Sorry Guys, this blog is dead now :(. You can like my FB page , where i regularly share interesting article about infosec .Keep reading.:)

Thursday, July 18, 2013

Information Gathering Using FOCA

Last month I put some of tutorial on Information gathering which is first step of penetration testing  , & today we will go ahead in this series . As you know Backtrack has all tools for penetration testing , but this tool is not come with backtrack ; It`s very powerful  tool for information gathering and its name is FOCA (Fingerprinting Organizations with Collected Ar­chieves). It is windows based  tool ; you can install it in linux with help of wine. But i used it in windows  , you can find here “how to install foca inbacktrack?

What kind of data can be found? 

–Information stored to give information about the document.
•For example: Creator, Organization, etc..
•Hidden information:
–Information internally stored by programs and not editable.
•For example: Template paths, Printers, db structure, etc…
•Lost data:
–Information which is in documents due to human mistakes or negligence, because it was not intended to be there.
•For example: Links to internal servers, data hidden by format, etc…


(1)Go to official website here.
(2)Enter your valid email address at end of page & you will receive email which contain Download link.
(3)Install Foca by running setup.

Sample Example of FOCA:-

(1)Open foca click on create new project.
(2)Enter project name & domain name & click on create.

(3)On right side you can see different file types which will be searching in given domain. Select which file type you want to search &  click on search.

(4)As you can see in above image ; it will find different files from domain using google & bing search engine.

(5)Then right click on file & download it &then again right click on file & extract metadata from file.

(6)On left side click on metadata summary ;there you can find different information which are extracted from document like username ;software; creation date ;modification date.
It can also find different DNS of related domain & server details.

(7)It can also find some juicy info ; known vulnerability; backup; directory listing ; sqli ; svn; GHDB and much more.

It`s just simple tutorial.So download it & enjoy it & gather some critical information. J

1 comment:

Post a Comment