The Footprinting Process 95
In security, as in other areas, there is the idea of inference. Simply put,
if you cannot fully tell what your target company is up to, then look at
its competitors to see what they know. In the business world, corporate
espionage is common, and competitors often know things that the public
doesn’t. By analyzing this information or how a competitor is strategizing,
you may be able to gain valuable insight into how your target is moving or
what their intentions are.Google Hacking
Up to this point you may have collected a lot of information from various sources, but now
is the time to fine-tune those results and look deeper. One of the tools you used earlier,
Google, has much more power than you’ve taken advantage of so far. Now is the time to
unleash the power of Google through a process known as Google hacking.
Google hacking is not anything new and has been around for a long time; it just isn’t
widely known by the public. The process involves using advanced operators to fine-tune
your results to get what you want instead of being left at the whim of the search engine.
With Google hacking it is possible to fine-tune results to obtain items such as passwords,
certain file types, sensitive folders, logon portals, configuration data, and other data.
Before you perform any Google hacking you need to be familiar with the operators that
make it possible.
Each of the operators mentioned here is entered directly into the search
box on the Google.com homepage. You don’t have to go to a special page
in order to use these commands.cache Displays the version of a web page that Google contains in its cache instead of
displaying the current version. Syntax: cache:
link Lists any web pages that contain links to the page or site specified in the query.
Syntax: link:
info Presents information about the listed page. Syntax: info:
site Restricts the search to the location specified. Syntax:
allintitle Returns pages with specified keywords in their title. Syntax:
allintitle:
allinurl Returns only results with the specific query in the URL. Syntax:
allinurl:
If you are still a little confused about how these special queries and operators
work, a very good resource is the Google Hacking Database (GHDB). This website
(www.exploit-db.com/google-dorks/) has been maintained for a very long time; here
you will find the operators described here along with plenty of new ones. It is through the
observation of the queries and the results that they provide that you may be able to gain a
better understanding of how things work.