Thursday, July 21, 2011

Gathering Information from Websites

Posted by OurTech Team | Thursday, July 21, 2011 | Category: , , , , |

Corporate and/or personal websites can provide a bounty of information. The first thing a good social
engineer will often do is gather as much data as he can from the company’s or person’s website.
Spending some quality time with the site can lead to clearly understanding:
Google forgives but it never forgets, and it has been compared to the Oracle. As long as you know
how to ask, it can tell you most anything you want to know.
Johnny developed a list of what he calls “Google Dorks,” or a string that can be used to search in
Google to find out information about a company. For example if you were to type in: filetype:pdf you be given a list of every file with the extension of PDF that is on the domain.
Being familiar with search terms that can help you locate files on your target is a very important part of
information gathering. I make a habit of searching for filetype:pdf, filetype:doc, filetype:xls, and
filetype:txt. It is also a good idea to see if employees actually leave files like DAT, CFG, or other
database or configuration files open on their servers to be harvested.
Entire books are dedicated to the topic of using Google to find data, but the main thing to remember
is learning about Google’s operands will help you develop your own.
A website like has a very nice list of both the
operands and how to use them.
Google is not the only search engine that reveals amazing information. A researcher named John
Matherly created a search engine he called Shodan (
Shodan is unique in that it searches the net for servers, routers, specific software, and so much more.
For example, a search of microsoft-iis os:“windows 2003” reveals the following number of servers
running Windows 2003 with Microsoft IIS:records you can determine server names and functions, as well as IPs.

Currently have 0 Comments:

Leave a Reply