Re: Website search engine is a hacking tool..

• Previous message: Liberty.Anthony_at_Datacraft-Asia.com: "RE: Find out the subnetting of a company"
• In reply to: Amal Mohammad Al Hajeri: "Website search engine is a hacking tool.."
• Next in thread: Drew Copley: "RE: Website search engine is a hacking tool.."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Jul 2004 08:35:51 +0200
To: pen-test@securityfocus.com

On Mon, Jul 19, 2004 at 08:06:21AM +0400, Amal Mohammad Al Hajeri wrote:
> Hi List,
>
> Did you ever thought of the website search engine as a hacking tool?
> During one of the pen-tests, The website search engine, was a valuable
> tool to discover interesting directories within the website itself,
> these directories were not detected by famous website scanners like
> nikto or SPI dynamics,i managed to get documentation pages about the API
> application implemented, management login pages, backup files and much
> more.
> I leave it to your imagination to search for words like:
> password,login,oracle,database,administrator, backup...etc

It's nuffin new, if you want to be a good google hacker you should start
from reading http://neworder.box.sk/newsread_print.php?newsid=8203
and than try to browse http://johnny.ihackstuff.com/index.php?module=prodreviews

-- 
* Wojciech Pawlikowski :: http://ducer.w00nf.org :: NIC-HDL: WP5161-RIPE *
* 	We are never deceived, we deceive ourselves -- Goethe		 *

• Previous message: Liberty.Anthony_at_Datacraft-Asia.com: "RE: Find out the subnetting of a company"
• In reply to: Amal Mohammad Al Hajeri: "Website search engine is a hacking tool.."
• Next in thread: Drew Copley: "RE: Website search engine is a hacking tool.."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]