Complete Google Hacks List | Remote Security

SUBMITTED BY: Guest

DATE: Feb. 18, 2015, 2:10 a.m.

FORMAT: Text only

SIZE: 28.5 kB

Raw Download

HITS: 1475

Report
  1. Complete Google Hacks List (and some more) is moved here from the comment. I hope ‘ll ensemble older short list of examples for efective search (hacking google). Sometimes you want to find all of your search terms in a document, and sometimes you want to find either one term or another. The term for this type of search is “Boolean.” The term “Boolean” comes from Nineteenth Century mathematician George Boole. “Boolean logic” is something that is used in all sorts of computing applications, not just search engines. Thx to handymann81
  2. How to Find Some or All of Your Search Terms in Google
  4. There are two basic Boolean search commands supported in Google, AND and OR. AND searches search for all the search terms, “Car AND Insurance,” (all documents containing both Car and Insurance) while OR searches search for one term or the other, “Car OR Insurance.” (all documents containing either Car or Insurance)
  6. AND
  8. Google defaults to AND searches automatically, so you don’t need to type “AND” into the search engine to get that result.
  10. OR
  12. If you want to find one keyword or another, use the term OR. It’s important that you use all caps, or Google will ignore your request.
  14. To find all documents containing either sausages or biscuits, type: sausages OR biscuits. You can also substitute the | character for OR, so sausages | biscuits searches for the same thing.
  16. Adding Phrases
  18. If you’re searching for a phrase rather than just a single word, you can group the words together with quotation marks. Searching for “sausage biscuits” will search for only the exact phrase sausage biscuits. It will ignore sausage and cheese biscuits. Searching for “sausage biscuits” |”cheese sauce” searches for either the exact phrase sausage biscuits or the exact phrase cheese sauce.
  20. If you’re searching for more than one phrase or keyword in addition to the Boolean, you can group them with parenthesis, such as recipes gravy (sausage | biscuit) to search for gravy recipes for either sausages or biscuits. You could even combine exact phrases and search for “sausage biscuit” (
  21. Find Exactly What You Want
  23. Sometimes you want to exclude a keyword from Google searches, and sometimes you want to include a word that Google thinks is too common and usually excludes.
  24. Including Words
  26. Google automatically ignores many common words, such as “and,” “or,” “of,” “a,” etc. It also ignores some single digits or letters. This is usually not a bad thing, because the common words would just slow searches down and not yield better results.
  28. Occasionally it might be important to include one of these words in your search results. There are two ways to do this. One technique is to use quotation marks. Anything inside quotation marks is automatically included in the search, and the search will include the exact phrase. For instance, “Rocky I” searches for the exact phrase Rocky I and will not find lyrics to “I Love Rocky Road.”
  30. Another way to force common words in your searches is with the plus sign. Searching for Rocky +I would find references to the movie and the Weird Al song. Make sure that you do put a space before the plus sign and do not put a space between the plus sign and the search word you want to include. Otherwise, the forced inclusion won’t work.
  31. Excluding Words
  33. In some search engines, you’d exclude words by using the “NOT” syntax. This doesn’t work with Google. Use the minus sign instead.
  35. If you were researching health issues, and you wanted to find out about pot bellies, you wouldn’t want to find out about pot-bellied pigs. To conduct this search, you could type “pot bellied” -pig. Just as with the plus sign, put a space before the minus sign but do not put a space between the minus sign and the word or phrase you want excluded.
  37. You can also exclude a phrase by enclosing it in quotation marks, so if you were researching livestock swine, you could search for pigs -”pot bellied” to exclude any mention of pot-bellied pigs. This wouldn’t exclude pages that talked about pig bellies, because it only excludes the exact phrase “pot bellied.”
  39. How to Search Only the Body Text of Pages in Google
  41. Ignore Links, Titles, and URLs. Occasionally you might want to restrict your searches to only the text of Web sites and ignore all the links, Titles, and URLs. This might be useful if you wanted to find Web pages that were talking about other Web sites. The command to search only the body text is intext: To find Web pages talking about Google, for example, you could search for:
  43. intext:review google.com
  45. You can also use the variation allintext: Allintext searches for all of the specified words in the body text, but it can’t be combined with other commands.
  46. How to Search Within Web Site Titles
  48. - Find Web Pages by Title. The “title” of a Web page is the name of the page as it appears on the top of your Web browser. For instance, the title of this page is How to Search Within Web Site Titles Using Google’s Intitle: Syntax.
  50. Sometimes you may want to find Web pages where one or more words appear in the title of the page. For instance, many Web pages may mention feeding iguanas, even if that’s not the main focus of the page. If you’d like to find a page dedicated to iguana feeding, you can use the Google syntax intitle: to force Google to only list results that have the word “feeding” in the title. Do not put a space between the colon and the next word. The search would look something like this:
  52. intitle:feeding iguana
  54. This will find Web pages that are relevant to the keyphrase “feeding iguana,” and it will only list results that have the word “feeding” in the title.
  56. If you’d like to restrict the search further, you could search for:
  58. intitle:feeding intitle:iguana
  60. You can also use the syntax allintitle: which only list results where all the words in the key phrase are in the title.
  62. allintitle:iguana feeding
  64. How to Restrict Your Search to Specific File Types
  66. - Find by File Type. Google can let you restrict your searches to only certain file types. This can be very helpful if you’re looking specifically for file types, such as PowerPoint, (ppt) Word, (doc) or Adobe PDF.
  68. To restrict your search to a specific file type, use the filetype: command. For example, try searching for:
  70. hotel filetype:doc
  72. You can use this same syntax with Google Desktop. To search for that forgotten widget report, try:
  74. widget report filetype:doc
  76. How to Use Google to Search Withing a Single Web Site
  78. Ever want to use Google to search a single Web site?
  80. You can use Google’s site: syntax to restrict your search to a single Web site. Make sure there’s no space between site: and your Web site. Follow with a space and then your search terms. You don’t need to use the “http://” portion of your URL.
  82. site:googlepowersearch.com power search
  84. his same search can be widened to include all the Web sites within a domain.
  86. site:edu books
  87. site:com vacation
  88. site:co.uk holiday
  90. Google’s site: syntax can be mixed with other syntax
  91. How to Restrict Your Google Search to Specific Domains or Specific Countries
  93. - Easy Google Trick to Find Better Results. Most Web sites have a .com domain name. Sometimes it’s better to restrict your searches to other domains, such as .edu or .net.
  95. One great example of this is if you are looking for information about textbooks, but you didn’t want to buy a textbook. An unrestricted Google search would mostly yield results from Web sites selling textbooks. One way to avoid this problem is to restrict your search to American universities. To do this, you’d search for:
  97. site:edu textbook
  99. You can use this to restrict searches are to US government sites site:gov, or only specific countries site:uk. You can combine the site: syntax with many other types of Google syntax
  100. I’m Feeling Lucky ButtonTM – Are You Feeling Lucky?
  102. One of the most notable objects on the Google Web search is the I’m Feeling LuckyTM button. The button may have been named as a play on the Clint Eastwood line in the movie Dirty Harry.
  104. “Do you feel lucky, punk? Well, do you?”
  106. Ordinarily when you type in a key phrase in a Google search, you press the search button, (you can also just press return or enter on your keyboard) and Google returns a results page that shows multiple Web sites matching your search phrase. The I’m Feeling LuckyTM button skips the search results page and goes directly to the first ranked page for that search phrase.
  108. If you type “white house” in the search box and press I’m Feeling LuckyTM you’ll go straight to www.whitehouse.gov. If you type “apple” into the search box and press I’m Feeling LuckyTM you’ll go directly to Apple Computer’s Web site.
  110. I’m Feeling LuckyTM is very handy if you’re fairly confident that the first result in the search engine is going to be exactly the page you want to find. It saves time and clicking to just go to the page with the first click. Using the I’m Feeling LuckyTM button is also a common game for Google bombs. It adds an element of surprise to the joke.
  111. Searches
  113. So, for starters here is a query that will give you a search results page of unprotected directories:
  115. -inurl(html|htm|php) intitle:”index of” +”last modified” +”parent directory” +description +size
  117. But, this is kind of boring. Too many unknown program files, text files, web pages etc. Let’s narrow it down. You can narrow it down by looking for something in the name of a file in the list, or by the file type, or both.
  119. For example, this query tries to find any types of files about Jennifer Lopez. Within the directories I found music, image and movie files.
  121. -inurl(html|htm|php) intitle:”index of” +”last modified” +”parent directory” +description +size +”jennifer lopez”
  123. Let’s say that we wanted to find any movie files in WMV or AVI format:
  125. -inurl(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(wmv|avi)
  127. Or audio files in WMA or MP3 format:
  129. -inurl(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(wma|mp3)
  131. Or images in JPG or GIF format:
  133. -inurlhtm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(jpg|gif)
  135. You can get more specific by specifying both the file types and a search word to hopefully find in the name. For example, the following will attempt to find the infamous Paris Hilton video tape:
  137. -inurlhtm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +size +(wmv|avi) “paris hilton”
  139. Or, you can even take a guess at the file name someone might call it:
  141. -inurl(htm|html|php) intitle:”index of” +”last modified” +”parent directory” +description +(“paris_hilton.wmv”|”paris_hilton.avi”)
  143. So there you go. You can combine various search terms and experiment with this. As you’ve seen, this is not an exact science. The directory pages you bring up may have many or even all files which are unrelated to what you are looking for. But, it does make some good hits very often.
  144. Files containing juicy info
  146. Squid cache server reports. Google Search: “cacheserverreport for” “This analysis was produced by calamaris”
  148. Admin rates this entry 5 out of 10.
  149. Submitted: 2003-06-24 12:41:16
  150. Added by: Admin
  151. Hits: 4111
  152. Score: 5
  154. These are squid server cache reports. Fairly benign, really except when you consider using them for evil purposes. For example, an institution stands up a proxy server for their internal users to get to the outside world. Then, the internal user surf all over to their hearts content (including intranet pages cuz well, the admins are stupid) Voila, intranet links show up in the external cache report. Want to make matters worse for yourself as an admin? OK, configure your external proxy server as a trusted internal host. Load up your web browser, set your proxy as their proxy and surf your way into their intranet. Not that I’ve noticed any examples of this in this google list. *COUGH* *COUGH* *COUGH* unresolved DNS lookups give clues *COUGH* *COUGH* (‘scuse me. must be a furball) OK, lets say BEST CASE scenario. Let’s say there’s not security problems revealed in these logs. Best case scenario is that outsiders can see what your company/agency/workers are surfing.
  155. Ganglia Cluster Reports
  157. Google Search: intitle:”Ganglia” “Cluster Report for”
  159. Admin rates this entry 2 out of 10.
  160. Submitted: 2003-06-24 12:44:17
  161. Added by: Admin
  162. Hits: 2639
  163. Score: 2
  165. These are server cluster reports, great for info gathering. Lesse, what were those server names again?
  166. ICQ chat logs, please…
  168. Google Search: intitle:”Index of” dbconvert.exe chats
  170. Admin rates this entry 2 out of 10.
  171. Submitted: 2003-06-24 12:45:51
  172. Added by: Admin
  173. Hits: 10557
  174. Score: 2
  176. ICQ (http://icq.com) allows you to store the contents of your online chats into a file. These folks have their entire ICQ directories online. On purpose?
  177. AIM buddy lists
  179. Google Search: buddylist.blt
  181. Admin rates this entry 4 out of 10.
  182. Submitted: 2003-06-24 14:21:05
  183. Added by: Admin
  184. Hits: 19846
  185. Score: 4
  187. These searches bring up common names for AOL Instant Messenger “buddylists”. These lists contain screen names of your “online buddies” in Instant Messenger. Not that’s not too terribly exciting or stupid unless you want to mess with someone’s mind, and besides, some people make these public on purpose. The thing that’s interesting are the files that get stored ALONG WITH buddylists. Often this stuff includes downloaded pictures, resumes, all sorts of things. This is really for the peepers out there, and it’ possible to spend countless hours rifling through people’s personal crap. Also try buddylist.blt, buddy.blt, buddies.blt.
  188. site:edu admin grades
  190. Google Search: site:edu admin grades
  192. I never really thought about this until I started coming up with juicy examples for DEFCON 11.. A few GLARINGLY bad examples contain not only student grades and names, but also social security numbers, securing the highest of all googledork ratings!
  194. phpMyAdmin dumps
  196. Google Search: “# phpMyAdmin MySQL-Dump” filetype:txt
  198. From phpmyadmin.net : “phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW.” Great, easy to use, but don’t leave your database dumps laying around on the web. They contain all SORTS of sensitive information…
  199. Sensitive Online Shopping Info
  201. intext:”Powered by X-Cart: shopping cart software” -site:x-cart.com
  203. Google Search: intext:”Powered by X-Cart: shopping cart software” -site:x-cart.com
  205. X-Cart (version 4.0.8) has multiple input validation vulnerabilities. There doesn’t seem to be any way to search for specific versions of the software with Google. See http://www.securitytracker.com/alerts/2005/May/1014077.html for more information.
  206. Ups Package tracking
  208. Google Search: site:ups.com intitle:”Ups Package tracking” intext:”1Z ### ### ## #### ### #”
  210. Ever use the UPS Automated Tracking Service?? Wanna see where packages are going? Want to Man-in-the-middle their delivery? Well, then here it is. -Digital Spirit
  211. Comersus.mdb database
  213. Google Search: inurl:”/database/comersus.mdb”
  215. Comersus is an e-commerce system and has been installed all over the world in more than 20000 sites. Using Comersus does not require that you know any programming language. BackOffice+ allows you to define virtually all properties of your on-line store through an intuitive, point-&-click interface. This search goes directly for one of the MS Access files used by the shopping cart. Searching Google and the well know security sites for Comersus reveals more security problems.
  216. VP-ASP Shop Administrators only
  218. Google Search: inurl:”shopadmin.asp” “Shop Administrators only”
  220. VP-ASP (Virtual Programming – ASP) has won awards both in the US and France. It is now in use in over 70 countries. VP-ASP can be used to build any type of Internet shop and sell anything. It has been reported that the Shopping Cart Administration script is vulnerable to XSS and SQJ injection, resulting in exposure of confidential customer information like credit card details.
  221. Various Online Devices
  223. Google Search: “powered by webcamXP” “Pro|Broadcast”
  225. WebcamXP PRO:http://www.webcamxp.com/productsadv.html. This is the most advanced version of the software. It has all the features of the other versions (including advanced users management, motion detector, and alerts manager) plus remote administration and external server notification when going offline/online.
  226. Axis Network Cameras
  228. Google Search: inurl:indexFrame.shtml Axis
  230. The AXIS 2400 is a Web server of its own. This means that the server is secured like any other Internet host. It is up to the network manager to restrict access to the AXIS Web Cameras camera server. AXIS Network cams have a cam control page called indexFrame.shtml wich can easily be found by searching Google. An attacker can look for the ADMIN button and try the default passwords found in the documentation. An attacker may also find that the directories are browsable. Additional security related information was found on the Internet.
  231. Seyeon FlexWATCH cameras
  233. Google Search: intitle:flexwatch intext:”Home page ver”
  235. Seyeon provides various type of products and software to build up a remote video monitoring and surveillance system over the TCP/IP network. FlexWATCHâ„¢ Network video server series has built-in Web server based on TCP/IP technology. It also has an embedded RTOS. The admin pages are at http://sitename/admin/aindex.htm.
  236. camera linksys inurl:main.cgi
  238. Google Search: camera linksys inurl:main.cgi
  240. Another webcam, Linksys style.
  241. How to Use Google’s Hidden Calculator – Calculate, Measure, Convert, and More
  243. Not only can you search the Web with Google, you can use it as a calculator.
  245. Google’s calculator is more than an ordinary number cruncher. It can calculate both basic and advanced math problems, and it can convert measurements as it calculates. You don’t even need to restrict yourself to numbers. Google can understand many words and abbreviations and evaluate those expressions, too.
  247. Google’s calculator was designed to solve problems without a lot of math syntax, so you may occasionally find calculator results when you didn’t even realize you were searching for the answer to a math equation.
  249. To use Google’s calculator, simply type in whatever you’d like to be calculated in the search box above. For instance, you could type:
  251. 3+3
  253. and Google will return the result 3+3=6. You can also type in words and get results. Type in three plus three and Google will return the result three plus three=six. You know your results are from Google’s calculator when you see the picture of the calculator to the left of the result.
  254. Complex Math
  256. Google can calculate more complex problems such as two to the twentieth power, 2^20 the square root of 287, sqrt(2870 or the sine of 30 degrees.
  258. sine(30 degrees)
  260. You can even find the number of possible groups in a set. For instance,
  262. 24 choose 7
  264. finds the number of possible choices of 7 items from a group of 24 items.
  265. Convert and Measure
  267. Google can calculate and convert many common measurements, so you could find out how many ounces are in a cup.
  269. oz in a cup
  271. Google’s results reveal that 1 US cup = 8 US fluid ounces. You can use this to convert just about any measurement to any other compatible measurement.
  273. 12 parsecs in feet
  275. 37 degrees kelvin in Fahrenheit
  277. You can also calculate and convert in one step. Find out how many ounces you have when you have 28 times two cups.
  279. 28*2 cups in oz
  281. Google says that 28 * 2 US cups = 448 US fluid ounces. Remember, because this is a computer based calculator, you must multiply with the * symbol, not an X. Google recognizes most common measurements, including weight, distance, time, mass, energy, and monetary currency.
  282. Math Syntax
  284. Google’s calculator is designed to calculate problems without a lot of complicated math formatting, but sometimes it’s easier and more accurate to use some math syntax. For instance, if you want to evaluate an equation that looks like a phone number,
  286. 1-555-555-1234
  288. Google will probably confuse this with its hidden phonebook. You can force Google to evaluate an expression by using an equal sign.
  290. 1-555-555-1234=
  292. This only works for problems that are mathematically possible to resolve. You can’t divide by zero with or without an equal sign. You can force parts of an equation to be resolved before other parts by enclosing them in parenthesis.
  294. (3+5)*9
  296. Some other math syntax Google recognizes:
  298. + for addition
  299. - for subtraction
  300. * for multiplication
  301. / for division
  302. ^ for exponential (x to the power of y)
  303. % for modulo (to find the remainder after division)
  304. choose X choose Y fines the number of possible subset groups of Y out of the set of X.
  305. th root of creates the nth root of a number
  306. % of finds percentages X % of Y finds X percent of Y.
  307. sqrt finds the square root of the number that follows
  308. ln logarithm base e
  309. log logarithm base 10
  310. lg logarithm base 2
  311. ! factorial – This must follow the number you wish to factor.
  313. Google’s calculator isn’t completely documented, so it may take some experimenting to find all of the hidden features. The next time you find yourself wondering how much five liters is in gallons, rather than searching for a Web site for conversion, just use Google’s hidden calculator.
  314. How to Use Google as a Dictionary
  316. - Unlock Google’s Hidden Dictionary. You may notice occasionally when you’re searching for a word, Google will offer a link to Web definitions of your word. This is part of Google’s hidden dictionary, a search of definitions on the Web.
  318. Say you’d like to find out what a “clew” is. You could search for define clew, and most of the search results would have some sort of definition. However, this is really just a keyword search, so some of the results might be long articles on clews or only mention the definition in passing.
  320. Define: Your Terms
  322. If you’re really only interested in finding a quick dictionary style definition of clew, use the syntax define:. The search in this case would be define: clew. From that search, we can instantly see that a clew is the lower corner of a boat sail.
  324. The information is coming from a variety of dictionary related Web sites, and there’s a link to the full entry for each Web site. Google also provides links to related searches, such as “clew bay.”
  326. What If You Can’t Spell? If you aren’t the best speller or you make a typo, don’t worry. Google will still suggest an alternate search, just as it does for regular Web searches. If we type in define: cliw, Google helpfully asks “Did you mean: define: clew.”
  327. Use Google as Your Phonebook
  329. - Let Your Keyboard Do the Walking. Google’s phonebook can find US public business and residential numbers, and it can find them with less information than you need to look through the paper phonebook. Google’s phonebook is hiding within http://www.google.com. Occasionally, phone numbers will appear in the search results page, depending on the keywords you type into the search box. To access the phonebook directly, type phonebook: before your search. This opens up Google’s residential phonebook.
  331. You can find someone’s phone number, but you do have to give Google a little information. For personal numbers, you generally need at least a last name and a state. To find all the Smiths in Alaska, for example, type phonebook: smith ak. That’s a lot of Smiths, and probably not very useful to find a specific Smith. If you know more information, such as the city you’re looking for or the full name, type that in, too.
  332. Limitations
  334. Google’s phonebook can only find public phone numbers. It can’t find cell numbers. Quite often the numbers are outdated. I found two outdated phone numbers for a relative of mine, and his current phone number wasn’t listed at all, even though it is public.
  335. Reverse Lookup
  337. Say you have a phone number and you want to find out who’s number it is, such as from a message left on your cell phone. To do a reverse lookup, simply type the phone number into the main Google search engine, including the area code. Type using the format 555-555-5555 for best results. Google will still find the phone number if you use parenthesis around the area code, but you may also find some irrelevant results. Remember, Google’s phonebook doesn’t contain any cell phone data.
  338. Find Business Phone Numbers
  340. Business phone numbers appear within Google search results, but they aren’t as easy to access from the phonebook.
  341. How to Use Google to Snoop Security Cams
  343. Here’s something fun to do when you’re bored. Just copy paste one of the lines below into Google search. Happy snooping!
  345. * inurl:”ViewerFrame?Mode=
  346. * intitle:Axis 2400 video server
  347. * inurl:/view.shtml
  348. * intitle:”Live View / – AXIS” | inurl:view/view.shtml^
  349. * inurl:ViewerFrame?Mode=
  350. * inurl:ViewerFrame?Mode=Refresh
  351. * inurl:axis-cgi/jpg
  352. * inurl:axis-cgi/mjpg (motion-JPEG)
  353. * inurl:view/indexFrame.shtml
  354. * inurl:view/index.shtml
  355. * inurl:view/view.shtml
  356. * liveapplet
  357. * intitle:”live view” intitle:axis
  358. * intitle:liveapplet
  359. * allintitle:”Network Camera NetworkCamera”
  360. * intitle:axis intitle:”video server”
  361. * intitle:liveapplet inurl:LvAppl
  362. * intitle:”EvoCam” inurl:”webcam.html”
  363. * intitle:”Live NetSnap Cam-Server feed”
  364. * intitle:”Live View / – AXIS”
  365. * intitle:”Live View / – AXIS 206M”
  366. * intitle:”Live View / – AXIS 206W”
  367. * intitle:”Live View / – AXIS 210″
  368. * inurl:indexFrame.shtml Axis
  369. * inurl:”MultiCameraFrame?Mode=Motion”
  370. * intitle:start inurl:cgistart
  371. * intitle:”WJ-NT104 Main Page”
  372. * intext:”MOBOTIX M1″ intext:”Open Menu”
  373. * intext:”MOBOTIX M10″ intext:”Open Menu”
  374. * intext:”MOBOTIX D10″ intext:”Open Menu”
  375. * intitle:snc-z20 inurl:home/
  376. * intitle:snc-cs3 inurl:home/
  377. * intitle:snc-rz30 inurl:home/
  378. * intitle:”sony network camera snc-p1″
  379. * intitle:”sony network camera snc-m1″
  380. * site:.viewnetcam.com -www.viewnetcam.com
  381. * intitle:”Toshiba Network Camera” user login
  382. * intitle:”netcam live image”
  383. * intitle:”i-Catcher Console – Web Monitor”
  385. THIS IS A LIL OF TOPIC BUT WHAT THE HELL……
  386. Firefox
  388. This is an interesting from my good friend, Bill Dawson. Using Mozilla, go to www.justintimberlake.com. You can see and play his new song on the site, Sexy Back.
  390. Type in about:cache in the Address Bar and you’ll see all of the files that the page references. Unfortunately for Justin, his Flash developers lead us directly to the file to download… very well disguised I must say!
comments powered by Disqus