Sunday | January 29, 2006

Hacking Google for Passwords

A lot of people have emailed me asking how to obtain passwords/logins for pay sites. While I don't use an in house hacker/forcer, I do know a few tactics for getting logins and passwords for paysites. The easiest overall method is the googledork. A googledork is a phrase you type into Google to get highly focused search results. Most dorks are simply a search mask in the urls of the sites within Google's database. Here is an easy googledork to start off with.Type this into Google--> inurl:passlist.txt this is just telling Google you want to see all the documents with the word 'passlist.txt' in the url. This googledork is almost the same but looks for 'password.txt' it the url.--> inurl:password.txt this next dork is for the more advanced user. You not only have to perform the googledork, but you have to crack the files you find. A little involved but worth the effort!

CCBill.com sells E-tickets to online entertainment and subscription-based websites. CCBill.com gives consumers access to the hottest entertainment sites on the World Wide Web. The word "hot" in this context seems appropriate when considering the type of sites that use e-tickets hint hint:) CCBill log files contain usernames and password information, but are protected with DES encryption. An attacker can crack these using the information provided on this site: http://www.hackcanada.com/blackcrawl/encrypt.html. the googledork is --> inurl:ccbill filetype:log

Finaly for the VERY advanced user who wants to try and crack MD5 hash. You would want to go here first  http://www.astalavista.com/index.php?section=dir&act=dnd&id=1388 then use this  dork-->ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-"

If you would like more googledorks, follow the related link.


Related Links

http://johnny.ihackstuff.com/index.php?module=prodreviews&func=reviewsbycat&reviewsel=13

Posted by GonarcH at 22:06:08 | Permanent Link | Comments (9) |
Comments
1 - i woul like to know how can you hack into hotmail because i had this mail megaboy322@hotmail.com and someone has stolen me and i need my account back because i have a lot of contacts there nothing important but a lot of contacts
 (Comment this)

Written by: jose pereira at 2007/02/09 - 20:35:24
2 - how can i trace a password of a website? (Comment this)

Written by: Anonymous at 2007/09/03 - 13:47:16
3 - lol. worse then sitting in a hacking channel on irc. CAN U HAX PASSWORDS FOR YAHOO? (Comment this)

Written by: Anonymous at 2007/11/18 - 21:19:55
4 - i want to hack a yahoo acount that got riped from me can i get some help still a noob (Comment this)

Written by: hops at 2007/11/24 - 16:54:51
5 - If you put in a alternate email address no hacking required just email the password to yourself. (Comment this)

Written by: Anonymous at 2007/11/24 - 23:31:28
6 - this is cool. i don't belived it can be done.

Elina Andrews
http://happy-funtime.blogspot.com (Comment this)

Written by: Anonymous at 2007/11/28 - 13:21:31
7 - tu es estupido (Comment this)

Written by: Anonymous at 2007/11/28 - 22:02:39
8 - Why is everyone concerned about hacking into mailservers such as yahoo and hotmail??

Few years ago, I showed my friends a system mode access into people's workstations, which effectively allowed one to see all the passwords and usernames people use. However, my friends stated just doing all that for the shit on everyone and weren't even careful about it. All I can say is that one got into this bitter argument with the boss because she effected a system's audit while he was bragging elsewhere.
 (Comment this)

Written by: James at 2007/11/29 - 13:13:05
9 - jose pereira,who did you get stolen by
 (Comment this)

Written by: Anonymous at 2008/02/15 - 23:02:31 in reply to: 1
Write a comment