CSCD 434 Lab 3 Google Hacking is Fun
Due: May 2nd

This lab can be done on your own. You basically use Google searches to conduct searches related to sensitive data found on the Web.
You can learn about Google Hacking, also known as Google Dorking, by reading this brief tutorial here, Google Hacking
The search strings have been extracted from a Google Hacking Database (GHD) which can be found here, Google Hacking Database
You can search on the string using the Quick Search bar on the GHD site and run it from the comfort of the Google Hacking Database site.
For each of the following Google search strings: Run the query, find an interesting example and summarize what you found.
Answer the question, "How would a hacker use that query result?"

  1. allinurl:mc4wp-debug.log ext:log
  2. inurl:"/my-account-login" | allintext:"My Account"
  3. inurl:pipermail filetype:txt
  4. site:edu admin grades
  5. intitle:admin intitle:login
  6. intitle:index.of home/000~root~000/
  7. Write down and run a query that you create or choose from GHDB
  8. Write down and run a query that you create or choose from GHDB

Turn In
1. Results of running the query, summarized.
2. Answer to the question about "How a hacker would use the info. Brief answer."
3. Put CSCD434 - Lab3 in the subject line and you can turn it in via email.