Google Hacking

April 6, 2008 at 1:42 am Leave a comment

Google hacking is a term that refers to the art of creating complex search engine queries in order to filter through large amounts of search results for information related to computer security. In its malicious format it can be used to detect websites that are vulnerable to numerous exploits vulnerabilities as well as locate private, sensitive information about others, such as credit card numbers, social security numbers, and passwords. This filtering is performed by using advanced Google operators. While Google was the original tool of the Google hackers, many of the tactics and operators can be used on other search engines, such as MSN Search and Yahoo.
The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.The GHDB is maintained by Johhny Long who is a “white hat” Hacker. He made google hacking public in his site: http://johnny.ihackstuff.com/ and he called it Google Hacking Database(GHDB) .There are more than 1500 queries in the GHDB. In Around 1995, it started as not so serious project about discovering network vulnerabilities through Google Search Engine. As Google crawlers crawl on almost every file it can access, many confidential information leak out sometimes. The list of what Long and his fellow Google hackers have been able to dig up is impressive: passwords, credit card numbers and unsecured Web interfaces to things like PBXs, routers and Web sites.



Hackers also use Google for reconnaissance. One of the most basic techniques is to wait for a major security bulletin and then use Google to search for Web sites that are “powered by” the buggy software. Attackers can also map out computer networks using Google’s database, making it impossible for the networks’ administrators to block the snooper.
Often, this kind of information comes in the form of apparently nonsensical information, something that Long calls “Google turds.” For example, because there is no such thing as a Web site with the URL “nasa,” a Google search for the query “site:nasa” should turn up zero results. Instead, it turns up what appears to be a list of servers, offering an insight into the structure of NASA’s internal network, he says.
But some of the most interesting hacks occur when Google’s servers are tricked into doing work for the hackers, Long says. A recent trend has been to create Web pages with thousands of fake links that trick Google into doing hacker reconnaissance work. The technique works on Web sites that require URLs with embedded user names and passwords for access to some areas.
“You load up this page so it has the same user name, but you try a bunch of different passwords in the links,” Long says. “Then the search engine picks up those links and tries to follow them all, but only caches the one that works. So then you go back and pick up your results, and you’ve actually got the search engine doing your dirty work.


What a hacker can do if your site is vulnerable


Information that the Google Hacking Database identifies:


  • Advisories and server vulnerabilities
  • Error messages that contain too much information
  • Files containing passwords
  • Sensitive directories
  • Pages containing logon portals
  • Pages containing network or vulnerability data such as firewall logs.
  • Vulnerable Files
  • Detection of Online Devices
  • Web Server Profiling


Advertisements

Entry filed under: internet, web, web security. Tags: , , , , , .

PHP/SQL Security Firewall

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


April 2008
M T W T F S S
    May »
 123456
78910111213
14151617181920
21222324252627
282930  

Recent Posts

Blog Stats

  • 1,369 hits

%d bloggers like this: