通过METAGOOFIL搜索敏感数据

  • A+
所属分类:未分类

METAGOOFIL INTRO: -

Metagoofil是一种旨在收集信息的工具。 目标网站的公共文件(pdf.doc,ppt)等信息。 metagoofil使用谷歌搜索信息并将文件下载到攻击者的本地磁盘。 metagoofil生成包含用户名,软件版本和服务或文档的报告。

国际网络安全研究所的道德黑客研究员表示,metagoofil可用于分析目标,因为它提供了大量信息。

  • 这个工具预先安装在kali linux中,所以你必须只更新python的库。 用于更新python类型的库sudo apt-get update 然后键入s udo apt-get install python-extract。
  • 输入metagoofil 
  iicybersecurity @ kali:〜$ metagoofil




 ************************************************** ****

 * / \ / \ ___ |  | _ __ _ __ _ ___ ___ / _(_)|  *

 * / \ / _ \ __ / _` | / _` | / _ \ / _ \ |  | _ |  |  |  *

 * / / \ / \ _ \ _ / ||  (_ | |(_ | |(_)|(_)| _ | | | *

 * \ / \ / \ ___ | \ _ __ \ __,_ | \ __,| \ ___ / \ ___ / | _ |  | _ | _ |  *

 * | ___ / *

 * Metagoofil Ver 2.2 *

 * Christian Martorella *

 * Edge-Security.com *

 * cmartorella_at_edge-security.com *

 ************************************************** ****




 用法:metagoofil选项




 -d:要搜索的域

 -t:要下载的文件类型(pdf,doc,xls,ppt,odp,ods,docx,xl​​sx,pptx)

 -l:搜索结果的限制(默认为200)

 -h:使用目录中的文档(使用“yes”进行本地分析)

 -n:要下载的文件的限制

 -o:工作目录(保存下载文件的位置)

 -f:输出文件




 例子:

 metagoofil -d apple.com -t doc,pdf -l 200 -n 50 -o applefiles -f results.html

 metagoofil -h yes -o applefiles -f results.html(local dir analysis)
  • 类型: -

metagoofil -d testsite.com -t doc,pdf -l 200 -n 50 -o / home / iicybersecurity -f test.html 

  root @ kali:/ home / iicybersecurity# metagoofil -d testsite.com -t doc,pdf -l 200 -n 50 -o / home / iicybersecurity -f test.html




 ************************************************** ****

 * / \ / \ ___ |  | _ __ _ __ _ ___ ___ / _(_)|  *

 * / \ / _ \ __ / _` | / _` | / _ \ / _ \ |  | _ |  |  |  *

 * / / \ / \ _ \ _ / ||  (_ | |(_ | |(_)|(_)| _ | | | *

 * \ / \ / \ ___ | \ _ __ \ __,_ | \ __,| \ ___ / \ ___ / | _ |  | _ | _ |  *

 * | ___ / *

 * Metagoofil Ver 2.2 *

 * Christian Martorella *

 * Edge-Security.com *

 * cmartorella_at_edge-security.com *

 ************************************************** ****




 [ - ]开始在线搜索...




 [ - ]搜索doc文件,限制为200

 搜索100个结果......

 搜索200个结果......

 结果:找到19个文件

 开始下载50个:

 ----------------------------------------




 [1/50] / webhp?hl = en-IN

 [x]下载/ webhp时出错?hl = en-IN

 [2/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21395573%26aid%3D1

 [x]解析过程出错

 [3/50] ftp://public.dhe.testsite.com/systems/support/system_i/tools/How_to_modify_PUA.doc

 [4/50] https://www.testsite.com/developerworks/cn/linux/sdk/php/zend/Zend_Engine_2.0_CN.doc

 [5/50] ftp://ftp.software.testsite.com/software/mktsupport/techdocs/mqsmon.doc

 [6/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture310.doc

 [7/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture40.doc

 [8/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture41.doc

 [x]下载ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture41.doc时出错

 [9/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg27040224%26aid%3D13

 [x]解析过程出错

 [10/50] ftp://ftp.software.testsite.com/software/mktsupport/techdocs/testsite-aci_sizing_questionnaire_040602.doc

 [11/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dtss1prs723%26aid%3D1

 [x]解析过程出错

 [12/50] http://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21137018%26aid%3D19

 [x]解析过程出错

 [13/50] http://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21335986%26aid%3D1

 [x]解析过程出错

 [14/50] /support/websearch/bin/answer.py?answer=134479

 [x]下载/support/websearch/bin/answer.py?answer=134479时出错

 [15/50] / tools / feedback / survey / html?productId = 196

 [x]下载错误/工具/反馈/调查/ html?productId = 196

 [16/50] / intl / en / ads

 [x]下载/ intl / en / ads时出错

 [17/50] /服务

 [x]下载/服务出错

 [18/50] / intl / en / policies / privacy /

 [19/50] / intl / en / policies / terms /




 [ - ]搜索pdf文件,限制为200

 搜索100个结果......

 搜索200个结果......

 结果:找到141个文件

 开始下载50个:

 ----------------------------------------




 [1/50] / webhp?hl = en-IN

 [x]下载/ webhp时出错?hl = en-IN

 [2/50] https://www.testsite.com/support/customer/pdf/csa_fr.pdf

 [x]解析过程出错

 [3/50] https://www.testsite.com/support/customer/pdf/cra_programs_tn.pdf

 [x]解析过程出错

 [4/50] http://www.redbooks.testsite.com/redbooks/pdfs/sg247212.pdf

 [5/50] https://www.testsite.com/support/customer/pdf/machines_agreement_us.pdf

 [6/50] https://www.testsite.com/support/customer/pdf/aeci_cn.pdf

 [x]解析过程出错

 [7/50] https://www.testsite.com/testsite/environment/annual/TESTSITE_CorpResp_2002.pdf

 [8/50] https://www.testsite.com/support/customer/pdf/dpa_jp.pdf

 [x]解析过程出错

 [9/50] https://www.testsite.com/support/customer/pdf/dpa_it.pdf

 [x]解析过程出错

 [10/50] https://www.testsite.com/support/customer/pdf/aeci_tw.pdf

 [x]解析过程出错

 [11/50] https://www.testsite.com/support/customer/pdf/ica_us.pdf

 [12/50] https://www.testsite.com/support/customer/pdf/testsite_hourly_service_us.pdf

 [x]解析过程出错

 [13/50] https://www.testsite.com/support/customer/pdf/csa_us.pdf

 [x]解析过程出错

 [14/50] https://www.testsite.com/support/customer/pdf/dpa_en.pdf

 [x]解析过程出错

 [15/50] https://www.testsite.com/support/customer/pdf/ica_bg_en.pdf

 [16/50] https://www.testsite.com/support/customer/pdf/dpa_de.pdf

 [x]解析过程出错

 [17/50] https://www.testsite.com/support/customer/pdf/dpa_sv.pdf

 [x]解析过程出错

 [18/50] https://www.testsite.com/support/customer/pdf/cra_services_de.pdf

 [x]解析过程出错

 [19/50] https://www.testsite.com/support/customer/pdf/csa_nl_nl.pdf

 [x]解析过程出错

 [20/50] https://www.testsite.com/support/customer/pdf/dpa_es_co.pdf

 [x]解析过程出错

 [21/50] https://www.testsite.com/support/customer/pdf/cra_us.pdf

 [x]解析过程出错

 [22/50] https://www.testsite.com/support/customer/pdf/aeci_us.pdf

 [23/50] http://www.vm.testsite.com/vm40hist.pdf

 [24/50] http://www-07.testsite.com/ap/partnerworld/pdf/GX_intro_for_engineer.pdf

 [25/50] http://www-07.testsite.com/ap/partnerworld/pdf/basic_ips_ids_fw_av_differance.pdf

 [26/50] https://www-03.testsite.com/testsite/history/documents/pdf/strategy.pdf

 [27/50] ftp://public.dhe.testsite.com/software/au/analytics/wp_7_risk_dashboards_banks_need.pdf

 [28/50] ftp://ftp.software.testsite.com/software/uk/pdf/19173A_Deloitte_Analytics_Open_Data_June_2012.pdf

 [29/50] https://www-03.testsite.com/testsite/history/documents/pdf/hr.pdf

 [30/50] https://www.testsite.com/midmarket/tw/zh/att/pdf/midmarket_excute_improvefinancing.pdf

 [31/50] http://www-05.testsite.com/si/storage_management/pdf/gartner_-_the_road_to_infrastructure_and_operations_maturity_through_service_management.pdf

 [32/50] https://www-03.testsite.com/testsite/history/documents/pdf/glossary.pdf

 [33/50] https://www-03.testsite.com/testsite/history/documents/pdf/as400.pdf

 [34/50] https://www-03.testsite.com/testsite/history/documents/pdf/management.pdf

 [35/50] http://www-07.testsite.com/solutions/au/healthcare/pdf/TESTSITE_Cognos_white_paper_performance_management_in_healthcare.pdf

 [36/50] https://www-03.testsite.com/testsite/history/documents/pdf/gservices.pdf

 [37/50] https://www-03.testsite.com/testsite/history/documents/pdf/rs6000.pdf

 [38/50] https://www-03.testsite.com/testsite/history/documents/pdf/emea.pdf

 [39/50] https://www.redbooks.testsite.com/technotes/tips0938_zh.pdf

 [40/50] https://www.redbooks.testsite.com/technotes/tips0832.pdf

 [x]解析过程出错

 [41/50] http://www.redbooks.testsite.com/technotes/tips1261.pdf

 [42/50] http://www.redbooks.testsite.com/technotes/tips1341.pdf

 [x]解析过程出错

 [43/50] http://www.redbooks.testsite.com/technotes/tips1128.pdf

 [x]解析过程出错

 [44/50] http://www.testsite.com/kr/sc2015/Commerce_Part2.pdf

 [45/50] http://www.redbooks.testsite.com/technotes/tips1127.pdf

 [46/50] http://www.redbooks.testsite.com/technotes/tips1355.pdf

 [47/50] https://www.vm.testsite.com/pubs/hcsf8b22.pdf

 [x]下载https://www.vm.testsite.com/pubs/hcsf8b22.pdf时出错

 [48/50] https://www-03.testsite.com/testsite/history/witexhibit/pdf/amy_background.pdf

 [x]解析过程出错

 [49/50] http://www.redbooks.testsite.com/technotes/tips1039.pdf

 [50/50] http://www.redbooks.testsite.com/technotes/tips1350.pdf

 处理




 [+]找到的用户列表:

 --------------------------

 Phil Einspahr

 

 Patrick Chen Wang

 dwdev

 哈尔斯蒂尔斯

 Techline Tivoli

 凡纳

 ptnguyen

 凡纳

 特里里根

 测试网站/ ACI

 TESTSITE_User

 测试网站

 ernies

 ▒▒

 TESTSITE_USER

 ▒▒Janet休斯

 ▒▒BillBitner

 TESTSITE ISS

 AA511816

 jmusial

 TESTSITE商业智能和绩效管理▒901112▒RS

 chbaker

 dfox

 Rob Young 802594

 vkey1

 korlando

 ▒▒▒(▒▒

 JKESTLE

 KEENAN

 bdufrasne

 Marcela Adan_TESTSITE




 [+]找到的软件列表:

 -----------------------------

 Microsoft Office Word

 Microsoft Word 10.0

 Microsoft Word 9.0

 Microsoft Word 9.0

 Microsoft Office Word

 Microsoft Word 9.0

 Acrobat Distiller 7.0(Windows)

 FrameMaker 7.1

 Acrobat Distiller 7.0.5(Windows)

 PScript5.dll版本5.2.2

 QuarkXPress(tm)6.0

 ▒▒TESTSITELotusSymphony 3.0

 ▒▒TESTSITELotusSymphony Documents

 Acrobat Distiller 5.0.5(Windows)

 Acrobat PDFMaker 5.0 for Word

 GPL Ghostscript 9.05

 ▒▒PDFCreator版本1.3.2

 Acrobat Distiller 8.1.0(Windows)

 适用于Windows的Acrobat Distiller 4.05

 Adobeps4.drv版本4.50

 Adobe PDF Library 8.0

 Adobe InDesign CS3(5.0.3)

 Adobe PDF Library 9.9

 Adobe InDesign CS5.5(7.5.1)

 Adobe Acrobat 8​​.1

 Adobe InDesign CS3(5.0.4)

 QuarkXPress:pictwpstops过滤器1.0

 Pscript.dll版本5.0

 QuarkXPress(tm)6.5

 PScript5.dll版本5.2

 Acrobat Elements 8.0.0(Windows)

 ▒▒Microsoft▒PowerPoint▒2013

 Acrobat Distiller 9.5.1(Windows)

 Acrobat Distiller 15.0(Windows)

 Acrobat Distiller 9.4.6(Windows)













 [+]找到的路径和服务器列表:

 ---------------------------------------

 的normal.dotm

 “”

 Normal.dot

 'C:\ Documents \ Dan Coffey  -  WB RFP \ RFP MQSeries Monitoring and Management.doc'

 'C:\ Documents and Settings \ alee \ My Documents \ Work \ RFP's \ P&A \ RFP MQSeries Monitoring and Management.doc'

 正常

 'C:\ WINNT \ Profiles \ TREAGAN \ Application Data \ Microsoft \ Word \ AutoRecovery保存扫描驱动程序支持指南 - 捕获310.asd'

 'C:\ WINNT \ Profiles \ TREAGAN \ Capture \扫描驱动程序支持指南 -  Capture 310.doc'

 'C:\ WINNT \ Profiles \ ptnguyen \ Desktop \ Scan驱动程序支持指南 -  Capture 310.doc'

 'C:\ Documents and Settings \ Administrator \ My Documents \ TESTSITE-ACI Sizing Questionnaire ACI.DOC'

 'C:\ $ USER \ TESTSITE-ACI调整大小问卷ACI.DOC'

 'C:\ $ USER \ TESTSITE-ACI调整大小问卷040602.DOC'

 'C:\ Documents and Settings \ Administrator \ My Documents \ lc \ Sizing Questionnaires \ TESTSITE-ACI Sizing Questionnaire 040602.DOC'

 'C:\ Documents and Settings \ Administrator \ Application Data \ Microsoft \ Word \ AutoRecovery save of TESTSITE-ACI Sizing Questionnaire 040602.asd'




 [+]发现的电子邮件列表:

 ----------------------------

 redbook@us.testsite.com

 JMSImportOut@esbNode.server1-SCA.APPLICATION.esbCell.Bus。

 service@itsobooks.com

 bitnerb@us.testsite.com

 sgreenle@us.testsite.com

 isssales@jp.testsite.com

 ISSSales@jp.testsite.com

 isssales@jp.testsite.com

 ISSSales@jp.testsite.com

 redbook@us.testsite.com

 redbooks@us.testsite.com

 redbooks@us.testsite.com

 user1@emaildomain.com

 user2@emaildomain.com

 redbooks@us.testsite.com

 redbook@us.testsite.com

 redbooks@us.testsite.com
  • 执行上述查询后,找到了可用于信息收集的电子邮件,路径和服务器,软件,文档 - pdf,doc。
  • 以下是从目标网站下载的文件。 此信息可用于其他黑客活动。

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: