Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available on the target/victim website.
The tool will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results it will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the information gathering phase.
Metagoofil Information Gathering features
It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn and so on. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, shared resources etc.
This new version extracts MAC address from Microsoft Office documents. Now you can have an idea of what kind of hardware they are using.
All this information should not be available on the net, but most of the companies don’t have policies about information leaking… and most of them don’t know this information exists. So you can show them what information an attacker can obtain, with this simple technique.
How to use Metagoofil for Information Gathering
-d: domain to search
-t: filetype to download (pdf,doc,xls,ppt,odp,ods,docx,xlsx,pptx)
-l: limit of results to search (default 200)
-h: work with documents in directory (use "yes" for local analysis)
-n: limit of files to download
-o: working directory (location to save downloaded files)
-f: output file
metagoofil.py -d apple.com -t doc,pdf -l 200 -n 50 -o applefiles -f results.html
metagoofil.py -h yes -o applefiles -f results.html (local dir analysis)
Also, check out:
You can download Metagoofil information gathering tool here:
Or read more here.