Hacker's Arena
Welcome guys wanna b hacker..explore here
Saturday, May 14, 2011
Friday, April 1, 2011
Top 50 passwords you should never use
The attack on Gawker Media site recently once again showed the risk of using weak passwords. Using the same username and password for multiple sites may be convenient, but it can prove costly. An analysis of the passwords stolen in the Gawker incident show that many people are choosing poor passwords, that are easy for online criminals to guess.
In fact, post Gawker attack, several websites like Google, Twitter, LinkedIn and Yahoo advised users to change their passwords. According to Sophos, many users (33% in its research) use the same password on every single website. This means that if their password gets stolen in one place (say on Gawker's Gizmodo or Lifehacker websites), it can be used to unlock access to other sites too.
The security company has also released a list of world's 50 worst passwords. Time to go through them and make sure your password isn't part of the list.
· 123456
· Password
· 12345678
· Lifehack
· qwerty
· abc123
· 111111
· monkey
· consumer
· 12345
· Letmein
· trustno1
· dragon
· 1234567
· kotaku
· Baseball
· superman
· iloveyou
· gizmodo
· internet
· Sunshine
· 1234
· princess
· starwars
· whatever
· Shadow
· cheese
· 123123
· nintendo
· football
· Computer
· f--you
· 654321
· blahblah
· passw0rd
· master
· soccer
· michael
· 666666
· jennifer
· gawker
· password
· jordan
· pokemon
· michelle
· killer
· pepper
· welcome
· batman
Remember these simple and easy points,
In fact, post Gawker attack, several websites like Google, Twitter, LinkedIn and Yahoo advised users to change their passwords. According to Sophos, many users (33% in its research) use the same password on every single website. This means that if their password gets stolen in one place (say on Gawker's Gizmodo or Lifehacker websites), it can be used to unlock access to other sites too.
The security company has also released a list of world's 50 worst passwords. Time to go through them and make sure your password isn't part of the list.
· 123456
· Password
· 12345678
· Lifehack
· qwerty
· abc123
· 111111
· monkey
· consumer
· 12345
· Letmein
· trustno1
· dragon
· 1234567
· kotaku
· Baseball
· superman
· iloveyou
· gizmodo
· internet
· Sunshine
· 1234
· princess
· starwars
· whatever
· Shadow
· cheese
· 123123
· nintendo
· football
· Computer
· f--you
· 654321
· blahblah
· passw0rd
· master
· soccer
· michael
· 666666
· jennifer
· gawker
· password
· jordan
· pokemon
· michelle
· killer
· pepper
· welcome
· batman
Remember these simple and easy points,
- Try to mix up Lowercase and Uppercase letters in your password.
- Include numbers and special symbols.
- Use different password for each site, and if it seems cumbersome to you, then go for any Password Managers(these are simple software of very less size but extremely useful).
- Avoid doing transaction on public computers.
Friday, February 25, 2011
Remove "regsrv.exe" or "newfolder.exe" virus
Manual Process of removal
I prefer manual process simply because it gives me option to learn new things in the process.
As a side note i have found a little back dog( winpatrol ) that used to work perfectly on my old system. It was not their in my new PC, I have installed it again , as I want to stay ahead by forever closing the supply line of these virus. You can download it form Winpatrol websit
I prefer manual process simply because it gives me option to learn new things in the process.
So let’s start the process off reclaiming the turf that virus took over from us.
- Cut The Supply Line
- Search for autorun.inf file. It is a read only file so you will have to change it to normal by right clicking the file , selecting the properties and un-check the read only option
- Open the file in notepad and delete everything and save the file.
- Now change the file status back to read only mode so that the virus could not get access again.
- Click start->run and type msconfig and click ok
- Go to startup tab look for regsvr and uncheck the option click OK.
- Click on Exit without Restart, cause there are still few things we need to do before we can restart the PC.
- Now go to control panel -> scheduled tasks, and delete the At1 task listed their.
- Open The Gates Of Castle
- Click on start -> run and type gpedit.msc and click Ok.
- If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and install it from Windows XP Home Edition: gpedit.msc and then follow these steps.
- Go to users configuration->Administrative templates->system
- Find “prevent access to registry editing tools” and change the option to disable.
- Once you do this you have registry access back.
- Launch The Attack At Heart Of Castle
- Click on start->run and type regedit and click ok
- Go to edit->find and start the search for regsvr.exe,
- Delete all the occurrence of regsvr.exe; remember to take a backup before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only.
- At one ore two places you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just delete the regsvr.exe and leave the explorer.exe
- Seek And Destroy the enemy soldiers, no one should be left behind
- Click on start->search->for files and folders.
- Their click all files and folders
- Type “*.exe” as filename to search for
- Click on ‘when was it modified ‘ option and select the specify date option
- Type from date as 1/31/2008 and also type To date as 1/31/2008
- Now hit search and wait for all the exe’s to show up.
- Once search is over select all the exe files and shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31st January.
- Also selecting lot of files together might make your computer unresponsive so delete them in small bunches.
- Also find and delete regsvr.exe, svchost .exe( notice an extra space between the svchost and .exe)
- Time For Celebrations
- Now do a cold reboot (ie press the reboot button instead) and you are done.
As a side note i have found a little back dog( winpatrol ) that used to work perfectly on my old system. It was not their in my new PC, I have installed it again , as I want to stay ahead by forever closing the supply line of these virus. You can download it form Winpatrol websit
Track Anyone Just By Sending Mail
Well u wanna track ur victim or want to get his ip, location, browser settings, language or timings.... all u have to do is get his e-mail id...
Once u have it.
Go to www.readnotify.com
register there...
Once registered . . . send a mail to ur victim by the email id u registered at readnotify.com
But before sending the mail just add ".readnotify.com" with the victims id.. for example
xxxxx@yahoo.com.readnotify.com
and then send it...
when ever victim opens it his all the info will be mailed to u.
which can b very useful for the hackers.
Note = U can also change the settings in www.readnotify.com
Once u have it.
Go to www.readnotify.com
register there...
Once registered . . . send a mail to ur victim by the email id u registered at readnotify.com
But before sending the mail just add ".readnotify.com" with the victims id.. for example
xxxxx@yahoo.com.readnotify.com
and then send it...
when ever victim opens it his all the info will be mailed to u.
which can b very useful for the hackers.
Note = U can also change the settings in www.readnotify.com
Tuesday, February 22, 2011
Facebook Hacking
Even if you were drunk and surfing at a Wi-Fi hotspot, you probably wouldn't stand up and shout your username and password for anyone who might want it. But an attacker does not need to find out your username and password. If you thought that capturing a user's social media session was only done by skilled hackers, now the Firesheep addon can allow even the truly clueless to become an Internet griefer.
If you were at a Wi-Fi hotspot, you probably would have no options and no encryption at all. Although many websites give lip service about how important their users' privacy and security is to them, very few have their entire site encrypted with HTTPS. Most sites encrypt the username and password during the login process, but most of those sites stop encrypting and protecting the user right there. As soon as a user moves on to a regular HTTP page on the site, an attacker can sniff and capture the user's cookie information.
Many of us are busy multitasking, so we log into Twitter or Facebook, or even Flickr, and then move on to surf other sites without first logging out of those accounts. If any of those future sites have a Twitter or Facebook widget, or even a Flickr image embedded, if you didn't log out of those sites before continuing to surf, then HTTP session jacking, also called "sidejacking," can happen and leak the user's cookie. Security researchers explained that if a person can steal the cookie, then they can steal your session and allow them to do anything the user could do on the site.
At the Toorcon 12 security conference, Ian Gallagher and Eric Butler presented Hey Web 2.0: Start protecting user privacy instead of pretending to.Eric Butler released a free open-source tool and Firefox browser addon calledFiresheep. Now any person, or idiot, can use Firesheep to scan local Wi-Fi networks and find users who are logged into Facebook, Twitter, Amazon, Google, FourSquare, Dropbox, Hacker News, Windows Live, Cisco, Evernote, Wordpress, Flickr, bit.ly and many other services. There is a list of sites that Firesheep will sniff and hijack.
Butler blogged "On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy....When it comes to user privacy, SSL is the elephant in the room."
After installing the Firesheep addon, a new sidebar will appear. Butler writes, "Connect to any busy open Wi-Fi network and click the big 'Start Capturing' button. Then wait. As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed:"
Yep, just that easy. Firesheep works on any unencrypted wireless LAN connection with services that don't use secure HTTP.
At the time of publishing this article, Firesheep has been downloaded 52,796 times. Twitter is hot with the news of Firesheep. Quite a few sheeple are playing, ignoring wireless wiretap laws and being baaaaad, including those who have no clue how to hack social network sites.
What can you do to protect yourself? Only use encrypted Wi-Fi, use VPN if you have it, or force SSL if you can. The Tor Project and EFF have a Firefox extension called HTTPS Everywhere that rewrites all requests to HTTPS. The kicker is that very few sites are setup to work with the plugin. There is also a Firefox extension called Force-TLS.
Wednesday, December 22, 2010
CLSID Folders Explained
CLSID Folders Explained
Don't you just hate those stubborn stupid icons that refuse to leave the desktop, like the Network Neighborhood icon. I am sure you want to know how you can delete them. You may say, that is really simple, simply right click on the concerned icon and select Delete. Well not exactly, you see when you right click on these special folders( see entire list below)neither the rename nor the delete option does not appear. To delete these folders, there are two methods, the first one is using the System Policy Editor(Poledit in the Windows installation CD)and the second is using the Registry.
Before we go on, you need to understand what CLSID values are. These folders, like the Control Panel, Inbox, The Microsoft Network, Dial Up Networking etc are system folders. Each system folder has a unique CLSID key or the Class ID which is a 16-byte value which identifies an individual object that points to a corresponding key in the registry.
To delete these system Folders from the desktop simply go to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
To delete an icon simply delete the 16 byte CLSID value within "NameSpace". The following are the CLSID values of the most commonly used icons:
My Briefcase:{85BBD920-42AO-1069-A2E4-08002B30309D}
Desktop: {00021400-0000-0000-C000-0000000000046}
Control Panel: {21EC2020-3AEA-1069-A2DD-08002B30309D}
Dial-Up-Networking: {992CFFA0-F557-101A-88EC-00DD01CCC48}
Fonts: {BD84B380-8CA2-1069-AB1D-08000948534}
Inbox : {00020D76-0000-0000-C000-000000000046}
My Computer : {20D04FE0-3AEA-1069-A2D8-08002B30309D}
Network Neighborhood:{208D2C60-3AEA-1069-A2D7-O8002B30309D}
Printers : {2227A280-3AEA-1069-A2DE-O8002B30309D}
Recycle Bin : {645FF040-5081-101B-9F08-00AA002F954E}
The Microsoft Network:{00028B00-0000-0000-C000-000000000046}
History: {FF393560-C2A7-11CF-BFF4-444553540000}
Winzip : {E0D79300-84BE-11CE-9641-444553540000}
For example, to delete the Recycle Bin, first note down it's CLSID value, which is: 645FF040-5081-101B-9F08-00AA002F954E. Now go to the Namespace key in the registry and delete the corresponding key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
Similarly to delete the History folder, delete the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{FBF23B42-E3F0-101B-8488-00AA003E56F8}
Sometimes, you may need to play a trick on your brother or friend, well this one teaches you how to hide all icons from the Desktop. Go to the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane create a new DWORD value by the name: NoDesktop and set its value to: 1. Reboot and you will find no icons on the desktop.
Till now you simply learnt how to delete the special system folders by deleting a registry key, but the hack would have been better if there was a way of adding the DELETE and RENAME option to the right click context menus of these special folders. You can actually change the right click context menu of any system folder and add any of the following options: RENAME, DELETE, CUT, COPY, PASTE and lots more.
This hack too requires you to know the CLSID value of the system folder whose menu you want to customize. In this section, I have taken up Recycle Bin as the folder whose context menu I am going to edit.
Firstly launch the registry editor and open the following registry key:
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder.
In Case you want to edit some other folder like say the FONTS folder, then you will open the following key:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE HERE}\ShellFolder.
In the right pane there will be a DWORD value names attributes. Now consider the following options:
To add the Rename option to the menu, change the value of Attributes to
50 01 00 20
To add the Delete option to the menu, change the value of Attributes to
60 01 00 20
3. To add both the Rename & Delete options to the menu, change the value of Attributes to 70,01,00,20
4. Add Copy to the menu, change Attributes to 41 01 00 20
5. Add Cut to the menu, change Attributes to 42 01 00 20
6. Add Copy & Cut to the menu, change Attributes to 43 01 00 20
7. Add Paste to the menu, change Attributes to 44 01 00 20
8. Add Copy & Paste to the menu, change Attributes to 45 01 00 20
9. Add Cut & Paste to the menu, change Attributes to 46 01 00 20
10.Add all Cut, Copy & Paste to the menu, change Attributes to 47 01 00 20
We want to add only the Rename option to the right click context menu of the Recycle Bin, so change the value of attributes to: 50 01 00 20. Press F5 to refresh and then after rebooting you will find that
when you right click on the Recycle Bin a RENAME option pops up too.
To reset the default Windows options change the value of Attributes back to
40 01 00 20
The Registry File which one can create for the above process would be something like the below:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell-Folder]
"Attributes"=hex:50,01,00,20
To access say the Modem Properties in the Control Panel Folder, the normal procedure is: Click on Start, Click on Settings> Control Panel and then wait for the Control Panel window to pop up and then ultimately click on the Modems icon.
Wouldn't it be lovely if you could shorten the process to: Click on Start> Control Panel>Modems. Yes you can add the Control Panel and also all other Special System Folders directly to the first level Start Menu. Firstly collect the CLSID value of the folder you want to add to the start menu. I want to add Control Panel hence the CLSID value is: 21EC2020-3AEA-1069-A2DD-08002B30309D
Now right click on the Start Button and select Open. Now create a new folder and name it: Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}
NOTE: Do not forget the period after the 'l' in Panel. Similarly all system folders can be added to the Start Menu.(accept My Briefcase, I think)
Deleting System Options from the Start menu
You can actually remove the Find and Run options from the start menu by performing a simple registry hack. Again like always Launch the registry editor and scroll down to the below key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Right-click on the right pane and select New, DWORD Value. Name it NoFind.(To remove the RUN option name it NoRun). Double-click the newly create DWORD to edit it's value and enter 1 as its value. This will disable the FIND option of the Start Menu and will also disable the default Shortcut key(F3 for Find.)
To restore the Run or find command modify the value of the DWORD to 0 or simply Delete the DWORD value.
Fed Up of the boring Old Yellow Folder Icons?[Drive Icons Included]
NOTE: This trick hasn't been tried on Win98.
You can easily change the boring yellow folder icons to your own personalized icons. Simply create a text file and copy the following lines into it:
[.ShellClassInfo]
ICONFILE=Drive:\Path\Icon_name.extension
Save this text file by the name, desktop.ini in the folder, whose icon you want to change. Now to prevent this file from getting deleted change it's attributes to Hidden and Read Only by using the ATTRIB command.
To change the icon of a drive, create a text file containing the following lines:
[Autorun]
ICON=Drive:\Path\Icon_name.extension
Save this file in the root of the drive whose icon you want to change and name it autorun.inf For Example, if you want to change the icon of a floppy, SAVE THE icon in a:\icon_name.ico One can also create a kewl icon for the Hard Disk and create a text file [autorun.inf] and store it in "c:\".
Don't you just hate those stubborn stupid icons that refuse to leave the desktop, like the Network Neighborhood icon. I am sure you want to know how you can delete them. You may say, that is really simple, simply right click on the concerned icon and select Delete. Well not exactly, you see when you right click on these special folders( see entire list below)neither the rename nor the delete option does not appear. To delete these folders, there are two methods, the first one is using the System Policy Editor(Poledit in the Windows installation CD)and the second is using the Registry.
Before we go on, you need to understand what CLSID values are. These folders, like the Control Panel, Inbox, The Microsoft Network, Dial Up Networking etc are system folders. Each system folder has a unique CLSID key or the Class ID which is a 16-byte value which identifies an individual object that points to a corresponding key in the registry.
To delete these system Folders from the desktop simply go to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
To delete an icon simply delete the 16 byte CLSID value within "NameSpace". The following are the CLSID values of the most commonly used icons:
My Briefcase:{85BBD920-42AO-1069-A2E4-08002B30309D}
Desktop: {00021400-0000-0000-C000-0000000000046}
Control Panel: {21EC2020-3AEA-1069-A2DD-08002B30309D}
Dial-Up-Networking: {992CFFA0-F557-101A-88EC-00DD01CCC48}
Fonts: {BD84B380-8CA2-1069-AB1D-08000948534}
Inbox : {00020D76-0000-0000-C000-000000000046}
My Computer : {20D04FE0-3AEA-1069-A2D8-08002B30309D}
Network Neighborhood:{208D2C60-3AEA-1069-A2D7-O8002B30309D}
Printers : {2227A280-3AEA-1069-A2DE-O8002B30309D}
Recycle Bin : {645FF040-5081-101B-9F08-00AA002F954E}
The Microsoft Network:{00028B00-0000-0000-C000-000000000046}
History: {FF393560-C2A7-11CF-BFF4-444553540000}
Winzip : {E0D79300-84BE-11CE-9641-444553540000}
For example, to delete the Recycle Bin, first note down it's CLSID value, which is: 645FF040-5081-101B-9F08-00AA002F954E. Now go to the Namespace key in the registry and delete the corresponding key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
Similarly to delete the History folder, delete the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{FBF23B42-E3F0-101B-8488-00AA003E56F8}
Sometimes, you may need to play a trick on your brother or friend, well this one teaches you how to hide all icons from the Desktop. Go to the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane create a new DWORD value by the name: NoDesktop and set its value to: 1. Reboot and you will find no icons on the desktop.
Till now you simply learnt how to delete the special system folders by deleting a registry key, but the hack would have been better if there was a way of adding the DELETE and RENAME option to the right click context menus of these special folders. You can actually change the right click context menu of any system folder and add any of the following options: RENAME, DELETE, CUT, COPY, PASTE and lots more.
This hack too requires you to know the CLSID value of the system folder whose menu you want to customize. In this section, I have taken up Recycle Bin as the folder whose context menu I am going to edit.
Firstly launch the registry editor and open the following registry key:
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder.
In Case you want to edit some other folder like say the FONTS folder, then you will open the following key:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE HERE}\ShellFolder.
In the right pane there will be a DWORD value names attributes. Now consider the following options:
To add the Rename option to the menu, change the value of Attributes to
50 01 00 20
To add the Delete option to the menu, change the value of Attributes to
60 01 00 20
3. To add both the Rename & Delete options to the menu, change the value of Attributes to 70,01,00,20
4. Add Copy to the menu, change Attributes to 41 01 00 20
5. Add Cut to the menu, change Attributes to 42 01 00 20
6. Add Copy & Cut to the menu, change Attributes to 43 01 00 20
7. Add Paste to the menu, change Attributes to 44 01 00 20
8. Add Copy & Paste to the menu, change Attributes to 45 01 00 20
9. Add Cut & Paste to the menu, change Attributes to 46 01 00 20
10.Add all Cut, Copy & Paste to the menu, change Attributes to 47 01 00 20
We want to add only the Rename option to the right click context menu of the Recycle Bin, so change the value of attributes to: 50 01 00 20. Press F5 to refresh and then after rebooting you will find that
when you right click on the Recycle Bin a RENAME option pops up too.
To reset the default Windows options change the value of Attributes back to
40 01 00 20
The Registry File which one can create for the above process would be something like the below:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell-Folder]
"Attributes"=hex:50,01,00,20
To access say the Modem Properties in the Control Panel Folder, the normal procedure is: Click on Start, Click on Settings> Control Panel and then wait for the Control Panel window to pop up and then ultimately click on the Modems icon.
Wouldn't it be lovely if you could shorten the process to: Click on Start> Control Panel>Modems. Yes you can add the Control Panel and also all other Special System Folders directly to the first level Start Menu. Firstly collect the CLSID value of the folder you want to add to the start menu. I want to add Control Panel hence the CLSID value is: 21EC2020-3AEA-1069-A2DD-08002B30309D
Now right click on the Start Button and select Open. Now create a new folder and name it: Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}
NOTE: Do not forget the period after the 'l' in Panel. Similarly all system folders can be added to the Start Menu.(accept My Briefcase, I think)
Deleting System Options from the Start menu
You can actually remove the Find and Run options from the start menu by performing a simple registry hack. Again like always Launch the registry editor and scroll down to the below key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Right-click on the right pane and select New, DWORD Value. Name it NoFind.(To remove the RUN option name it NoRun). Double-click the newly create DWORD to edit it's value and enter 1 as its value. This will disable the FIND option of the Start Menu and will also disable the default Shortcut key(F3 for Find.)
To restore the Run or find command modify the value of the DWORD to 0 or simply Delete the DWORD value.
Fed Up of the boring Old Yellow Folder Icons?[Drive Icons Included]
NOTE: This trick hasn't been tried on Win98.
You can easily change the boring yellow folder icons to your own personalized icons. Simply create a text file and copy the following lines into it:
[.ShellClassInfo]
ICONFILE=Drive:\Path\Icon_name.extension
Save this text file by the name, desktop.ini in the folder, whose icon you want to change. Now to prevent this file from getting deleted change it's attributes to Hidden and Read Only by using the ATTRIB command.
To change the icon of a drive, create a text file containing the following lines:
[Autorun]
ICON=Drive:\Path\Icon_name.extension
Save this file in the root of the drive whose icon you want to change and name it autorun.inf For Example, if you want to change the icon of a floppy, SAVE THE icon in a:\icon_name.ico One can also create a kewl icon for the Hard Disk and create a text file [autorun.inf] and store it in "c:\".
Tuesday, December 21, 2010
Gooscan – Automated Google Hacking Tool
What is Gooscan?
Gooscan is a tool that automates queries against Google search appliances, but with a twist. These particular queries are designed to find potential vulnerabilities on web pages. Think “cgi scanner” that never communicates directly with the target web server, since all queries are answered by a Google appliance, not by the target itself.
Who is it written for?
Security professionals: This tool serves as a front-end for an external web server assessment and aids in the “information gathering” phase of a vulnerability assessment.
Web server administrators: This tool helps to discover what the web community may already know about you thanks to Google.
Is this tool legal?
From Google ToS – “You may not send automated queries of any sort to Google’s system without express permission in advance from Google.”
This means that you should not use this tool to query Google without advance express permission. Google appliances, however, do not have these limitations. You should, however, obtain advance express permission from the owner or maintainer of the Google appliance before searching it with
any automated tool for various legal and moral reasons.
The author wrote this tool not to violate Google’s terms of service (ToS), but to raise the awareness of the web security community that a ToS may not discourage the bad guys from writing and running a tool like this for malicious purposes. To that end, only use this tool to query _appliances_ unless you are prepared to face the (as yet unquantified) wrath of Google.
Why the proxy feature?
Many companies can only reach the Internet by way of an internal proxy server. When conducting an authorized assessment, it may be necessary to bounce queries of of a web proxy instead of off the Google appliance directly.
download
http://www.megafileupload.com/en/file/265325/gooscan-v1-0-zip.html
Subscribe to:
Posts (Atom)