Phases of Ethical Hacking
Types of Footprinting
1) Passive
2) Active
During footprinting, a hacker can collect the
1) Domain Name
2) IP Address
3) Namespaces
5) Phone Numbers
6) E-mails
7) Job Information
Footprinting methods and tools
1) Search Engines
• Google Earth
• Google Maps
• Bing Maps
• The above Search Engines provide Location Information
• Linkedin.com
• Piple.com
• These sites are used to view the Personal Information
Performing footprinting using Google Hacking commands
2) Google Hacking
Google Hacking involves Manipulating a Search String with addition of specific Operators to search for vulnerabilities.
Operators |
Meaning |
Type into Search Box (& Results) |
---|---|---|
city1 city2 |
Book flights |
SFO BOS (Book flights from San Francisco (SFO) to Boston (BOS)) |
site: |
Search only one website or domain |
Halloween site:www.census.gov (Search for information on Halloween gathered by the US Census Bureau.) |
[#]..[#] |
Search within a range of numbers. |
Dave Barry pirate 2002..2006 (Search for Dave Barry articles mentioning pirates written in these years.) |
filetype: (or ext:) |
Find documents of the specified type |
Form 1098-T IRS filetype: pdf (Find the US tax from 1098-T in PDF format.) |
link: |
Find linked pages, i.e., show pages that point to the URL |
link:warriorlibrarian.com (Find pages that link to Warrior Librarian’s website.) |
Operators |
Syntax |
Description |
---|---|---|
filetype |
filetype: type |
Searches only for files of a specific type (DOC, XLS, and so on). For example, the following will return all Microsoft Word Documents: filetype: doc |
index of |
index of /string |
Displays pages with directory browsing enabled, usually used with another operator. For example, the following will display pages that show directory listings containing password: “intitle: index of” passwd |
info |
info: string |
Displays information Google stores about the page itself: info: www.anycomp.com |
intitle |
Intitle: string |
Searches for the pages that contain the string in the title. For example, the following will return pages with the word login in the title: intitle: login |
inurl |
inurl: string |
Displays pages with the string in the URL. For example, the following display all pages with the word passwd in the URL: inurl: passwd |
related |
related: webpage name |
Show web pages similar to webpage name. |
• To find out the information about a website
• http://whois.domaintools.com
• http://www.emailtrackerpro.com/support/headertutorials/gmail.html
• To fetch DNS information
• (find the IP addresses and Aliases of the websites)
Command Prompt: