Sunny Jovita – 2301939046
Week 3
Disclaimer: This blog is for educational purposes only.
I did this for education only, not for illegal purposes.
Firstly, I figured out that by using google search operators, we can narrow down our searches, and find what we’re looking for. Those advanced operators are site:
- link:
- filetype:
- cache:
- intitle:
- inurl:
- etc
I tried to gather information that’s publicly available or in case it was made public by accident. I also discovered that google hacking database was incredibly cool. There’re a lot of databases and by using queries (if I look further into the matter) maybe I will find various potential vulnerabilities such as usernames, passwords to discover information.
I clicked some dorks there, and I found some strange stuff but those were interesting like webcams, username and passwords from .sql filetype, and others. I can also filter these dorks if I want to see more specific database from vulnerable servers, files containing passwords, or other categories.
filetype:env “DB_PASSWORD”
I tried on this query and found out some env file and if its publicly available, it can reveal database passwords, usernames which are a bad thing. (I didn’t try to use those passwords and usernames that I found from my findings)
intitle:”Nessus Scan Report” “This file was generated by Nessus”
I learnt deep down in these operators thingy and found some new things like this syntax. I searched a bit and figured out that Nessus is a vulnerability scanning tool, it will scan our system and tell us how the system is vulnerable. After that, I scrolling through some sites and tried to find some information that are vulnerable.
Last but not least, I did a syntax that I think it is pretty good to know, even though it’s a common query:
site:linkedin.com intitle:storename “his/her job” “his/her name“
By using this query, I can find some pretty revealing stuff. If I go further using theHarvester tool, maybe I can find few emails, subdomains, hosts, and others there.
