1
00:00:00,650 --> 00:00:05,810
While the search engines are the most typical examples of crawlers and they let us run queries on the

2
00:00:05,810 --> 00:00:11,480
websites, search engines are very useful to collect information about the target in depth.

3
00:00:12,610 --> 00:00:17,950
Using search engines, you can find enormous pieces of useful information about the target company,

4
00:00:18,460 --> 00:00:24,790
names of the employees, accessible services of the systems, files or folders which contain sensitive

5
00:00:24,790 --> 00:00:28,760
data login pages beyond the known weaknesses.

6
00:00:28,780 --> 00:00:32,530
These leave traces on the website, on headers titles.

7
00:00:32,740 --> 00:00:33,580
You are URLs.

8
00:00:33,910 --> 00:00:37,450
You can easily find these traces using search engines.

9
00:00:39,070 --> 00:00:44,980
Google Hacking, also named Google Dorking, is a computer hacking technique that uses Google search

10
00:00:44,980 --> 00:00:51,040
and other Google applications to find security holes in the configuration and computer code that websites

11
00:00:51,040 --> 00:00:51,550
use.

12
00:00:52,000 --> 00:00:57,340
Google hacking involves using advanced operators in the Google search engine to locate specific strings

13
00:00:57,340 --> 00:00:58,850
of text within search results.

14
00:00:59,260 --> 00:01:04,540
Some of the more popular examples are finding specific versions of vulnerable Web applications.

15
00:01:05,110 --> 00:01:09,270
Some of the advanced operators of Google's search engines are shown in the slide.

16
00:01:09,760 --> 00:01:16,570
You can see the details of advanced search in Google at Google dot com slash advanced underscore search.

17
00:01:18,070 --> 00:01:22,720
You can find a lot of specific queries on Exploit Dash SDB dotcoms.

18
00:01:23,170 --> 00:01:24,760
Google hyphen dorks.

19
00:01:25,790 --> 00:01:32,210
Using these queries, you can discover Web application of vulnerabilities, files containing username

20
00:01:32,210 --> 00:01:40,070
and or passwords, sensitive folders, Web services, error messages that disclose sensitive information,

21
00:01:40,490 --> 00:01:48,050
log or backup files, devices such as printers or CCTV cameras that are accessible over the net and

22
00:01:48,050 --> 00:01:48,410
more.

23
00:01:50,630 --> 00:01:56,630
For example, you can find a username and password list from front page servers by writing the keyword

24
00:01:56,650 --> 00:01:58,970
shown on the slide in the Google search field.

25
00:02:00,650 --> 00:02:06,490
Here, there are a few examples to show how we can use Google advanced search to find valuable information.

26
00:02:07,070 --> 00:02:16,700
For example, if we do a search with the words in Utero SEO geoduck and in utero colon admen, we can

27
00:02:16,700 --> 00:02:24,290
find administrative panels of the websites which have kode UK Super Domain, originally created by Johnny

28
00:02:24,290 --> 00:02:26,060
Long of Hackers for Charity.

29
00:02:26,360 --> 00:02:33,380
The Google Hacking Database SDB is an authoritative source for querying the ever widening reach of the

30
00:02:33,380 --> 00:02:34,490
Google search engine.

31
00:02:35,030 --> 00:02:42,590
In the HDB, you'll find search terms for files containing usernames, vulnerable servers and even files

32
00:02:42,590 --> 00:02:44,080
containing passwords.

33
00:02:44,720 --> 00:02:50,360
When the Google hacking database was integrated in the exploit database of offensive security, the

34
00:02:50,360 --> 00:02:56,510
various Google Docs contained in the thousands of exploit entries were entered into the SDB.

35
00:02:57,080 --> 00:03:03,410
The direct mapping allows penetration testers to more rapidly determine if a particular Web application

36
00:03:03,590 --> 00:03:05,690
has a publicly available exploit.