Information Gathering (part 4) recon-ng and google operators

Video Activity

This video covers how to use the recon-ng command to find available modules. The instructor also shows how to use google operators in programming to find information.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
14 hours 26 minutes
Difficulty
Advanced
CEU/CPE
15
Video Description

This video covers how to use the recon-ng command to find available modules. The instructor also shows how to use google operators in programming to find information.

Video Transcription
00:04
all right, so we could do a few more things. Well, you know a lot more things that I'll show you a few more things. Another tool is recon on Dash in G. Who does this kind of medicine boy esque framework for reconnaissance there. The syntax is going to be very similar.
00:25
We could do a show modules,
00:28
see all of our available modules. You can course, try any of these will just look at one who get. It's very similar to medicine bullets. Does it use? And then the model we want told you re kon
00:40
contact that Eskridge on DDE have. I've been hoon. So this will basically search through
00:48
note email dumps on, see if our e mail addresses in them. So chances are your email has been in some dump that some point
00:58
if you use the Internet since so many things get dumped. So it's worse knowing so you could change your password,
01:10
Um, did contacts within ish grids
01:15
Have I been postponed? And if I said
01:18
sewers too good at both security dot com, I actually was dumped once.
01:26
That's a run.
01:30
It's found in the Adobe data dump. So my email address and associate ID password. Hodge was done so at one point
01:41
attack. But I've actually since changed my password too Good for me.
01:47
And you should do, say, if you are in any of these dumbs
01:53
well, again, there's also different modules you can use, uh,
01:57
unsigned
02:00
fair amount of information and
02:02
this framework.
02:10
Let's look at one more thing before we move on to actually attacking our virtual machines.
02:20
We look for
02:22
single dorks,
02:24
a few different places that host these. The best one the most up to date, I think, is this Google hacking database that exploit Devi. There's a original Google hacking databases
02:36
from Johnny Longley,
02:38
developer who first came up with this.
02:39
But now it's
02:42
maintained butter it exploit. Do you be
02:46
people hacking, David? So what? This does this you just various Google operators like Site Colon are
02:53
as like having the text include a particular straying
03:00
like a file extension names things like that. So the different, like you can see some of them here, like in your l
03:07
in text, entitle different operators that you can use in Google searches to find particular information.
03:16
You could do specific searches or that what I like about this is it has, like categories here, like Who doesn't like passwords? So let's see vials containing passwords,
03:29
I always think, is a good example.
03:32
Etienne passwords,
03:35
though here's the actual service so we can have that search run
03:47
and don't look for
03:52
he's a quick two. Huge your manuals, default passwords and
03:55
teams.
03:59
You know, I actually have an A t m lying around here's like zam Dura passwords. Santa's a
04:06
basically website
04:09
and then some. So it's like Apache PHP, my sequel.
04:14
I think Smallville FTP used in their affairs
04:17
fluting the trouble of having to actually install software. It comes as a package
04:23
so lonely people run them. So
04:26
this is interesting
04:28
cares their username and password, for example,
04:32
For these websites,
04:35
shoes did online. Oops,
04:39
that's unfortunate.
04:42
Just by using this particular operators, we look for his amp their past where dot Texan for file type colon text
04:50
to do an awful lot with Google operators.
04:55
So
04:56
it's a good place to look for them. But really, you can just go to google dot com, play with different operators
05:02
like basic ones like you do,
05:09
but I say I want to say a password and I want the site to be.
05:13
They felt security that calm.
05:17
I think
05:19
the simple one like those chances are it won't come up with anything particularly useful. And he's got my user guide for
05:26
hysteria. From then,
05:28
like my penetration testing class, would you? Password is action.
05:32
This is some curd from a block post,
05:36
so it may not actually be passwords, but as we saw sometimes it might, so you can use any
05:43
who go operators you want. But this database has some ones that have been known to come up with something interesting. That's a good place to start going to exploit. Dash DVD Out calm and Google Dash dorks.
Up Next