As I mentioned at the end of the previous post, there are plenty of other things you can do with the Google search engine. One of them is the search to find web cams that may or may not be active, but are nevertheless findable. Most of the time its a shot in the dark with any type of Google search anyway.
Here’s a sample list I made of many different popular file types. Make note of them now, as they will come in handy later:
MUSIC:
.aac or .mp4
.mp3
.midi / .mid
.wave / .wav
.wma
MOVIES:
.avi
.mov
.amv
.divx/.dvx
.flv
.mkv
.mpg
.wmv
Other formats that are useful to know:
.iso
.bin (Which is also used as a CD image file)
If I missed any important ones, please feel free to comment as this is only a rough list of only popular/mainstream codecs. You also might wonder why it is that I am giving you all these file extensions, but these are some sample file types you can use when doing specific Google searches.
GOOGLE MUSIC HACKING
Here’s the practical example; lets say you want to get an non-copyrighted song or movie. There are ways you can search the Google deep web to find what you are looking for.
Try putting this string into a Google search, for example:
?intitle:index.of? mp3
After that, all you would need to do would be to add the name of the artist to the string before you search it:
Example: ?intitle:index.of? mp3 “Artist name here”
From there you can select multiple forms of indexes where you can find many types of legal songs from that or any other artist you enter in. Think of it as your music song search. You could also add song titles to the search to be more precise:
Example: ?intitle:index.of? mp3 “Artist name here” “Title name here”
However, if you are more precise, sometimes you might not get the actual deep web search of the song and you’ll just end up with the website that hosts the directory, without the direct connection to the directory itself.
GOOGLE FILE TYPE HACKING
Now that you know how to get legal music from Google, here are a few other ways you can get other forms of files from the Google search engine. For example, if you wanted an open source software title you could send out a deep web search and use the following string to obtain the result:
inurl:”developer or title here” filetype:”file type here”
This however doesn’t need to be restricted as you could change the file type and inurl variables to whatever you want to look for (zip, bin, iso, etc for filetype and anything else for inurl).
GOOGLE PASSWORD HACKING
Now that that’s over with I can get to the good stuff! Basically if someone is equipped with the right knowledge and tools they can also get passwords from the deep web. But as with most deep web searches it’s a shot in the dark. Most of the passwords they can get are from certain forms of programs that don’t have any form of powerful encryption. Most of the time they might also index password or servicing files in their directories that are normally hidden. This is where the searches come into play. The following forms of searches are the most vulnerable:
FrontPage:
Hackers who are informed about a certain form of deep web querying can receive data about accounts of web sties made from FrontPage documents. This is by far one of the easiest types of sites that can be compromised, so I strongly suggest that you look to other ways of protecting your websites.
Website Access Analyzer:
There are ways that a hacker can get results for a specific type of web statistics site or “Website Access Analyzer”. The software itself is Japanese in nature and most of the passwords it gives you are for the domain URLs that are part of the previous index directory. This allows access to web servers that have sensitive data, and therefore my warning goes out to all who are using this form of web analyzer.
IRC servers/channels:
IRC (or Internet Relay Chat) is also vulnerable to attack and has many weaknesses to Google deep web search hacks. There are plenty of ways that a hacker could use Google to gain access to IRC admin accounts and servers/channels.
IRC users:
IRC user accounts are VERY vulnerable to attack from Google hackers as the program Eggdrop can be used as a bot beach-head for hackers to gain access to account information.
Microsoft Access Database:
Another vulnerable database engine that can be exploited is called MDB or Microsoft (Access) Database. Google can return certain false positive queries when a hacker is looking for potential access code information, and if they are well versed in knowledge they will be able to find the needle in the haystack so-to-speak.
DCForums:
A type of forum and shopping client that many people use can also be exploited through Google. Even though the password files are encrypted most of the time a knowledgeable hacker can decrypt or brute force these passwords. These hashes can potentially contain passwords, usernames, and email addresses.
SQL databases:
It is also possible to get config.php files from Google for SQL databases as well. These config.php files can contain user names and passwords for the databases, which make them potentially harmful. As most sites that have forums run SQL databases, sometimes a hacker can get access to full admin status to the database in this way.
etc directories in websites:
One very misunderstood concept is the vulnerability of the etc directory in many different types of websites; you name the site, it probably has an etc directory. Most of the time the information from this directory can be accessed by Google deep web searches, and it sometimes contains the sensitive information of the site’s users or webmasters.
Backup files from websites:
While many webmasters like to backup their information/website directories/programs on the Internet, most don’t know that this can lead to harmful effects if hackers with a malicious intent get a hold of them through Google deep web searching. The hacker could use the backup as a spring board to understanding the website or program better, causing deadly consequences as a result.
So in conclusion…
The power of these search tools is limitless, and so is the Internet…Thankfully I am here to save the day! So let me know if you have any questions, comments, concerns or death threats. I would love to hear from you.
And with that, I bid you farewell, fellow Net Wanderers!
Posted in 
Tags: