Category: Hacking

How to Transfer Files from Windows PC to Linux Server Using Putty’s PSCP Command

Many blogs and web applications are being hosted on cloud based web servers. Of those web servers, many are running some flavor of the Linux operating system (OS).

If you’re a Windows PC user who is using a Linux web server for your online project then you have unique challenge that comes with being a dual OS user.

How will we transfer our files from our Windows development PC to our Linux cloud hosted blog or web app? Enter Putty and the PSCP command line tool!

What is Putty?

Putty is a Client application that handles connections to remote computers via the Telnet, SFTP and SSH protocols.

Putty Screenshot

What is PSCP?

PSCP is a command line application that is typically included in the Putty installation. PSCP transfers files between two computers from the Windows command line as long as firewalls allow the traffic on the designated ports for each type of traffic.

Transferring Files with PSCP from the Command Line

If you’ve installed Putty in the default directory, it will be here.

C:\Program Files\PuTTY

Open a Windows command line by clicking on the Windows start menu icon then entering “cmd” in the search field then find and click on the cmd icon.

Navigate to the Putty Directory by entering the command below.

C:\>CD c:\Program Files\Putty

Let’s look at an example PSCP command to transfer a file from a Windows PC to a Linux cloud web server with a fake user named root, IP of 45.99.99.99 and a target folder of /var/www/html

PSCP Copy Files from Windows PC to Linux Web Server Example

PSCP Command Line Example:

c:\>C:\Program Files\Putty\pscp c:\temp\sample.txt root@45.99.99.99:/var/www./html

Copying Files from Linux Web Server to Window PC

C:\Program Files\PuTTY>pscp root@45.99.99.99:/var/log/apache2/access.* c:\temp
 >root@45.99.99.99's password: [Enter Your Password]

That’s all you should need to know about connecting to a Linux cloud based web server from a Windows PC using the Putty SSH client.

Hope this helps you on your Cyber journey!

~Cyber Abyss

Google Dorks! Finding Hidden Sites & Files in Google Search Results!

While most of us would consider ourselves pretty good Googlers these days, truth is, there is so much more to Google searching than meets the eye.

Entering Google Dorking Commands also known as Google hacking is about searching Google in a way that filters and brings all sorts or OSINT and InfoSec goodies floating to the top.

Let me start by saying the title might be a little off, as the files are not technically hidden as much as they are obscure.

While most of us would consider ourselves pretty good Googlers these days, the truth is, there is so much more to Google searching than meets the eye.

Introducing Google Dorking

Yes, I said it Google Dorking and it’s not what you might think. Sounds dirty, right? It’s not just me. LOL

Entering Google Dorking Commands also known as Google hacking is about searching Google in a way that filters and brings all sorts or OSINT and InfoSec goodies floating to the top.

Think Before You Dork!!!

Although the information my be available on Google, it does not mean you can use that information to try and hack or gain unauthorized access to a system or individual computer.

Hacking is illegal, don’t do it, don’t talk about it.

With that being said, please be careful, be responsible and please enjoy these Google Dorking Examples for educational purposes.

What Kinds of Trouble You Can Find by Goolge Dorking?

Using the Google Dorks commands on this page I was able to find this open camera in down town Tehran, Iran. This all started in May of 2021. See screenshots below.

Again, be careful what you Dork and where you go. A visit to this camera got me a reverse probe XSS attack from Iranian Intelligence. That was fun!

Google Dorks for user names and password in log files

Below are popular Google Dorks I’ve collected but there may be more out there so my advice is to never stop looking.

You can also find more Dorks on popular hacking website like the Google Hacking Database (GHD).

allintext:username filetype:log

Open FTP Servers

intitle:"index of" inurl:ftp

Open Web Cams

Intitle:"webcamXP 5"

inurl:view/index.shtml

Database Passwords

db_password filetype:env

Git-hub Resources

filetype:inc php -site:github.com -site:sourceforge.net

PHP Variables

filetype:php "Notice: Undefined variable: data in" -forum

Server Configuration Files

intitle:"WAMPSERVER homepage" "Server Configuration" "Apache Version"

Nessus Scan Reports

intitle:"report" ("qualys"|"acunetix"|"nessus"|"netsparker"|"nmap") filetype:pdf

Networking Excel Xls Files

ext:xls netoworking

FrontPage Servers w/ Admin Info

"#-Frontpage-" inurl:administrators.pwd

Unprotected Cameras

inurl:view/index.shtml

Hidden Login Pages

Username password site:com filetype:txt DomainName.com

Domains and Subdomains

site:*.site.com -www
site:*.*.site.com -www
site:*.*.*.site.com -www

Google Dorking Video by Null Byte

Hope this helps somebody!
~Cyber Abyss