A Dark Intro To Google Hacking

3,796 views
3,680 views

Published on

A little bit intro to google hacking

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
3,796
On SlideShare
0
From Embeds
0
Number of Embeds
21
Actions
Shares
0
Downloads
130
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

A Dark Intro To Google Hacking

  1. 1. A Dark Intro To Google Hacking By d0ubl3_h3lix Mon Jan 07 2008
  2. 2. Agenda <ul><li>What to know First </li></ul><ul><li>What Google Hacking (GH)? </li></ul><ul><li>GH As a Hack Tool </li></ul><ul><li>Some GH Syntaxes </li></ul><ul><li>GH Formula </li></ul><ul><li>The Bad Guys’ Weapon </li></ul><ul><li>The Good Guys’ Defense </li></ul>
  3. 3. What to Know First <ul><li>Make sure to have well understanding of Google Advanced Search Operators and Exploit Strings you search </li></ul><ul><li>Simply browsing Google Hacking Database loses your time much </li></ul><ul><li>E.g., phpBB 3.0 hole is announced. Before you do GH, ask yourself ‘Do I know about that hole well?’ </li></ul>
  4. 4. What Google Hacking (GH)? <ul><li>Effective Google Searching with the help of Google Advanced Search Operators </li></ul><ul><li>Results Highly Customizable </li></ul><ul><li>Goes Straight to only what we desire </li></ul><ul><li>Supposed to have initial popularity among underground hacker communities; then widely publicized because of Johnny ’s community </li></ul>
  5. 5. GH As Hack Tool <ul><li>Mainly used in Information Gathering and Recon States of HardC0re hacking </li></ul><ul><li>Eliminates former heavy use of Vulnerability Scanners </li></ul><ul><li>Lets you dig security vulnerabilities using clues of texts on pages that vulnerable products use </li></ul><ul><li>For example, intext:&quot;Powered by InvisionBoard 1.x&quot; </li></ul>
  6. 6. Some GH Syntaxes <ul><li>Most commonly used: - intitle: - intext: - inurl: - ext: - filetype: - cache: - link: - site: </li></ul>
  7. 7. GH Formula <ul><li>For one vulnerability, Vulnerability x Google Hacking = Possible Thousands of Victims </li></ul>
  8. 8. The Bad Guys’ Weapon <ul><li>Hunt for random vulnerable hosts using GH </li></ul><ul><li>Viruses, worms, …etc use GH to find next victims </li></ul><ul><li>Once they find victims, they auto-launch endless sequences of attacks with the aid of malwares </li></ul>
  9. 9. The Good Guys’ Defense <ul><li>While Bad Guys search random targets, </li></ul><ul><li>Good Guys protect a particular host that they’re responsible for using GH Methods </li></ul><ul><li>Test both blackbox & whitebox approaches. Use Goolge Honeypot if you wish </li></ul>inurl:<vulnerable strings here> + site:www.IProtectThisSite.com

×