1 / 14

GoogleMonster

GoogleMonster. Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen. Introduction. Google is a great search tool Trolls Internet searching for pages Finds pages based on links Finds even those pages you don’t want people to know about Caches pages. Simple Start.

drake
Download Presentation

GoogleMonster

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GoogleMonster Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen

  2. Introduction • Google is a great search tool • Trolls Internet searching for pages • Finds pages based on links • Finds even those pages you don’t want people to know about • Caches pages

  3. Simple Start • We can use a standard Google search to find interesting pages such as indexes. • “index of /etc” • “index of /etc” passwd • “index of /etc” shadow • Lots of irrelevant results

  4. Advanced Operators • Google allows us to do more than just simple searching using advanced operators • E.g. • filetype: • inanchor: • intext: • intitle: • inurl: • site:

  5. Using Advanced Operators • We can now search in the Title field for indexed pages • intitle:index.of./etc passwd • intitle:index.of./etc shadow • Results are now a lot more relevant

  6. Filetype • We can use the filetype: operator to find particular files such as Excel spreadsheets, configuration files and databases • password filetype:xls • filetype:config web.config -CVS • filetype:mdb users.mdb

  7. Combining Operators • We can combine multiple operators to create very specific searches • filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To“ • "# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd

  8. Searching For Vulnerabilities • We can use Google to search for specific web vulnerabilities • +"Powered by phpBB 2.0.6..10" -phpbb.com -phpbb.pl • inurl:citrix/metaframexp/default/login.asp? ClientDetection=On

  9. Enter the GHDB • GHDB = Google Hacking Database • Over 900 unique search criteria for finding information • Created and maintained at johhny.ihackstuff.com

  10. Targeting Websites • With all these searches, we can use the site: operator to restrict queries to a particular domain • This allows an attacker to use google to test a site for vulnerabilities without actually touching that site. • Enter Wikto – Web Server Assessment Tool

  11. Wikto Functionality • Back-end Miner • Nikto-like functionality • Googler file searcher • GoogleHacks GHDB tester

  12. Googler

  13. GoogleHacks

  14. Defending Against Google Attacks • Ensure your web servers are well configured • Regularly assess what information is available through Google

More Related