Penetration Testing mailing list archives
RE: Website search engine is a hacking tool..
From: "Mark Curphey" <mark () curphey com>
Date: Wed, 28 Jul 2004 13:27:37 -0400
We have an updated version we will release soon with full source code. As well as minor bug fixing you will be able to choose the amount of results returned and issue raw queries to the web service. Expect about another 6 weeks for release (no fixed dates yet). -----Original Message----- From: Charles Gillman [mailto:charles.gillman () ethertech com au] Sent: Friday, July 23, 2004 11:17 PM To: Drew Copley; Gerry Eisenhaur; Amal Mohammad Al Hajeri Cc: pen-test () securityfocus com Subject: RE: Website search engine is a hacking tool.. The folks at Foundstone have already created a tool to do exactly as Amal suggests using the Google API's. It's called SiteDigger http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte nt=/resources/information_gathering_tools.htm I have found it to be a bit buggy, returning results to an unrelated site occasionally but that could also be the Google API's. CG
-----Original Message----- From: Drew Copley [mailto:dcopley () eEye com] Sent: Friday, 23 July 2004 8:01 AM To: Gerry Eisenhaur; Amal Mohammad Al Hajeri Cc: pen-test () securityfocus com Subject: RE: Website search engine is a hacking tool..-----Original Message----- From: Gerry Eisenhaur [mailto:GEisenhaur () cisco com] Sent: Wednesday, July 21, 2004 12:54 PM To: Amal Mohammad Al Hajeri Cc: pen-test () securityfocus com Subject: Re: Website search engine is a hacking tool.. There have been many articles written about using google as a hacking tool. All you really though need is an imagination. Here are some google modifiers that you might not know of: http://www.google.com/help/operators.html and here are some ideas to get you started: http://johnny.ihackstuff.com/index.php?module=prodreviews You would be amazed at whats out there, I've found everything from VNC passwords for entire domains, WEP keys, to pictures of peoples family.Not sure how "pictures of people's family" is relevant. I have had to track back some people sometimes through the years, and at least once found "pictures of their family". The most successful examples have been for tracking back entirely "anonymous" people through their fingerprint of writing to their real identities. Identidity in the plural, because often the only identity online is multiple psuedo-anonymous ones that give real details in various forums. In one example we thought a troll was a pedophile because he was found trying to pick up fifteen year old girls. Turns out, surprise surprise, he was fifteen. His terrified mom told us when we called her up. In another case, a neo-nazi troll was caught because of his unusual fascination with a certain vulgar phrase he had the unfortunate luck to coin. This trace back gave his home address and the highly vulnerable information that he actually kept gold bars under his baseboards. Being confronted with this information he promptly repented and never returned. Their "fingerprint" is derived by breaking up their sentences and finding specific phrases and misspellings. Then, these are put into search engines and return counts and possible identities are put against these. If lucky, one can whittle down the suspect list to some positive proof. I am not aware of this method being used or documented anywhere, though it works on basic forensic science principles used in physical criminology and utilizes well known linguistic forensics... So that is a more unusual example of "google hacking" [sic]... While the methods I specified are useful for tracking back scum bags they also could be used to find hackable targets in a weak link target scenario. There are few corporate or governmental targets better then an "executive" at home on his take home laptop. Search engines are instrumental in finding that kind of identity. FYI.--gerry Amal Mohammad Al Hajeri wrote:Hi List, Did you ever thought of the website search engine as a hacking tool? During one of the pen-tests, The website search engine, wasa valuabletool to discover interesting directories within the website itself, these directories were not detected by famous website scanners like nikto or SPI dynamics,i managed to get documentation pagesabout the APIapplication implemented, management login pages, backupfiles and muchmore. I leave it to your imagination to search for words like: password,login,oracle,database,administrator, backup...etc Best Regards, ----------------------------------- Amal M. Al-Hajeri E/Network & Information Security Etisalat-- Gerald Eisenhaur Cisco Systems, Inc. 1414 Massachusetts Ave. Boxborough, MASSACHUSETTS 01719 tel: 978.936.0465 geisenhaur () cisco com
Current thread:
- Website search engine is a hacking tool.. Amal Mohammad Al Hajeri (Jul 21)
- Re: Website search engine is a hacking tool.. Gerry Eisenhaur (Jul 22)
- Re: Website search engine is a hacking tool.. Wojciech Pawlikowski (Jul 22)
- <Possible follow-ups>
- RE: Website search engine is a hacking tool.. Drew Copley (Jul 23)
- RE: Website search engine is a hacking tool.. Charles Gillman (Jul 28)
- RE: Website search engine is a hacking tool.. Amal Mohammad Al Hajeri (Jul 28)
- RE: Website search engine is a hacking tool.. Vinicius Moreira Mello (Jul 30)
- RE: Website search engine is a hacking tool.. Mark Curphey (Jul 30)
- RE: Website search engine is a hacking tool.. Charles Gillman (Jul 28)
- Re: Website search engine is a hacking tool.. c0ntex (Jul 28)