Tenacious DiggitySkinny Dippin in a Sea of Bing29 July 2012 – DEF CON 20 – Las Vegas, NV                                  ...
2	  
Agenda     OVERVIEW•  Introduction/Background•  Advanced Attacks    •  NEW Diggity Attack Tools•  Advanced Defenses    •  ...
Introduction/Background   GETTING UP TO SPEED                          4	  
Diggity Tools   PROJECT OVERVIEW                      5	  
Diggity Tools            ATTACK TOOLS Tool	                      Descrip,on	   GoogleDiggity	             Tradi,onal	  Goo...
Diggity Tools            NEW ATTACK TOOLS Tool	                         Descrip,on	   PortScan	  Diggity	          Passive...
Diggity Scraping   NEW ACROSS ALL ATTACK TOOLS                                 8	  
Diggity Scraping   PROXIES SPECIFICATION                           9	  
Diggity Scraping   MANUAL PROXIES SPECIFICATION                                  10	  
Advanced Attacks   WH AT YOU SHOULD KNOW                           11	  
NEW GOOGLE HACKING TOOLSPortScan Diggity                           12	  
PortScanning    TARGETING HTTP ADMIN CONSOLESSearching for web admin interfaces on non-standard HTTP ports                ...
PortScanning    TARGETING PORT RANGESSearching for specific port ranges                                    14	  
PortScanning    TARGETING VULNERABILITYTargeting specific HTTP ports example                                       15	  
PortScan Diggity  TARGETING HTTP ADMIN CONSOLES                                  16	  
NEW GOOGLE HACKING TOOLSNotInMyBackYard                           17	  
Data Leaks on                3rd    Party Sites     SENSITIVE INFO EVERYWHEREVerizon - 2012 Data Breach Investigation Repo...
PasteBin Leaks     PASSWORDS IN PASTEBIN.COM POSTS •  Twitter feed tracking passwords leaked via PasteBin                 ...
Cloud Docs Exposures     PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures                                    ...
Cloud Docs Exposures     ROBOTS.TXT IS DEADPersonal photo galleries exposed                                   21	  
Data Loss In The News      MAJOR DATA LEAKS•  Yale Alumni 43,000 SSNs Exposed in Excel Spreadsheet                        ...
NotInMyBackYard      L O C A T I O N, L O C A T I O N, L O C A T I O NCloud storage:                     Public presentati...
NotInMyBackYard  PASTEBIN EXAMPLE                     24	  
NotInMyBackYard  XLS IN CLOUD EXAMPLE                         25	  
Cloud Docs Exposures     PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures                                    ...
NEW GOOGLE HACKING TOOLSBing Hacking Database v2.0                             27	  
Bing Hacking Database v2.0                 STACH & LIU TOOLSBHDB v2.0 – Updates•  Bing hacking database•  Bing hacking lim...
NEW GOOGLE HACKING TOOLSBingBinaryMalwareSearch (BBMS)                                 29	  
Bing Malware Search   TARGETING MALWARETargeting known malware signatures                                     30	  
Google vs Bing Size  MORE BANG FOR YOUR SEARCH                              31	  
NEW GOOGLE HACKING TOOLSCodeSearch Diggity                           32	  
Google Code Search       VULNS IN OPEN SOURCE CODE •  Regex search for vulnerabilities in indexed    public code, includin...
CodeSearch Diggity  AMAZON CLOUD SECRET KEYS                             34	  
Cloud Security   N O P R O M I S E S . . .N O N E Amazon AWS Customer Agreement   •  http://aws.amazon.com/agreement/#10  ...
Cloud Crawling  CREATE YOUR OWN SEARCH ENGINES                                   36	  
NEW GOOGLE HACKING TOOLSSHODAN Diggity                           37	  
SHODAN     HACKER SEARCH ENGINE•  Indexed service banners for whole Internet for HTTP (Port 80), as well   as some FTP (23...
SHODAN FINDING SCADA SYSTEMS                         39	  
SHODAN FINDING SCADA SYSTEMS                         40	  
SHODAN Diggity  FINDING SCADA SYSTEMS                          41	  
Advanced Defenses   PRO TECT YO NECK                      42	  
Diggity Alert DB   DATA MINING VULNS   Diggity Alerts                        Database                                     ...
Future Directions    WH AT W ILL HAPPEN                         44	  
Diggity Dashboards   COMING SOON                 Google	  Charts	                   Mobile	  BI	  Apps	                   ...
DLP Reporting   PRACTICAL EXAMPLES                        46	  
Questions?Ask us somethingWe’ll try to answer it.                   For more info:                   Fran Brown           ...
Thank YouStach & Liu Google Hacking Diggity Project info:http://www.stachliu.com/index.php/resources/tools/google-hacking-...
Upcoming SlideShare
Loading in...5
×

Tenacious Diggity - Skinny Dippin in a Sea of Bing

4,485

Published on

All brand new tool additions to the Google Hacking Diggity Project - The Next Generation Search Engine Hacking Arsenal. As always, all tools are free for download and use.

When last we saw our heroes, the Diggity Duo had demonstrated how search engine hacking could be used to take over someone’s Amazon cloud in less than 30 seconds, build out an attack profile of the Chinese government’s external networks, and even download all of an organization’s Internet facing documents and mine them for passwords and secrets. Google and Bing were forced to hug it out, as their services were seamlessly combined to identify which of the most popular websites on the Internet were unwittingly being used as malware distribution platforms against their own end-users.

Now, we've traveled through space and time, my friend, to rock this house again...

True to form, the legendary duo have toiled night and day in the studio (a one room apartment with no air conditioning) to bring you an entirely new search engine hacking tool arsenal that’s packed with so much tiger blood and awesome-sauce, that it’s banned on 6 continents. Many of these new Diggity tools are also fueled by the power of the cloud and provide you with vulnerability data faster and easier than ever thanks to the convenience of mobile applications.Just a few highlights of new tools to be unveiled are:

* AlertDiggityDB – For several years, we’ve collected vulnerability details and sensitive information disclosures from thousands of real-time RSS feeds setup to monitor Google, Bing, SHODAN, and various other search engines. We consolidated this information into a single database, the AlertDiggityDB, forming the largest consolidated repository of live vulnerabilities on the Internet. Now it’s available to you.

* Diggity Dashboard – An executive dashboard of all of our vulnerability data collected from search engines. Customize charts and graphs to create tailored views of the data, giving you the insight necessary to secure your own systems. This web portal provides users with direct access to the most current version of the AlertDiggityDB.

* Bing Hacking Database (BHDB) 2.0 – Exploiting recent API changes and undocumented features within Bing, we’ve been able to completely overcome the previous Bing hacking limitations to create an entirely new BHDB that will make Bing hacking just as effective as Google hacking (if not more so) for uncovering vulnerabilities and data leaks on the web. This also will include an entirely new SharePoint Bing Hacking database, containing attack strings targeting Microsoft SharePoint deployments via Bing.

* NotInMyBackYardDiggity – Don’t be the last to know if LulzSec or Anonymous post data dumps of your company’s passwords on PasteBin.com, or if a reckless employee shares an Excel spreadsheet with all of your customer data on a public website. This tool leverages both Google and Bing, and comes with pre-built queries that make i

Published in: Technology, News & Politics
1 Comment
0 Likes
Statistics
Notes
  • The            setup            in            the            video            no            longer            works.           
    And            all            other            links            in            comment            are            fake            too.           
    But            luckily,            we            found            a            working            one            here (copy paste link in browser) :            www.goo.gl/yT1SNP
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total Views
4,485
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Tenacious Diggity - Skinny Dippin in a Sea of Bing

  1. 1. Tenacious DiggitySkinny Dippin in a Sea of Bing29 July 2012 – DEF CON 20 – Las Vegas, NV Presented by: Francis Brown & Rob Ragan Stach & Liu, LLC www.stachliu.com
  2. 2. 2  
  3. 3. Agenda OVERVIEW•  Introduction/Background•  Advanced Attacks •  NEW Diggity Attack Tools•  Advanced Defenses •  NEW AlertDiggity Cloud Database•  Future Directions 3  
  4. 4. Introduction/Background GETTING UP TO SPEED 4  
  5. 5. Diggity Tools PROJECT OVERVIEW 5  
  6. 6. Diggity Tools ATTACK TOOLS Tool   Descrip,on   GoogleDiggity   Tradi,onal  Google  hacking  tool   BingDiggity   Bing  equivalent  of  tradi,onal  Google  hacking  tool   FlashDiggity   Adobe  Flash  security  scanning  tool   DLPDiggity   Data  loss  preven,on  scanning  tool   LinkFromDomain   Bing  footprin,ng  tool  based  on  off-­‐site  links   CodeSearch  Diggity   Open-­‐source  code  vulnerability  scanning  tool   MalwareDiggity   Malware  link  detec,on  tool  for  off-­‐site  links   6  
  7. 7. Diggity Tools NEW ATTACK TOOLS Tool   Descrip,on   PortScan  Diggity   Passive  port  scanning  via  Google   NotInMyBackYard   Easily  find  your  info  in  3rd  party  sites   BHDB  2.0   New  Bing  Hacking  DB  now  as  affec,ve  as  Google   Bing  BinaryMalware   Find  malware  via  Bing’s  indexing  of  executables   CodeSearch  REBORN   Brought  back  from  the  dead   SHODAN  Diggity   Easy  interface  to  SHODAN  search  engine   7  
  8. 8. Diggity Scraping NEW ACROSS ALL ATTACK TOOLS 8  
  9. 9. Diggity Scraping PROXIES SPECIFICATION 9  
  10. 10. Diggity Scraping MANUAL PROXIES SPECIFICATION 10  
  11. 11. Advanced Attacks WH AT YOU SHOULD KNOW 11  
  12. 12. NEW GOOGLE HACKING TOOLSPortScan Diggity 12  
  13. 13. PortScanning TARGETING HTTP ADMIN CONSOLESSearching for web admin interfaces on non-standard HTTP ports 13  
  14. 14. PortScanning TARGETING PORT RANGESSearching for specific port ranges 14  
  15. 15. PortScanning TARGETING VULNERABILITYTargeting specific HTTP ports example 15  
  16. 16. PortScan Diggity TARGETING HTTP ADMIN CONSOLES 16  
  17. 17. NEW GOOGLE HACKING TOOLSNotInMyBackYard 17  
  18. 18. Data Leaks on 3rd Party Sites SENSITIVE INFO EVERYWHEREVerizon - 2012 Data Breach Investigation Report 18  
  19. 19. PasteBin Leaks PASSWORDS IN PASTEBIN.COM POSTS •  Twitter feed tracking passwords leaked via PasteBin 19  
  20. 20. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 20  
  21. 21. Cloud Docs Exposures ROBOTS.TXT IS DEADPersonal photo galleries exposed 21  
  22. 22. Data Loss In The News MAJOR DATA LEAKS•  Yale Alumni 43,000 SSNs Exposed in Excel Spreadsheet 22  
  23. 23. NotInMyBackYard L O C A T I O N, L O C A T I O N, L O C A T I O NCloud storage: Public presentations sharing sites:•  Google Docs/Drive, DropBox, •  slideshare.net, prezi.com, Microsoft SkyDrive, Amazon S3 present.meSocial networking sites: Public charts and graphs sharing sites:•  Facebook, Twitter, LinkedIn •  ratemynetworkdiagram.com, gliffy.comPublic document sharing sites:•  scribd.com, 4shared.com, Video sharing sites: issuu.com, docstoc.com, •  vimeo.com, dailymotion.com, metacafe.com, youtube.comPasteBin and text sharing sites:•  pastebin.com, pastie.org, … 23  
  24. 24. NotInMyBackYard PASTEBIN EXAMPLE 24  
  25. 25. NotInMyBackYard XLS IN CLOUD EXAMPLE 25  
  26. 26. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 26  
  27. 27. NEW GOOGLE HACKING TOOLSBing Hacking Database v2.0 27  
  28. 28. Bing Hacking Database v2.0 STACH & LIU TOOLSBHDB v2.0 – Updates•  Bing hacking database•  Bing hacking limitations •  Disabled inurl:, link: and linkdomain: directives in March 2007 •  No support for ext:, allintitle:, allinurl: •  Limited filetype: functionality •  Only 12 extensions supported•  UPDATES (2012) •  ext: functionality now added •  inurl: work around by using instreamset:url:•  New BHDB 2.0 •  Several thousand more Bing dorks! 28  
  29. 29. NEW GOOGLE HACKING TOOLSBingBinaryMalwareSearch (BBMS) 29  
  30. 30. Bing Malware Search TARGETING MALWARETargeting known malware signatures 30  
  31. 31. Google vs Bing Size MORE BANG FOR YOUR SEARCH 31  
  32. 32. NEW GOOGLE HACKING TOOLSCodeSearch Diggity 32  
  33. 33. Google Code Search VULNS IN OPEN SOURCE CODE •  Regex search for vulnerabilities in indexed public code, including popular open source code repositories: •  Example: SQL Injection in ASP querystring •  select.*from.*request.QUERYSTRING 33  
  34. 34. CodeSearch Diggity AMAZON CLOUD SECRET KEYS 34  
  35. 35. Cloud Security N O P R O M I S E S . . .N O N E Amazon AWS Customer Agreement •  http://aws.amazon.com/agreement/#10 35  
  36. 36. Cloud Crawling CREATE YOUR OWN SEARCH ENGINES 36  
  37. 37. NEW GOOGLE HACKING TOOLSSHODAN Diggity 37  
  38. 38. SHODAN HACKER SEARCH ENGINE•  Indexed service banners for whole Internet for HTTP (Port 80), as well as some FTP (23), SSH (22) and Telnet (21) services 38  
  39. 39. SHODAN FINDING SCADA SYSTEMS 39  
  40. 40. SHODAN FINDING SCADA SYSTEMS 40  
  41. 41. SHODAN Diggity FINDING SCADA SYSTEMS 41  
  42. 42. Advanced Defenses PRO TECT YO NECK 42  
  43. 43. Diggity Alert DB DATA MINING VULNS Diggity Alerts Database 43  
  44. 44. Future Directions WH AT W ILL HAPPEN 44  
  45. 45. Diggity Dashboards COMING SOON Google  Charts   Mobile  BI  Apps   45  
  46. 46. DLP Reporting PRACTICAL EXAMPLES 46  
  47. 47. Questions?Ask us somethingWe’ll try to answer it. For more info: Fran Brown Rob Ragan (@sweepthatleg) Email: contact@stachliu.com Project: diggity@stachliu.com Stach & Liu, LLC www.stachliu.com
  48. 48. Thank YouStach & Liu Google Hacking Diggity Project info:http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ 48  
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×