Created
July 29, 2023 12:47
-
-
Save MrMoshkovitz/a59c9ca0fe130c4ea75eb78bf573dd65 to your computer and use it in GitHub Desktop.
Google Hacking on Target
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# + -- --=[GooHak v1.4 by 1N3 | |
# + -- --=[http://crowdshield.com | |
# | |
# ABOUT: | |
# GooHak is a shell script to automatically launch google hacking queries | |
# against a target domain to find vulnerabilities and enumerate a target. | |
# | |
# DEPENDENCIES: | |
# iceweasel | |
# Linux | |
# | |
# BHaFSec Modified Version: | |
# We've modified the script to allow specifying the browser to use, and | |
# some additional gdork's we've come up with and use regularly. | |
# | |
# - Mike Baker <mike@bhafsec.com> <@_Bike_Maker_> | |
TARGET="$1" | |
BROWSER="$2" | |
DORKSONLY="$3" | |
OKBLUE='\033[94m' | |
OKRED='\033[91m' | |
OKGREEN='\033[92m' | |
OKORANGE='\033[93m' | |
RESET='\e[0m' | |
if [ -z $TARGET ]; then | |
echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET" | |
echo -e "$OKORANGE + -- --=[GooHak v1.3b by 1N3$RESET" | |
echo -e "$OKORANGE + -- --=[Modified vers. by BHaFSec" | |
echo -e "$OKORANGE + -- --=[Usage: goohak <domain> <browser> <dorksonly>$RESET" | |
exit | |
fi | |
echo -e "Target set to: ${TARGET}" | |
if [ -z $BROWSER ]; then | |
BROWSER='iceweasel' | |
fi | |
echo -e "Using browser: ${BROWSER}" | |
${BROWSER} 2> /dev/null & | |
sleep 3 | |
if [ -z $DORKSONLY ]; then | |
# LOAD WEBSITE IN A WEB BROSER | |
$BROWSER http://$TARGET 2> /dev/null | |
$BROWSER https://$TARGET 2> /dev/null | |
# TCPUTILS | |
$BROWSER "http://www.tcpiputils.com/browse/domain/$TARGET" 2> /dev/null | |
# NETCRAFT | |
$BROWSER "http://toolbar.netcraft.com/site_report?url=$TARGET" 2> /dev/null | |
# SHODAN | |
$BROWSER "https://www.shodan.io/search?query=$TARGET" 2> /dev/null | |
# CENSYS | |
$BROWSER "https://www.censys.io/ipv4?q=$TARGET" 2> /dev/null | |
# ZONE-H | |
$BROWSER "https://www.google.ca/search?q=site:zone-h.org+$TARGET" 2> /dev/null | |
# XSSPOSED | |
$BROWSER "https://www.xssposed.org/search/?search=$TARGET&type=host" 2> /dev/null | |
# PUNKSPIDER | |
$BROWSER "https://securityheaders.io/?q=$TARGET" 2> /dev/null | |
# SSLLABS | |
$BROWSER "https://www.ssllabs.com/ssltest/analyze.html?d=$TARGET" 2> /dev/null | |
# HEADER CHECK | |
$BROWSER "https://securityheaders.io/?q=$TARGET" 2> /dev/null | |
fi | |
sleep 2 | |
# FIND LOGIN PAGES: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+username+OR+password+OR+login+OR+root+OR+admin" 2> /dev/null | |
# SEARCH FOR BACKDOORS: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:shell+OR+inurl:backdoor+OR+inurl:wso+OR+inurl:cmd+OR+shadow+OR+passwd+OR+boot.ini+OR+inurl:backdoor" 2> /dev/null | |
# FIND SETUP OR INSTALL FILES: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:readme+OR+inurl:license+OR+inurl:install+OR+inurl:setup+OR+inurl:config" 2> /dev/null | |
# FIND WORDPRESS PLUGINS/UPLOADS/DOWNLOADS: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:wp-+OR+inurl:plugin+OR+inurl:upload+OR+inurl:download" 2> /dev/null | |
# FIND OPEN REDIRECTS: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+inurl:redir+OR+inurl:url+OR+inurl:redirect+OR+inurl:return+OR+inurl:src=http+OR+inurl:r=http" 2> /dev/null | |
# FIND FILES BY EXTENSION: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:cgi+OR+ext:php+OR+ext:asp+OR+ext:aspx+OR+ext:jsp+OR+ext:jspx+OR+ext:swf+OR+ext:fla+OR+ext:xml" 2> /dev/null | |
# FIND DOCUMENTS BY EXTENSION: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:doc+OR+ext:docx+OR+ext:csv+OR+ext:pdf+OR+ext:txt+OR+ext:log+OR+ext:bak" 2> /dev/null | |
# FIND APACHE STRUTS RCE's: | |
#$BROWSER "https://www.google.ca/search?q=site:.$TARGET+ext:action+OR+struts" 2> /dev/null | |
# FIND PASTEBIN POSTS FOR DOMAIN: | |
#$BROWSER "https://www.google.ca/search?q=site:.pastebin.com+$TARGET" 2> /dev/null | |
# FIND EMPLOYEES ON LINKEDIN: | |
#$BROWSER "https://www.google.ca/search?q=site:.linkedin.com+employees+$TARGET" 2> /dev/null | |
# FIND ANY FILETYPES THAT MIGHT BE OF INTEREST TO US: doc/x, xls/x, pdf, txt, rtf | |
# -/.old, -/.bak, -/.orig, etc. | |
${BROWSER} "https://www.google.ca/search?q=site:.$TARGET+ext:pdf+|+ext:xls+|+ext:xlsx+|+ext:doc+|+ext:docx+|+ext:sql+|+ext:sqlite3+|+ext:zip+|+ext:rar+|+ext:gz+|+ext:gzip+|+ext:tgz+|+ext:tar+|+ext:7zip+|+ext:eml+|+ext:pst+|+ext:cnf+|+ext:conf+|+ext:bak+|+ext:txt+|+ext:ppt+|+ext:pptx+|+ext:rtf+|+ext:rar+|+ext:bak+|+ext:orig+|+ext:old+|+ext:log" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment