Jump to content
the.red

Real time Google Hacking

Recommended Posts

Posted

Who doesn't love a good googledork? Francis Brown and Rob Ragan over at Stach & Liu sure do. They have given us a few reasons to fall in love with Google hacking all over again. If you haven't seen their excellent presentation called "Lord of the BIng" at Defcon, Blackhat, B-Sides, etc here is what you've missed.

Google considers all search results to be their intellectual property. To prevent automated scraping of their results they implemented controls that block tools that do hundreds of google searches to collect the results. That makes automatically launching hundreds or thousands of google searches to find sensitive data, configuration files and other interesting things a time consuming process. The Francis and Rob have figured out a few ways to make that process simple.

First, BING doesn't have any of the restrictions that Google does. But BING's syntax is a little different that Googles so you can't just plug your GoogleDorks into BING. So they converted the entire GHDB to BING Searches and have made that publicly available on their website. That is pretty awesome by itself. But there is more.

Second, Google doesn't blacklist or apply restriction to searches conducted from Google services (imagine that). They took the entire Google Hacking Database, Foundstone Hacking Database and their new BING Hacking Database and turned them into Google READER RSS feeds. As soon as Google or BING indexes a new site that matches your "intitle:Index Of passwords" criteria Google reader adds it to your RSS feed. (Your Google reader is able to get BING results by leveraging BING's &format=rss parameter) As a result, Google and BING are constantly searching for all the Googledorks in the database and maintaining a realtime database of the results! Then Rob and Francis exported their RSS feeds to OPML format so you can just import them into your own Google reader account. That is REALLY cool! (note: importing that huge xml file takes some time. Be patient) But there is more! If you order today they will send you the GHDB converted to the BHDB and the entire GHDB, FHDB and BHDB in Google Reader format but they don't stop there. There is a suite of command-line and GUI based tools to make it easier to search your sites for sensitive data using Googledorks.

View image

How do we defend ourselves against Search Engine Data leakage? We use the "SITE:mysite.com" and the google dork to see what data we are leaking. Without automation it is very time consuming to try hundreds of Googledorks against one site. So what if you have 1000 or more sites? You probably just ignore the threat and hope for the best. Their SearchDiggity project comes to the rescue. With their tool you can plug in multiple domains and easily use the unfiltered BING results to keep tabs on you the sensitive data search engines are finding on your sites.

View image

All of the tools and the Google Reader OPML are available for download here:

http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/

http://pauldotcom.com/2010/10/real-time-google-hacking.html

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...