<>
Easy Password Hacking Using Google
For Our Hacking Geek Lovers, this might be the Tutorial you ever been looking for
If you happen to be a smart and keen tech lover, you will understand you can do lot using google. I so tell people in as much as Google penalize websites for illegal acts, they also in another page cover are very smart providing cool hacking. Google, the global recognized search engine giant has crawled loads of data which was intended to be protected by webmasters, but Easy Password Hacking Using Google – is very easy to learn, this knowledge is excavated by Applygist.com and is being exploited and mined by smart users using Google dorks. HACKING WHATSAPP ADMIN 2017
Easy Password Hacking Using Google
In today’s tutorial, which we decided to tag as Easy Password Hacking Using Google, I will be discussing some practical dorks which will help you gain passwords, databases and vulnerable directories. Practically, basic methodology remains the same, query Google using specialized dorks with precise parameters and you are good to go. Hopefully, your got small understanding what basic working knowledge of google dorks.
First in the roll we will look into
FTP passwords
ws_ftp.ini is a configuration file for a popular win32 FTP client that stores usernames, (weakly) encoded passwords, sites and directories that the user can store for later reference.
intitle:index.of ws_ftp.ini
You can also this dork which uses “parent directory” to avoid results other than directory listings
filetype:ini ws_ftp pwd
Or
“index of/” “ws_ftp.ini” “parent directory”
even if the site or file has been taken offlline, you can still search the contents in the Google cache using the following dork
“cache:www.abc.com/ws_ftp.ini”
where
www.abc.com is the site you want to check the dork for.
The ws_ftp password uses quite weak encryption algorithm, hence once you get the password, you can break it using the decryptor provided here or from here.
PHP Hacking
Sites made in PHP have a file known as “config.php” which stores configuration and the username and password for the sql database the site is hosting. This password is required only once per transaction (i.e when ever admin logins or a transaction is committed at administrator level) and hence will be specified by the ‘require_once’ parameter in the config file or in index file.
intitle:index.of config.php
to view php file contents
intitle:”Index of” phpinfo.php
you can also try the directory traversal attack in php using the following dork
inurl:download.php?=filename
if you are lucky, substitute the filename with ‘index.php’, download it, read it and get the password (hint:if you are not able to find it, try looking for globals.php). Easy Password Hacking Using Google
Since most websites today deny this trick, but you may get lucky with some 🙂
SQL Dumps
We will be hunting for SQL password dumps saved in database, here ext:sql specifies the type of password dump, e10adc3949ba59abbe56e057f20f883e is the md5 hash for 123456; one of the most common password people keep..and intext dork will allows to search inside the dump. Easy Password Hacking Using Google
ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e
ext:sql intext:”INSERT INTO” intext:@somemail.com intext:password
Its not over..Yet
A very flexible query can be used to hunt for WS_FTP.log which in turn can disclose valuable information about the server.
+htpasswd +WS_FTP.LOG filetype:log
You can substitute “+htpasswd” for “+FILENAME” & you may get several results not mentioned before using the normal search. You can further explore filenames by using keywords like
phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet
The list goes on and on.. Also you cam try this dork to data mine information about the uploader
“allinurl: “some.host.com” WS_FTP.LOG filetype:log”
which tells you more about who’s uploading files to a specific site, quite handy for some passive reconnaissance. Easy Password Hacking Using Google
Hope this was helpful this time. HOW TO HACK CREDIT CARDS
Easy Password Hacking Using Google