Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website.
The tool will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results it will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the information gathering phase.
Metagoofil Information Gathering features
It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn and so on. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, shared resources etc.
This new version extracts MAC address from Microsoft Office documents. Now you can have an idea of what kind of hardware they are using.
All this information should not be available on the net, but most of the companies don’t have policies about information leaking… and most of them don’t know this information exists. So you can show them what information an attacker can obtain, with this simple technique.
How to use Metagoofil for Information Gathering
1 2 3 4 5 6 7 8 9 10 11 |
-d: domain to search -t: filetype to download (pdf,doc,xls,ppt,odp,ods,docx,xlsx,pptx) -l: limit of results to search (default 200) -h: work with documents in directory (use "yes" for local analysis) -n: limit of files to download -o: working directory (location to save downloaded files) -f: output file Examples: metagoofil.py -d apple.com -t doc,pdf -l 200 -n 50 -o applefiles -f results.html metagoofil.py -h yes -o applefiles -f results.html (local dir analysis) |
Also, check out:
– Just-Metadata – Gathers & Analyse IP Address Metadata
– The Revisionist – Metadata Retrieval Tool
You can download Metagoofil information gathering tool here:
Or read more here.
Jinesh says
WOW, I wish I was capable enough to use this tool :-(. But no worries some day I will be.
Changlinn says
wow very nice tool, I am about to do some web security work could be good to have this in the toolkit.
matt says
This tool might go along well with http://www.remote-exploit.org/codes_wyd.html
eM3rC says
Very cool!
It’s amazing to see how black hat software is developing and what white hats are doing to counter it. Keep up these security articles, really enjoy reading them!
Ooooo Random post!
Ok so I have been a windows/hackintosh user for quite some time and I now want to make a switch (or triple boot) to linux. My question is which distro would be a good match for my needs (I know there is no best).
For now it would be used for basic tasks like music editing/playing, word processing, video editing, programming (c++, java for now), and hopefully gaming (I will prob have to use wine or codeweavers for this though).
Thanks!
Changlinn says
Ubuntu is easy to use and install and has all the advanced stuff under the bonnet if you need it. It is a stable snapshot of debian with a healthy helping of usability tweaks.
As for gaming on Linux I don’t game much as none of my PC’s have the graphics card to do so, but from the little gaming I have done, it is difficult to get everything working in wine, even on older games. Native games are the way to go and there are some really good comparable ones or free ones that are awesome, nexuiz, freecraft, quake3 and 4 come to mind.
matt says
em3rc –
If you have any *nix experience, I would suggest ArchLinux. Although it does take some time to setup and get going, it is very stable and has great docs.
If you want something out-of-the-box, Ubuntu is great. The OS has great support forums with info on almost anything you could want and it also supports and comes preloaded(or just a few clicks will install) with all of your word processing, music editing/playing, video, and programming needs. The reason I stepped away from Ubuntu was the fact that I felt limited because almost everything was done for me. I need an OS that I can customize with more ease.
http://www.zegeniestudios.net/ldc/ helped me out a lot when I was choosing a distro.
Also, http://www.distrowatch.com has good search features.
Good Luck
eM3rC says
@Changlinn
Thanks, I’ve tried out Ubuntu out and really liking it. I’ve heard a lot about distros like Fedora and SuSe but I’ll stick with the big U for now.
@matt
I think I might try out Ubuntu and do dual boot with ArchLinux, XP, and Ubuntu. Thanks for the suggestions!
Changlinn says
@eM3rC
No problem. Linux users area fickle bunch, I have gone from Redhat to fedora, to Feather, to DSL, to Debian, and finally to Ubuntu, which I have been on for some time. As matt says it can be limiting in that everything is done for you, I feel you can still customize what you need beyond this and I like the fact that a lot is done, so I can just use it and get on with my work, if I didn’t want this I would go Gentoo or LFS :)
matt says
“Linux users are a fickle bunch”
Very true Changlinn. If you do any searching for “Which distro is best for me?” you will find the best answers are those that tell you to keep trying them out for yourself until you find one you like.
Pantagruel says
@eM3rC
As many have mentioned before, to start try Suse, Ubuntu, Fedora or Mandriva. All have quite good hardware support (laptop is a slightly bigger problem though). You can buy SuSe with an excellent manual or go for one of the download variants and buy a decent book.
As you get more proficient you can switch to Debian, Gentoo,Arch or even LFS.
For a plain easy setup and usable desktop environment go for SuSe or Ubuntu.
I personally run Suse on my desktop and beat up Latitude C600, the home servers are running BSD.
macdaddy says
im using ubuntu and its really nice
Bogwitch says
Great tool. I’ve been using it for a good while now for early recon stages of a pen test.
The addition of MAC address extraction is, IMO, a minor improvement but it’s nice to see development continues!
About that MAC address…. Didn’t Microsoft remove that ‘feature’ in a more recent release or patch?
On the Linux thread, I’m using Fedora for the supported software and Slackware because I’m a masochist.
eM3rC says
Thanks for all the replies guys!
I think I’ll start out with Ubuntu and work on that for a while then start testing out the different linux OSs.
How am I the second highest poster when I’m not even trying?!?
razta says
Great tool! Now I have to find out how to delete meta data from my files!
Furqan says
I tried this tool its finding the files on site but not downloading or retrieving any meta data from it help me please