If you do not already know, Google can be used by malicious person to hack websites, servers, credit cards, and ………..
Ohhh yes, Google is the best friend of hackers, using what is called GOOGLE DORKS, a hacker can easily find exploitable vulnerabilities and mount attacks that will allow access to the vulnerable target.
Google dorks are a combination of words used as search keyword.
The Google Hacking Database (GHDB) is a project started by Johnny Long, and located at: http://www.hackersforcharity.org/ghdb/
For more information follow the link: http://www.exploit-db.com/google-hacking-database-reborn/
Now time to demonstrate the power of the Google Hacking Database,
We start by choosing a dork, in this example I'll use:
&
Ok, now let's see the result: filetype:sql insert into users
As you can see, we come across databases dump, and we can clearly see the username and the password, but unfortunately the passwords may be encrypted :(
The solution is to combine the two dorks: filetype:sql insert into users values MD5
Now we see the username and password "NON-ENCRYPTED" :)
To find specified targets you can tweak your dork, for example if you want to find database dump of a content management system (Drupal, Joomla, ……), all you have to do is to add the table name;
ok try this one (Joomla):
GAME OVER.
Put in your mind that Hacking is illegal in most countries.
0 comments:
Post a Comment