Tenacious Diggity - Skinny Dippin in a Sea of Bing

  • 4,103 views
Uploaded on

All brand new tool additions to the Google Hacking Diggity Project - The Next Generation Search Engine Hacking Arsenal. As always, all tools are free for download and use. …

All brand new tool additions to the Google Hacking Diggity Project - The Next Generation Search Engine Hacking Arsenal. As always, all tools are free for download and use.

When last we saw our heroes, the Diggity Duo had demonstrated how search engine hacking could be used to take over someone’s Amazon cloud in less than 30 seconds, build out an attack profile of the Chinese government’s external networks, and even download all of an organization’s Internet facing documents and mine them for passwords and secrets. Google and Bing were forced to hug it out, as their services were seamlessly combined to identify which of the most popular websites on the Internet were unwittingly being used as malware distribution platforms against their own end-users.

Now, we've traveled through space and time, my friend, to rock this house again...

True to form, the legendary duo have toiled night and day in the studio (a one room apartment with no air conditioning) to bring you an entirely new search engine hacking tool arsenal that’s packed with so much tiger blood and awesome-sauce, that it’s banned on 6 continents. Many of these new Diggity tools are also fueled by the power of the cloud and provide you with vulnerability data faster and easier than ever thanks to the convenience of mobile applications.Just a few highlights of new tools to be unveiled are:

* AlertDiggityDB – For several years, we’ve collected vulnerability details and sensitive information disclosures from thousands of real-time RSS feeds setup to monitor Google, Bing, SHODAN, and various other search engines. We consolidated this information into a single database, the AlertDiggityDB, forming the largest consolidated repository of live vulnerabilities on the Internet. Now it’s available to you.

* Diggity Dashboard – An executive dashboard of all of our vulnerability data collected from search engines. Customize charts and graphs to create tailored views of the data, giving you the insight necessary to secure your own systems. This web portal provides users with direct access to the most current version of the AlertDiggityDB.

* Bing Hacking Database (BHDB) 2.0 – Exploiting recent API changes and undocumented features within Bing, we’ve been able to completely overcome the previous Bing hacking limitations to create an entirely new BHDB that will make Bing hacking just as effective as Google hacking (if not more so) for uncovering vulnerabilities and data leaks on the web. This also will include an entirely new SharePoint Bing Hacking database, containing attack strings targeting Microsoft SharePoint deployments via Bing.

* NotInMyBackYardDiggity – Don’t be the last to know if LulzSec or Anonymous post data dumps of your company’s passwords on PasteBin.com, or if a reckless employee shares an Excel spreadsheet with all of your customer data on a public website. This tool leverages both Google and Bing, and comes with pre-built queries that make i

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • The            setup            in            the            video            no            longer            works.           
    And            all            other            links            in            comment            are            fake            too.           
    But            luckily,            we            found            a            working            one            here (copy paste link in browser) :            www.goo.gl/yT1SNP
    Are you sure you want to
    Your message goes here
    Be the first to like this
No Downloads

Views

Total Views
4,103
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
17
Comments
1
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Tenacious DiggitySkinny Dippin in a Sea of Bing29 July 2012 – DEF CON 20 – Las Vegas, NV Presented by: Francis Brown & Rob Ragan Stach & Liu, LLC www.stachliu.com
  • 2. 2  
  • 3. Agenda OVERVIEW•  Introduction/Background•  Advanced Attacks •  NEW Diggity Attack Tools•  Advanced Defenses •  NEW AlertDiggity Cloud Database•  Future Directions 3  
  • 4. Introduction/Background GETTING UP TO SPEED 4  
  • 5. Diggity Tools PROJECT OVERVIEW 5  
  • 6. Diggity Tools ATTACK TOOLS Tool   Descrip,on   GoogleDiggity   Tradi,onal  Google  hacking  tool   BingDiggity   Bing  equivalent  of  tradi,onal  Google  hacking  tool   FlashDiggity   Adobe  Flash  security  scanning  tool   DLPDiggity   Data  loss  preven,on  scanning  tool   LinkFromDomain   Bing  footprin,ng  tool  based  on  off-­‐site  links   CodeSearch  Diggity   Open-­‐source  code  vulnerability  scanning  tool   MalwareDiggity   Malware  link  detec,on  tool  for  off-­‐site  links   6  
  • 7. Diggity Tools NEW ATTACK TOOLS Tool   Descrip,on   PortScan  Diggity   Passive  port  scanning  via  Google   NotInMyBackYard   Easily  find  your  info  in  3rd  party  sites   BHDB  2.0   New  Bing  Hacking  DB  now  as  affec,ve  as  Google   Bing  BinaryMalware   Find  malware  via  Bing’s  indexing  of  executables   CodeSearch  REBORN   Brought  back  from  the  dead   SHODAN  Diggity   Easy  interface  to  SHODAN  search  engine   7  
  • 8. Diggity Scraping NEW ACROSS ALL ATTACK TOOLS 8  
  • 9. Diggity Scraping PROXIES SPECIFICATION 9  
  • 10. Diggity Scraping MANUAL PROXIES SPECIFICATION 10  
  • 11. Advanced Attacks WH AT YOU SHOULD KNOW 11  
  • 12. NEW GOOGLE HACKING TOOLSPortScan Diggity 12  
  • 13. PortScanning TARGETING HTTP ADMIN CONSOLESSearching for web admin interfaces on non-standard HTTP ports 13  
  • 14. PortScanning TARGETING PORT RANGESSearching for specific port ranges 14  
  • 15. PortScanning TARGETING VULNERABILITYTargeting specific HTTP ports example 15  
  • 16. PortScan Diggity TARGETING HTTP ADMIN CONSOLES 16  
  • 17. NEW GOOGLE HACKING TOOLSNotInMyBackYard 17  
  • 18. Data Leaks on 3rd Party Sites SENSITIVE INFO EVERYWHEREVerizon - 2012 Data Breach Investigation Report 18  
  • 19. PasteBin Leaks PASSWORDS IN PASTEBIN.COM POSTS •  Twitter feed tracking passwords leaked via PasteBin 19  
  • 20. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 20  
  • 21. Cloud Docs Exposures ROBOTS.TXT IS DEADPersonal photo galleries exposed 21  
  • 22. Data Loss In The News MAJOR DATA LEAKS•  Yale Alumni 43,000 SSNs Exposed in Excel Spreadsheet 22  
  • 23. NotInMyBackYard L O C A T I O N, L O C A T I O N, L O C A T I O NCloud storage: Public presentations sharing sites:•  Google Docs/Drive, DropBox, •  slideshare.net, prezi.com, Microsoft SkyDrive, Amazon S3 present.meSocial networking sites: Public charts and graphs sharing sites:•  Facebook, Twitter, LinkedIn •  ratemynetworkdiagram.com, gliffy.comPublic document sharing sites:•  scribd.com, 4shared.com, Video sharing sites: issuu.com, docstoc.com, •  vimeo.com, dailymotion.com, metacafe.com, youtube.comPasteBin and text sharing sites:•  pastebin.com, pastie.org, … 23  
  • 24. NotInMyBackYard PASTEBIN EXAMPLE 24  
  • 25. NotInMyBackYard XLS IN CLOUD EXAMPLE 25  
  • 26. Cloud Docs Exposures PUBLIC CLOUD SEARCHINGPublic cloud storage document exposures 26  
  • 27. NEW GOOGLE HACKING TOOLSBing Hacking Database v2.0 27  
  • 28. Bing Hacking Database v2.0 STACH & LIU TOOLSBHDB v2.0 – Updates•  Bing hacking database•  Bing hacking limitations •  Disabled inurl:, link: and linkdomain: directives in March 2007 •  No support for ext:, allintitle:, allinurl: •  Limited filetype: functionality •  Only 12 extensions supported•  UPDATES (2012) •  ext: functionality now added •  inurl: work around by using instreamset:url:•  New BHDB 2.0 •  Several thousand more Bing dorks! 28  
  • 29. NEW GOOGLE HACKING TOOLSBingBinaryMalwareSearch (BBMS) 29  
  • 30. Bing Malware Search TARGETING MALWARETargeting known malware signatures 30  
  • 31. Google vs Bing Size MORE BANG FOR YOUR SEARCH 31  
  • 32. NEW GOOGLE HACKING TOOLSCodeSearch Diggity 32  
  • 33. Google Code Search VULNS IN OPEN SOURCE CODE •  Regex search for vulnerabilities in indexed public code, including popular open source code repositories: •  Example: SQL Injection in ASP querystring •  select.*from.*request.QUERYSTRING 33  
  • 34. CodeSearch Diggity AMAZON CLOUD SECRET KEYS 34  
  • 35. Cloud Security N O P R O M I S E S . . .N O N E Amazon AWS Customer Agreement •  http://aws.amazon.com/agreement/#10 35  
  • 36. Cloud Crawling CREATE YOUR OWN SEARCH ENGINES 36  
  • 37. NEW GOOGLE HACKING TOOLSSHODAN Diggity 37  
  • 38. SHODAN HACKER SEARCH ENGINE•  Indexed service banners for whole Internet for HTTP (Port 80), as well as some FTP (23), SSH (22) and Telnet (21) services 38  
  • 39. SHODAN FINDING SCADA SYSTEMS 39  
  • 40. SHODAN FINDING SCADA SYSTEMS 40  
  • 41. SHODAN Diggity FINDING SCADA SYSTEMS 41  
  • 42. Advanced Defenses PRO TECT YO NECK 42  
  • 43. Diggity Alert DB DATA MINING VULNS Diggity Alerts Database 43  
  • 44. Future Directions WH AT W ILL HAPPEN 44  
  • 45. Diggity Dashboards COMING SOON Google  Charts   Mobile  BI  Apps   45  
  • 46. DLP Reporting PRACTICAL EXAMPLES 46  
  • 47. Questions?Ask us somethingWe’ll try to answer it. For more info: Fran Brown Rob Ragan (@sweepthatleg) Email: contact@stachliu.com Project: diggity@stachliu.com Stach & Liu, LLC www.stachliu.com
  • 48. Thank YouStach & Liu Google Hacking Diggity Project info:http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ 48