Google Hack – Finding User Information

Posted: March 27, 2011 in Uncategorized

Finding User Information:

It is a real fun to find user’s information over the net. However, it is not so easy to find them. One has to really dig very deep and do a lot of experiments for the same. The techniques defined here gives just a primary idea about how to go ahead if one is interested in finding such information.

Unlike my last Hub Google Hack – Finding Accurate Results the query result will not come so easily and it will not be so straight forward. It makes sense as to why these information aren’t so easily available as they are others details that could be sensitive information.

Now, having said that I would like to make it clear that my intentions are not at all to promote the piracy of personal details. I am giving this information in the primary form. If someone wants to find the details of someone in specific then this is not the right place. I have written this Hub with the sole purpose to share knowledge and learning and it will be completely on the individual who implements these steps. Hence, I claim no responsibility of the way these techniques will be used.

Query: “Index of” / “chat/logs”
Result: This returns a list of log files of chat history of different chat rooms. However, one should not expect to get the log files of some popular chat rooms as they are kept at much secured location most of the times. If someone is looking for the same, then more research and finding is required.

Query: intitle:index.of trillian.ini
Result: Trillian integrates many messaging clients and uses various .ini files to store various encoded passwords, usernames and buddy lists.

Query: intitle:index.of dead.letter
Result: It return a list of unfinished email on UNIX platform.

Query: filetype:mbx mbx intext:Subject
Result: These searches reveal Outlook v 1-4 or Eudora mailbox files from where the email text and address could be found.

Query: filetype:eml eml +intext:”Subject” +intext:”From”
Result: This returns outlook express email files which contain emails, with full headers.

Query: filetype:blt blt +intext:screenname
Result: This query returns AIM buddy lists. It also returns screenname and who’s on their ‘buddy’ list and their ‘blocked’ list.

Query: filetype:ctt ctt messenger OR filetype:ctt “msn”
Result: This will return MSN messenger contact list files. These files have an extension .ctt.

Query: filetype:blt “buddylist”
Result: Gives you AIM buddy list.

Query: intitle:index.of passwd passwd.bak OR intitle:index.of master.passwd OR intitle:”Index of” pwd.db OR intitle:”Index of” “.htpasswd” htpasswd.bak OR intitle:”Index of” “.htpasswd” “htgroup” -intitle:”dist” -apache -htpasswd.c OR intitle:”Index of” spwd.db passwd -pam.conf OR intitle:”Index of..etc” passwd OR allinurl:auth_user_file.txt
Result: This query returns “passwd” files of various types that may contain various passwords encrypted form. These passwords have been encrypted using various encrypting alogorithm.

Query: filetype:xls username password email
Result: This query will return excel files containing various username, password and email. However, in most of the cases that I tried, it returned results that were fake ;).

Query: filetype:log inurl:”password.log” OR filetype:dat “password.dat”
Result: This query will return files containing username and password in clear form i.e. they will most probably not be encrypted.

Query: filetype:xls inurl:”email.xls”
Result: There are many times when password are stored in file called “email.xls”. This query will return these files.

Query: “phone * * *” “address *” “e-mail” intitle:
“curriculum vitae”

Result: This will return files containing CV’s. Give a try if you are looking to hire someone! 😉

Query: intitle:”Index Of” -inurl:maillog maillog size
Result: This will return maillog files, potentially containing e-mail


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s