[Security] Add search engines to your hacking toolbox

[Reply] [View by Thread] [Help]
[Back To Article Discussion Forum]

View and vote on the article here: Add search engines to your hacking toolbox

Add search engines to your hacking toolbox

Category

Security

Summary

Surely you have come across them: google, lycos, ... but, did you know that they have other uses? Read along to see how an inoffensive portal can help you in your way to search vulnerabilities of a server and surf anonimously.

Body

How to find vulnerable machines with default installations of IIS or Apache (very dangerous for their owner!):

- Go to google.com, lycos.com or altavista.com.

- Type "Try the hyperlinks above to see some examples of the content you can publish with Microsoft Internet Information Server" for IIS or "This page is used to test the proper operation of the Apache Web server after it has been installed" for Apache.

- You'll find potential victims which run default installations of this service. Microsoft's IIS is notorious for being extremely unsecure.

Last year, google indexed 9,360 Apache default installations and 2,970 IIS default installations, lycos 2,310 and 105, altavista 6,205 and 3,824.

Using ftp search tools:

- Go to ftpsearchengines.com (it's a good starting point since ftpsearch.lycos.com is temporarily down).

- Try looking for such files as /etc/passwd , /etc/shadow , smdata.dat (CuteFTP) , admpw (Netscape Enterprise Server), .htaccess or .htpasswd.

- With this you will see if a bad configure ftp server is up and you can gain it's control.

Automated ftp search by warez sites scripts are alarming the internet security comunity and many ftp searching engines have filters in their attempt to protect these servers. In the other hand, also many portals still have not set up these filters yet.

Hiding your IP without proxys:

- Translation services can be a good idea for it. If you want to surf anonimously in an english web for example, go to babelfish.altavista.com , select "Web Page", type down the target and ask to translate it from other language (Spanish ;D) to English.

- You'll be surfing and in the server's logs your real IP won't appear.

- FTP search engines can be also a good idea for hidding your IP in your way to find critical files without giving a clue.

Translation engines can protect the translated webs by sending headers like REMOTE_ADDR, HTTP_X_FORWARDED_FOR or HTTP_VIA, but this technique is not yet implemented.

Tutorial by Cpt. dante00 [Cyberarmy] 1/1

This article was imported from zZine. (original author: dante00)

There are no replies to this post yet.

Guest:
Subject:
Message:	On 2007-04-29 10:01:44, dante00 wrote >View and vote on the article here: [url=/library/article?id=1384]Add search engines to your hacking toolbox[/url]<br/><br/><hr width="90%"/><center><h3>Add search engines to your hacking toolbox</h3></center><table width="100%"><tr><td valign="top">[b]Category[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">Security</td></tr></table></center></td></tr><tr><td valign="top">[b]Summary[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">Surely you have come across them: google, lycos, ... but, did you know that they have other uses? Read along to see how an inoffensive portal can help you in your way to search vulnerabilities of a server and surf anonimously.</td></tr></table></center></td></tr><tr><td valign="top">[b]Body[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">[b]How to find vulnerable machines with default installations of IIS or Apache (very dangerous for their owner!):[/b] > > > >- Go to google.com, lycos.com or altavista.com. > > > >- Type "Try the hyperlinks above to see some examples of the content you can publish with Microsoft Internet Information Server" for IIS or "This page is used to test the proper operation of the Apache Web server after it has been installed" for Apache. > > > >- You'll find potential victims which run default installations of this service. Microsoft's IIS is notorious for being extremely unsecure. > > > >Last year, google indexed 9,360 Apache default installations and 2,970 IIS default installations, lycos 2,310 and 105, altavista 6,205 and 3,824. > > > >[b]Using ftp search tools:[/b] > > > >- Go to ftpsearchengines.com (it's a good starting point since ftpsearch.lycos.com is temporarily down). > > > >- Try looking for such files as /etc/passwd , /etc/shadow , smdata.dat (CuteFTP) , admpw (Netscape Enterprise Server), .htaccess or .htpasswd. > > > >- With this you will see if a bad configure ftp server is up and you can gain it's control. > > > >Automated ftp search by warez sites scripts are alarming the internet security comunity and many ftp searching engines have filters in their attempt to protect these servers. In the other hand, also many portals still have not set up these filters yet. > > > >[b]Hiding your IP without proxys:[/b] > > > >- Translation services can be a good idea for it. If you want to surf anonimously in an english web for example, go to babelfish.altavista.com , select "Web Page", type down the target and ask to translate it from other language (Spanish ;D) to English. > > > >- You'll be surfing and in the server's logs your real IP won't appear. > > > >- FTP search engines can be also a good idea for hidding your IP in your way to find critical files without giving a clue. > > > >Translation engines can protect the translated webs by sending headers like REMOTE_ADDR, HTTP_X_FORWARDED_FOR or HTTP_VIA, but this technique is not yet implemented. > > > >Tutorial by Cpt. dante00 [Cyberarmy] 1/1</td></tr></table></center></td></tr></table><br/><br/>This article was imported from [url=http://www.zzine.org]zZine[/url]. <small>(original author: dante00)</small>
Signature:
Optional Image Link:
http://

CyberArmy::Forum v0.6
Generated In 0.01418 seconds