Advanced Googling

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 10
At a glance
Powered by AI
The document discusses several advanced Google search queries that can be used to find live CCTV camera feeds, Apache server test pages, Excel files containing passwords, and log files with usernames and passwords.

Some examples include searches for URLs containing 'viewerframe mode=motion' to find live CCTV feeds, searches for phrases like 'Test Page for Apache' to find websites running Apache, and searches for Excel files containing the word 'password'.

Sensitive information like login credentials, passwords, and network information can sometimes be exposed by queries searching filetypes like Excel sheets, logs, and encrypted password files containing usernames and passwords.

Advanced Googling

1. inurl:viewerframe mode=motion

This query is focused on searching for the specific URLs over the internet which contains a
specific i.e. viewframe mode=motion. This query is focused on the CCTV cameras URL all
over the world which are not static and in motion mode. All the moving live CCTV footage can
be searched all over the world by using this search query.

Link 1:

(Source: http://74.94.148.163:8080/ViewerFrame?Mode=Motion)

This link shows the like video coverage of what I think is a hotel lobby. By searching the IP
Address (74.94.148.163) it is found out that the location of this site is somewhere in Gloucester
city of Massachusetts region in United States.
(Source: https://www.iplocation.net/)
Link 2:

(Source:http://60.45.63.26/ViewerFrame?
Mode=Motion&Resolution=640x480&Quality=Motion&Interval=30&Size=STD&PresetOperati
on=Move&Language=1)

The second link found with the live CCTV footage looks like a Zoo. The language on the video
controller panel was written in Japanese so the location of the zoo must be somewhere in japan.
After searching for the IP address (60.45.63.26) of the URL the location was found to be
Motomiya city of Fukushima region in Japan.
(Source: https://www.iplocation.net/)
2. intitle:"Test Page for Apache" "It worked!" "This Web site!"

The query is looking for the phrases like Test page of Apache, It worked and This Web site
in the webpage title. These phrases specifically search for the test page of the Apache servers of
the websites and looking for the working websites running on Apache web server. This is helpful
in knowing that which specific websites run on Apache server.

Link 1:

(Source: http://www.aboutus.com/ccb.com.sg)

This link is the test page of Aboutus.com. This website is for exchanging information about any
webpage and domain. It provides information like name, logo, contact, address and also
information about domain if the company.
Link 2:

(Source: http://htmladviser.net/www/zilpasyon.com.html)

This link shows the HTML analysis of the test apache page of zilpasyon.com. The HTML
analysis shows the parameters like page load time, size of HTML page, domain IP, hosting ISP
provider, graphic content, Java CSS etc. language used for web development and other resources
related to the website.
This provides some vital information about the webpage which can be very useful to attack the
webpage.
3. filetype:xls password

This Query is looking for the Excel sheets which contains the word password in it. People have
tendency to store login passwords in excel documents and often share them over internet. So,
some important login IDs and passwords can be found using this query.

Link 1:

(Source: http://utw10426.utweb.utexas.edu/Topics/Datapresentation/surveypasswd09.xls)

Using this link an excel sheet was downloaded containing the login IDs and passwords of more
than 450 users. These users may belong to University of Texas because this document was found
on the University of Texas website. The title of the document is survey password so it looks like
that IDs and passwords are not authentic and these are not related to any person.
Link 2:

(Source: http://cdn2.hubspot.net/hub/215313/file-499131210-xls/Social-Media-Tracking-Template.xls
%3Ft%3D1391194424000)

This link provides a document containing the login IDs, emails and passwords for social media
accounts of a marketing company halfbubbleout.com. This link contains the information of
Facebook, Twitter, Google+, and LinkedIn accounts login information. The other sheet of the
document has the information about using the online credentials. This document looks authentic
and it looks like it is distributed by the manager to the employees who has access to the accounts.
But by looking at the credentials this looks like just a demonstrated document and it does not
contain any genuine information.
4. ext:pwd inurl:_vti_pvt inurl:(Service | authors | administrators)

This query is looking for the extension .pwd which is used to store the credentials in securely. It
specifically searches to the URLs that contains the _vti_pvt and Service/ Author/Admin, this
implies that it is specifically looking for the URL which contains the password of Admin or
Author. Many times the encrypted login credentials are stored on the front-page of a webpage
with service.pwd which contains encrypted passwords.

Link 1:

(Source: http://isuzumotorsports.com/_vti_pvt/service.pwd)

This link contains the encrypted password of the admin or author of the database. The webpage
is isuzumotorsports.com which is located in Hillsdale, Australia. If this password can be
decrypted, it can be used to gain access to the online database of the company.
Link 2:

(Source: http://apps.usd.edu/coglab/schieber/psyc707/_vti_pvt/service.pwd)

This link contains the encrypted password of the database Admin/ Author of University of South
Dakota located in United States. If this password can be decrypted, it can be used to gain access
to the online database of the company.
5. filetype:log intext:password intext:username

This query targets the log file which contains the username and password in it. Many times the
log files of the online database contains the login and passwords of the users. By searching this
query with a specific website, specific company can be attacked.

Link 1:

(Source: http://www.ticktockcomputers.com/brutes/brutes.log)

This link contains the logs of the website ticktockcomputers.com. This webpage contains many
login IDs and passwords and it also contains the Login ID and passwords of Database Admin.
The login credentials can be used to attack the website by gaining the Admin access.
Link 2:

(Source: https://supportforums.cisco.com/sites/default/files/legacy/5/2/9/26925-VPN%20client%20with
%20local%20authentication.txt.log)

This link contains the log file which has the login IDs and passwords of the support forums of
the domain supportforums.cisco.dom. It has IDs and passwords and also the host routers and
other IPs and subnet information available. The login credentials can be used to attack the
website by gaining the Admin access

References:

IP Location. (n.d.). Retrieved August 03, 2016, from https://www.iplocation.net/

Test Page for Apache Installation on Web Site. (n.d.). Retrieved August 03, 2016, from
http://www.aboutus.com/ccb.com.sg

Zilpasyon.com - Test Page for Apache Installation on Web Site. (n.d.). Retrieved August 03,
2016, from http://htmladviser.net/www/zilpasyon.com.html

Log. (n.d.). Retrieved August 03, 2016, from


http://www.ticktockcomputers.com/brutes/brutes.log

Log. (n.d.). Retrieved August 03, 2016, from


https://supportforums.cisco.com/sites/default/files/legacy/5/2/9/26925-VPN client with local
authentication.txt.log

You might also like