Today I will tell you about the types of Information Collection and Discovery.
Information Addition And Discovery
In this topic; I will describe the process of information gathering on targets. Our target is sometimes a remote server, sometimes a user. Without further ado, we will learn on separate titles one by one without wasting time.
Information Addition Types
Information gathering types are divided into two. One is Active Information Addition, and the other is Passive Information Addition.
Active Information Addition
Active Information Addition is the opposite of another type of Passive Information addition method. Active Information Addition leaves marks the information addition phase on opposite servers. The reason why it leaves a trace is that it establishes a contact connection directly to the opposite servers.
If we talk about the best examples of Active Information Addition; determine the server over HTTP Response Headers, Methods such as Port Scanning or DNS Zone Transfer are offered for the best sampling.
Passive Information Addition
Passive Information Addition is collecting information without directly contacting the target servers' systems. The critical point of this type is that the target server does not understand that we are collecting information never or execute a process. If necessary illustration; never process we take on turkhackteam.org during the process of collecting information will not leave any traces, thus it will be impossible for us to be detected as we leave no traces. If we will give an example method except; We can sample methods such as "Whois Lookup".
Search Engines
Popular today; There are available search operators uses by search engines such as Google, Yandex, and Bing. The reason these operators exist is that they list millions of results to us when we do a search. Thanks to the operators, it helps us to present what we are looking for by filtering and finding what we are looking for easily. Now, we will use these operators to find our target servers.
Google Search Operators
In this section, we will treat the operators of Google.
INTITLE
The "intitle" operator queries the headers of web pages by querying. Example while querying; If we write THT, it provides us as applicable web pages related to THT. In this way, as an example, the search result is filtered and presented to us of the site resultant title THT. Eventually, we have found our goal under this title.
Sample;
"hack intitle:THT."
If you query the example I gave on google, it will list the web pages with the word hack and THT in the title.
INURL
The "inurl" operator works just like the "intitle" operator above.
Sample; "index.php? route = class_name / method_name"
When an attacker detects ZeroDay on OpenCart web systems, the attacker uses that type of query to list websites; "inurl:index.php?route=product/product"
SITE
The "site" operator lists the site ********s entered in the argument position. As an example, to list by assuming that we entered the THT argument;
We can make querying in the form of "THT site: turkhackteam.org".
RELATED
The "related" operator lists web servers that are similar in structure of the webserver we target.
Sample;
We can make querying in the form of "related: turkhackteam.org".
CACHE
The "cache" operator indicates the entered argument is protects the cached copy of the URL in Google.
Sample;
We can querying in the form of "cache: turkhackteam.org".
LINK
The "link" operator lists web servers that gave link to the target web server.,
Sample;
We can make querying in the form of "link: turkhackteam.org".
FILETYPE
The "filetype" operator lists entered as target file type / according to extension make lists.
Example 1;
If you are looking for a server file related to THT; We can querying as "THT filetype: ppt".
Example 2; If you are looking for JPEG image files related to THT; We can querying in the form of "THT filetype: jpeg".
.. (two dots)
The ".." operator lists the target results in the range of front and hindmost values entered.
Sample; We Suppose you have limited money of 1000 TL and 5000 TL. We want to buy a phone with this limited amount of money.
Let's assume that we want to make a search to buy a phone as below 1000 TL and not above 5000 TL;
"telephone 1000TL..5000TL"
Let's consider this operator for a little more aggressive purposes.
Sample; Every citizen of the Republic of Turkey in the Republic of Turkey has ID number. These ID numbers range from 000000000000 to 999999999999. The citizens of the Republic of Turkey to reach their ID numbers; We can querying as "000000000000..999999999999 filetype: xls inurl: gov.tr".
"" (Two quotes open-close)
The operator "" "" lists the targets in which the content we specified as the target is in the same order.
Sample; Without using this operator, we do a target query on google in the form of TurkHackTeam, and google lists us all the results it finds relevant to the target TurkHackTeam. When we use this operator, it only lists the exact results for us.
If necessary exemplify"TurkHackTeam"
- (dash)
The "-" operator prevents the targeted content from appearing while searching. It is often used to remove common words that are used in many unnecessary topics. Sample; I am looking for a book called THT and there is a computer brand named this book, we do not want to search for this computer brand, so we can make querying as an example as follows; "THT -computer"
Google Advanced Search
"Google Advanced Search" operator, you want to use it manually, google offers it to you under the name of advanced search feature by link. You can use this advanced search feature without using the above operators and meet your needs from the ready-made interface.
To use the Google Advanced Search feature, you can go to this link; https://www.google.com/advanced_search,
Google Hacking Database
All what we have told is about the use of operators, you can browse the "Google Hacking Database" service for the offensive part and all dork and similar content; You can access it via http://exploit-db.com/google-hacking-database address link.
Chapter 2 coming soon
Source:https://www.turkhackteam.org/siber-guvenlik/1977498-bilgi-toplama-ve-kesif-1-bolum.html
Information Addition And Discovery
In this topic; I will describe the process of information gathering on targets. Our target is sometimes a remote server, sometimes a user. Without further ado, we will learn on separate titles one by one without wasting time.
Information Addition Types
Information gathering types are divided into two. One is Active Information Addition, and the other is Passive Information Addition.
Active Information Addition
Active Information Addition is the opposite of another type of Passive Information addition method. Active Information Addition leaves marks the information addition phase on opposite servers. The reason why it leaves a trace is that it establishes a contact connection directly to the opposite servers.
If we talk about the best examples of Active Information Addition; determine the server over HTTP Response Headers, Methods such as Port Scanning or DNS Zone Transfer are offered for the best sampling.
Passive Information Addition
Passive Information Addition is collecting information without directly contacting the target servers' systems. The critical point of this type is that the target server does not understand that we are collecting information never or execute a process. If necessary illustration; never process we take on turkhackteam.org during the process of collecting information will not leave any traces, thus it will be impossible for us to be detected as we leave no traces. If we will give an example method except; We can sample methods such as "Whois Lookup".
Search Engines
Popular today; There are available search operators uses by search engines such as Google, Yandex, and Bing. The reason these operators exist is that they list millions of results to us when we do a search. Thanks to the operators, it helps us to present what we are looking for by filtering and finding what we are looking for easily. Now, we will use these operators to find our target servers.
Google Search Operators
In this section, we will treat the operators of Google.
INTITLE
The "intitle" operator queries the headers of web pages by querying. Example while querying; If we write THT, it provides us as applicable web pages related to THT. In this way, as an example, the search result is filtered and presented to us of the site resultant title THT. Eventually, we have found our goal under this title.
Sample;
"hack intitle:THT."
If you query the example I gave on google, it will list the web pages with the word hack and THT in the title.
INURL
The "inurl" operator works just like the "intitle" operator above.
Sample; "index.php? route = class_name / method_name"
When an attacker detects ZeroDay on OpenCart web systems, the attacker uses that type of query to list websites; "inurl:index.php?route=product/product"
SITE
The "site" operator lists the site ********s entered in the argument position. As an example, to list by assuming that we entered the THT argument;
We can make querying in the form of "THT site: turkhackteam.org".
RELATED
The "related" operator lists web servers that are similar in structure of the webserver we target.
Sample;
We can make querying in the form of "related: turkhackteam.org".
CACHE
The "cache" operator indicates the entered argument is protects the cached copy of the URL in Google.
Sample;
We can querying in the form of "cache: turkhackteam.org".
LINK
The "link" operator lists web servers that gave link to the target web server.,
Sample;
We can make querying in the form of "link: turkhackteam.org".
FILETYPE
The "filetype" operator lists entered as target file type / according to extension make lists.
Example 1;
If you are looking for a server file related to THT; We can querying as "THT filetype: ppt".
Example 2; If you are looking for JPEG image files related to THT; We can querying in the form of "THT filetype: jpeg".
.. (two dots)
The ".." operator lists the target results in the range of front and hindmost values entered.
Sample; We Suppose you have limited money of 1000 TL and 5000 TL. We want to buy a phone with this limited amount of money.
Let's assume that we want to make a search to buy a phone as below 1000 TL and not above 5000 TL;
"telephone 1000TL..5000TL"
Let's consider this operator for a little more aggressive purposes.
Sample; Every citizen of the Republic of Turkey in the Republic of Turkey has ID number. These ID numbers range from 000000000000 to 999999999999. The citizens of the Republic of Turkey to reach their ID numbers; We can querying as "000000000000..999999999999 filetype: xls inurl: gov.tr".
"" (Two quotes open-close)
The operator "" "" lists the targets in which the content we specified as the target is in the same order.
Sample; Without using this operator, we do a target query on google in the form of TurkHackTeam, and google lists us all the results it finds relevant to the target TurkHackTeam. When we use this operator, it only lists the exact results for us.
If necessary exemplify"TurkHackTeam"
- (dash)
The "-" operator prevents the targeted content from appearing while searching. It is often used to remove common words that are used in many unnecessary topics. Sample; I am looking for a book called THT and there is a computer brand named this book, we do not want to search for this computer brand, so we can make querying as an example as follows; "THT -computer"
Google Advanced Search
"Google Advanced Search" operator, you want to use it manually, google offers it to you under the name of advanced search feature by link. You can use this advanced search feature without using the above operators and meet your needs from the ready-made interface.
To use the Google Advanced Search feature, you can go to this link; https://www.google.com/advanced_search,
Google Hacking Database
All what we have told is about the use of operators, you can browse the "Google Hacking Database" service for the offensive part and all dork and similar content; You can access it via http://exploit-db.com/google-hacking-database address link.
Chapter 2 coming soon
Source:https://www.turkhackteam.org/siber-guvenlik/1977498-bilgi-toplama-ve-kesif-1-bolum.html
Moderatör tarafında düzenlendi: