I was drinking last night and I happen to go upstairs to get something to eat. My brother and his friend were fucking around and they were asking about Hackthissite. I flew threw most of the missions for them, and wanted to kind of really show them what 'hacking' was all about. I went Google hacking because it's the easiest to show to someone. Now, being in the drunk state that I was, I was amazed to find myself thinking in this way.

There are thousands of vulnerabilities out on the net to date. Almost every single site is vulnerable to an exploit in some way or another. Malicious or not. There is a bug somewhere. I've always had that in mind, guys have any examples of finding something you weren't expecting?

I could never pass the 3rd example of hack this site...

An ATM with the default passwords. Lots of them actually.

crashed the entire walmart network with their stupid public terminals you can go to walmart.com on, they are thin clients but very unsecure. i accidentally locked up the machine. because it was a thin client it was connected to a main machine, when that machine crashes, so does the stores network. oops.

cant say much bout this second one, but a large social networking site years back had a particular flaw that allowed me access to their remote management for their sql database. i had every user, password, etc..at my finger tips. i notified them of the flaw. came to an agreement that they would not press charges as long as i dont give out any info as to which site it was. it would have been very embarrassing for news like that to get out, and would have hurt their business a great deal.

other than that, i cant really think of anything that would be interesting.

control/userimage.html (http://www.google.com/search?q=control/userimage.html)
inurl:indexframe.shtml (http://www.google.com/search?q=inurl:indexframe.shtml)
inurl:"MultiCameraFrame?Mode=" (http://www.google.nl/search?hl=nl&q=inurl%3A%22MultiCameraFrame%3FMode%3D%22&btnG=Zoeken&meta=)
inurl:"view/index.shtml" (http://www.google.com/search?q=inurl:%22view/index.shtml%22)
inurl:"view/indexFrame.shtml" (http://www.google.com/search?q=inurl:%22view/indexFrame.shtml%22)
inurl:view/view.shtml (http://www.google.com/search?q=inurl%3Aview%2Fview.shtml%22)
inurl:/view/view.shtml?videos= (http://www.google.nl/search?hl=nl&q=inurl%3A%2Fview%2Fview.shtml%3Fvideos%3D&btnG=Zoeken&meta=)
inurl:ViewerFrame?Mode= (http://www.google.com/search?q=inurl%3AViewerFrame%3FMode%3D%22)
inurl:ViewerFrame?Mode=Motion (http://www.google.com/search?q=inurl:ViewerFrame?Mode=Motion%22)
inurl:ViewerFrame?Mode=Refresh (http://www.google.com/search?q=inurl%3AViewerFrame%3FMode%3DRefresh%22)
liveapplet (http://www.google.com/search?q=liveapplet%22)

Axis Cameras


/view/view.shtml axis (http://www.google.com/search?q=/view/view.shtml%20axis&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"adding live video to one of your own pages a very easy task with an AXIS 2100 Network Camera" (http://www.google.com/search?q=%22adding%20live%20video%20to%20one%20of% 20your%20own%20pages%20a%20very%20easy%20task%20wi th%20an%20AXIS%202100%20Network%20Camera%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"Your browser has JavaScript turned off.For the user interface to work effectively" (http://www.google.com/search?q=%22Your%20browser%20has%20JavaScript%20tu rned%20off.For%20the%20user%20interface%20to%20wor k%20effectively%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
indexFrame.html axis (http://www.google.com/search?q=indexFrame.html%20axis&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"Live web imaging unleashed" (http://www.google.com/search?q=%22Live%20web%20imaging%20unleashed%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

Canon Cameras

sample/LvAppl/ (http://www.google.com/search?q=sample/LvAppl/&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

MOBOTIX Cameras

control/userimage.html (http://www.google.com/search?q=control/userimage.html&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

Advertizing (http://66.134.238.114/mjpg/video.mjpg) (USA) somewhere in California >
JVC Cameras


"(c)copyright 1999-2003 VICTOR COMPANY OF JAPAN, LIMITED. All rights reserved" (http://www.google.com/search?q=%22%28c%29copyright%201999-2003%20VICTOR%20COMPANY%20OF%20JAPAN,%20LIMITED.%2 0All%20rights%20reserved%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"V.Networks [Motion Picture(Java)" (http://www.google.com/search?q=%22V.Networks%20%5BMotion%20Picture%28Jav a%29%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"Control the Pan/Tilt and move to the Preset Position" (http://www.google.com/search?q=%22Control%20the%20Pan/Tilt%20and%20move%20to%20the%20Preset%20Position%2 2&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

FlexWatch Cameras

/app/idxas.html (http://www.google.com/search?q=/app/idxas.html&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)
"Saving & Retrieving Mode" (http://www.google.com/search?q=%22Saving%20%26%20Retrieving%20Mode%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

Panasonic Cameras


/ViewerFrame?Mode=Motion (http://www.google.com/search?q=/ViewerFrame?Mode=Motion&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

Toshiba Cameras


"TOSHIBA Network Camera - User Login" (http://www.google.com/search?q=%22TOSHIBA%20Network%20Camera%20-%20User%20Login%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

Sony Cameras


/home/homeJ.html (http://www.google.com/search?q=/home/homeJ.html&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

WebcamXP Software


"my webcamXP server!" (http://www.google.com/search?q=%22my%20webcamXP%20server%21%22&hl=en&filter=0&num=10&lr=all&cr=&source=ggsearch)

In Title: allintitle: Network Camera NetworkCamera (http://www.google.com/search?q=allintitle:%22Network)
intitle:liveapplet (http://www.google.com/search?q=allintitle:liveapplet%22)
intitle:"WJ-NT104 Main" (http://www.google.com/search?q=intitle:%22WJ-NT104)
intitle:"snc-rz30 home" (http://www.google.com/search?q=intitle:%22snc-rz30)
Two searches in one order:
intitle:"live view" intitle:axis (ttp://www.google.com/search?q=intitle%3A%22live%20view%22%20intitle%3Aa xis) (two searches in one order)
intitle:axis intitle:"video server" (http://www.google.com/search?q=intitle%3Aaxis%20intitle%3A%22video%20ser ver%22%22)
Salzgitter-Lebenstedt (http://217.13.171.25:443/view/view.shtml) (Germany) Shop >
Combination:
camera linksys inurl:main.cgi (http://www.google.com/search?q=camera+linksys+inurl%3Amain.cgi)
intitle:"active webcam page" (http://www.google.com/search?q=intitle%3A%22active+webcam+page%22)
intitle:"EvoCam" inurl:"webcam.html" (http://www.google.com/search?q=intitle%3A%22EvoCam%22+inurl%3A%22webcam. html%22)
Display Cameras intitle:"Express6 Live Image" (http://www.google.com/search?q=Display+Cameras+intitle%3A%22Express6+Liv e+Image%22)

intitle:liveapplet inurl:LvAppl (http://www.google.com/search?q=intitle%3Aliveapplet+inurl%3ALvAppl)
intitle:"my webcamXP server!" inurl:":8080" (http://www.google.com/search?q=intitle%3A%22my+webcamXP+server%21%22+inu rl%3A%22%3A8080%22)
intitle:"Network Camera" inurl:ViewerFrame (http://www.google.com/search?q=intitle%3A%22Network%20Camera%22%20inurl% 3AViewerFrame)
intitle:snc-z20 inurl:home/ (http://www.google.com/search?q=intitle%3Asnc-z20+inurl%3Ahome%2F)
intitle:snc-rz30 inurl:home/ (http://www.google.com/search?q=intitle%3Asnc-rz30+inurl%3Ahome%2F)
intitle:"toshiba network camera - User Login" (http://www.google.com/search?q=intitle%3A%22toshiba+network+camera+-+User+Login%22)
intitle:"Live View / - AXIS" | inurl:view/view.shtml (http://www.google.com/search?q=intitle%3A%22Live+View+%2F+-+AXIS%22+%7C+inurl%3Aview%2Fview.shtml)
intitle:"WJ-NT104 Main Page" (http://www.google.com/search?q=intitle%3A%22WJ-NT104+Main+Page%22)
inurl:"ViewerFrame?Mode=" (http://www.google.com/search?q=inurl%3A%22ViewerFrame%3FMode%3D%22)
site:.viewnetcam.com (http://www.google.com/search?q=site%3A.viewnetcam.com)
tilt intitle:"Live View / - AXIS" | inurl:view/view.shtml (http://www.google.com/search?q=tilt+intitle%3A%22Live+View+%2F+-+AXIS%22+%7C+inurl%3Aview%2Fview.shtml)







(http://www.google.com/search?q=tilt+intitle%3A%22Live+View+%2F+-+AXIS%22+%7C+inurl%3Aview%2Fview.shtml)