabled though.

Last edited by dftchris; 07-25-2004 at 02:37 AM.
Old 07-25-2004, 02:49 AM
Imago Imago is offline
Web Hosting Master
Join Date: Feb 2004
Location: Sofia
Posts: 1,349
Google is a great exposer. After 5 years peaceful co-existence, I am more than sure that the first thing Google will index on my site are all my errors and omissions, not my new pages. And what is more interesting, Google is giving those erratic pages a higher PR, so they appear on the first results page.

:: :: :: :: :: ::
:: VDSP.Net :: Directory of virtual and dedi serv providers by location and price

Old 07-25-2004, 02:54 AM
dftchris dftchris is offline
Aspiring Evangelist
Join Date: Jun 2003
Location: Indy
Posts: 379
After trying some more examples I have found that that syntaxes given don't really work very well, they may be outdated. One synyax is for only searching in the url of the website, well it was returning the search term anywhere in the site. I went into advanced search and selected the search only in url option and it still found things in other parts of the site. It still does find the vulnerable files, but you have to go through more results.


Related posts from
Title Type Date Posted
Italy Gives Google 18 Months to Comply with User Privacy Regulations Web Hosting News 2014-07-21 22:59:34
Washington Mulls Visa Restrictions to Prevent Chinese Nationals from Attending Popular US Hacking Conferences Web Hosting News 2014-05-27 11:15:49
Google Announces General Availability of Cloud Endpoints, Updates Mobile Backend Starter Web Hosting News 2013-11-11 12:14:49
Google Offers 15GB of Free Storage Across Cloud Services Web Hosting News 2013-05-13 15:00:03
Why You Should Embrace Google Plus Blog 2013-03-08 09:18:17

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Log in with your username and password

Forgot Password?
Web Hosting News:
WHT Membership
WHT Membership



Welcome to

Create your username to jump into the discussion! is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.

(4 digit year)

Already a member?