Lesson 13: Introduction To Google Hacking Video Lecture | Ethical Hacking using Kali Linux (in English) - Software Development

hey guys welcome to the next tutorial of
ethical hacking and penetration testing
where Kali Linux settler I have shown
you how we can go ahead and get access
into that or how we can go ahead and
gather information about any specific
people but this time now I will actually
go ahead and gather much better
information I will teach you how we can
go ahead and gather information and I
will show you by gathering some actual
information Alexis it is gathering
credit-card details or debit card
details of any specific person but the
thing I would be showing you would be
the expired credit cards and not the
actual credit cards because I don't want
to go ahead and spoil any random persons
image so let's start by normal stuff
such as meta go fill and go links cap
for a proceed starting with these tools
I like to tell you something about email
footprinting and how we can wouldn't
gather information about that so if you
have if someone has sent you a random
email then what you need to do is just
go ahead and you want to go and check
the geolocation or any specific thing
email liking is a method that helps you
to monitor as well strike the emails of
a particular user this kind of tracking
is possible through digitally
time-stamped records to reveal the time
and date and the geolocation the read
duration proxy direction as to when it
was read and from where it was read and
things similar to that Detroit's
information about the server type of
server used by the recipient as well so
similarly can also go and gather a
similar information using the email
header so you can just go ahead and open
a random a Google account and you can
wouldn't check if someone has sent you
an email you can go and check the show
original option on the right-hand side
then you can go and gather much more
information about the IP addresses from
where it was sent and much more
so after tacking email let's come back
to our original point of meta gufu
google hacking database and the hack
honey pots and google hacks that we can
see so these things are quite different
from the normal footprinting things
these are the tools used by Google to go
ahead and gather information about us so
footprinting using Google hygiene
techniques is quite different Google
hacking refers to the art of creating
complex search engines queries and MySQL
probably so if you can construct proper
queries
you can return value above data about a
target company or person through Google
search results through Google hacking an
attacker tries to find websites that are
vulnerable to numerous exploits and
vulnerabilities so and this can be
accomplished with the help of Google
hacking database that is GHD be a
database of queries twenty-five
sensitive data and Google operators can
help finding in the required text and
avoiding irrelevant data and using
advanced google operators attack else
can locate specific strings of text it
has specific versions of vulnerable
application so I'll be teaching you
today about how we can go ahead and
gather much more information I'll show
you some basic examples at first and
then finally I'll go ahead and teach you
how we can wouldn't gather let's say how
hackers gather credit card information
wire internet this for example so to
start with we'll start with the first
thing that is a period site the period
set operator in Google helps to find
only pages related to a specific URL so
I'll just go ahead and show you a few
examples let's say I want to gather
information about let's say just to be
precise let's say I want to find an
information about a specific person or a
specific vehicle on only a specific web
site so the most famous site for vehicle
would be let's say for example for a
bike it would be 4x bhp website and I'm
going to information information about
some random let's say some random bike
or a person so for this tutorial I'll be
using a bike because I don't want to go
ahead and break any privacy laws of any
specific person so I'll just take a
random bike let's say for example we
have a random bike for Honda and I'll
take a horn all that say any random by
let us say honda activa which is quite
famous these days and I want it only on
a specific website so I just type site
colon and I'll type www.hp.com
so when I got a hit enter I only get
results related to xB hp.com as you can
see that all these websites are only of
X bhp
so let's say as my name I would be
checking if I want to word and gather
information about a specific person
let's say my or any random persons as
Adam Smith soil type Adam Smith site :
the BW w dot face
book.com and when I hit enter I'll get
all the profiles with the name of Adam
Smith on the Facebook so I'd wanted to
actually wouldn't search any random
person or any go through any random
links it's all the links are quite
visible by using the site so the site
operator on Google helps to find only
pages that belong to a specific URL
after that we have all in your law
option so this operator finds the
required pages or websites by
restricting the results containing all
query terms then we have the in URL so
that means that if I want to search
anything and if I type let's say I want
any salad a random name inside the URL
as you can see that we have Adam Smith
over here so I'll just type let's say
I'm going to tiles let's I'll take a
different name and I'll type in URL then
inside we facebook.com and your I want
let's say Adam I'll take a different
name this time let's say Michelle so as
you can see that I will get all the
websites with the name of a phase began
with the URL we have Mitch that has
Michelle inside that only with the
specific thing so in this way I can go
ahead and gather information so in this
way if I go to an ad keep on adding
different let's say different queries to
this I'll get a much more information to
that after we have all in title and it
all in title our command that restricts
results to only pages that contain all
the queries that you have specified so
if I go and tab let's say all in title
and I'll type let's say network camera
and it was camera and if I go around
let's say I just open a random first
link so it will open all our website
that has network camera in its title and
if I go and see okay so this is not a
good website I just go and check I can
open this one so this left that open so
as you can see that I can actually see
the camera of this specific of this
random location I don't know where it is
exactly but I can see this thing so you
can see that it is live and these other
cameras are disabled and this is the
normal camera or if I go and check
this way now you know that how we can go
down hack into any CCTV camera that we
want so after that we have in title
query that restricts results to only
pages that contain query term that he
has specified and it only shows websites
that mention the query term that you
have we have in Karkar so in anchor and
all in anchor tags that results that
restrict pages to containing awkward
terms you specify in the anchor text so
you might wonder that what a hacker can
do with Google hacking if you talk and
website is vulnerable to Google hacking
then the attacker can find information
such as error messages that contain
sensitive information file containing
passwords or sensitive directories or
pages containing logon portals pages
containing network or vulnerability data
advisories and silver vulnerabilities
after that we have Google advanced
search option as you can see that there
are different search tools and if you go
ahead and click over here you can see
the advanced search option so this will
go ahead and search everything that you
want any specific thing and it will use
the Google quiz automatically but rather
than this I would always before using
the queries if you want to gather any
information you can also use the cache
query and I will show you let's say ca
CH e and I'll try let's say let's say
Grindr so I'll get all the things as you
can see over here we have a small Sigma
and if I go ahead and check cast web
page it will take me to the cast web
page that was used previously so in this
way what a hacker can do is that let's
say I'll type site flip card of this
type www.amazon.com with the site Amazon
and we have the cast if I go ahead and
check the cast web page so Eve at the
let's the Amazon website is not clear in
keeping the class cache memories there's
what may have a legend for example the
Amazon has has this 3G data traveler
let's say on the 30th of December as
let's say any specific