CompanyProfile-SecurityAssessment.pptVIP

GoogleMonster Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen Introduction Google is a great search tool Trolls Internet searching for pages Finds pages based on links Finds even those pages you don’t want people to know about Caches pages Simple Start We can use a standard Google search to find interesting pages such as indexes. “index of /etc” “index of /etc” passwd “index of /etc” shadow Lots of irrelevant results Advanced Operators Google allows us to do more than just simple searching using advanced operators E.g. filetype: inanchor: intext: intitle: inurl: site: Using Advanced Operators We can now search in the Title field for indexed pages intitle:index.of./etc passwd intitle:index.of./etc shadow Results are now a lot more relevant Filetype We can use the filetype: operator to find particular files such as Excel spreadsheets, configuration files and databases password filetype:xls filetype:config web.config -CVS filetype:mdb users.mdb Combining Operators We can combine multiple operators to create very specific searches filetype:eml eml +intext:Subject +intext:From +intext:To“ # -Front ext:pwd inurl:(service | authors | administrators | users) # -Front inurl:service.pwd Searching For Vulnerabilities We can use Google to search for specific web vulnerabilities +Powered by phpBB 2.0.6..10 - -phpbb.pl inurl:citrix/metaframexp/default/login.asp? ClientDetection=On Enter the GHDB GHDB = Google Hacking Database Over 900 unique search criteria for finding information Created and maintained at Targeting Websites With all these searches, we can use the site: operator to restrict queries to a particular domain This allows an attacker to use google to test a site for vulnerabilities without actually touching that site. Enter Wikto – Web Server Assessment Tool Wikto Functionality Back-end Miner Nikto-like functionality Googler file searcher GoogleHacks GHDB tester Googler GoogleHacks Defending Against Google Attacks