Monday, 19 March 2012

Google hacking Master LIst

This master list of Google Hacking command sets has show up on a forum in Russia, as well as on Scribd. While we often forget about Google hacking, and rarely use it against our own sites, a list like this is going to keep the kids happy as they merrily pound their way through Google to your systems. This makes the data much more accessible than at Johnny I hack stuff.

There are some drawbacks in how Johnny I hack stuff works, you have to do a lot of clicking to get to the right hacks. This master list also includes things I have not seen or tried yet meaning that the body of knowledge for Google hacks is still being expanded upon. It has been a while since a really good Google hack has come out, but this list promises to keep me busy for a while.

Check it out, here is a copy of the master list in case you do not want to go to a hacker forum in Russia, or do not want to sign up for a scribd account (the only way to download it or cut and paste the document in Scribd is to make an account).

Code:

admin account info" filetype:log
!Host=*.* intext:enc_UserPassword=* ext:pcf
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"parent directory" +proftpdpasswd
Duclassified" -site:duware.com "DUware All Rights reserved"
duclassmate" -site:duware.com
Dudirectory" -site:duware.com
dudownload" -site:duware.com
Elite Forum Version *.*"
Link Department"
"sets mode: +k"
"your password is" filetype:log
DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php

Add More Security To Your Google Account Using 2-Step Verification

Hi friends!! Today I'm telling about how you can add more security to your Google account using 2-step verification. 2-step verification is the best way for securing your Google account even if your password is stolen. You can't login to your account unless you have the verification code. Using it, you have to required both password & verification code (Receive on your mobile via SMS) for accessing your Gmail, Orkut services. You must be aware about security provided by Google.
  • Login to your Google account.
  • Open this link https://www.google.com/accounts/SmsAuthConfig
  • Click on Start setup.

    Start Setup
  • Now Set up your phone: Choose appropriate option (me chose Text message (SMS) or voice call under Landline or mobile phone).

    Choose Options
  • Choose your country & Enter your mobile number.
  • Choose the option Send codes by: SMS text message or Voice call (I prefer to SMS text message).
  • Click on Send code under Let's the test phone.
  • You will receive a code via text if you chose SMS text message.
  • Enter code in next field & click on Verify.

Secure Your Yahoo Account Using "Second Sign-in Verification"



Yahoo Logo
Hello friends!! today I'm telling about how to secure yahoo account from hackers using "Second Sign-in Verification".

The second sign-in verification helps prevent unauthorized access to your account through a stolen password. Any sign-in attempt Yahoo! deems suspicious will require a second verification, either answering your account's security question or entering a verification code send to the mobile phone or non-Yahoo! alternate email address. A "suspicious sign-in attempt" is an unrecognized computer or device trying to access your account.

Although this feature is still under beta version, it's available only in few countries and don't know about it's official launch.

Follow these simple steps for configuring second sign-in verification:
  • Sign in to your yahoo account using this link: https://edit.yahoo.com/config/eval_profile
  • Under "Sign-In and Security", click on "Set up your second sign-in verification"
  • Check on the box to turn on second sign-in verification as shown in screenshot:

    Yahoo! Second Sign-in Verification 
  • Choose your country and add your mobile number, then click on Receive SMS.

    Note: This feature is only available to United States, Canada, India, Malaysia, Indonesia, Vietnam, Philippines, Mexico users.
  • You will receive a code via text, enter code and click on Verify Code.

    Yahoo! Second Sign-in Verification
  • Now you have successfully set up Second Sign-in Verification.

    Yahoo! Second Sign-in Verification
  • Choose option how you wish to login, either via "mobile verification or answering security questions" or only mobile verification.
For disabling this feature, just uncheck the box "Your second sign-in verification is turned on." as shown in above screenshot and click on Turn Off.

Yahoo! Second Sign-in Verification

How To Use Google To Find Vulnerabilities In Your IT Environment

The vast volumes of information available on the Internet are of great value to businesses -- and to hackers. For years, hackers have been using Google and other search engines to identify vulnerable systems and sensitive data on publicly exposed networks. The practice, known as Google hacking, has seen a resurgence of late, providing new challenges for IT professionals striving to protect their companies from threats growing in number and sophistication.
Google hacking -- a term used for penetration testing using any search engine -- surged in popularity around 2004, when computer security expert Johnny Long first released his book Google Hacking for Penetration Testers and the Google Hacking Database (GHDB). The database was designed to serve as a repository for search terms, called Google-Dorks, that exposed sensitive information, vulnerabilities, passwords, and much more.
There recently has been an upswing in Google hacking, with a few factors playing a role in the practice’s growth. For one thing, the amount of data indexed and searchable by Google and other search engines has skyrocketed in the last few years. Simply put, this has given hackers much more to work with.
There has also been a significant increase in new search engine interfaces to various types of data. Examples include Google Health and Google Code Search (recently shut down), which have allowed users to search through patient health records and open source code projects, respectively. We’ve also seen the emergence of security-specific search engines such as Shodan come into play. These search engines were created specifically for use by penetration testers to identify vulnerable Web applications on the Internet.
We saw a frightening example last year of just how effective Google hacking can be when the group LulzSec used Google hacking techniques to go on an epic spree that left in its wake a number of victims, including Sony, PBS, Arizona’s Department of Public Safety, FBI affiliate InfraGard, and the CIA.
However, what’s good for hackers is also good for corporate security professionals, who can make use of Google hacking tools and other resources to identify -- and then eliminate -- vulnerabilities in their data systems. The majority of these tools are free and easy to use, although experience and skills associated with Web application security are helpful in validating scan results and identifying which results are real security issues and which are not.
There is no one tool that will serve as a silver bullet in eliminating search engine exposures. We encourage security professionals to try out and regularly use as many as possible to gain as much security coverage as possible over their network perimeter.
For more information on these free tools -- and how to use them to find vulnerabilities in your own environment -- download the full report on Google vulnerability research.
Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Internet Download Manager ( IDM ) Full Activation For LIfe Time With IDM Crack Tool Without any Serial and Patch

Hi Friends Today Iam Back With the  Awesome Post
Today that is IDM Full Activation For Life Time with 
out any serial and patch, Some Patches are not  work
ing for our so we irritating by this of patches,no prob
lem i will explain today how to activate IDM for Life
Time...without Patches.


This Can be Done By the IDM Cracker Tool , this is 100%
working, so try the simple following steps to activate IDM
for Life Time.


Follow The Instructions Below :-


Step 1:- Install any old or current version of IDM.
Download IDM New Version click the below link :-
Internet Download Manager 6.09 Build 3.


Step 2 :- Then open  the "IDM crack for life.exe" file .
Download IDM crack for life.exe by the below link
Download Link :- "IDM crack for life.exe".


Step 3 :- Click on the Update Option as shown in the
Image Below.




Step 4 :- Goto IDM > Help > Check for Update & update
the software.




Step 5 :- Open IDM crack for life.exe again and click 
"Start" to make the new updated IDM full version as
shown in the Image below.




After completing all steps click the Help option and in that
click the About IDM option you will see the Image Below
So now you are activating full version for your IDM.




Note :- 


After Activating This Trick Never Update The IDM
software. This is 100% working Trick,if any proble
ms feel free to put comments here.Thank u For Visi
ting if you like my post plz share this and +1 this.
keep contact with us .