1
GOOGLE HACKING
Configuration:
Your machine is your HACKER, connected to the Internet
Objectives:
1. Penetration Testing using Google
Tools:
Mozilla Firefox
Microsoft Access
Preparation:
Ensure that your machine is connected to the internet.
Try to ping www.google.com
2011-BR
2
I. GOOGLE HACKING DATABASE (GHDB)
Detailed Steps:
1. Open web browser.
2. Go to http://www.hackersforcharity.org/ghdb/
3. Go to Sensitive Online Shopping Info
4. Find this vulnerability description
5. Click on (i) button, and then read the description.
6. Do a vulnerability research regarding to VP-ASP
Example :
- http://www.exploit-database.com
- http://securitytracker.com
- etc
Try to find how to exploit/hack that application.
2011-BR
3
II. HACKING VP-ASP
1. Go google type inurl:shopadmin.asp shop administrators only and press search.
2. Now Google returns with our results. Choose any of those.
3. Now it asks for a username and password. Dont worry about this. In the address bar
replace shopadmin.asp with shopdbtest.asp
It should take you to a page with some infos on it. Next to where it says xDatabase is the
name of the database. E.g if it was shopping, in the address bar, replace shopdbtest.asp
with shopping.mdb
4. Download the database file and open it up with Access or your other software. Find
customers and youll have a list of customer details.