How can you use the Google Hacking Database to gather information on computer systems? In this ethical hacking tutorial, you will learn how we can use this resource to footprint.
Google Hacking Database Ethical Hacker Footprinting Using Search Commands
If you will enjoy reading and contributing to the discussion for this post, will you please join us on the YouTube video above and leave a comment there because I read and respond to most comments on YouTube?
If you find anything helpful in this video or funny, will you please leave a like because you will feel great helping other people find it?
Right now we are slowly entering our footprinting section, which will be the last part of the beginner section including the scanning section that we will do right after we cover the footprinting.
Before we begin, while our machine is starting up, let us just explain a little bit more what footprinting is.
First of all, there are two types of footprinting: one is active and one is passive.
Now, the active footprinting basically requires some interaction with the target that you are trying to attack while the passive footprinting is basically just gathering all the publicly available information for your target.
So, for example, if your target has a Facebook account, a Twitter, or basically any other account or any other source of information from which you can gather some of the valuable stuff you might need.
Now let’s say, for example, your target is a company and has public information online that this company uses Windows XP on their machines. You can already cut out the Linux exploits and Windows 10 or 7 exploits, and you can basically just focus on writing a Windows XP exploit.
Now, we all know that nobody really uses XP anymore because it is vulnerable and it is basically an open box, but that was just an example. There are lots of public information which you can find.
Let’s go to some of the practical methods with Google hacking. We will cover Google hacking in this tutorial, so let me just login, “test1234.”
As soon as my desktop boots up we will open Firefox and we will run some of the specific commands in the Google search bar in order to find some of the stuff we might need.
Now, this is just one of the tools for footprinting that we will cover in the course. The other ones will be Harvester, Nikto, Shodan and Whois that we will cover in the next lectures, but for now on let’s just open our Firefox.
So just click on your Firefox icon and basically since it will lead you to your Kali Linux website, you want to navigate to Google. So we can add another tab and go on to google.com.
Now, let’s say that you want to find all the websites that have a user input that could possibly be vulnerable to the SQL injection.
On the Google search bar, you just type here: inurl: “index.php?id=”
What this will do is it will find all the websites that end in the index.php?id= and then some number.
Now, what does that mean?
Basically, if we click on any of these links like this one, we can see right here that this website could possibly be vulnerable to the SQL injection.
We can check that easily with the apostrophe and if we try to login, it says, “login failed due to incorrect email address, wrong passphrase.”
So this site isn’t horrible, at least at the first try, but we won’t try it anymore since we shouldn’t really do that.
I just want to show you how to filter out all of the websites that actually have a user input, which could be vulnerable to the SQL injection.
So basically anywhere where you can type something, and then the website page can process it, could be vulnerable to the user input, which could be a piece of code that you would trick the server to run for you.
But more about that in the website hacking section.
Now, that was just one of the commands.
In order to find the commands you might need, there is a Google hacking database, and to find it you just type here in Google, “Google hacking database,” and you click on the first link.
It will lead us to a website with a bunch of the commands that can be used in order to find out things we might need like passwords, PDF files or Excel files, or anything.
As you can see, it says right here it is the “Exploit Database” website, the “Google Hacking Database.”
These are just a bunch of the commands, which you just copy and paste into the Google search bar and it will list you all the files you are searching.
I am not really sure what these commands are, but it says right here if we click on the one, it will lead us to the command, which is this one.
Now I can only guess what this does, but we can read it in the description.
“Dork for finding login portals for well-known company websites hosted on famous hosting providers such as all of these.”
Basically, this command does that. We can try it out if we want to. It’s not really that useful for us, but why not?
You just copy the command and paste it, and we will see how it works.
They are all basically account login as we can see, “account-login, my-account-login, my-account/login.”
So it filtered out all of the websites with a directory which is /my-account-login.
Now, let’s see, for example, another one.
As you can see, these are listed with a date. The first one was yesterday. Let’s go on this one: intitle:“index of /”ssh
Now, you can read right here the data you find: Web servers version, SSH version, SSH keys, SSH logins, and SSH .exe files.
As it says right here:
“I found a lot of servers using SSH 1.4. They are usually five plus years old and full of security holes. A search in exploit database for SSH 1 turns up plus forty thousand exploits. For these, some may work.”
This could be a useful command for us. We can copy it and see what we find with it.
We won’t be attacking any of these since we don’t have permission, but it sure could be useful later on.
As you can see, we will not mess with this right now. What we want to do is only use these commands and we will cover hacking of websites later on, not on these websites, but on the websites that we do own, which we will make in our own virtual environment.
You need to use these commands only.
You can basically, if you want to search things like PDF files, you can type here in the quick search “PDF,” and it will show you the PDF I believe.
Let’s see how to find a PDF file with this command here and if this could be a PDF file that could contain a password.
As you can see right here, all files are PDF files. Let’s see if we open one, it will ask us to save these files. We do not want to save it.
Basically, this is just all of the PDF files available on the Internet. Let us just see the more accurate explanation of this command.
“Passwords and information on targets employees/customers also for spear phishing. Replace PDF extension with any other document extension like doc, docx, txt.”
Okay, that was PDF and you can use any of these commands. If you want to know what it does, you just click on the command.
This one really doesn’t have any explanation.
Let’s just check out another one.
As you can see, this command which is pretty huge, will help you to find out videos published in Google Drives.
There is a bunch of file extensions for videos. I’m not really sure why PDF is there, but there is possibly a reason for that.
So let’s say now that we do not want a PDF file, but we want an Excel file. We just type Excel.
There is no matching records found.
We can set here on 120 commands and there is a .xls file, which is an Excel file and if you click there we can see what else it will find. It’s a mix of login portals and passwords, but this is a huge command. We will not use it right now.
So, that’s all I wanted to show you.
As you can see, they basically explain for every command what it does when you click on it and see the explanation, which is basically just a lot of login portals.
It could be useful if you wanted to find some of the vulnerable sites to the specific attacks like we showed in the first command, or in the first string that we typed into Google, which was that index.php?id= that would lead us to all of the websites with user input that could be possibly vulnerable to SQL injection.
So, that’s about it for the Google hacking.
Now, if you want to, you can scroll down and check out all these other commands. It could be useful for you, but we won’t be doing that since there are lots of them and we will continue footprinting in the next lecture.
I hope I see you there and take care.
Thank you very much for watching this video tutorial that I, Jerry Banfield, executive-produced, which means I hired the instructor to make a video for you as a part of a “Master Ethical hacking in 2019“ course that I imagine you will love and enjoy.
You can unlock a career in penetration testing and go from beginner to advanced in this brand-new course all with the same instructor that we have just gone through in the video here together.
We have got five sections of the course ready for you now and we are making new videos every single week for this course for you. I imagine by the end of 2019, this course will include 10 to 20 hours of ethical hacking tutorials for you from the very basics, which we have already gotten into advanced things like building your own custom hacking tools.
This course also has a Discord server and a Facebook group where you can get answers to your questions from ethical hackers and fellow students. If you would like to buy the course, will you please use this link to buy it because I imagine if you have got this far in, you will absolutely love the full course?
You can also get this as a part of the “Jerry Banfield Forever Course Bundle,” which includes all of the classes I teach as the instructor, I make a new class every week or so, and all of the courses I pay instructors to make as in this hacking course for life.
My purpose in this is for it to be the best value you have ever gotten in education on in-demand subjects. I am intending to make anywhere from fifty to a hundred new courses for you a year indefinitely both myself and as the executive producer.
Thank you very much for watching this tutorial. I imagine if you found it helpful you will leave a like on the video to help others find this information that you found valuable with us.
If you love law enforcement, Corrections, shows like Cops, you might absolutely go crazy having a great time listening to my audiobook “Officer Banfield,” which describes my real-life experience with three years in Corrections and law enforcement.
It’s available on Audible where you can listen to it. That’s the format I recommend.
However, you can also get it on Kindle or on paperback.
If you would like to buy it, will you please go to https://jerrybanfield.com/books/ and grab it directly with a link there because you will feel great knowing that helps me earn the most as an author.
Edits from video transcript by Michel Gerard at www.michelgerardonline.com.