Monday, September 17, 2012

tricks and techniques of Google part 4

The encryption method used in WS_FTP is _extremely_ weak. These files can be found with the "index of" keyword or by searching directly for the PWD= value inside the configuration file.There is an easy way to decrypt the hash, use the decryptor at: see results; just write in the ( search engine the code:filetype:ini ws_ftp pwd
These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to logon to that site as that user.To see results; just write in the ( search engine the code:filetype:log inurl:"password.log"
Web Wiz Forums is a free ASP Bulletin Board software package. It uses a Microsoft Access database for storage. The installation instructions clearly indicate to change the default path and filename (admin/database/wwForum.mdb).vendor: forum database contains the members passwords, either encrypted orin plain text, depending on the version.Please note: this search is proof that results can stay in Google's index for a long time, even when they are not on thesite any longer. Currently only 2 out of 9 are actually still downloadable by an attacker.To see results; just write in the ( search engine the code:filetype:mdb wwforum
VNC is a remote-controlled desktop product. Depending on the configuration,remote users may not be presented witha password. Even when presented with apassword, the mere existance of VNC can be important to an attacker, as is theopen port of 5800.To see results; just write in the ( search engine the code:"VNC Desktop" inurl:5800By the way, New version of VNC changedtitle to VNC Viewer so now you can search for�intitle:vnc.desktop inurl:5800

Related Articles :









LOVE IS TO ACCEPT OTHERS FOR WHAT THEY ARE Copyright © 2011-2012 BloggerTemplate is Designed by Cerpen666