Monday, October 11, 2010

Real time Google Hacking

Probably everybody know that Google restricts the searches to prevent people from launching automated searches and finding sensitive data.  The interesting part is that the Google services do not have this restriction, so you could crawl their database to find many dorks. :)

The guys of  Pauldotcom comment on their blog this behavior. Rob Ragan  and Francis Brown ( the  Bing/Google Hackers  at Defcon ) have  done some  research in search engine hacking  with amazing results. I quote the article,

They took the entire Google Hacking Database, Foundstone Hacking Database and their new BING Hacking Database and turned them into Google READER RSS feeds. As soon as Google or BING indexes a new site that matches your "intitle:Index Of passwords" criteria Google reader adds it to your RSS feed. (Your Google reader is able to get BING results by leveraging BING's &format=rss parameter) As a result, Google and BING are constantly searching for all the Googledorks in the database and maintaining a realtime database of the results! Then Rob and Francis exported their RSS feeds to OPML format so you can just import them into your own Google reader account.

You can find the project website here.

No comments:

Post a Comment