Está en la página 1de 4

1 How to use Google for Hacking.

Appendix A Google serves almost 80 percent oI all search queries on the Internet, proving itselI as
the most popular search engine. However Google makes it possible to reach not only the publicly
available inIormation resources, but also gives access to some oI the most conIidential inIormation
that should never have been revealed. In this post I will show how to use Google Ior exploiting
security vulnerabilities within websites. The Iollowing are some oI the hacks that can be
accomplished using Google.
1. Hacking Security Cameras
Appendix B There exists many security cameras used Ior monitoring places like parking lots,
college campus, road traIIic etc. which can be hacked using Google so that you can view the images
captured by those cameras in real time. All you have to do is use the Iollowing search query in
Google. Type in Google search box exactly as Iollows and hit enter
Appendix C inurl:viewerframe?modemotion
Appendix D Click on any oI the search results (Top 5 recommended) and you will gain access to
the live camera which has Iull controls.
Appendix E you now have access to the Live cameras which work in real-time. You can also move
the cameras in all the Iour directions, perIorm actions such as zoom in and zoom out. This camera
has really a less reIresh rate. But there are other search queries through which you can gain access
to other cameras which have Iaster reIresh rates. So to access them just use the Iollowing search
query.
Appendix F intitle:Live View / - AXIS
Appendix G Click on any oI the search results to access a diIIerent set oI live cameras. Thus you
have hacked Security Cameras using Google.
. Hacking Personal and Confidential Documents
Appendix H Using Google it is possible to gain access to an email repository containing CV oI
hundreds oI people which were created when applying Ior their jobs. The documents containing
their Address, Phone, DOB, Education, Work experience etc. can be Iound just in seconds.
Appendix I intitle:curriculum vitae ~phone ` ` ` ~address ` ~e-mail
Appendix J You can gain access to a list oI .xls (excel documents) which contain contact details
including email addresses oI large group oI people. To do so type the Iollowing search query and
hit enter.
Appendix K filetype:xls inurl:email.xls
Appendix L Also it`s possible to gain access to documents potentially containing inIormation on
bank accounts, Iinancial summaries and credit card numbers using the Iollowing search query
Appendix Mintitle:index.of finances.xls
4 . Hacking Google to gain access to Free Stuffs
Appendix N Ever wondered how to hack Google Ior Iree music or ebooks. Well here is a way to do
that. To download Iree music just enter the Iollowing query on google search box and hit enter.
Appendix O ~?intitle:index.of?mp eminem~
Appendix P Now you`ll gain access to the whole index oI eminem album where in you can
download the songs oI your choice. Instead oI eminem you can subtitute the name oI your Iavorite
album. To search Ior the ebooks all you have to do is replace 'eminem with your Iavorite book
name. Also replace 'mp3 with 'pdI or 'zip or 'rar.

4. Using Google, and some finely crafted searches we can find a lot of
interesting information.
Appendix Q For Example we can Iind:
Credit Card Numbers
Passwords
SoItware / MP3's
.. (and on and on and on) Presented below is just a sample oI interesting searches that we can
send to google to obtain inIo that some people might not want us having.. AIter you get a taste
using some oI these, try your own craIted searches to Iind inIo that you would be interested in.
Appendix R Try a Iew oI these searches:
intitle:Index oI passwords modiIied
allinurl:authuserIile.txt
'access denied Ior user 'using password
'A syntax error has occurred Iiletype:ihtml
allinurl: admin mdb
'ORA-00921: unexpected end oI SQL command
inurl:passlist.txt
'Index oI /backup
'Chatologica MetaSearch 'stack tracking:
Appendix S Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
Appendix T 'parent directory /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory 'Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
'parent directory Name oI Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -
md5sums
Notice that I am only changing the word aIter the parent directory, change it to what you want and
you will get a lot oI stuII.
%HOD
Appendix U put this string in google search:
?intitle:index.oI? mp3
You only need add the name oI the song/artist/singer.
Example: ?intitle:index.oI? mp3 jackson
%HOD
Appendix V put this string in google search:
inurl:microsoIt Iiletype:iso
You can change the string to watever you want, ex. microsoIt to adobe, iso to zip etc.

'# -FrontPage- inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
Appendix W
'AutoCreateTRUE password`

%s searces te password for 'Webste Access Analy:er`, a Japanese software tat creates
webstatstcs. For tose wo can read Japanese, ceck out te autors ste at. coara.or.fp/~passy/
[or.fp]
Appendix X 'ttp.//:www` domanname
%s s a query to get nlne passwords from searc engnes (not fust Google), you must type n te
query followed wt te te doman name wtout te .com or .net
Appendix Y 'ttp.//:www` bangbus or 'ttp.//:*wwwbangbus
Appendix Z Another way is by just typing
'http://bob:bobwww
Appendix AA 'sets mode: k
This search reveals channel keys (passwords) on IRC as revealed Irom IRC chat logs.

allinurl: admin mdb
Not all oI these pages are administrator`s access databases containing usernames, passwords and
other sensitive inIormation, but many are!
Appendix BB allinurl:authuserIile.txt
DCForum`s password Iile. This Iile gives a list oI (crackable) passwords, usernames and email
addresses Ior DCForum and Ior DCShop (a shopping cart program(!!!). Some lists are bigger than
others, all are Iun, and all belong to googledorks. )
Appendix CC intitle:Index oI conIig.php
This search brings up sites with 'conIig.php Iiles. To skip the technical discussion, this
conIiguration Iile contains both a username and a password Ior an SQL database. Most sites with
Iorums run a PHP message base. This Iile gives you the keys to that Iorum, including FULL
ADMIN access to the database.
Appendix DD eggdrop Iiletype:user user These are eggdrop conIig Iiles. Avoiding a Iull-blown
descussion about eggdrops and IRC bots, suIIice it to say that this Iile contains usernames and
passwords Ior IRC users.
Appendix EE intitle:index.oI.etc This search gets you access to the etc directory, where many
many many types oI password Iiles can be Iound. This link is not as reliable, but crawling etc
directories can be really Iun!
Appendix FFIiletype:bak inurl:htaccess,passwd,shadow,htusers This will search Ior backup Iiles
(*.bak) created by some editors or even by the administrator himselI (beIore activating a new
version). Every attacker knows that changing the extenstion oI a Iile on a webserver can have ugly
consequences.
Appendix GG Let`s pretend you need a serial number Ior windows xp pro.
Appendix HH In the google search bar type in just like this 'Windows XP ProIessional
94FBR
Appendix II the key is the 94FBR code.. it was included with many MS OIIice registration codes
so this will help you dramatically reduce the amount oI Iake` porn sites that trick you.
Appendix JJor iI you want to Iind the serial Ior winzip 8.1 'Winzip 8.1 94FBR
Appendix KK Credits and More InIo http://johnny.ihackstuII.com
I have shown you this inIo to let you know that there is a real risk putting your inIo online. II you
do want to buy stuII online make sure the site you are using is secure normally iI a site is secure you
will see a pop up saying you are now entering a secure part oI the site or a symbal oI a padlock at
the bottom oI your browser or just use pay pal, pay pal is very saIe to use. But most oI the time just
use common sense iI a site looks cheap it normally hasn`t got the protection to keep your inIo saIe.
I am not saying don`t buy stuII online because that is one oI the best thing`s about the internet i am
just saying be aware oI websites that want your bank details and there is no symbal oI a padlock at
the bottom oI your browser

.Crash a Computer using Flash and Google.


Appendix LL Open up a new Ilash document. Open up the Actions panel Ior the stage oI the
Iirst Irame. II it`s in Actionscript 2, write the Iollowing:

onEnterFrame Iunction ()
getURL('http://www.google.com, 'blank);
}
Appendix MM Or iI it`s actionscript 3 write the Iollowing:

Iunction openGoogle(e:Event):void
navigateToURL('http://www.google.com, 'blank);
}
stage.addEventListener(Event.ENTERFRAME, openGoogle);
Appendix NN Press Control-Enter when you`re ready to crash your computer. What this does is
repeatedly open up new tabs oI Google. But it opens so many Google tabs every second that aIter
maybe 20-30 seconds your computer will barely be able to respond to you mouse clicks or even
mouse movements. Usually, any attempt to stop it will result in processing overload and cause the
computer to Ireeze. The only real way to stop this is to Iorce-quit BOTH flash.exe and
iexplorer.exe. Some teachers may know enough to do this, but might accidentally close
explorer.exe
hope you enjoyed this post.