Email Techs

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 16 November 2009

How To View Hidden Directories In A Website Using Robots.txt

Posted on 09:11 by Unknown

Many a times in hacking you need to know the web directories. But its hard to find it out as a server might contain uncountable no. of Directories in it.
But a major hole in this security is the Robots.txt
google-bot

What is Robots.txt


Robot.txt is the file in the [ wwwroot ]of a server to define the Bots the Functionality on the website.

There are many Bots on the internet like the most famous are Google Search Engine BOT aka Google Spider , Yahoo Search Engine Bot and many others.
What robots.txt do is that it gives orders to the Bot on how to spider on the website….

Now you may ask what’s the use of Robots.txt file.
Well it is used by webmasters to add functionality to the upcoming bots on there website and also to hide the directories in the website and where the Bot should not go and spider.


Analyzing Robots.txt For Hacking Stuff


Well its really simple, the first question you would ask is Where is robots.txt Located ?
The answer is its in the [ WWWROOT ].

Don't Understand till yet , its in the main Directory.
Lets take the example of Hacker The Dude Website ;)

 

http://www.hackerthedude.blogspot.com/robots.txt

 

Go Ahead and type it in the Address bar of your Browser then what do you see,


2009-11-16_215602

 

Do you see that , this is the Robots.txt for the Hacker the dude website Now lets first Analyze this Robots.txt

First Line :-

User-agent: Mediapartners-Google

This means that the above statements are given for the Google Search Engine Bot i.e. Google Spider.

Second Line :-

Disallow:

This mean that nothing is disallowed to the Google Bot, Remember these Orders are given to the Google bot only not other bots.

Third Line :-

User-agent: *

This means that now all the bots coming to the blog will follow these rules.note that previous rules were for only Google Bot.

Fourth Line :-

Disallow: /search

This means that all the bots will not spider the files under the directory /search in the following Blog.

Fifth Line :-

Sitemap: http://hackerthedude.blogspot.com/feeds/posts/default?orderby=updated

This is basically my blogs sitemap. Not very important.

Working Demo


Now lets test Robots.txt files of various well known websites.

1. Mine Favorite = Google !!

LINK

Now you would see some very useful links in it for example, in termas of the hacking its very useful to know more about our Victim.

Allow: /profiles
Disallow: /katrina?
Disallow: /tbproxy/

Hell, Google Knows Katrina Kaif :D

 

Conclusion

Now that you have seen the working demo and the uses and the read the whole article then you would be pretty sure on how we are going to find the vulnerability in a website without even first hacking it.

btw I Love Robos.txt

Happy Hacking @hackerthedude
Email ThisBlogThis!Share to XShare to Facebook
Posted in Hacking, Pro Hacks | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • New iPhone Worm That Attacks Jail Broken iPhones Also
    Well its again the iPhone which have come to the headlines again , But this time the apple is really pissed of with the kind of work the Ha...
  • Ophcrack Guide : Hack Any Password In Windows
    There might be many times you have heard of Ophcrack, now what is actually it well is a popular to crack passwords in windows. Many...
  • ‘New Moon” Fans Beware Of Hackers
    We are Getting Constant Rumors from many places that Hackers are going to target the the fans of the upcoming movie “New Moon” ...
  • Modern Warfare 2 Hacked By Hackers Now Up For Sale
    Looks like our hackers mate out there have now come with some cool shit, Its the New COD : MODERN WARFARE 2 which is the continuation o...
  • Official Indian Army Website –“Safe From Hackers”
    The new website for the Indian army (IA) have been launched and the authorities are saying it is really safe from any Hackers Activity. ...
  • Dear Mozilla, Please “DONT” fix this. [Pic]
    Today only i found this pic on Digg and i thought there should be a “DONT” in it. isn't it ? ..
  • Norton And Kaspersky On Commercial Fight For Security Suit’s 2010
    When there is Cyber crime there are antivirus and after that there is a fight in between them. You all be knowing about the two most pop...
  • Ubisoft Hacked : Fake or Real ?
    Some days ago we got news about Ubisoft being hacked by some hackers and was being believed till yet but after then some news breached out...
  • Peer Block : Safeguard Yourself From Harmful Server’s
    Have you ever heard of a software called Peer Guardian . So do you know what it is actually well here is the guide for you guys. Peer G...
  • 30 Million Facebook, MySpace, and Orkut ID’s Hacked
    Hackers Have crossed the security boundaries of a widget and multi-social networking based company RockYou.com which host many users from s...

Categories

  • Broadband
  • cyberwar
  • Ebooks
  • email
  • Gamers
  • Guides
  • Hacked
  • Hacker The Dude News
  • Hacking
  • Hacking Software
  • keylogger
  • Misc
  • Mobie's
  • News
  • Orkut
  • PHP
  • Pics
  • Pro Hacks
  • Small Hacks
  • Stylize
  • Tools
  • Torrent
  • Tricks
  • Twitter
  • Video's
  • Virus's
  • Weekly Top 10 Internet Tools
  • Windows
  • XSS

Blog Archive

  • ►  2010 (32)
    • ►  March (7)
    • ►  February (3)
    • ►  January (22)
  • ▼  2009 (123)
    • ►  December (34)
    • ▼  November (30)
      • Mininova : Is No More Our Old Mininova Limits To C...
      • Proper use of English could get a virus past security
      • Norton And Kaspersky On Commercial Fight For Secur...
      • Httpry : Specialized Packet Sniffer And Logger
      • Some Delights Of Yahoo! Open Hack Day – Indonesia ...
      • How To Create Autorun.inf For Your Pendrive – Auto...
      • Hacker Attacks Shaolin Temple – Kung Fu Hacking
      • Darren Kitchen On Hackers Vs Cyber Criminals [Video]
      • 2009 Is The Year Of Biggest Data Breach's Ever Say...
      • John Matherly Launches Shodan : A Computer Search ...
      • Angry IP Scanner : Best IP And Port Scanner For Ha...
      • New BIOS Virus Which Can Make Your Anti-Virus Useless
      • Reversing JavaScript Shellcode: A Step By Step Tut...
      • Is Google Chrome OS Really Leaked
      • Office Mal Scanner : Scan All Your Documents From ...
      • ‘New Moon” Fans Beware Of Hackers
      • Metasploit Framework 3.3 Released !
      • How To Create A Invisible Account In Windows XP
      • How To View Hidden Directories In A Website Using ...
      • How To Manage Multiple Gmail Accounts In FireFox
      • Official Indian Army Website –“Safe From Hackers”
      • Alun Jones On SSL MITM Attack –The HTTPS Attack’s
      • New iPhone Worm That Attacks Jail Broken iPhones Also
      • Peer Block : Safeguard Yourself From Harmful Server’s
      • Modern Warfare 2 Hacked By Hackers Now Up For Sale
      • Zero Day DoS Attack on Multiple Browsers across al...
      • Ophcrack Guide : Hack Any Password In Windows
      • Advanced MySQL Exploitation
      • uTorrent 2 To Speed Downloading By Fixing ISP Thro...
      • Swedish Police Under Cyber Attack : DDos Hits
    • ►  October (24)
    • ►  September (9)
    • ►  August (6)
    • ►  July (1)
    • ►  June (3)
    • ►  May (16)
Powered by Blogger.

About Me

Unknown
View my complete profile