google hack

RE: Website search engine is a hacking tool..
From: Amal Mohammad Al Hajeri (amalnis.etisalat.ae)Date: Fri Jul 23 2004 - 23:46:48 CDT
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--------------------------------------------------------------------------------
Hello List, Thank you all for the valuable inputs. Am aware of the subject of using Google as a hacking tool, However, how is it different than using a local website search engine? will it give the same results? is it possible that a local engine may give extra juicy stuff? and how can we mitigate the risk of using such techniques? did anyone succeed in using the local search engine as a proxy to attack other targets?
Have a good day :)

On Sat, 2004-07-24 at 07:16, Charles Gillman wrote: > The folks at Foundstone have already created a tool to do exactly as Amal > suggests using the Google API's. It's called SiteDigger > http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte > nt=/resources/information_gathering_tools.htm > > I have found it to be a bit buggy, returning results to an unrelated site > occasionally but that could also be the Google API's. > > CG > > > > -----Original Message----- > > From: Drew Copley [mailto:dcopleyeEye.com] > > Sent: Friday, 23 July 2004 8:01 AM > > To: Gerry Eisenhaur; Amal Mohammad Al Hajeri > > Cc: pen-testsecurityfocus.com > > Subject: RE: Website search engine is a hacking tool.. > > > > > > > > > > > -----Original Message----- > > > From: Gerry Eisenhaur [mailto:GEisenhaurcisco.com] > > > Sent: Wednesday, July 21, 2004 12:54 PM > > > To: Amal Mohammad Al Hajeri > > > Cc: pen-testsecurityfocus.com > > > Subject: Re: Website search engine is a hacking tool.. > > > > > > There have been many articles written about using google as a hacking > > > tool. All you really though need is an imagination. > > > > > > Here are some google modifiers that you might not know of: > > > http://www.google.com/help/operators.html > > > > > > and here are some ideas to get you started: > > > http://johnny.ihackstuff.com/index.php?module=prodreviews > > > > > > You would be amazed at whats out there, I've found everything > > > from VNC > > > passwords for entire domains, WEP keys, to pictures of peoples family. > > > > Not sure how "pictures of people's family" is relevant. > > > > I have had to track back some people sometimes through the years, and > > at least once found "pictures of their family". > > > > The most successful examples have been for tracking back entirely > > "anonymous" people through their fingerprint of writing to their > > real identities. Identidity in the plural, because often the only > > identity online is multiple psuedo-anonymous ones that give real > > details in various forums. > > > > In one example we thought a troll was a pedophile because he was > > found trying to pick up fifteen year old girls. Turns out, surprise > > surprise, he was fifteen. His terrified mom told us when we called > > her up. > > > > In another case, a neo-nazi troll was caught because of his unusual > > fascination with a certain vulgar phrase he had the unfortunate luck > > to coin. > > > > This trace back gave his home address and the highly vulnerable > > information that he actually kept gold bars under his baseboards. > > > > Being confronted with this information he promptly repented and never > > returned. > > > > Their "fingerprint" is derived by breaking up their sentences and > > finding specific phrases and misspellings. Then, these are put into > > search engines and return counts and possible identities are put > > against these. If lucky, one can whittle down the suspect list > > to some positive proof. I am not aware of this method being used > > or documented anywhere, though it works on basic forensic science > > principles used in physical criminology and utilizes well known > > linguistic forensics... > > > > So that is a more unusual example of "google hacking" [sic]... > > > > While the methods I specified are useful for tracking back > > scum bags they also could be used to find hackable targets in > > a weak link target scenario. > > > > There are few corporate or governmental targets better then > > an "executive" at home on his take home laptop. Search engines > > are instrumental in finding that kind of identity. FYI. > > > > > > > > > > --gerry > > > > > > > > > Amal Mohammad Al Hajeri wrote: > > > > Hi List, > > > > > > > > Did you ever thought of the website search engine as a hacking tool? > > > > During one of the pen-tests, The website search engine, was > > > a valuable > > > > tool to discover interesting directories within the website itself, > > > > these directories were not detected by famous website scanners like > > > > nikto or SPI dynamics,i managed to get documentation pages > > > about the API > > > > application implemented, management login pages, backup > > > files and much > > > > more. > > > > I leave it to your imagination to search for words like: > > > > password,login,oracle,database,administrator, backup...etc > > > > > > > > Best Regards, > > > > > > > > > > > > ----------------------------------- > > > > Amal M. Al-Hajeri > > > > E/Network & Information Security > > > > Etisalat > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > Gerald Eisenhaur > > > Cisco Systems, Inc. > > > 1414 Massachusetts Ave. > > > Boxborough, MASSACHUSETTS 01719 > > > tel: 978.936.0465 > > > geisenhaurcisco.com > > > > > > > > > -- ----------------------------------- Amal M. Al-Hajeri E/Network & Information Security HO-B 12th Floor Etisalat P.O.Box:3838 Tel(office):00971206182584 Tel(cel):00971506677061