12 May 2008 | 12,949 views

Metagoofil v1.4 Released – Metadata and Information Gathering Tool

Prevent Network Security Leaks with Acunetix

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website.

It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn and so on. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, shared resources etc.

This new version extracts MAC address from Microsoft Office documents. Now you can have an idea of what kind of hardware they are using.

All this information should not be available on the net, but most of the companies don’t have policies about information leaking… and most of them don’t know this information exists. So you can show them what information an attacker can obtain, with this simple technique.

You can download Metagoofil v1.4 here:

MetaGooFil 1.4 (tar) (20/04/2008)

Or read more here.



Recent in Hacking Tools:
- Arachni v1.0 Released – Web Application Security Scanner Framework
- iSniff-GPS – Passive Wifi Sniffing Tool With Location Data
- masscan – The Fastest TCP Port Scanner

Related Posts:
- Metagoofil 1.2 – Metadata Extractor Tool
- The Revisionist – Metadata Retrieval Tool
- PDFResurrect v0.9 Released – PDF Analysis and Scrubbing Utility

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,870,697 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,061,706 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 625,352 views

Low-cost VPS Hosting

15 Responses to “Metagoofil v1.4 Released – Metadata and Information Gathering Tool”

  1. Jinesh 12 May 2008 at 1:14 pm Permalink

    WOW, I wish I was capable enough to use this tool :-(. But no worries some day I will be.

  2. Changlinn 13 May 2008 at 12:20 am Permalink

    wow very nice tool, I am about to do some web security work could be good to have this in the toolkit.

  3. matt 13 May 2008 at 3:44 am Permalink

    This tool might go along well with http://www.remote-exploit.org/codes_wyd.html

  4. eM3rC 13 May 2008 at 4:24 am Permalink

    Very cool!

    It’s amazing to see how black hat software is developing and what white hats are doing to counter it. Keep up these security articles, really enjoy reading them!

    Ooooo Random post!

    Ok so I have been a windows/hackintosh user for quite some time and I now want to make a switch (or triple boot) to linux. My question is which distro would be a good match for my needs (I know there is no best).

    For now it would be used for basic tasks like music editing/playing, word processing, video editing, programming (c++, java for now), and hopefully gaming (I will prob have to use wine or codeweavers for this though).

    Thanks!

  5. Changlinn 13 May 2008 at 5:56 am Permalink

    Ubuntu is easy to use and install and has all the advanced stuff under the bonnet if you need it. It is a stable snapshot of debian with a healthy helping of usability tweaks.
    As for gaming on Linux I don’t game much as none of my PC’s have the graphics card to do so, but from the little gaming I have done, it is difficult to get everything working in wine, even on older games. Native games are the way to go and there are some really good comparable ones or free ones that are awesome, nexuiz, freecraft, quake3 and 4 come to mind.

  6. matt 13 May 2008 at 5:00 pm Permalink

    em3rc –

    If you have any *nix experience, I would suggest ArchLinux. Although it does take some time to setup and get going, it is very stable and has great docs.

    If you want something out-of-the-box, Ubuntu is great. The OS has great support forums with info on almost anything you could want and it also supports and comes preloaded(or just a few clicks will install) with all of your word processing, music editing/playing, video, and programming needs. The reason I stepped away from Ubuntu was the fact that I felt limited because almost everything was done for me. I need an OS that I can customize with more ease.

    http://www.zegeniestudios.net/ldc/ helped me out a lot when I was choosing a distro.

    Also, http://www.distrowatch.com has good search features.

    Good Luck

  7. eM3rC 13 May 2008 at 6:29 pm Permalink

    @Changlinn
    Thanks, I’ve tried out Ubuntu out and really liking it. I’ve heard a lot about distros like Fedora and SuSe but I’ll stick with the big U for now.

    @matt
    I think I might try out Ubuntu and do dual boot with ArchLinux, XP, and Ubuntu. Thanks for the suggestions!

  8. Changlinn 13 May 2008 at 11:20 pm Permalink

    @eM3rC
    No problem. Linux users area fickle bunch, I have gone from Redhat to fedora, to Feather, to DSL, to Debian, and finally to Ubuntu, which I have been on for some time. As matt says it can be limiting in that everything is done for you, I feel you can still customize what you need beyond this and I like the fact that a lot is done, so I can just use it and get on with my work, if I didn’t want this I would go Gentoo or LFS :)

  9. matt 13 May 2008 at 11:24 pm Permalink

    “Linux users are a fickle bunch”

    Very true Changlinn. If you do any searching for “Which distro is best for me?” you will find the best answers are those that tell you to keep trying them out for yourself until you find one you like.

  10. Pantagruel 14 May 2008 at 8:56 am Permalink

    @eM3rC

    As many have mentioned before, to start try Suse, Ubuntu, Fedora or Mandriva. All have quite good hardware support (laptop is a slightly bigger problem though). You can buy SuSe with an excellent manual or go for one of the download variants and buy a decent book.
    As you get more proficient you can switch to Debian, Gentoo,Arch or even LFS.
    For a plain easy setup and usable desktop environment go for SuSe or Ubuntu.

    I personally run Suse on my desktop and beat up Latitude C600, the home servers are running BSD.

  11. macdaddy 15 May 2008 at 9:11 pm Permalink

    im using ubuntu and its really nice

  12. Bogwitch 19 May 2008 at 12:16 pm Permalink

    Great tool. I’ve been using it for a good while now for early recon stages of a pen test.
    The addition of MAC address extraction is, IMO, a minor improvement but it’s nice to see development continues!
    About that MAC address…. Didn’t Microsoft remove that ‘feature’ in a more recent release or patch?

    On the Linux thread, I’m using Fedora for the supported software and Slackware because I’m a masochist.

  13. eM3rC 19 May 2008 at 10:34 pm Permalink

    Thanks for all the replies guys!

    I think I’ll start out with Ubuntu and work on that for a while then start testing out the different linux OSs.

    How am I the second highest poster when I’m not even trying?!?

  14. razta 27 May 2008 at 10:12 pm Permalink

    Great tool! Now I have to find out how to delete meta data from my files!

  15. Furqan 27 February 2009 at 7:30 am Permalink

    I tried this tool its finding the files on site but not downloading or retrieving any meta data from it help me please