1 00:00:00,690 --> 00:00:05,820 ‫While the search engines are the most typical examples of crawlers and they let us run queries on the 2 00:00:05,820 --> 00:00:11,490 ‫websites, search engines are very useful to collect information about the target in depth. 3 00:00:12,660 --> 00:00:17,970 ‫Using search engines, you can find enormous pieces of useful information about the target company, 4 00:00:18,510 --> 00:00:24,810 ‫names of the employees, accessible services of the systems, files or folders which contain sensitive 5 00:00:24,810 --> 00:00:28,790 ‫data login pages beyond the known weaknesses. 6 00:00:28,800 --> 00:00:30,810 ‫These leave traces on the Web site. 7 00:00:31,050 --> 00:00:32,580 ‫On headers titles. 8 00:00:32,760 --> 00:00:33,600 ‫You are URLs. 9 00:00:33,960 --> 00:00:37,470 ‫You can easily find these traces using search engines. 10 00:00:39,090 --> 00:00:40,020 ‫Google hacking. 11 00:00:40,170 --> 00:00:41,160 ‫Also name Google. 12 00:00:41,160 --> 00:00:47,190 ‫Dorking is a computer hacking technique that uses Google search and other Google applications to find 13 00:00:47,190 --> 00:00:51,570 ‫security holes in the configuration and computer code that websites use. 14 00:00:52,020 --> 00:00:57,360 ‫Google hacking involves using advanced operators in the Google search engine to locate specific strings 15 00:00:57,360 --> 00:00:58,880 ‫of text within search results. 16 00:00:59,280 --> 00:01:04,560 ‫Some of the more popular examples are finding specific versions of vulnerable Web applications. 17 00:01:05,130 --> 00:01:09,300 ‫Some of the advanced operators of Google search engines are shown in the slide. 18 00:01:09,780 --> 00:01:16,590 ‫You can see the details of advance search in Google at Google dot com slash advanced underscore search. 19 00:01:18,090 --> 00:01:24,780 ‫You can find a lot of specific queries on Exploit Dash SDB dot com slash Google hyphen dorks. 20 00:01:25,790 --> 00:01:32,240 ‫Using these queries, you can discover Web application of vulnerabilities, files containing username 21 00:01:32,240 --> 00:01:40,100 ‫and or passwords, sensitive folders, Web services, error messages that disclose sensitive information, 22 00:01:40,520 --> 00:01:48,080 ‫log or backup files, devices such as printers or CCTV cameras that are accessible over the net and 23 00:01:48,080 --> 00:01:48,440 ‫more. 24 00:01:50,680 --> 00:01:56,680 ‫For example, you can find a username and password list from front page servers by writing the keywords 25 00:01:56,680 --> 00:01:58,990 ‫shown on the slide in the Google search field. 26 00:02:00,680 --> 00:02:06,520 ‫Here, there are a few examples to show how we can use Google advanced search to find valuable information. 27 00:02:07,100 --> 00:02:15,950 ‫For example, if we do a search with the words in you, Kolan Seo Dot UK and in your RL Colen admin, 28 00:02:16,340 --> 00:02:23,630 ‫we can find administrative panels of the websites which have KODE UK Super Domain, originally created 29 00:02:23,630 --> 00:02:26,090 ‫by Jonny Long of Hackers for Charity. 30 00:02:26,390 --> 00:02:33,410 ‫The Google Hacking Database SDB is an authoritative source for querying the ever widening reach of the 31 00:02:33,410 --> 00:02:34,520 ‫Google search engine. 32 00:02:35,060 --> 00:02:42,620 ‫In the HDB, you'll find search terms for files containing usernames, vulnerable servers and even files 33 00:02:42,620 --> 00:02:44,090 ‫containing passwords. 34 00:02:44,750 --> 00:02:50,390 ‫When the Google hacking database was integrated in the exploit database of offensive security, the 35 00:02:50,390 --> 00:02:56,510 ‫various Google Docs contained in the thousands of exploit entries were entered into the CDB. 36 00:02:57,110 --> 00:03:03,440 ‫The direct mapping allows penetration testers to more rapidly determine if a particular Web application 37 00:03:03,620 --> 00:03:05,720 ‫has a publicly available exploit.