METAGOOFIL INTRO:- Metagoofil is a tool designed to gather information like public documents (pdf.doc,ppt) of a target website. Metagoofil uses Google to search for the information and download the documents to attacker’s local disk. Metagoofil generates a report with usernames, software versions and serves or documents, as per ethical hacking courses.
Ethical hacking researcher of International Institute of Cyber Security says Metagoofil can be used in analyzing the target because it provides lot of information.
- This tool is pre-installed in kali linux so you have to just update the libraries of the python. For updating the libraries of the python type sudo apt-get update. Then type sudo apt-get install python-extract.
- Type metagoofil
iicybersecurity@kali:~$ metagoofil ****************************************************** * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | * * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | * * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | * * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| * * |___/ * * Metagoofil Ver 2.2 * * Christian Martorella * * Edge-Security.com * * cmartorella_at_edge-security.com * ****************************************************** Usage: metagoofil options -d: domain to search -t: filetype to download (pdf,doc,xls,ppt,odp,ods,docx,xlsx,pptx) -l: limit of results to search (default 200) -h: work with documents in directory (use "yes" for local analysis) -n: limit of files to download -o: working directory (location to save downloaded files) -f: output file Examples: metagoofil -d apple.com -t doc,pdf -l 200 -n 50 -o applefiles -f results.html metagoofil -h yes -o applefiles -f results.html (local dir analysis)
- Type:-
metagoofil -d testsite.com -t doc,pdf -l 200 -n 50 -o /home/iicybersecurity -f test.html
root@kali:/home/iicybersecurity# metagoofil -d testsite.com -t doc,pdf -l 200 -n 50 -o /home/iicybersecurity -f test.html ****************************************************** * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | * * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | * * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | * * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| * * |___/ * * Metagoofil Ver 2.2 * * Christian Martorella * * Edge-Security.com * * cmartorella_at_edge-security.com * ****************************************************** [-] Starting online search... [-] Searching for doc files, with a limit of 200 Searching 100 results... Searching 200 results... Results: 19 files found Starting to download 50 of them: ---------------------------------------- [1/50] /webhp?hl=en-IN [x] Error downloading /webhp?hl=en-IN [2/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21395573%26aid%3D1 [x] Error in the parsing process [3/50] ftp://public.dhe.testsite.com/systems/support/system_i/tools/How_to_modify_PUA.doc [4/50] https://www.testsite.com/developerworks/cn/linux/sdk/php/zend/Zend_Engine_2.0_CN.doc [5/50] ftp://ftp.software.testsite.com/software/mktsupport/techdocs/mqsmon.doc [6/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture310.doc [7/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture40.doc [8/50] ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture41.doc [x] Error downloading ftp://public.dhe.testsite.com/software/data/cm/filenet/fn2testsite_migration/ProductInfo/Products/ImageManager/CaptureDesktop/CompatibilityDependency/ScandriversupportguidelinesCapture41.doc [9/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg27040224%26aid%3D13 [x] Error in the parsing process [10/50] ftp://ftp.software.testsite.com/software/mktsupport/techdocs/testsite-aci_sizing_questionnaire_040602.doc [11/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dtss1prs723%26aid%3D1 [x] Error in the parsing process [12/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21137018%26aid%3D19 [x] Error in the parsing process [13/50] https://www-01.testsite.com/support/docview.wss%3Fuid%3Dswg21335986%26aid%3D1 [x] Error in the parsing process [14/50] /support/websearch/bin/answer.py?answer=134479 [x] Error downloading /support/websearch/bin/answer.py?answer=134479 [15/50] /tools/feedback/survey/html?productId=196 [x] Error downloading /tools/feedback/survey/html?productId=196 [16/50] /intl/en/ads [x] Error downloading /intl/en/ads [17/50] /services [x] Error downloading /services [18/50] /intl/en/policies/privacy/ [19/50] /intl/en/policies/terms/ [-] Searching for pdf files, with a limit of 200 Searching 100 results... Searching 200 results... Results: 141 files found Starting to download 50 of them: ---------------------------------------- [1/50] /webhp?hl=en-IN [x] Error downloading /webhp?hl=en-IN [2/50] https://www.testsite.com/support/customer/pdf/csa_fr.pdf [x] Error in the parsing process [3/50] https://www.testsite.com/support/customer/pdf/cra_programs_tn.pdf [x] Error in the parsing process [4/50] https://www.redbooks.testsite.com/redbooks/pdfs/sg247212.pdf [5/50] https://www.testsite.com/support/customer/pdf/machines_agreement_us.pdf [6/50] https://www.testsite.com/support/customer/pdf/aeci_cn.pdf [x] Error in the parsing process [7/50] https://www.testsite.com/testsite/environment/annual/TESTSITE_CorpResp_2002.pdf [8/50] https://www.testsite.com/support/customer/pdf/dpa_jp.pdf [x] Error in the parsing process [9/50] https://www.testsite.com/support/customer/pdf/dpa_it.pdf [x] Error in the parsing process [10/50] https://www.testsite.com/support/customer/pdf/aeci_tw.pdf [x] Error in the parsing process [11/50] https://www.testsite.com/support/customer/pdf/ica_us.pdf [12/50] https://www.testsite.com/support/customer/pdf/testsite_hourly_service_us.pdf [x] Error in the parsing process [13/50] https://www.testsite.com/support/customer/pdf/csa_us.pdf [x] Error in the parsing process [14/50] https://www.testsite.com/support/customer/pdf/dpa_en.pdf [x] Error in the parsing process [15/50] https://www.testsite.com/support/customer/pdf/ica_bg_en.pdf [16/50] https://www.testsite.com/support/customer/pdf/dpa_de.pdf [x] Error in the parsing process [17/50] https://www.testsite.com/support/customer/pdf/dpa_sv.pdf [x] Error in the parsing process [18/50] https://www.testsite.com/support/customer/pdf/cra_services_de.pdf [x] Error in the parsing process [19/50] https://www.testsite.com/support/customer/pdf/csa_nl_nl.pdf [x] Error in the parsing process [20/50] https://www.testsite.com/support/customer/pdf/dpa_es_co.pdf [x] Error in the parsing process [21/50] https://www.testsite.com/support/customer/pdf/cra_us.pdf [x] Error in the parsing process [22/50] https://www.testsite.com/support/customer/pdf/aeci_us.pdf [23/50] https://www.vm.testsite.com/vm40hist.pdf [24/50] https://www-07.testsite.com/ap/partnerworld/pdf/GX_intro_for_engineer.pdf [25/50] https://www-07.testsite.com/ap/partnerworld/pdf/basic_ips_ids_fw_av_differance.pdf [26/50] https://www-03.testsite.com/testsite/history/documents/pdf/strategy.pdf [27/50] ftp://public.dhe.testsite.com/software/au/analytics/wp_7_risk_dashboards_banks_need.pdf [28/50] ftp://ftp.software.testsite.com/software/uk/pdf/19173A_Deloitte_Analytics_Open_Data_June_2012.pdf [29/50] https://www-03.testsite.com/testsite/history/documents/pdf/hr.pdf [30/50] https://www.testsite.com/midmarket/tw/zh/att/pdf/midmarket_excute_improvefinancing.pdf [31/50] https://www-05.testsite.com/si/storage_management/pdf/gartner_-_the_road_to_infrastructure_and_operations_maturity_through_service_management.pdf [32/50] https://www-03.testsite.com/testsite/history/documents/pdf/glossary.pdf [33/50] https://www-03.testsite.com/testsite/history/documents/pdf/as400.pdf [34/50] https://www-03.testsite.com/testsite/history/documents/pdf/management.pdf [35/50] https://www-07.testsite.com/solutions/au/healthcare/pdf/TESTSITE_Cognos_white_paper_performance_management_in_healthcare.pdf [36/50] https://www-03.testsite.com/testsite/history/documents/pdf/gservices.pdf [37/50] https://www-03.testsite.com/testsite/history/documents/pdf/rs6000.pdf [38/50] https://www-03.testsite.com/testsite/history/documents/pdf/emea.pdf [39/50] https://www.redbooks.testsite.com/technotes/tips0938_zh.pdf [40/50] https://www.redbooks.testsite.com/technotes/tips0832.pdf [x] Error in the parsing process [41/50] https://www.redbooks.testsite.com/technotes/tips1261.pdf [42/50] https://www.redbooks.testsite.com/technotes/tips1341.pdf [x] Error in the parsing process [43/50] https://www.redbooks.testsite.com/technotes/tips1128.pdf [x] Error in the parsing process [44/50] https://www.testsite.com/kr/sc2015/Commerce_Part2.pdf [45/50] https://www.redbooks.testsite.com/technotes/tips1127.pdf [46/50] https://www.redbooks.testsite.com/technotes/tips1355.pdf [47/50] https://www.vm.testsite.com/pubs/hcsf8b22.pdf [x] Error downloading https://www.vm.testsite.com/pubs/hcsf8b22.pdf [48/50] https://www-03.testsite.com/testsite/history/witexhibit/pdf/amy_background.pdf [x] Error in the parsing process [49/50] https://www.redbooks.testsite.com/technotes/tips1039.pdf [50/50] https://www.redbooks.testsite.com/technotes/tips1350.pdf processing [+] List of users found: -------------------------- Phil Einspahr Pat Patrick Chen Wang dwdev Hal Stiles Techline Tivoli FileNET ptnguyen FileNET Terry Reagan TESTSITE/ACI TESTSITE_User TESTSITE ernies ▒▒ TESTSITE_USER ▒▒Janet Hughes ▒▒Bill Bitner TESTSITE ISS AA511816 jmusial TESTSITE Business Intelligence & Performance Management ▒ 901112 ▒ RS chbaker dfox Rob Young 802594 vkey1 korlando ▒▒▒(▒▒ JKESTLE KEENAN bdufrasne Marcela Adan_TESTSITE [+] List of software found: ----------------------------- Microsoft Office Word Microsoft Word 10.0 Microsoft Word 9.0 Microsoft Word 9.0 Microsoft Office Word Microsoft Word 9.0 Acrobat Distiller 7.0 (Windows) FrameMaker 7.1 Acrobat Distiller 7.0.5 (Windows) PScript5.dll Version 5.2.2 QuarkXPress(tm) 6.0 ▒▒TESTSITE Lotus Symphony 3.0 ▒▒TESTSITE Lotus Symphony Documents Acrobat Distiller 5.0.5 (Windows) Acrobat PDFMaker 5.0 for Word GPL Ghostscript 9.05 ▒▒PDFCreator Version 1.3.2 Acrobat Distiller 8.1.0 (Windows) Acrobat Distiller 4.05 for Windows Adobeps4.drv Version 4.50 Adobe PDF Library 8.0 Adobe InDesign CS3 (5.0.3) Adobe PDF Library 9.9 Adobe InDesign CS5.5 (7.5.1) Adobe Acrobat 8.1 Adobe InDesign CS3 (5.0.4) QuarkXPress: pictwpstops filter 1.0 Pscript.dll Version 5.0 QuarkXPress(tm) 6.5 PScript5.dll Version 5.2 Acrobat Elements 8.0.0 (Windows) ▒▒Microsoft▒ PowerPoint▒ 2013 Acrobat Distiller 9.5.1 (Windows) Acrobat Distiller 15.0 (Windows) Acrobat Distiller 9.4.6 (Windows) [+] List of paths and servers found: --------------------------------------- Normal.dotm '' Normal.dot 'C:\Documents\Dan Coffey - WB RFP\RFP MQSeries Monitoring and Management.doc' 'C:\Documents and Settings\alee\My Documents\Work\RFP's\P&A\RFP MQSeries Monitoring and Management.doc' Normal 'C:\WINNT\Profiles\TREAGAN\Application Data\Microsoft\Word\AutoRecovery save of Scan driver support guidelines - Capture 310.asd' 'C:\WINNT\Profiles\TREAGAN\Capture\Scan driver support guidelines - Capture 310.doc' 'C:\WINNT\Profiles\ptnguyen\Desktop\Scan driver support guidelines - Capture 310.doc' 'C:\Documents and Settings\Administrator\My Documents\TESTSITE-ACI Sizing Questionnaire ACI.DOC' 'C:\$USER\TESTSITE-ACI Sizing Questionnaire ACI.DOC' 'C:\$USER\TESTSITE-ACI Sizing Questionnaire 040602.DOC' 'C:\Documents and Settings\Administrator\My Documents\lc\Sizing Questionnaires\TESTSITE-ACI Sizing Questionnaire 040602.DOC' 'C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\AutoRecovery save of TESTSITE-ACI Sizing Questionnaire 040602.asd' [+] List of e-mails found: ---------------------------- redbook@us.testsite.com JMSImportOut@esbNode.server1-SCA.APPLICATION.esbCell.Bus. service@itsobooks.com bitnerb@us.testsite.com sgreenle@us.testsite.com isssales@jp.testsite.com ISSSales@jp.testsite.com isssales@jp.testsite.com ISSSales@jp.testsite.com redbook@us.testsite.com redbooks@us.testsite.com redbooks@us.testsite.com user1@emaildomain.com user2@emaildomain.com redbooks@us.testsite.com redbook@us.testsite.com redbooks@us.testsite.com
- After executing the above query, email,path & servers, softwares, documents – pdf,doc has been found which can be used in information gathering.
- Here are the files which have been downloaded from the target website. This information can be used in other hacking activities.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator. He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.
