Scribd Logo
Upload

Welcome to Scribd!

  • Finding Sensitive Data Through Advanced Google Searches

    Uploaded by

    Jayal Yadav
    466 views10 pages
    This document provides examples of advanced Google queries that could potentially reveal sensitive information from websites. The queries search for things like open CCTV feeds, Apache server test pages, Excel files with passwords, encrypted password files, and log files containing usernames and passwords. The examples show links to real pages found through these queries, including CCTV cameras, server configuration files, a spreadsheet with hundreds of credentials, and log files disclosing login information. Performing these kinds of searches could help identify unsecured systems but may also uncover private or sensitive data.

    Original Description:

    Advanced Googling

    Original Title

    Advanced Googling

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides examples of advanced Google queries that could potentially reveal sensitive information from websites. The queries search for things like open CCTV feeds, Apache server test pages, Excel files with passwords, encrypted password files, and log files containing usernames and passwords. The examples show links to real pages found through these queries, including CCTV cameras, server configuration files, a spreadsheet with hundreds of credentials, and log files disclosing login information. Performing these kinds of searches could help identify unsecured systems but may also uncover private or sensitive data.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    466 views10 pages

    Finding Sensitive Data Through Advanced Google Searches

    Uploaded by

    Jayal Yadav
    This document provides examples of advanced Google queries that could potentially reveal sensitive information from websites. The queries search for things like open CCTV feeds, Apache server test pages, Excel files with passwords, encrypted password files, and log files containing usernames and passwords. The examples show links to real pages found through these queries, including CCTV cameras, server configuration files, a spreadsheet with hundreds of credentials, and log files disclosing login information. Performing these kinds of searches could help identify unsecured systems but may also uncover private or sensitive data.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Advanced Googling

    1. inurl:viewerframe mode=motion

    This query is focused on searching for the specific URLs over the internet which contains a
    specific i.e. viewframe mode=motion. This query is focused on the CCTV cameras URL all
    over the world which are not static and in motion mode. All the moving live CCTV footage can
    be searched all over the world by using this search query.

    Link 1:

    (Source: http://74.94.148.163:8080/ViewerFrame?Mode=Motion)

    This link shows the like video coverage of what I think is a hotel lobby. By searching the IP
    Address (74.94.148.163) it is found out that the location of this site is somewhere in Gloucester
    city of Massachusetts region in United States.
    (Source: https://www.iplocation.net/)
    Link 2:

    (Source:http://60.45.63.26/ViewerFrame?
    Mode=Motion&Resolution=640x480&Quality=Motion&Interval=30&Size=STD&PresetOperati
    on=Move&Language=1)

    The second link found with the live CCTV footage looks like a Zoo. The language on the video
    controller panel was written in Japanese so the location of the zoo must be somewhere in japan.
    After searching for the IP address (60.45.63.26) of the URL the location was found to be
    Motomiya city of Fukushima region in Japan.
    (Source: https://www.iplocation.net/)
    2. intitle:"Test Page for Apache" "It worked!" "This Web site!"

    The query is looking for the phrases like Test page of Apache, It worked and This Web site
    in the webpage title. These phrases specifically search for the test page of the Apache servers of
    the websites and looking for the working websites running on Apache web server. This is helpful
    in knowing that which specific websites run on Apache server.

    Link 1:

    (Source: http://www.aboutus.com/ccb.com.sg)

    This link is the test page of Aboutus.com. This website is for exchanging information about any
    webpage and domain. It provides information like name, logo, contact, address and also
    information about domain if the company.
    Link 2:

    (Source: http://htmladviser.net/www/zilpasyon.com.html)

    This link shows the HTML analysis of the test apache page of zilpasyon.com. The HTML
    analysis shows the parameters like page load time, size of HTML page, domain IP, hosting ISP
    provider, graphic content, Java CSS etc. language used for web development and other resources
    related to the website.
    This provides some vital information about the webpage which can be very useful to attack the
    webpage.
    3. filetype:xls password

    This Query is looking for the Excel sheets which contains the word password in it. People have
    tendency to store login passwords in excel documents and often share them over internet. So,
    some important login IDs and passwords can be found using this query.

    Link 1:

    (Source: http://utw10426.utweb.utexas.edu/Topics/Datapresentation/surveypasswd09.xls)

    Using this link an excel sheet was downloaded containing the login IDs and passwords of more
    than 450 users. These users may belong to University of Texas because this document was found
    on the University of Texas website. The title of the document is survey password so it looks like
    that IDs and passwords are not authentic and these are not related to any person.
    Link 2:

    (Source: http://cdn2.hubspot.net/hub/215313/file-499131210-xls/Social-Media-Tracking-Template.xls
    %3Ft%3D1391194424000)

    This link provides a document containing the login IDs, emails and passwords for social media
    accounts of a marketing company halfbubbleout.com. This link contains the information of
    Facebook, Twitter, Google+, and LinkedIn accounts login information. The other sheet of the
    document has the information about using the online credentials. This document looks authentic
    and it looks like it is distributed by the manager to the employees who has access to the accounts.
    But by looking at the credentials this looks like just a demonstrated document and it does not
    contain any genuine information.
    4. ext:pwd inurl:_vti_pvt inurl:(Service | authors | administrators)

    This query is looking for the extension .pwd which is used to store the credentials in securely. It
    specifically searches to the URLs that contains the _vti_pvt and Service/ Author/Admin, this
    implies that it is specifically looking for the URL which contains the password of Admin or
    Author. Many times the encrypted login credentials are stored on the front-page of a webpage
    with service.pwd which contains encrypted passwords.

    Link 1:

    (Source: http://isuzumotorsports.com/_vti_pvt/service.pwd)

    This link contains the encrypted password of the admin or author of the database. The webpage
    is isuzumotorsports.com which is located in Hillsdale, Australia. If this password can be
    decrypted, it can be used to gain access to the online database of the company.
    Link 2:

    (Source: http://apps.usd.edu/coglab/schieber/psyc707/_vti_pvt/service.pwd)

    This link contains the encrypted password of the database Admin/ Author of University of South
    Dakota located in United States. If this password can be decrypted, it can be used to gain access
    to the online database of the company.
    5. filetype:log intext:password intext:username

    This query targets the log file which contains the username and password in it. Many times the
    log files of the online database contains the login and passwords of the users. By searching this
    query with a specific website, specific company can be attacked.

    Link 1:

    (Source: http://www.ticktockcomputers.com/brutes/brutes.log)

    This link contains the logs of the website ticktockcomputers.com. This webpage contains many
    login IDs and passwords and it also contains the Login ID and passwords of Database Admin.
    The login credentials can be used to attack the website by gaining the Admin access.
    Link 2:

    (Source: https://supportforums.cisco.com/sites/default/files/legacy/5/2/9/26925-VPN%20client%20with
    %20local%20authentication.txt.log)

    This link contains the log file which has the login IDs and passwords of the support forums of
    the domain supportforums.cisco.dom. It has IDs and passwords and also the host routers and
    other IPs and subnet information available. The login credentials can be used to attack the
    website by gaining the Admin access

    References:

    IP Location. (n.d.). Retrieved August 03, 2016, from https://www.iplocation.net/

    Test Page for Apache Installation on Web Site. (n.d.). Retrieved August 03, 2016, from
    http://www.aboutus.com/ccb.com.sg

    Zilpasyon.com - Test Page for Apache Installation on Web Site. (n.d.). Retrieved August 03,
    2016, from http://htmladviser.net/www/zilpasyon.com.html

    Log. (n.d.). Retrieved August 03, 2016, from


    http://www.ticktockcomputers.com/brutes/brutes.log

    Log. (n.d.). Retrieved August 03, 2016, from


    https://supportforums.cisco.com/sites/default/files/legacy/5/2/9/26925-VPN client with local
    authentication.txt.log

    You might also like