Sunday, May 23, 2010
Project 1-2: Use Google Reconnaissance
Google can be used to locate mostly anything and attackers uses this feature to get unprotected information to be used in an attack. This is sometimes called "Google Reconnaissance".Firstly, we could go to Google advance search by going to "http://www.google.com" and click on "Advance Search". Next under
"Find web pages that have ... all these words:"
type in "login:*" "password=*"
Under "File Type:"
Select "Microsoft Excel(.xls)"
the asterisk(*) stands for wildcard which means any document which contains any word in "login:(word)" & "password=(word)" will all be found
below is a example of the Google Advance search screenshot.
One of the result i found was the following:
this time we are going to search for a text file that contains a list of passwords in cleartext.
Firstly, in the text box
"Find web pages that have ... all these words:"
type in ""
Under "File Type:"
Select "Any format"
Below is a screenshot of what I found
In the folders above there may contain some username and passwords inside.
Reflection of Project 1-2
In this project, I have learnt that other then google being a good search engine, other people could use it to access some private information. On this project, I did a bit more research and I found lots of types of codes that you can type into Google and access unprotected information and devices(e.g webcams)
During this project, I learnt that we should protect any information of files that are posted on the net as even they may be hidden, they could also be located using a search engine if not properly protected.
Posted by LoNeLyXx at 2:50 PM
Thursday, May 20, 2010
Project 1-1
What is a RSS?To subscribe a RSS, Go to Google Reader.
Google Reader Website: http://www.google.com/reader
Below is a photo of Google reader website
To subscribe to a RSS,
Click on the "Add a Subscription" and enter the link of the web that i want to get feeds on.
e.g. http://www.securityincite.com
Once Subscribed you could view the new posts that are posted on the website.
Reflection on Project 1-1
In this Project I learnt that instead of us searching for new IT information on websites, we could use google reader to get the new information that are posted for me. This saves a lot of my time as i could view all the new IT information of lots of websites in just one google reader.
Google Reader just displays all the new information on the websites that i have added into Google reader. This would be also much easier for me to locate the posts of the websites as Google Reader groups them according to their time and date.