Inurl php http what earnings. How to make money by knowing PHP? How can a php programmer make good money at home?

For each operator there is a lightweight version with a shorter name (without the prefix all). The difference is that allinurl will find links with all words, and inurl will only find links with the first of them. The second and subsequent words from the query can appear anywhere on web pages. The inurl operator also differs from another operator with a similar meaning - site. The first also allows you to find any sequence of characters in a link to the searched document (for example, /cgi-bin/), which is widely used to find components with known vulnerabilities.

Let's try it in practice. We take the allintext filter and make the request produce a list of numbers and verification codes of credit cards that will expire only in two years (or when their owners get tired of feeding everyone).

Allintext: card number expiration date /2017 cvv

When you read in the news that a young hacker “hacked into the servers” of the Pentagon or NASA, stealing classified information, in most cases we are talking about just such a basic technique of using Google. Suppose we are interested in a list of NASA employees and their contact information. Surely such a list is available in electronic form. For convenience or due to oversight, it may also be on the organization’s website itself. It is logical that in this case there will be no links to it, since it is intended for internal use. What words can be in such a file? At a minimum - the “address” field. Testing all these assumptions is easy.

Inurl:nasa.gov filetype:xlsx "address"

We use bureaucracy

Finds like this are a nice touch. A truly solid catch is provided by a more detailed knowledge of Google's operators for webmasters, the Network itself, and the peculiarities of the structure of what is being sought. Knowing the details, you can easily filter the results and refine the properties of the necessary files in order to get truly valuable data in the rest. It's funny that bureaucracy comes to the rescue here. It produces standard formulations that are convenient for searching for secret information accidentally leaked onto the Internet.

For example, the Distribution statement stamp, required by the US Department of Defense, means standardized restrictions on the distribution of a document. The letter A denotes public releases in which there is nothing secret; B - intended only for internal use, C - strictly confidential, and so on until F. The letter X stands out separately, which marks particularly valuable information representing a state secret of the highest level. Let those who are supposed to do this on duty search for such documents, and we will limit ourselves to files with the letter C. According to DoDI directive 5230.24, this marking is assigned to documents containing a description of critical technologies that fall under export control. You can find such carefully protected information on sites in the top-level domain.mil, allocated for the US Army.

"DISTRIBUTION STATEMENT C" inurl:navy.mil

It is very convenient that the .mil domain contains only sites from the US Department of Defense and its contract organizations. Search results with a domain restriction are exceptionally clean, and the titles speak for themselves. Searching for Russian secrets in this way is practically useless: chaos reigns in domains.ru and.rf, and the names of many weapons systems sound like botanical ones (PP “Kiparis”, self-propelled guns “Akatsia”) or even fabulous (TOS “Buratino”).

By carefully studying any document from a site in the .mil domain, you can see other markers to refine your search. For example, a reference to the export restrictions “Sec 2751”, which is also convenient for searching for interesting technical information. From time to time it is removed from official sites where it once appeared, so if you cannot follow an interesting link in the search results, use Google’s cache (cache operator) or the Internet Archive site.

Climbing into the clouds

In addition to accidentally declassified government documents, links to personal files from Dropbox and other data storage services that create “private” links to publicly published data occasionally pop up in Google's cache. It’s even worse with alternative and homemade services. For example, the following query finds data for all Verizon customers who have an FTP server installed and actively using their router.

Allinurl:ftp:// verizon.net

There are now more than forty thousand such smart people, and in the spring of 2015 there were many more of them. Instead of Verizon.net, you can substitute the name of any well-known provider, and the more famous it is, the larger the catch can be. Through the built-in FTP server, you can see files on an external storage device connected to the router. Usually this is a NAS for remote work, a personal cloud, or some kind of peer-to-peer file downloading. All contents of such media are indexed by Google and other search engines, so you can access files stored on external drives via a direct link.

Looking at the configs

Before the widespread migration to the cloud, simple FTP servers ruled as remote storage, which also had a lot of vulnerabilities. Many of them are still relevant today. For example, the popular WS_FTP Professional program stores configuration data, user accounts and passwords in the ws_ftp.ini file. It is easy to find and read, since all records are saved in text format, and passwords are encrypted with the Triple DES algorithm after minimal obfuscation. In most versions, simply discarding the first byte is sufficient.

It is easy to decrypt such passwords using the WS_FTP Password Decryptor utility or a free web service.

When talking about hacking an arbitrary website, they usually mean obtaining a password from logs and backups of configuration files of CMS or e-commerce applications. If you know their typical structure, you can easily indicate the keywords. Lines like those found in ws_ftp.ini are extremely common. For example, in Drupal and PrestaShop there is always a user identifier (UID) and a corresponding password (pwd), and all information is stored in files with the .inc extension. You can search for them as follows:

"pwd=" "UID=" ext:inc

Revealing DBMS passwords

In the configuration files of SQL servers, user names and email addresses are stored in clear text, and their MD5 hashes are written instead of passwords. Strictly speaking, it is impossible to decrypt them, but you can find a match among the known hash-password pairs.

There are still DBMSs that do not even use password hashing. The configuration files of any of them can simply be viewed in the browser.

Intext:DB_PASSWORD filetype:env

With the advent of Windows servers, the place of configuration files was partially taken by the registry. You can search through its branches in exactly the same way, using reg as the file type. For example, like this:

Filetype:reg HKEY_CURRENT_USER "Password"=

Let's not forget the obvious

Sometimes it is possible to get to classified information using data that was accidentally opened and came to the attention of Google. The ideal option is to find a list of passwords in some common format. Only desperate people can store account information in a text file, Word document or Excel spreadsheet, but there is always enough of them.

Filetype:xls inurl:password

On the one hand, there are a lot of means to prevent such incidents. It is necessary to specify adequate access rights in htaccess, patch the CMS, not use left-handed scripts and close other holes. There is also a file with a list of robots.txt exceptions that prohibits search engines from indexing the files and directories specified in it. On the other hand, if the structure of robots.txt on some server differs from the standard one, then it immediately becomes clear what they are trying to hide on it.

The list of directories and files on any site is preceded by the standard index of. Since for service purposes it must appear in the title, it makes sense to limit its search to the intitle operator. Interesting things are in the /admin/, /personal/, /etc/ and even /secret/ directories.

Stay tuned for updates

Relevance is extremely important here: old vulnerabilities are closed very slowly, but Google and its search results are constantly changing. There is even a difference between a “last second” filter (&tbs=qdr:s at the end of the request URL) and a “real time” filter (&tbs=qdr:1).

The time interval of the date of the last update of the file is also indicated implicitly by Google. Through the graphical web interface, you can select one of the standard periods (hour, day, week, etc.) or set a date range, but this method is not suitable for automation.

From the look of the address bar, you can only guess about a way to limit the output of results using the &tbs=qdr: construction. The letter y after it sets the limit of one year (&tbs=qdr:y), m shows the results for the last month, w - for the week, d - for the past day, h - for the last hour, n - for the minute, and s - for give me a sec. The most recent results that Google has just made known are found using the filter &tbs=qdr:1 .

If you need to write a clever script, it will be useful to know that the date range is set in Google in Julian format using the daterange operator. For example, this is how you can find a list of PDF documents with the word confidential, downloaded from January 1 to July 1, 2015.

Confidential filetype:pdf daterange:2457024-2457205

The range is indicated in Julian date format without taking into account the fractional part. Translating them manually from the Gregorian calendar is inconvenient. It's easier to use a date converter.

Targeting and filtering again

In addition to specifying additional operators in the search query, they can be sent directly in the body of the link. For example, the filetype:pdf specification corresponds to the construction as_filetype=pdf . This makes it convenient to ask any clarifications. Let's say that the output of results only from the Republic of Honduras is specified by adding the construction cr=countryHN to the search URL, and only from the city of Bobruisk - gcs=Bobruisk. You can find a complete list in the developer section.

Google's automation tools are designed to make life easier, but they often add problems. For example, the user’s city is determined by the user’s IP through WHOIS. Based on this information, Google not only balances the load between servers, but also changes the search results. Depending on the region, for the same request, different results will appear on the first page, and some of them may be completely hidden. The two-letter code after the gl=country directive will help you feel like a cosmopolitan and search for information from any country. For example, the code of the Netherlands is NL, but the Vatican and North Korea do not have their own code in Google.

Often, search results end up cluttered even after using several advanced filters. In this case, it is easy to clarify the request by adding several exception words to it (a minus sign is placed in front of each of them). For example, banking, names and tutorial are often used with the word Personal. Therefore, cleaner search results will be shown not by a textbook example of a query, but by a refined one:

Intitle:"Index of /Personal/" -names -tutorial -banking

One last example

A sophisticated hacker is distinguished by the fact that he provides himself with everything he needs on his own. For example, VPN is a convenient thing, but either expensive, or temporary and with restrictions. Signing up for a subscription for yourself is too expensive. It's good that there are group subscriptions, and with the help of Google it's easy to become part of a group. To do this, just find the Cisco VPN configuration file, which has a rather non-standard PCF extension and a recognizable path: Program Files\Cisco Systems\VPN Client\Profiles. One request and you join, for example, the friendly team of the University of Bonn.

Filetype:pcf vpn OR Group

INFO

Passwords are stored encrypted, but Maurice Massard has already written a program to decrypt them and provides it for free through thecampusgeeks.com.

Google runs hundreds of different types of attacks and penetration tests. There are many options, affecting popular programs, major database formats, numerous vulnerabilities of PHP, clouds, and so on. Knowing exactly what you're looking for will make it much easier to find the information you need (especially information you didn't intend to make public). Shodan is not the only one that feeds with interesting ideas, but every database of indexed network resources!

From the author: Hello friends! In this article we will talk about the PHP programming language. Let's find out what it is used for, what you can do with it, and what place it occupies in the stages of website development. Also in this article we will look at many ways to make money knowing how to program in PHP.

What is PHP and what is it for?

PHP is a scripting language that is very actively used in the development of web applications. PHP is one of the leading languages ​​used in developing dynamic websites.

PHP is a server-side programming language. All scripts written in this language are executed on the server with the site. To study PHP, develop and debug websites and scripts, of course, you don’t have to buy a real server on the Internet. For these purposes, server emulators are used, which in the form of programs are simply installed on a working computer. And on a server on the Internet (hosting) ready-made websites and pages with PHP scripts are placed. By the way, almost all modern hosting supports the PHP language.

The popularity of this language in the field of website building is determined by the presence of a large set of built-in tools for developing web applications. The main ones:

automatic extraction of POST and GET parameters, as well as web server environment variables into predefined arrays;

interaction with a large number of different database management systems (MySQL, MySQLi, SQLite, PostgreSQL, Oracle (OCI8), Oracle, Microsoft SQL Server, Sybase, ODBC, mSQL, IBM DB2, Cloudscape and Apache Derby, Informix, Ovrimos SQL, Lotus Notes , DB++, DBM, dBase, DBX, FrontBase, FilePro, Ingres II, SESAM, Firebird / InterBase, Paradox File Access, MaxDB, PDO Interface);

automated sending of HTTP headers;

working with cookies and sessions;

working with local and remote files, sockets;

processing files uploaded to the server;

working with XForms.

Let's look at an example where the PHP script runs on the page. Take, for example, the subscription form in which you enter your name and email on many sites. HTML and CSS are responsible for the appearance of the form - the colors of the input fields and buttons, changing the color of the button when hovering and clicking on it, and so on. Using HTML5, you can check the correctness of the data entered into the form - for example, whether the email or phone fields are filled out correctly.

And after you click the “Subscribe” button, a PHP script is called, which receives the data you entered into the form. The script records them in the database, generates and sends you a link to confirm your subscription to the email specified in the form, checks the subscription confirmation and sends you subsequent emails. All these operations are performed on the server, and this is done using the PHP programming language.

Application of PHP in website development

To create a website, you need to go through several stages:

Planning. At this stage, we are planning the future site: for whom and why are we making it, who will visit the site, what to fill it with, what should be on the site, and so on.

Design. At the design stage, we create the appearance of the site pages in a graphic editor.

Layout. At the layout stage, using HTML and CSS, we create the HTML pages of the future site from the layouts obtained at the design stage.

Programming. At the programming stage, we automate the processes of working with the site. We program the administrative part of the site (admin panel) so that you can add, delete, edit existing pages even for a person completely unfamiliar with website building. We program so that the search and all subscription forms (if any) on the site work. We make sure that the newly added page is displayed on the site, and a link to the created page automatically appears in the menu. If the site uses voting or a survey, then this is also all programmed in PHP, at the programming stage.

If we consider the stage of programming a larger site, for example, an online store, then everything here is even wider and more interesting. In this case, we add not only pages, but also products - the main content of the online store. Moreover, in the admin panel you need to provide a breakdown of added products into various categories. It should also be possible to edit the product, change its description, price, picture, etc.

In addition, an online store requires programming of an analytics system - so that you can see in the admin panel how many orders were placed and paid, for what amount, and which products were paid for from which categories, etc. Moreover, it should be possible to display such reports for various periods. When programming an online store, sales reporting for accounting and tax purposes is often also implemented.

That is why the stage in which the PHP programming language is used is the most important, the longest in terms of time, and the most expensive and highly paid in website development. And once you understand how to program an online store, you will be able to create scripts for a website of almost any complexity.

Popularity of PHP

The popularity of PHP is evidenced by the fact that it is used by 83.1% of all sites where it was possible to identify a server-side programming language.

All the most popular CMSs that occupy first places in popularity ratings (both paid and free: WordPress, Joomla, Drupal, Modx, Bitrix. Magento, etc.) are written in the PHP programming language.

Also, the popularity of the PHP programming language is evidenced by the many created PHP frameworks, such as Laravel, Yii, CakePHP, Slim, Zend Framework 2, PHPixie, CodeIgniter, Symfony 2 and others. There are a huge number of forums and large communities - for PHP in general, for each framework and for each CMS separately.
I’ll also add that the world’s largest sites, for example, Facebook, Wikipedia, are also written in PHP.

How can you make money with knowledge of PHP?

Given the popularity of PHP, there is a constant high demand for PHP programmers. Having knowledge of PHP and being able to program in this language will open up new opportunities for earning money. Let's look at the main ones with which you can really make money today:

Earning money by developing scripts. All sites are constantly evolving, and they periodically require the writing of new scripts, or the development of additional functionality, modules, etc. For such developments, site owners turn to PHP developers. Moreover, in this case you can earn money in two ways:

track orders to find a freelance developer;

generate ideas for mass scripts. Having an idea for a script that will definitely be in demand among, for example, owners of online stores, you can independently develop such a script and sell it to online store owners;

Finalization of ready-made scripts “to order”. Everything is simple here - you take on the modification or correction of a script. But in this case, there is a nuance - initially the script may not be made very well, and its refinement may take more time than writing a script from scratch. Therefore, if you use this method of earning money, initially look very carefully at what you will be modifying and completing.

Development of plugins for CMS. In this method, everything is the same as when making money from scripts. Often, websites created on ready-made CMS require writing some kind of plugin, add-on or extension. And you can earn money here in two ways:

track orders for the development of plugins, add-ons and extensions on a freelance basis;

develop and sell a mass plugin that will definitely be in demand on most sites;

Own and joint projects. If you have an idea for an Internet project (startup), for example, an idea for a useful service or application that would solve a specific problem, then you can start implementing it. At the initial stage, it can even be just as a hobby, in addition to your main job. Then, when it is clear that the hobby is growing into a big project, it will be possible to devote more time to it.

Creation of dynamic websites and engines for them. You can also make good money by developing custom websites, working as a freelancer or in a web studio.

Creating websites for yourself. You can create a website for yourself, fill it with useful content - and when the site has a sufficient number of visitors, start making money by placing paid advertising on it or promoting someone’s products through affiliate programs.

I think many of you have thought that all of the above methods of earning money can be combined. And it is right! You can create a website for yourself and passively earn money by selling advertising from it, plus create a script or plugin and sell it on specialized sites, earning money on autopilot from each sale, and at the same time you can still work in a web studio. Why not? Of course you can!

How much can a PHP developer earn?

With the earnings of PHP programmers, everything is individual. A lot here depends on where to work, how to work, what level of knowledge, what experience, qualifications, what related additional knowledge the developer has, and so on. Therefore, in principle, there cannot be any exact figure here. But we can look at what salaries are offered when searching for PHP programmers in a web studio, and how much they are willing to pay for a project on freelance exchanges.

The image below shows the proposed salary for PHP programmers in a web studio. Moreover, this is the salary for PHP programmers without work experience:

If you have work experience, you can earn much more. Below are the salaries offered to experienced PHP programmers.

And today you can also earn decent money from freelancing:

Conclusion

PHP is the most popular programming language among web developers. The vast majority of all websites on the Internet are written in PHP. Having the knowledge and ability to develop in this programming language, you can earn good money, and there are many options for earning money - from working in a web studio to developing your own project or startup.

Any search for vulnerabilities on web resources begins with reconnaissance and information collection.
Intelligence can be either active - brute force of files and directories of the site, running vulnerability scanners, manually browsing the site, or passive - searching for information in different search engines. Sometimes it happens that a vulnerability becomes known even before opening the first page of the site.

How is this possible?
Search robots, constantly roaming the Internet, in addition to information useful to the average user, often record things that can be used by attackers to attack a web resource. For example, script errors and files with sensitive information (from configuration files and logs to files with authentication data and database backups).
From the point of view of a search robot, an error message about executing an sql query is plain text, inseparable, for example, from the description of products on the page. If suddenly a search robot came across a file with the .sql extension, which for some reason ended up in the site’s working folder, then it will be perceived as part of the site’s content and will also be indexed (including, possibly, the passwords specified in it).

Such information can be found by knowing strong, often unique, keywords that help separate “vulnerable pages” from pages that do not contain vulnerabilities.
A huge database of special queries using keywords (so-called dorks) exists on exploit-db.com and is known as the Google Hack Database.

Why google?
Dorks are primarily targeted at Google for two reasons:
− the most flexible syntax of keywords (shown in Table 1) and special characters (shown in Table 2);
− the Google index is still more complete than that of other search engines;

Table 1 - Main Google keywords