PaulDotCom mailing list archives

Google Hacking

From: chuck at ironponies.com (Chuck Benson)
Date: Thu, 27 Aug 2009 20:41:53 -0700

Allen Deryke wrote:

You could try common nameing conventions like joh.doe at company.org 
<mailto:joh.doe at company.org>, jdoe at company.org 
<mailto:jdoe at company.org>, or sometimes j.doe at company.org 
<mailto:j.doe at company.org>. The smaller companys may use first name 
only.  Once you know one address it's easy to guess the others.

If the company has taken a strong stance on spam they may be using 
AD/LDAP to verify email address's. I've seen a bunch of 
implementations and none I've seen have a bullet proof way of 
preventing directory harvesting.

One of the best ways to confirm an email is an annoying but 
ligitimante looking mailing list/ news letter with a loaded 
unsubscribe link. Send a bunch and a normal person will go running for 
that link, you can just check your webservers logs from there.

-- Allen Deryke

On Aug 27, 2009, at 8:08 AM, bytes abit <bytesabit at gmail.com 
<mailto:bytesabit at gmail.com>> wrote:

lol, I love the simplicity Vincent!




On Wed, Aug 26, 2009 at 11:03 PM, Vincent Lape <vlape at me.com 
<mailto:vlape at me.com>> wrote:

    Why not call them and ask for it. People hate spam.

    Sent from my iPhone

    On Aug 26, 2009, at 10:01 AM, Bert Van Kets <mailing at vankets.com
    <mailto:mailing at vankets.com>> wrote:

    > Dear experts,
    >
    > A customer is asking me to retrieve e-mail addresses of Human
    Resource
    > managers is companies. I have the names and the companies and would
    > like
    > to know what methods you guys use to find the e-mail addresses. I
    > tried
    > a few companies and get stuck at the general e-mail addresses like
    > info,
    > jobs and sales.
    >
    > Thanks
    >
    > Bert
    > _______________________________________________
    > Pauldotcom mailing list
    > Pauldotcom at mail.pauldotcom.com
    <mailto:Pauldotcom at mail.pauldotcom.com>
    > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
    > Main Web Site: http://pauldotcom.com

------SNIP


If using Sendmail you can build a map containing one (or more) hashes of 
each user name. Use this with an external program to take a user name 
and hash it, followed by
looking up the hash (or hashes) and return success or failure. Even if 
someone got that datafile, it is only hash(es), not the names. Something 
similar works in Postfix as well.

The possibility of multiple hashes reduces the likelyhood of false 
positives, which you may never see anyway. In fact, even a weak hash can 
get rid of 99.9999% of bogus attempts at the externally visible machine 
without ever giving that machine a list of actual user names.

Chuck Benson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3262 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090827/af9805ee/attachment.bin

Current thread:

Google Hacking, (continued)
- Google Hacking Vincent Lape (Aug 26)
  - Google Hacking Bert Van Kets (Aug 27)
  - Free Cisco/Juniper config checker? k41zen at live.co.uk (Aug 27)
    - Free Cisco/Juniper config checker? Dan McGinn-Combs (Aug 27)
    - Free Cisco/Juniper config checker? Larry McDonald (Aug 27)
    - Free Cisco/Juniper config checker? k41zen at live.co.uk (Aug 27)
  - Google Hacking bytes abit (Aug 27)
    - Google Hacking Duncan Alderson (Aug 27)
    - Google Hacking Duncan Alderson (Aug 27)
    - Google Hacking Allen Deryke (Aug 27)
    - Google Hacking Chuck Benson (Aug 27)
- Google Hacking self.away (Aug 27)
- Google Hacking Carlos Perez (Aug 27)