Google_Tips

Google Tips

Google Pages
Google Desktop
Google Groups
Google Extensions for Firefox
Google Notebook
Google Page Creator
Google Web Accelerator
Google Docs
Google Video
Google Personal Search History
Google Maps
Google Desktop
Google Translation
Google SiteMaps

Google Guide (External)

Best Options
-- Search Directories with mp3 or mp4 or avi with "Camisa Negra" or "Camisa.Negra" or "Camisa_Negra"
intitle:"index.of" (mp3|mp4|avi) Camisa.Negra

-- Search Directories as before but ONLY files, not web pages
intitle:"index.of" (mp3|mp4|avi) Camisa.Negra -html -htm -php -asp -cf -jsp

-- Search for mp3 or .wma with Metallica
http://www.google.com/search?hl=en&q=-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(wma|mp3) "Metallica"

-- Search for files ending with .doc o .pdf:
http://www.google.com/search?hl=en&q=-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(pdf|doc) "nombre a buscar"

-- Search for Videos from Argentina:
http://www.google.com/search?hl=en&lr=&safe=off&q=-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(mpg|wmv) "argentina"

Basic search techniques
‘+’ searches
In order to force Google to include a common word, precede the search term with a plus (+) sign. Do not use a space between the plus sign and the search term.

‘-‘ searches
Excluding a term from a search query is as simple as placing a minus sign (-) before the term. Do not use a space between the minus sign and the search term.

Google advanced operators
Google allows the use of certain operators to help refine searches. The use of advanced operators is very simple as long as attention is given to the syntax. The basic format is:
operator:search_term

Notice that there is no space between the operator, the colon and the search term. If a space is used after a colon,

Operator	Description	Additional search argument?
site: site search_term	find search_term only on site specified by site	YES
filetype: type search_term	search documents of type search_term	YES
link:	find sites containing search_term as a link	NO
cache:	display the cached version of page specified by search_term	NO
intitle: search_term	find sites containing search_term in the title of a page	NO
intext : search_term	find sites containing search_term in the text (body) of a page	NO
inurl: search_term	find sites containing search_term in the URL of the page	NO
parent directory	find FTP sites	NO

site: find web pages on a specific web site
This advanced operator instructs Google to restrict a search to a specific web site or domain. When using this operator, an addition search argument is required. Remeber: you need to use the full url, or the last 2 parts of it or the last part of it.
Remember that Google searches not only the content of a page, but the title and URL as well.
Example:

site:harvard.edu tuition

This query will return results from harvard.edu that include the term tuition anywhere on the page.

site:gov secret

This query searches every web site in the .gov domain for the word ‘secret’.

site:codez4palm.com mmplayer

filetype: search only within files of a specific type.
This operator instructs Google to search only within the text of a particular type of file. This operator requires an additional search argument. Example:

filetype:txt endometriosis

This query searches for the word ‘endometriosis’ within standard text documents. There should be no period (.) before the filetype and no space around the colon following the word “filetype”. The current list of files that Google can search is listed in the filetype FAQ located at http://www.google.com/help/faq_filetypes.html
Excluding a particular file extension (adding this to the end of your search string can filter some false positives) :

-filetype:txt

Google can search within the following file types:
• Adobe Portable Document Format (pdf)
• Adobe PostScript (ps)
• Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
• Lotus WordPro (lwp)
• MacWrite (mw)
• Microsoft Excel (xls)
• Microsoft PowerPoint (ppt)
• Microsoft Word (doc)
• Microsoft Works (wks, wps, wdb)
• Microsoft Write (wri)
• Rich Text Format (rtf)
• Text (ans, txt)

link: search within links
A hyperlink is a selectable connection from one web page to another. Most often, these links appear as underlined text but they can appear as images, video or any other type of multimedia content. This operator instructs to search within hyperlinks for a search term. This operator requires no other search arguments. Example:

link:www.pafumi.net

This query query would display web pages that link to Pafumi’s main page. This special operator is somewhat limited in that the link must appear exactly as entered in the search query. The above query would not find pages that link to www.pafumi.net/NT_and_Oracle_Performance.htm, for example.
link: www.pafumi.net

intitle: search within the title of a document
This operator instructs to search for a term within the title of a document only. Most web browsers display the title of a document on the top title bar of the browser window. This operator requires no other search arguments. Example:

intitle:gandalf

This query would only display pages that contained the word ‘gandalf’ in the title. A derivative of this operator, ‘allintitle’ works in a similar fashion. Example:

allintitle:gandalf silmarillion

This query finds both the words ‘gandalf’ and ‘silmarillion’ in the title of a page. The ‘allintitle’ operator instructs Google to find every subsequent word in the query only in the title of the page. This is equivalent to a string of individual ‘intitle’ searches.

intext: search withinh the text of a document
Does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you're searching for might commonly appear in URLs.

inurl: search within the URL of a page
This operator instructs to search only within the URL, or web address of a document. This operator requires no other search arguments. Example:

inurl:amidala

This query would display pages with the word ‘amidala’ inside the web address. One returned result, ‘http://www.yarwood.org/kell/amidala/’ contains the word ‘amidala’ as the name of a directory. The word can appear anywhere within the web address, including the name of the site or the name of a file. A derivative of this operator, ‘allinurl’ works in a similar fashion. Example:

allinurl:amidala gallery

This query finds both the words ‘amidala’ and ‘gallery’ in the URL of a page. The ‘allinurl’ operator instructs Google to find every subsequent word in the query only in the URL of the page. This is equivalent to a string of individual ‘inurl’ searches.
For a complete list of advanced operators and their usage, see http://www.google.com/help/operators.html.

parent directory for FTP Sites
The "parent directory" string is added to the search because whenever you display an FTP folder there's a "parent directory" link at the top allowing you to change the directory to the parent directory. You just add this text to the search to find all pages containing the search string ("rolling stones" mp3 for example) but ONLY if they are on FTP Servers. In other words: you wanna find pages containing "rolling stones" and mp3 and "parent directory". Example:

"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Finding Directory listings
Directory listings provide a list of files and directories in a browser window instead of the typical text-and graphics mix generally associated with web pages.
Locating directory listings with Google is fairly straightforward, most directory listings begin with the phrase “Index of”, which also shows in the title. An
obvious query to find this type of page might be “intitle:index.of”, which may find pages with the term ‘index of’ in the title of the document. Remember that the period (.) serves as a single-character wildcard in Google.
Unfortunately, this query will return a large number of false-positives such as pages with the following titles:
Index of Native American Resources on the Internet
LibDex - Worldwide index of library catalogues
Iowa State Entomology Index of Internet Resources
Judging from the titles of these documents, it is obvious that not only are these web pages intentional, they are also not the directory listings we are looking for. (*jedi wave* “This is not the directory listing you’re looking for.”) Several alternate queries provide more accurate results:

intitle:index.of "parent directory"
intitle:index.of name size

These queries indeed provide directory listings by not only focusing on “index.of” in the title, but on key words often found inside directory listings such as “parent directory” “name” and “size.”
Several alternate queries provide more accurate results:

intitle:index.of "parent directory" intitle:index.of name size

intitle:index.of "parent directory" intitle:index.of name size mpg lesb

intitle:"index.of" (mp3|mp4|avi) Camisa.Negra
-- Busca Directorios que tengan mp3 o mp4 o avi con "Camisa Negra" o "Camisa.Negra" o "Camisa_Negra"

intitle:"index.of" (mp3|mp4|avi) Camisa.Negra -html -htm -php -asp -cf -jsp
-- Idem anterior, pero le digo que SOLO quiero archivos, no paginas web

Versioning: Obtaining the Web Server Software / Version
via directory listings
The exact version of the web server software running on a server is one piece of required information an attacker requires before launching a successful attack against that web server. If an attacker connects directly to that web server, the HTTP (web) headers from that server can provide this information. It is possible, however, to retrieve similar information from Google without ever connecting to the target server under investigation. One method involves the using the information provided in a directory listing.

intitle:index.of server.at

This query focuses on the term “index of” in the title and “server at” appearing at the bottom of the directory listing. This type of query can additionally be pointed at a particular web server:

intitle:index.of server.at site:aol.com

The result of this query indicates that gprojects.web.aol.com and vidup-r1.blue.aol.com, both run Apache web servers.

intitle:index.of server.at site:apple.com

The result of this query indicates that mirror.apple.com runs an Apache web server. This technique can also be used to find servers running a particular version of a web server. For example:

intitle:index.of "Apache/1.3.0 Server at"

This query will find servers with directory listings enabled that are running Apache version 1.3.0.

Using Google to find interesting files and directories
Using Google to find vulnerable targets can be very rewarding. However, it is often more rewarding to find not only vulnerabilities but to find sensitive data that is not meant for public viewing. People and organizations leave this type of data on web servers all the time. Now remember, Google is only crawling a small percentage of the pages that contain this type of data, but the tradeoff is that Google’s data can be retrieved from Google quickly, quietly and without much fuss.
It is not uncommon to find sensitive data such as financial information, social security numbers, medical information, and the like. Of all the techniques examined this far, this technique is the hardest to describe because it takes a bit of imagination and sometimes just a bit of luck. Often the best way to find sensitive files and directories is to find them in the context of other “important” words and phrases. Example:
Consider the fact that many people store an entire hodgepodge of data inside backup directories. Often times, the entire content of a web server or personal computer can be found in a directory called backup. Using a simple query like “inurl:backup” can yield potential backup directories, yet refining the search to something like “inurl:backup intitle:index.of inurl:admin” can reveal even more relevant results.

A query like “inurl:admin” can often reveal administrative directories. Several combinations of this query are often fruitful. For example:

“inurl:admin intitle:login” can reveal admin login pages
“inurl:admin filetype:xls” can reveal interesting Excel spreadsheets either named “admin” or stored in a directory named “admin”.
“inurl:admin inurl:userlist” is a generic catch-all query which finds many different types of administrative userlist pages. These results may take some sorting through, but the benefits are certainly worth it, as results range from usernames, passwords, phone numbers, addresses, etc.
“inurl:admin filetype:asp inurl:userlist” will find more specific examples of an administrator’s user list function, this time written in an ASP page. In most cases, these types of pages do not require authentication.

Numbers in a range
Lets say you're looking for an mp3 player but only want to spend up to £150. Why swim through all the others? MP3 player £0..£150
The 2 periods will set a numeric range to search between and will also work with dates, weights, etc.

Searching on Sites
site:edu intitle:"index.of" oracle
-- Busca en sitios .edu (Universidades) archivos con titulo Oracle

site:edu intitle:"index.of" filetype:pdf
-- Busca en sitios .edu (Universidades) archivos pdf

site:pafumi.net filetype:pdf
-- Muestra los archivos pdf en el site pafumi.net

Several Examples:

Free Music
Do you want free music, free games, free software or free movies? God bless FTP! Try this search:

intitle:"index of *" " rolling stones " mp3

Substitute rolling stones with your favourite band. No? Try the song name, or another file format. Play with it. Assuming someone made an FTP and uploaded it, you will find it. Play around with different search strings and try things like inurl:ftp. I find that * works better for me than trying to guess other peoples spellings mistakes.
The same method here applies for e-books, games, movies or anything that may be on an FTP site.

Shared Folders ==> intitle:"Index of *" inurl:"my shared folder" size modified

Another way that is EXCELLENT!!!

intitle:"index of" -inurl:htm -inurl:html mp3
intitle:index.of + "mp3" + "band name" -htm -html -php -asp

intitle:"index.of" (mp3|mp4|avi) Camisa.Negra
-- Busca Directorios que tengan mp3 o mp4 o avi con "Camisa Negra" o "Camisa.Negra" o "Camisa_Negra"

intitle:"index.of" (mp3|mp4|avi) Camisa.Negra -html -htm -php -asp -cf -jsp
-- Idem anterior, pero le digo que SOLO quiero archivos, no paginas web

Example Strings :
intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp -txt -pls
"index of" + "mp3" + "radiohead" -html -htm -php
"index of" + mp3 + "grandaddy"
"index of" + inurl:mp3 + "beatles" -txt -pls
"index of" + intitle:mp3 + beatles
"last modified" + "shn" + "dylan"
"last modified" + inurl:shn + "bob dylan"
"parent of" + inurl:wma + "grandaddy"

Another Little Trick:
- If you have been getting alot of results on google but the pages don't seem to be there try adding dates and the "apache" string to your search i.e.
intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp apache feb-2005
intitle:index.of + mp3 + "grandaddy" -html -htm -php -asp apache 2005

or if you just want a big list of mp3' doing a search like this everymonth
intitle:index.of + mp3 + -html -htm -php -asp apache mar

Get Info bases on Apache web pages
Find Apache's (default) Index page by pasting this code into Google:

+("index of") +("/ebooks"|"/book") +(chm|pdf|zip|rar) +apache

Get e-Books
Find a particular e-Book file by replacing XXX with the title or author.

allinurl: +(rar|chm|zip|pdf|tgz) XXX

Looking for FTP Sites

"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

You only need change the word after the parent directory (in bold font)...

Looking for CV and Adress
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"social security number" "phone * * *“ "address *" "e-mail *" intitle:"curriculum vitae" filetype:pdf site:.edu

Interesting-looking documents
ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential
Get finances Information ==> intitle:index.of finances.xls
Get Password Lists ==> intitle:"Index of" passwords.xls
Cleartext passwords. No decryption required! ==> inurl:passwd.txt
Read Bookmarks ==> inurl:"bookmark.htm
Files uploaded through ftp ==> intitle:"Index of" upload size parent directory
Shared Folders ==> intitle:"Index of *" inurl:"my shared folder" size modified

cdkeys , combine it with product name for specific keys
allinurl:cdkey.txt

More Things at Google
-- Can Move between medidas:
1 kilogram in ounces

-- Can perform math calculatios
220 x 200

-- Currency Conversions
1 usd in argentine pesos

--PhoneBook para buscar gente
phonebook: pafumi ca

Find Serials and Cracks
To find SERIALS and CRACKS with Google put this string in Google-search. 94FBR is part of many serials. Other values to look for are: GC6J3. GTQ62. FP876. D3DX8.
94fbr [program-name] . Example: 94FBR "MS Office 2000" "Small business"

There is a little bit simplier way to get serials you need:
http://www.lomalka.ru
Just put name of the app in search field and usualy you get more than with these magic keys

To find SERIALS and CRACKS use One Of The Best :
http://www.Asta-Killer.com

You can either go to
http://astalavista.box.sk/ (search engine for cracks/serials) or just try
http://www.cracks.am/ (never had crap nor problems under Firefo

More information on Google Hack: http://johnny.ihackstuff.com/index.php?module=prodreviews

Upload Files
Here is a list of sites that you can use to upload files to.

http://www.dropload.com
Space: 100Mb
limit: 7 day

http://www.youshareit.com/
Space: 50Mb
limit:100 download

http://www.yousendit.com
Space: 1Gb, download can resume, specail download manager
limit: 25 download or 7 days

http://www.sharebigfile.com
100mb limiit, there is a 7 day download limit like some of the others but you can have 250 dls before link is done, if people dl and up again to another link this can be a very handy service.

http://www.rapidshare.de
space: 30Mb, Unlimited downloads
limits: one hour download, wait for countdown, daily download limit, can't resume download, one IP connection, inactive link deleted after 30 days

http://www.mytempdir.com/
keep the files for 14 days.
25mb file size limit.

http://www.putfile.com
Space: 10Mb
limits: Only images and video

http://www.webfile.ru
Space: 20Mb
limits: bandwidht limit, password protect, russian site

http://sharefiles.ru
Space: 50Mb
limits: bandwidht limit, password protect, russian site

http://www.zippyvideos.com
Space: 5Mb
limits: only Video

http://www.updownloadserver.de/
no Traffic- or Downloadlimit
After Upload, you'll get an URL. This URL you can Post as an Downloadlink or something else. Your file will be deleted, if after 30 days there where no download action detected

http://www.datapickup.com/
Space: 1.5G
Limit: Unknown; None?