Tenacious Diggity - Skinny Dippin in a Sea of Bing


Published on

All brand new tool additions to the Google Hacking Diggity Project - The Next Generation Search Engine Hacking Arsenal. As always, all tools are free for download and use.

When last we saw our heroes, the Diggity Duo had demonstrated how search engine hacking could be used to take over someone’s Amazon cloud in less than 30 seconds, build out an attack profile of the Chinese government’s external networks, and even download all of an organization’s Internet facing documents and mine them for passwords and secrets. Google and Bing were forced to hug it out, as their services were seamlessly combined to identify which of the most popular websites on the Internet were unwittingly being used as malware distribution platforms against their own end-users.

Now, we've traveled through space and time, my friend, to rock this house again...

True to form, the legendary duo have toiled night and day in the studio (a one room apartment with no air conditioning) to bring you an entirely new search engine hacking tool arsenal that’s packed with so much tiger blood and awesome-sauce, that it’s banned on 6 continents. Many of these new Diggity tools are also fueled by the power of the cloud and provide you with vulnerability data faster and easier than ever thanks to the convenience of mobile applications.Just a few highlights of new tools to be unveiled are:

* AlertDiggityDB – For several years, we’ve collected vulnerability details and sensitive information disclosures from thousands of real-time RSS feeds setup to monitor Google, Bing, SHODAN, and various other search engines. We consolidated this information into a single database, the AlertDiggityDB, forming the largest consolidated repository of live vulnerabilities on the Internet. Now it’s available to you.

* Diggity Dashboard – An executive dashboard of all of our vulnerability data collected from search engines. Customize charts and graphs to create tailored views of the data, giving you the insight necessary to secure your own systems. This web portal provides users with direct access to the most current version of the AlertDiggityDB.

* Bing Hacking Database (BHDB) 2.0 – Exploiting recent API changes and undocumented features within Bing, we’ve been able to completely overcome the previous Bing hacking limitations to create an entirely new BHDB that will make Bing hacking just as effective as Google hacking (if not more so) for uncovering vulnerabilities and data leaks on the web. This also will include an entirely new SharePoint Bing Hacking database, containing attack strings targeting Microsoft SharePoint deployments via Bing.

* NotInMyBackYardDiggity – Don’t be the last to know if LulzSec or Anonymous post data dumps of your company’s passwords on PasteBin.com, or if a reckless employee shares an Excel spreadsheet with all of your customer data on a public website. This tool leverages both Google and Bing, and comes with pre-built queries that make i

Published in: Technology, News & Politics
1 Comment
  • The            setup            in            the            video            no            longer            works.           
    And            all            other            links            in            comment            are            fake            too.           
    But            luckily,            we            found            a            working            one            here (copy paste link in browser) :            www.goo.gl/yT1SNP
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Tenacious Diggity - Skinny Dippin in a Sea of Bing

  1. 1. Tenacious DiggitySkinny Dippin in a Sea of Bing29 July 2012 – DEF CON 20 – Las Vegas, NV Presented by: Francis Brown & Rob Ragan Stach & Liu, LLC www.stachliu.com
  2. 2. 2  
  3. 3. Agenda OVERVIEW•  Introduction/Background•  Advanced Attacks •  NEW Diggity Attack Tools•  Advanced Defenses •  NEW AlertDiggity Cloud Database•  Future Directions 3  
  4. 4. Introduction/Background GETTING UP TO SPEED 4  
  5. 5. Diggity Tools PROJECT OVERVIEW 5  
  6. 6. Diggity Tools ATTACK TOOLS Tool   Descrip,on   GoogleDiggity   Tradi,onal  Google  hacking  tool   BingDiggity   Bing  equivalent  of  tradi,onal  Google  hacking  tool   FlashDiggity   Adobe  Flash  security  scanning  tool   DLPDiggity   Data  loss  preven,on  scanning  tool   LinkFromDomain   Bing  footprin,ng  tool  based  on  off-­‐site  links   CodeSearch  Diggity   Open-­‐source  code  vulnerability  scanning  tool   MalwareDiggity   Malware  link  detec,on  tool  for  off-­‐site  links   6  
  7. 7. Diggity Tools NEW ATTACK TOOLS Tool   Descrip,on   PortScan  Diggity   Passive  port  scanning  via  Google   NotInMyBackYard   Easily  find  your  info  in  3rd  party  sites   BHDB  2.0   New  Bing  Hacking  DB  now  as  affec,ve  as  Google   Bing  BinaryMalware   Find  malware  via  Bing’s  indexing  of  executables   CodeSearch  REBORN   Brought  back  from  the  dead   SHODAN  Diggity   Easy  interface  to  SHODAN  search  engine   7  
  8. 8. Diggity Scraping NEW ACROSS ALL ATTACK TOOLS 8  
  9. 9. Diggity Scraping PROXIES SPECIFICATION 9  
  10. 10. Diggity Scraping MANUAL PROXIES SPECIFICATION 10  
  11. 11. Advanced Attacks WH AT YOU SHOULD KNOW 11  
  12. 12. NEW GOOGLE HACKING TOOLSPortScan Diggity 12  
  13. 13. PortScanning TARGETING HTTP ADMIN CONSOLESSearching for web admin interfaces on non-standard HTTP ports 13  
  14. 14. PortScanning TARGETING PORT RANGESSearching for specific port ranges 14  
  15. 15. PortScanning TARGETING VULNERABILITYTargeting specific HTTP ports example 15  
  16. 16. PortScan Diggity TARGETING HTTP ADMIN CONSOLES 16  
  17. 17. NEW GOOGLE HACKING TOOLSNotInMyBackYard 17  
  18. 18. Data Leaks on 3rd Party Sites SENSITIVE INFO EVERYWHEREVerizon - 2012 Data Breach Investigation Report 18  
  19. 19. PasteBin Leaks PASSWORDS IN PASTEBIN.COM POSTS •  Twitter feed tracking passwords leaked via PasteBin 19  
  20. 20. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 20  
  21. 21. Cloud Docs Exposures ROBOTS.TXT IS DEADPersonal photo galleries exposed 21  
  22. 22. Data Loss In The News MAJOR DATA LEAKS•  Yale Alumni 43,000 SSNs Exposed in Excel Spreadsheet 22  
  23. 23. NotInMyBackYard L O C A T I O N, L O C A T I O N, L O C A T I O NCloud storage: Public presentations sharing sites:•  Google Docs/Drive, DropBox, •  slideshare.net, prezi.com, Microsoft SkyDrive, Amazon S3 present.meSocial networking sites: Public charts and graphs sharing sites:•  Facebook, Twitter, LinkedIn •  ratemynetworkdiagram.com, gliffy.comPublic document sharing sites:•  scribd.com, 4shared.com, Video sharing sites: issuu.com, docstoc.com, •  vimeo.com, dailymotion.com, metacafe.com, youtube.comPasteBin and text sharing sites:•  pastebin.com, pastie.org, … 23  
  24. 24. NotInMyBackYard PASTEBIN EXAMPLE 24  
  25. 25. NotInMyBackYard XLS IN CLOUD EXAMPLE 25  
  26. 26. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 26  
  27. 27. NEW GOOGLE HACKING TOOLSBing Hacking Database v2.0 27  
  28. 28. Bing Hacking Database v2.0 STACH & LIU TOOLSBHDB v2.0 – Updates•  Bing hacking database•  Bing hacking limitations •  Disabled inurl:, link: and linkdomain: directives in March 2007 •  No support for ext:, allintitle:, allinurl: •  Limited filetype: functionality •  Only 12 extensions supported•  UPDATES (2012) •  ext: functionality now added •  inurl: work around by using instreamset:url:•  New BHDB 2.0 •  Several thousand more Bing dorks! 28  
  29. 29. NEW GOOGLE HACKING TOOLSBingBinaryMalwareSearch (BBMS) 29  
  30. 30. Bing Malware Search TARGETING MALWARETargeting known malware signatures 30  
  31. 31. Google vs Bing Size MORE BANG FOR YOUR SEARCH 31  
  32. 32. NEW GOOGLE HACKING TOOLSCodeSearch Diggity 32  
  33. 33. Google Code Search VULNS IN OPEN SOURCE CODE •  Regex search for vulnerabilities in indexed public code, including popular open source code repositories: •  Example: SQL Injection in ASP querystring •  select.*from.*request.QUERYSTRING 33  
  34. 34. CodeSearch Diggity AMAZON CLOUD SECRET KEYS 34  
  35. 35. Cloud Security N O P R O M I S E S . . .N O N E Amazon AWS Customer Agreement •  http://aws.amazon.com/agreement/#10 35  
  36. 36. Cloud Crawling CREATE YOUR OWN SEARCH ENGINES 36  
  38. 38. SHODAN HACKER SEARCH ENGINE•  Indexed service banners for whole Internet for HTTP (Port 80), as well as some FTP (23), SSH (22) and Telnet (21) services 38  
  42. 42. Advanced Defenses PRO TECT YO NECK 42  
  43. 43. Diggity Alert DB DATA MINING VULNS Diggity Alerts Database 43  
  44. 44. Future Directions WH AT W ILL HAPPEN 44  
  45. 45. Diggity Dashboards COMING SOON Google  Charts   Mobile  BI  Apps   45  
  46. 46. DLP Reporting PRACTICAL EXAMPLES 46  
  47. 47. Questions?Ask us somethingWe’ll try to answer it. For more info: Fran Brown Rob Ragan (@sweepthatleg) Email: contact@stachliu.com Project: diggity@stachliu.com Stach & Liu, LLC www.stachliu.com
  48. 48. Thank YouStach & Liu Google Hacking Diggity Project info:http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ 48  
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.