Hack Usernames and Passwords with Google
There are many ways to search for vulnerable sites with google. I’ll show you here how to get username and password from sites that use FrontPage extentions. Microsoft FrontPage Extensions creates a service.pwd file inside the _vti_pvt directory in the HTTP server’s document root. This file contains user names and passwords that could be remotely retrieved by an attacker. The good news is that Google indexes this kind of files, so they are very easy to search for. The bad news is that the passwords are encrypted, but wait, this is not really a bad news 🙂 because you can crack them if you are patient and you have the will. If you want to become a hacker, you have to be patient and you have to have the will. Please note: I’m not telling you to hack sites, this stuff is just for learning. So if you want to do illegal things, you should know that jail is a possibility.
So lets go to the details:
1- Some administrators change the name of service.pwd file to authors.pwd or administrators.pwd or users.pwd or some thing else. So to get the biggest chance to retreive this file we will add an “inurl” condition to our search string in Google like this: inurl:(service | authors | administrators | users)
2- The file extension is “pwd” and we are not interested to get other extensions, so we will add an “ext” condition to the search string in Google like this: ext:pwd
3- The first line in the file service.pwd is “# -FrontPage-“. So we will search for this string with Google
And here is the full search string:(you can click it to go to Google result page)
inurl:(service | authors | administrators | users) ext:pwd “# -FrontPage-“
In the Google result page click any link, you should see some thing like this:
# -FrontPage-
okodo43:Ji87W3q
chineduo: 9o0ldur85MkD0
Here, there are 2 users with their encrypted passwords. The first user is
okodo43, his encrypted password is Ji87W3q and the other user is chineduo,
her encrypted password is o0ldur85MkD0.