All the great things are simple, and many can be expressed in a single word: freedom, justice, honor, duty, mercy, hope.

Thursday, July 18, 2013

Information Gathering Using FOCA

Last month I put some of tutorial on Information gathering which is first step of penetration testing  , & today we will go ahead in this series . As you know Backtrack has all tools for penetration testing , but this tool is not come with backtrack ; It`s very powerful  tool for information gathering and its name is FOCA (Fingerprinting Organizations with Collected Ar­chieves). It is windows based  tool ; you can install it in linux with help of wine. But i used it in windows  , you can find here “how to install foca inbacktrack?


What kind of data can be found? 

•Metadata:
–Information stored to give information about the document.
•For example: Creator, Organization, etc..
•Hidden information:
–Information internally stored by programs and not editable.
•For example: Template paths, Printers, db structure, etc…
•Lost data:
–Information which is in documents due to human mistakes or negligence, because it was not intended to be there.
•For example: Links to internal servers, data hidden by format, etc…

Download:-

(1)Go to official website here.
(2)Enter your valid email address at end of page & you will receive email which contain Download link.
(3)Install Foca by running setup.

Sample Example of FOCA:-

(1)Open foca click on create new project.
(2)Enter project name & domain name & click on create.


(3)On right side you can see different file types which will be searching in given domain. Select which file type you want to search &  click on search.

(4)As you can see in above image ; it will find different files from domain using google & bing search engine.


(5)Then right click on file & download it &then again right click on file & extract metadata from file.

(6)On left side click on metadata summary ;there you can find different information which are extracted from document like username ;software; creation date ;modification date.
It can also find different DNS of related domain & server details.

(7)It can also find some juicy info ; known vulnerability; backup; directory listing ; sqli ; svn; GHDB and much more.

It`s just simple tutorial.So download it & enjoy it & gather some critical information. J

1 comment:

Post a Comment

UA-35960349-1