Comments on: Clever Hacking: google.js

By: hackathology

hackathology — Tue, 23 Oct 2007 10:09:30 +0000

followed all three steps man, still, it doesn’t work. Strange.

By: pdp

pdp — Tue, 23 Oct 2007 06:18:45 +0000

I don’t know. it works really well for me. Check if cscript is your default scripting engine. If not, just follow the steps described above.

By: hackathology

hackathology — Tue, 23 Oct 2007 02:47:50 +0000

same here. No output when not using any proxy

By: albert arul prakash

albert arul prakash — Wed, 17 Oct 2007 04:56:22 +0000

Working fine for me. Its lovely

By: pdp

pdp — Mon, 08 Oct 2007 20:55:13 +0000

nori, cheers for that.

By: thornade

thornade — Mon, 08 Oct 2007 20:35:37 +0000

Yes, it sounds like MSXML2.DOMDocument could not deflate gzip. If I disable HTTP/1.1 on Internet Explorer settings, it works better, in this case no gzip encoding support.
Nevertheless, foreach page Google returns, the DTD is checked. This represents 31 documents downloaded…

By: nori

nori — Mon, 08 Oct 2007 15:32:11 +0000

if (WScript.Arguments.length == 0) {
	WScript.Echo('usage: ' + WScript.ScriptName + ' <query>');
	WScript.Echo('       ' + WScript.ScriptName + ' site:gnucitizen.org ext:js');
	WScript.Echo('');
	WScript.Echo('Google Search');
	WScript.Echo('by Petko D. Petkov (pdp) GNUCITIZEN (http://www.gnucitizen.org)');
	WScript.Quit(1);
} else {
	var tmp = [];

	for (var i = 0; i < WScript.Arguments.length; i++) {
		tmp.push(WScript.Arguments(i));
	}

	var query = tmp.join(' ');
}

var pos = 0;
var doc = WScript.CreateObject('MSXML2.DOMDocument');
var xhr = WScript.CreateObject('Microsoft.XMLHTTP');
var resp;

doc.async = false;
doc.validateOnParse = false;

do {
	var lns = [];
  xhr.open('GET','http://www.google.com/xhtml?q=' + escape(query) + (pos != 0 ? '&start=' + pos : ''),false);
  //xhr.setRequestHeader("Accept-Encoding", "text");
  xhr.send(null);
	//doc.load('http://www.google.com/xhtml?q=' + escape(query) + (pos != 0 ? '&start=' + pos : ''));
	try{
		doc.loadXML(xhr.responseText);
    //WScript.Echo(xhr.responseText);
	//WScript.Echo('XML:' + xhr.responseText);
	var as = doc.getElementsByTagName('a');

	for (var i = 0; i < as.length; i++) {
		var href = as[i].getAttribute('href');
		//WScript.Echo(href);
		var match = href.match(/^\/gwt\/.*?u=(.*?)$/);
		//WScript.Echo(match);
		if (match) {
			var ln = unescape(match[1]);
			
			lns.push(ln);
		}
	}

	}catch(ex){
		//WScript.Echo(ex.description);
	}
	if (pns && pns.sort().join() == lns.sort().join()) {
		break;
	}

	for (var i = 0; i < lns.length; i++) {
		WScript.Echo(lns[i]);
	}	

	var pns = lns;

	pos += 10;
} while (lns);

By: pdp

pdp — Mon, 08 Oct 2007 15:09:36 +0000

strange, it should work flawlessly… are you sure that your system proxy settings are set correctly?

By: nori

nori — Mon, 08 Oct 2007 14:51:02 +0000

Hi, no outpout when using no proxy. But when passing through Paros, results are returned. Maybe an issue with Accept-Encoding: gzip,deflate…

By: Liquidmatrix Security Digest » Security Briefing: October 8th

Liquidmatrix Security Digest » Security Briefing: October 8th — Mon, 08 Oct 2007 13:17:56 +0000

[...] Clever Hacking: google.js [...]

By: thornade

thornade — Sun, 07 Oct 2007 21:54:50 +0000

No output for me, when I debug, it seems like I have no tag in the returned document but when I sniff, I could see answers from Google, furthermore the script sends 2 requests (q=xxx, q=xxx&start=10)

I wrote a similar script in perl to find all web servers crawled by google for a specific domain (ie: gnucitizen.org). I did not use the wap version, is there any reason to use it ? (speeder, smaller … ?)

By: pdp

pdp — Sun, 07 Oct 2007 16:43:06 +0000

cscript //H:CScript

By: Stephen Bloch

Stephen Bloch — Sun, 07 Oct 2007 09:12:55 +0000

When running your script I’m getting:

“Access is denied” message.
The error code: 80070005,
the source: msxml3.dll