Penetration Testing mailing list archives
Re: Website search engine is a hacking tool..
From: Wojciech Pawlikowski <ducer () u-n-f com>
Date: Thu, 22 Jul 2004 08:35:51 +0200
On Mon, Jul 19, 2004 at 08:06:21AM +0400, Amal Mohammad Al Hajeri wrote:
Hi List, Did you ever thought of the website search engine as a hacking tool? During one of the pen-tests, The website search engine, was a valuable tool to discover interesting directories within the website itself, these directories were not detected by famous website scanners like nikto or SPI dynamics,i managed to get documentation pages about the API application implemented, management login pages, backup files and much more. I leave it to your imagination to search for words like: password,login,oracle,database,administrator, backup...etc
It's nuffin new, if you want to be a good google hacker you should start from reading http://neworder.box.sk/newsread_print.php?newsid=8203 and than try to browse http://johnny.ihackstuff.com/index.php?module=prodreviews -- * Wojciech Pawlikowski :: http://ducer.w00nf.org :: NIC-HDL: WP5161-RIPE * * We are never deceived, we deceive ourselves -- Goethe *
Current thread:
- Website search engine is a hacking tool.. Amal Mohammad Al Hajeri (Jul 21)
- Re: Website search engine is a hacking tool.. Gerry Eisenhaur (Jul 22)
- Re: Website search engine is a hacking tool.. Wojciech Pawlikowski (Jul 22)
- <Possible follow-ups>
- RE: Website search engine is a hacking tool.. Drew Copley (Jul 23)
- RE: Website search engine is a hacking tool.. Charles Gillman (Jul 28)
- RE: Website search engine is a hacking tool.. Amal Mohammad Al Hajeri (Jul 28)
- RE: Website search engine is a hacking tool.. Vinicius Moreira Mello (Jul 30)
- RE: Website search engine is a hacking tool.. Mark Curphey (Jul 30)
- RE: Website search engine is a hacking tool.. Charles Gillman (Jul 28)
- Re: Website search engine is a hacking tool.. c0ntex (Jul 28)