2.7 Footprinting Google Hacking Lab Instructions

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

19 hours 55 minutes
Video Transcription
I welcome back to the course in the last video, we talked about this show Dan Search engine. So again, that's a quote unquote known as the hacker search engine. It allows us to find different, vulnerable device is out on the Internet.
So in this video, we're going over Google hacking. So keep in mind that, and it's also called Google Dorking. But keep in mind that a lot of times these different commands are updated, so sometimes they work. Sometimes they don't. So we're gonna take a look first at the Google hacking database. And what that is is basically a compilation of
things that people find like, Hey, this string works or
mastering works, et cetera.
So let's go ahead and get started. So the only requirement for this lab is actually just a Web browser. So kind of like we showed in we just needed Web browser doesn't matter which one you use.
And then once we open up a Web browser, just goto like google dot com or anything like that, you just want to go to a search engine essentially, and they're gonna type in Google hacking database. So let's go ahead and do that
Google hacking database,
and it's gonna generally be the top selection here. It's going to be explored dot dash D B. So you'll see here. I've got exploit dash gtb Google hacking. So you could also just click the link If you wanted to
step number three, there were just gonna open up the website. So let's go ahead and do that
and you'll see here if we just scroll down, we see all sorts of different categories that we can use and starts by. We're actually just going in this search box here. We're going to do the next step of her lab.
So in the search box, we're gonna take the word excel
that's gonna pull up any type of Marcus optic sale documents.
So what that's gonna do is it's gonna give us different commands that we can use a different strings and essentially, we trust him to get some different information. So we're gonna grab one of these here in just a second and basically look for the information and see what we can find.
So it's come back to our lab document here.
All right, so we are at step five. We're seeing several different commands available to us.
And so we're gonna pick this password one here, the 2nd 1 down here. So we're just gonna go open like a Google Google search and then either type to command in or just copy and paste. So I'm gonna actually just copy and paste it, so just hover over top and then control. See, you're right. Click and copy.
And then I'm just gonna go ahead and pull up Google,
and then we're just gonna pace this all in the search box here, and then just press center.
So what you're gonna notice is it pulls up several different websites for us that Merriman not having a still document that contains password. So I've looked at a couple of these. I grabbed one that looks like it has some information. Whether that's really true or not on it, we at least can look at some of the information. So
click on any any of these ones that you want to choose and just see if you notice any user names passwords.
I'm gonna go ahead and open this one right here because I've already opened that once. Let's go ahead and
click on the right thing there. Well
s O, What we see here is we see that we've got some email addresses and we got some thieves. Could be possibilities. Could be just fake things in there. Either way, it works for our purposes. But we see we've got some usernames and passwords, so
we could definitely do that, Uh,
on all of these, Right? And we can even click through and do different items here and you'll see you'll get him from all over the world. I don't even know what that is, but it's something, and it means something to someone
s o. You can see here. There's a lot of information. Now keep in mind that the more Google hacking command you do a lot of times from what people lot of people have told me that do it frequently. Ah, la times. Google will kind of lock them out, thinking there are baht or something. And so just keep that in mind that you may have to keep, you know, putting in, like,
whatever information to verify your actually human. So
just just keep that in mind. Google, Google, Dorking and slash Google hacking It is a beneficial thing it is a good way of getting information.
So, uh, did we find any use it and prospered? Step number seven and go ahead and drop those down. So I'm ready to close a spreadsheet, but you should have ears open there. I'll just go and click on it again.
And if you don't have lied, if you're using the Cali desktop and you have the very office installed go ahead. Pause this video right now, Go back to module one because I actually show you how to do that instead of Kelly. It's really it's really simple process with the command on. So you're gonna type that in, get it installed, takes a couple of minutes or so,
and then you should be able to follow along with this inside of a Cali
desktop of using something else to do. Look at this particular lab. You don't worry about that part of it.
So you see here again, we have user names, and what we have email addresses and then passwords is what it looks like.
So here we we might just shot down in our lab document. We might just stop down some of those user names and passwords because that potentially one, we might be able to use that later on against the company to, you know, log into an account, take think the user's account over or has a way of you having more information to then reach out to,
you know, like like someone in I t that resets the past, forget stuff and say, Hey, you know what? I forgot my password.
I forgot the process, you know, blah, blah, blah, what I need to do. A lot of times, people are like, Oh, yeah, you know, I reset it to this or whatever. And now you're in right now you've got that user account, so just keep that in mind.
So in this video, we went over Google hacking. I'm pretty quick. Uh, command process there again, there's an actual document I have for you. The list out some of the common command you're going to need to know for the certified ethical hacker examination. If you decide to take that so and even if you're not taking that just,
you know, downloaded, take a look at it. It's gonna be helpful information, no matter what.
So in the next month, and we're gonna go over scanning an enumeration, so we've combined those in there on. We've also combined vulnerability in there. So if you look at the new certified ethical hacker version 10 information for the exam as far as like the training material
now you'll notice that they have. Easy Council has a vulnerability complete section. So we're actually
and the next module is kind of a bigger module. We're looping all of that. Stephens who were looping in scanning enumeration and then also the vulnerability component of it, along with several labs, to tryto retain that information in your head. So it's a larger section. Make sure you budget some time for that, but very, very valuable information that will.
I really, really set you up for a good career,
has a penetration test, urges knowledge wise. And then also, if you decide to take this sort of fine ethical hacker examination is going to set you up to potentially pass that on the first time. Go obviously have to study t get it, and I can't guarantee you'll pass the first time, but you'll be in a very, very good position
Up Next
Penetration Testing and Ethical Hacking

Do you like breaking things or figuring out how things work? Join thousands of professionals who’ve entered the information security field by taking this class. Taking this ethical hacking course will give you the skills needed to become a professional penetration tester and prepare you for industry certifications, like the CEH.

Instructed By