THE ZEITGEIST MOVEMENT: RESPONSE TO "OCCUPY WALL STREET" | Samir Patel - Web Applications Developer, Belmont NC 28012 * 704-345-2040

Links

Home

Articles

Blog

THE ZEITGEIST MOVEMENT: RESPONSE TO "OCCUPY WALL STREET"

Tag it:

On Sept 17th 2011, a grassroots expression of contempt was launched in
the heart of the world's financial center in lower Manhattan of New York
City, also commonly known to the world as the institution of "Wall
Street". As of Sept 26th, there have been over 80 arrests and many
recorded instances of what appears to be violence and abuse coming from
the police and security forces there. However, the protesters remain
vigilant in what could very well be a landmark event that will resonate
for some time to come.

The Zeitgeist Movement would like to extend its public support to this
basic expression.

Write comment (0 Comments)

Murphy's Law and its progeny

Tag it:

My favorites are O'Toole's Commentary and the Unspeakable Law. Anyway, these laws are presented with minimal formatting - just download it and read at your leisure. Write comment (0 Comments)
Read more...

Dalai Lama's 18 rules for living

Tag it:

At the start of the new millennium the Dalai Lama apparently issued eighteen rules for living. Write comment (0 Comments)
Read more...

Footprinting

Tag it:

Footprinting is the blueprinting of the security profile of an organization, undertaken in a methodological manner. Footprinting is a passive process of that is designed to profile an organization with respect to networks (Internet / Intranet / Extranet / Wireless).

Google Hacking

allintitle:Brains, Corp. camera

allintitle:"index of/admin"
allintitle:"index of/root"
allintitle:restricted filetype:doc site:gov
allintitle:restricted filetype :mail
allintitle:sensitive filetype:doc

allinurl:/bash_history
allinurl:winnt/system32/ (get cmd.exe)

ext:ini eudora.ini
ext:pwd inurl:(service|authors|administrators |users) "# -FrontPage-"

filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:conf slapd.conf
filetype:ctt "msn"
filetype:mdb inurl:"account|users|admin|administrators|passwd|password"
filetype:mdb inurl:users.mdb
filetype:QDF QDF
filetype:pdf "Host Vulnerability Summary Report" "Assessment Report"
filetype:sql ("passwd values ****" | "password values ****" | "pass values ****" )
filetype:xls inurl:"email.xls"
filetype:user eggdrop user

"Index of /admin"
"Index of /" +.htaccess
"Index of /mail"
"Index of /" "Parent Directory" "WS_FTP.ini" filetype:ini
"Index of /" +passwd
"Index of /password"
"Index of /" +password.txt
intext:"BiTBOARD v2.0" "BiTSHiFTERS Bulletin Board"
intext:centreware inurl:status
intext:"MOBOTIX M1"
intext:"MOBOTIX M10"
intext:"Open Menu"
intext:"powered by Web Wiz Journal"
intext:"Tobias Oetiker" "traffic analysis"

intitle:index.of "Apache/1.3.28 Server at"
intitle:index.of "Apache/2.0 Server at"
intitle:index.of "Apache/* Server at"
intitle:index.of "HP Apache-based Web Server/*"
intitle:index.of "IBM _ HTTP _ Server/* * Server at"
intitle:index.of "Microsoft-IIS/4.0 Server at"
intitle:index.of "Microsoft-IIS/5.0 Server at"
intitle:index.of "Microsoft-IIS/6.0 Server at"
intitle:index.of "Microsoft-IIS/* Server at"
intitle:index.of "Netscape/* Server at"
intitle:index.of "Oracle HTTP Server/* Server at"
intitle:index.of "Red Hat Secure/*"

intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"Welcome to IIS 4.0!"
intitle:"Welcome to Windows 2000 Internet Services"
intitle:"Welcome to Windows XP Server Internet Services"
intitle:"Welcome to Your New Home Page!"
intitle:"Test Page for Apache Installation" "It worked!" "this Web site!"
intitle:"Test Page for Apache Installation" "Seeing this instead"
intitle:"Test Page for Apache Installation" "You are free"
intitle:"Test Page for the Apache Http Server on Fedora Core"
intitle:"Test Page for the Apache Web Server on RedHat Linux"
intitle:"Test Page for the SSL/TLS-aware Apache Installation" "Hey, it worked!"

intitle:"index of" .bash_history
intitle:"index of" etc/shadow
intitle:"index.of" finances.xls
intitle:"index of" htpasswd
intitle:"Index Of" inurl:maillog
intitle:"index of" master.passwd
intitle:"index of" members OR accounts
intitle:"index.of" mystuff.xml
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"Index of" pwd.db
intitle:"Index of" .sh_history
intitle:"index of" spwd
intitle:"index.of" trillian.ini
intitle:"index of" user_carts OR user_cart
intitle:"active webcam page"
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos"
intitle:"curriculum vitae" "phone * * *" "address *"
intitle:"Dell Laser Printer" ews
intitle:"EvoCam" inurl:"webcam.html"
intitle:liveapplet inurl:LvAppl
intitle:"Multimon UPS status page"
intitle:"my webcamXP server!" inurl:":8080"
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Terminal Services Web Connection"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"VNC Desktop" inurl:5800
intitle:"Web Server Statistics for ****"
inurl:admin filetype:db
inurl:admin inurl:backup intitle:index.of
inurl:"auth_user_file.txt"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:hp/device/this.LCDispatcher
inurl:iisadmin
inurl:indexFrame.shtml Axis
inurl:"main.php" "phpMyAdmin" "running on"
inurl:passwd filetype:txt
inurl:"printer/main.html" intext:"settings"
inurl:server-info "Apache Server Information"
inurl:"ViewerFrame?Mode="
inurl:"wvdial.conf" intext:"password"
inurl:"wwwroot/*."

site:gov confidential
site:mil confidential
site:mil "top secret"
"Copyright (c) Tektronix, Inc." "printer status"
"Host Vulnerability Summary Report"
"http://*:*@www"
"Network Vulnerability Assessment Report"
"not for distribution"
"Output produced by SysWatch *"
"These statistics were produced by getstats"
"This file was generated by Nessus"
"This report was generated by WebLog"
"This summary was generated by wwwstat"
"Generated by phpSystem"
"Host Vulnerability Summary Report"
"my webcamXP server!"
sample/LvAppl/
"TOSHIBA Network Camera - User Login"
/home/homeJ.html
/ViewerFrame?Mode=Motion
This reveals mySQL database dumps. These database dumps list the structure and content of databases, which can reveal many different types of sensitive information. http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=%22%23mysql+dump%22+filetype%3Asql&btnG=Search

These log files record info about the SSH client PUTTY. These files contain usernames, site names, IP addresses, ports and various other information about the SSH server connected to. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+username+putty

These files contain cleartext usernames and passwords, as well as the sites associated with those credentials. Attackers can use this information to log on to that site as that user. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=filetype%3Alog+inurl%3A%22password.log%22

This file contains port number, version number and path info to MySQL server. http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=intitle%3A%22index+of%22+mysql.conf+OR+mysql_config

This search reveals sites which may be using Shockwave (Flash) as a login mechanism for a site. The usernames and passwords for this type of login mechanism are often stored in plaintext inside the source of the .swl file. http://www.google.com/search?hl=en&lr=&q=inurl%3Alogin+filetype%3Aswf+swf

These are oulook express email files which contain emails, with full headers. The information in these emails can be useful for information gathering about a target. http://www.google.com/search?hl=en&lr=&q=filetype%3Aeml+eml+%2Bintext%3A%22Subject%22+%2Bintext%3A%22From%22+%2Bintext%3A%22To%22

This google search reveals users names, pop3 passwords, email addresses, servers connected to and more. The IP addresses of the users can also be revealed in some cases. http://www.google.com/search?num=100&hl=en&lr=&q=filetype%3Areg+reg+%2Bintext%3A%22internet+account+manager

Write comment (0 Comments)

More...

<< Start < Prev 1 2 Next > End >>

Results 1 - 9 of 12

[ Back ]