What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front


Beginners' Series Number 8 part 2 (click here for part 1)

Browser Hacking Using Search Engines
by Carolyn Meinel

In this Guide you will learn about:

  • Finding Music Files without Using Peer-to_Peer Programs
  • How to Find Password Files
  • How to Get into a Site that Seems to Be Shut Down
  • The Amazing World of Cgi-bin
  • How to Download System Programs
  • Admin Directories
  • Checking Email Security
  • What All This Means for Computer Security
  • How can you find parts of Internet servers that are normally hidden from your browser? Dionisis Sir recently wrote to me,

    Sometimes search engines like Yahoo or Google can do the hard work for us. For example if we give to Google: intitle:"Index of administrators.pwd" it will give us back some very interesting results.

    Now even better we can give: intitle:"Index of /etc/"

    If we use our imagination we can give intitle:"Index of /etc/group" and bingo!! There are many combinations we can think like: intitle:"Index of /cgi-bin/" or cgi-bin/etc or, or, or....!!

    There are a number of web tutorials on how to use search engines to find computers that let your browser just walk in and look at and download almost anything, even things that aren't on their web sites. You can learn a great deal about how an Internet server works by using these techniques. In this Guide we go a few steps further than these tutorials. We also show what to do after finding interesting servers, and how to enjoy them without getting into trouble.

    How to Find Hidden Music Files

    Let's start with something fun and useful. You can get sued or infected by viruses by using a peer-to-peer file program to download music from other folks, home computers. However, there are many Internet servers that offer free, legal music. Here's a way to find even the most obscure of them, even find files that aren't listed on the web page associated with the download site. Most ftp servers (which offer downloads) keep everything in a directory called ftproot.

    Try a Google search on inurl:ftproot. Here's one I found.

    Using a download site such as this is pretty good insurance against getting sued for music piracy. Although some sleazy web sites do offer pirated music files, they get shut down fast. In this case, by using the "Index of" search trick, you have found a way to view the web site that tells you the dates of its files. This site has clearly been in business a long time. This suggests it isn't a piracy site.

    Most importantly, you can read the date of each individual music file. If it is before 2003, you can be pretty sure it isn't one of those fingerprinted files the RIAA is using to catch pirates. And if you swear off using peer-to-peer file sharing programs entirely, no one is going to be able to use these programs to snoop on your hard drive.

    More --->>

    Why do we freely give out information that even the total beginner may use as a two-edged sword of cyberspace power? We do this "to turn over to mankind at large the greatest possible power to control the world and deal with it according to its lights and values." -- Robert J. Oppenheimer, head of the Manhattan Project, which created the world's first nuclear weapons.  

    Carolyn's most
    popular book,
    in 4th edition now!
    For advanced
    hacker studies,
    read Carolyn's
    Google Groups
    Subscribe to Happy Hacker
    Visit this group

    Return to the index of Guides to (mostly) Harmless Hacking!

    © 2013 Happy Hacker All rights reserved.