Http://risker.org/tech/googlehacking/index.html
Today, Google has become a search engine representative, smart people continue to explore Google's new usage, at the Blackhat conference held in Las Vegas in 2004, two security experts have called you Found That on Google? And the theme speech of Google Attacks. Personally feel quite wonderful, so compilation, brief introduction, do not understand, but hope can attract everyone's attention.
Viewpoint
Google and similar search engines also have a certain potential risk while providing people with a lot of convenience.
The "Senior Scene" in the network is numerous; using search engines quickly find hosts and other devices with vulnerability; use search engines to quickly find information containing sensitive data; use the "scan" of the search engine to hide, and due to its It is often more data from ARCHIVE, CACHE.
Therefore, people need to improve the alertability, while making good use of search engines, it is also good at protecting themselves.
2. Case
2.1 foundation
The so-called "worker must have a good thing, you must use Google to" penetrate test ", first of course, to understand Google, it is recommended to refer to this Google search from getting started with Google. proficient.
Simply understand some of Google's operators, such as: Site, Inurl, FileType, Intitle, etc ...
2.2 Demo
The demonstration to be done is not complicated. In the implementation of the attack, the penetration test personnel will often conduct information collection, and then the vulnerability confirmation and the final vulnerability utilization, expand the results. Here our goal is: Find the host of the PHP Webshell back door with the Google lookup, and test whether it can be used.
We fill in in Google's search box:
INTITLE: "PHP shell *" "Enable stderr" FileType: PHP
In the search results, you can find a Web Shell that can be directly executed directly on the machine.
This is a way of operation similar to a hacker tool. In you found That on Google? You will see a lot of practical cases, Google found a large number of passwords, credit card accounts, network management information, etc. ...
2.3 Tools
For attack and anti-two sides, automated tools can improve efficiency, here introduce several tools:
Gooscan is used to deal with a small command line program for search results, which can reduce the "physical labor" burden on Query Google. The interface is as follows: Sitedigger This is a free software for Foundstone, and the Google's API interface is used. The user needs to get a license string first to the Google API website to get a license string before it can be used. Before using it, it is recommended to automatically connect to the network update rule base. You can also refer to its white paper. Athena is similar to SITEDIGGER. It is a tool for finding information or abuse with a search engine to support multi-search engines.
3. Solve
3.1 How do we do?
Our information is so easy to get it, what way should this adopt to avoid this attack or data collection?
Strict audit and responsibility tracing of information release; use related tools to search on the Internet, if information is abused, remove the information you want to delete from Google; control robots.txt, control the search engine robot query .
3.2 Summary
Still ending with a picture of FreeMind to end this short introduction:
